Privacy Policy for Commish

Last updated: 1 November 2025

Introduction

Commish ("we," "our," or "us") operates the Commish mobile application and website (the "Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our affiliate marketing platform.

Information We Collect

Personal Information

Account Information: Name, email address, phone number, profile picture
Authentication Data: Login credentials, social media authentication tokens (Google, Apple)
Payment Information: Bank account details, payment method information (processed securely through Stripe)
Identity Verification: Government-issued ID for vendor/affiliate verification (encrypted and stored securely)

Usage Data

Device Information: Device type, operating system, app version
Location Data: Country and region only (not GPS coordinates) for currency localization and content delivery
Analytics Data: App usage patterns, feature interactions, performance metrics
Communication Data: Messages, support tickets, feedback submitted through the app

Automatically Collected Data

Log Data: IP address, browser type, access times, pages viewed
Cookies and Tracking: Session cookies, analytics cookies (can be disabled in settings)
Performance Data: Crash reports, error logs (anonymized)

How We Use Your Information

Core Services

Account Management: Creating and maintaining your account
Transaction Processing: Facilitating affiliate commissions and payments
Authentication: Secure login and account verification
Customer Support: Responding to inquiries and resolving issues

Personalization

Content Delivery: Showing relevant products and offers
Currency Localization: Displaying prices in your local currency
Language Preferences: Showing content in your preferred language
Recommendations: AI-powered product and affiliate matching

Legal and Safety

Fraud Prevention: Detecting and preventing fraudulent activities
Legal Compliance: Meeting regulatory requirements (KYC/AML)
Security: Protecting against unauthorized access and abuse
Dispute Resolution: Resolving conflicts between users

Information Sharing

We DO NOT sell your personal information to third parties.

Limited Sharing for Service Operations

Payment Processors: Stripe, PayPal, Payoneer for payment processing
Cloud Services: Firebase/Google Cloud for secure data storage
Analytics: PostHog for app analytics (anonymized data only)
Support Tools: Customer service platforms for support ticket management

Legal Requirements

Legal Compliance: When required by law, court order, or regulatory authority
Safety Protection: To protect rights, property, and safety of users and the public
Business Transfers: In case of merger, acquisition, or sale of assets (with user notification)

Data Storage and Security

Security Measures

Encryption: All data encrypted in transit (TLS) and at rest (AES-256)
Access Controls: Multi-factor authentication and role-based access
Regular Audits: Security assessments and vulnerability testing
Data Minimization: We only collect data necessary for service operations

Data Retention

Account Data: Retained while account is active plus 7 years for legal compliance
Transaction Data: Retained for 10 years for tax and legal purposes
Analytics Data: Anonymized data retained for service improvement
Support Data: Deleted after 3 years unless legally required to retain

Your Privacy Rights

Access and Control

Data Access: Request copies of your personal data
Data Correction: Update or correct inaccurate information
Data Deletion: Request deletion of your account and data
Data Portability: Export your data in a machine-readable format

Communication Preferences

Marketing Emails: Opt-out via unsubscribe links or account settings
Push Notifications: Disable in device settings or app preferences
SMS Messages: Reply STOP to opt-out of text messages

Children's Privacy

Age Requirement: Our Service is not intended for children under 16
Parental Consent: If we learn we've collected data from a child under 16, we will delete it immediately
Educational Use: Special provisions for educational institutions with proper consent

Contact Information

Privacy Questions

Email: privacy@getcommish.app
Response Time: We respond to privacy inquiries within 30 days

Data Protection Officer

Contact: dpo@getcommish.app
Role: Available for GDPR and privacy compliance questions

Specific Disclosures

AI and Machine Learning

Data Usage: Anonymous usage patterns used to improve AI recommendations
Model Training: Personal data is never used for AI model training
Automated Decisions: Users can request human review of automated decisions

Third-Party Integrations

Social Media: Login via Google/Apple - we only receive basic profile information
Payment Providers: Financial data processed by certified payment processors
Analytics: App usage data shared with analytics providers (anonymized)

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Email Notification: Registered users will be notified of material changes
App Notification: In-app notifications for significant updates
Website Posting: Updated policy posted on our website
Effective Date: Changes become effective 30 days after notification

Content Policy & Community Guidelines

Commish is committed to maintaining a safe, trustworthy marketplace for all users. This section outlines what is and isn't allowed on our platform. All users (Vendors, Affiliates, and Buyers) must comply with these guidelines.

