Privacy
Policy.

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

LAST_UPDATED // MARCH 02, 2026

No Data Selling

We strictly do not sell your data. We only share necessary data with trusted processors solely to operate the Service.

Strict Data Retention

We enforce strict expiration times. Client logs and usage metrics are automatically and permanently purged after 60 days.

01

Interpretation & Definitions

Interpretation: The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions: For the purposes of this Privacy Policy:

  • Account means a unique account created for You to access our Service or parts of our Service.
  • Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to MyCosine (operating via MyCosine.dev). MyCosine is an independently operated online service managed by its owner and operator located in India. For the purpose of the GDPR, the Company acts as the Data Controller.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Service refers to the Website and associated mobile applications.
02

Data Collection Protocols

We collect only essential data required to operate and secure the service.

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to: Email address, First name, and Last name.

Usage Data & Cookies

Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, and other diagnostic data.

We use Cookies, authentication tokens, analytics identifiers, and local storage to track the activity on Our Service and store certain information. These tracking technologies are essential to operate the Service and enhance security, particularly through our third-party infrastructure providers.

Legal Basis for Processing (GDPR)

Contractual Necessity

Processing is necessary for the performance of the agreement with You (providing the Service).

Legitimate Interests

Processing is necessary for security monitoring, fraud prevention, and improving Our Service functionality.

Consent

We rely on your explicit consent for specific actions, which you can withdraw at any time.

03

Security & Disclosure

Security: We implement industry-standard security measures including encryption at rest, encryption in transit (HTTPS/TLS 1.3), and strict access controls to ensure your data is protected against unauthorized access.

Service Providers: We share Your Personal Data with trusted third-party vendors who assist us in operating our Service. These include Google Firebase / FCM (used for authentication, push notifications), Cloudflare, Inc. (for DNS, edge security, and performance), and Hetzner (Hosting provider). These parties are obligated not to disclose or use Your data for any other purpose.

Disclosure: We do not sell Your Personal Data. We may disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities.

04

Data Transmission & Rights

International Transfers: Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located (including global cloud infrastructure providers).

Account Deletion & Your Rights

You have the right to access, update or delete the information We have on You. You can delete your account directly through the in-app settings (processed with a 15-day grace period). Alternatively, you may request account deletion by emailing us from the email address associated with your account at [email protected] with the subject line "Account deletion request". To exercise other rights, please contact us at [email protected].

Children's Privacy: Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13.

Child Safety & CSAE Standards

Cosine has a zero-tolerance policy regarding Child Sexual Abuse and Exploitation (CSAE).

Prohibited Content: Users are strictly forbidden from sharing, requesting, or promoting child sexual abuse material (CSAM) or engaging in grooming behaviors.

Enforcement: Any account found in violation will be permanently banned, and all relevant data will be preserved for law enforcement.

Reporting: Users can report concerns directly in-app via the "Report" button on any profile or post.

Compliance: We comply with all international child safety laws and report illegal content to the National Center for Missing and Exploited Children (NCMEC) and relevant local authorities.

05

Changes to this Policy

We may update this Privacy Policy periodically. We will notify You of any changes by posting the new Privacy Policy on this page and updating the "LAST_UPDATED" date at the top.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.