Legal Document

Privacy Policy

Last updated: December 16, 2024

Introduction

KOOMPI Co., Ltd. ("we", "our", or "us") operates the KOOMPI OAuth authentication service. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our OAuth service and dashboard at dash.koompi.org.

Information We Collect

We collect the following types of information:

  • Account Information:Name, email address, username, and profile picture when you create an account.
  • Authentication Data:Information from third-party providers (Google, Apple, Telegram) when you use social login.
  • Developer Information:Project names, redirect URIs, and OAuth credentials for developers using our API.
  • Usage Data:Log data, IP addresses, browser type, and pages visited for security and analytics.
  • Wallet Information:If you opt-in, we may store wallet addresses and encrypted wallet data for blockchain features.

How We Use Your Information

  • To provide authentication services: Enabling you to sign in to third-party applications using KOOMPI OAuth.
  • To manage your account: Creating and maintaining your KOOMPI account and preferences.
  • To improve our services: Analyzing usage patterns to enhance the user experience.
  • To communicate with you: Sending important notices about your account or service changes.
  • To ensure security: Detecting and preventing fraud, abuse, and unauthorized access.

Data Sharing

We share your information only in the following circumstances:

  • With your consent: When you authorize a third-party application to access your profile via OAuth, we share only the data you've approved.
  • With service providers: We may share data with trusted partners who help us operate our services (hosting, analytics).
  • For legal compliance: When required by law, legal process, or to protect our rights and safety.

We never sell your personal data to third parties.

Data Security

We implement industry-standard security measures to protect your data:

  • • Encryption in transit (TLS/SSL) and at rest
  • • OAuth 2.0 with PKCE for secure authentication flows
  • • Regular security audits and vulnerability testing
  • • Strict access controls for our team members
  • • Secure password hashing using bcrypt

Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data.
  • Correction: Update or correct inaccurate information.
  • Deletion: Request deletion of your account and associated data.
  • Revoke consent: Withdraw previously granted permissions to third-party apps.
  • Data portability: Request your data in a machine-readable format.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Email: privacy@koompi.org

Company: KOOMPI Co., Ltd.

Address: Phnom Penh, Cambodia