Prohibited Content

Strictly Forbidden Content

The following content is never allowed on Commish:

Adult Content & Pornography: No sexually explicit material, nudity, or adult services
Violence & Gore: No graphic violence, gore, or content promoting harm to others
Hate Speech: No content attacking individuals or groups based on race, ethnicity, religion, gender, sexual orientation, disability, or nationality
Illegal Products: No drugs, controlled substances, weapons, or counterfeit goods
Child Safety: No content that exploits or endangers minors in any way
Terrorism: No content promoting terrorism, extremism, or violence

Product Listing Restrictions

Vendors may not list the following products:

Illegal Items: Drugs, narcotics, controlled substances
Weapons: Firearms, ammunition, explosives, knives designed for combat
Adult Products: Pornographic material, sex toys, adult services
Counterfeit Goods: Fake designer items, knockoffs, unauthorized replicas
Stolen Property: Items obtained illegally or without authorization
Hazardous Materials: Dangerous chemicals, explosives, toxic substances
Regulated Items: Prescription medications, tobacco, alcohol (without proper licensing)
Gambling Products: Casino equipment, lottery tickets, gambling services

Communication Guidelines

When using forums, messaging, or any communication features:

No Harassment: Don't bully, threaten, or intimidate other users
No Spam: Don't send unsolicited promotional messages
No Impersonation: Don't pretend to be someone else or a Commish employee
No Scams: Don't attempt to defraud or deceive other users
No Personal Information: Don't share others' private information without consent
No Malware: Don't share links to viruses, malware, or phishing sites

Content Moderation

How We Enforce These Policies

Commish uses a combination of methods to enforce content policies:

AI Moderation: Automated systems scan content for policy violations
Community Reporting: Users can report inappropriate content
Human Review: Our team reviews flagged content manually
Proactive Monitoring: Regular audits of listings and user content

User Reporting

If you encounter content that violates these policies:

Use the Report button on any content, review, or user profile
Select the appropriate reason for your report
Our team will review and take action within 24-48 hours
Serious violations may be reported to law enforcement

User Blocking

You can protect yourself by:

Blocking users who harass or spam you
Blocked users cannot contact you or see your content
Access blocking options from user profiles or settings

Consequences of Violations

Enforcement Actions

Depending on the severity and frequency of violations:

Warning: First-time minor violations may receive a warning
Content Removal: Violating content will be removed immediately
Temporary Suspension: Repeated violations may result in account suspension
Permanent Ban: Severe or repeated violations result in permanent account termination
Legal Action: Illegal activity will be reported to appropriate authorities
Financial Penalties: Fraudulent activity may result in forfeiture of earnings

Affiliate Marketing Guidelines

Affiliates must follow ethical marketing practices:

Honest Promotion: Don't make false claims about products
Disclosure: Clearly disclose affiliate relationships to your audience
No Fake Reviews: Don't create fake testimonials or reviews
No Click Fraud: Don't artificially inflate clicks or conversions
Respect Trademarks: Don't misuse brand names or logos
Comply with Laws: Follow FTC guidelines and local advertising laws

Vendor Responsibilities

Vendors must ensure their products and listings:

Accurate Descriptions: Provide truthful product information
Real Images: Use actual photos of the product being sold
Legal Compliance: Products must comply with all applicable laws
Quality Standards: Products must match descriptions and be fit for purpose
Customer Service: Respond to buyer inquiries and issues promptly
Shipping Honesty: Provide accurate shipping times and costs

Appeals Process

If you believe your content was removed in error:

Contact our support team at appeals@getcommish.app
Provide your account information and details of the removal
Explain why you believe the decision was incorrect
Our team will review your appeal within 5 business days
You will receive a final decision via email

Contact Us

For questions about this Privacy Policy or Content Guidelines:

General Questions: support@getcommish.app
Privacy Questions: privacy@getcommish.app
Report Violations: report@getcommish.app
Appeals: appeals@getcommish.app

This Privacy Policy & Content Guidelines are effective as of the date last updated and apply to all users of the Commish platform globally.