Skip to navigation

Privacy Policy

Last updated: December 09, 2025 Version 1.0

Summary

Initial privacy policy covering GDPR compliance, data collection, user rights, and platform security measures.

Privacy Policy

Effective Date: December 9, 2025

Welcome to Mafkod, a platform dedicated to reuniting people with their lost belongings. We understand that privacy is important to you, and we are committed to protecting your personal information.

This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights under the General Data Protection Regulation (GDPR). We believe in transparency and have written this policy in plain language to make it easy to understand.

Who We Are

By using Mafkod, you agree to the collection and use of information as described in this policy. If you do not agree with our practices, please do not use our service.

2. Information We Collect

We collect different types of information depending on how you use our platform. Here's exactly what we collect and when:

Lost Item Reports

When you report a lost item, we collect:

  • Contact Information: Your name, email address, and phone number
  • Item Details: Description, category, photos, and estimated value
  • Location Data: Where you lost the item (address or GPS coordinates)
  • Time Information: Date and approximate time when item was lost
  • Medical Information: Only if you voluntarily provide it (for example, if the lost item contains medication)

Found Item Reports

When you report a found item, we collect the same types of information as lost item reports.

User Accounts

When you create an account, we collect:

  • Email Address: Used for login and communications
  • Password: Stored as a secure hash (we never see your actual password)
  • Profile Information: Name, profile picture (optional), and phone number (optional)

Technical Information

When you use our website, we automatically collect:

  • IP Address: For security and fraud prevention
  • Browser Type: To ensure proper website functionality
  • Device Information: Operating system, screen size
  • Usage Data: Pages visited, time spent, features used

4. How We Use Your Data

We use your personal information for the following purposes:

  • Matching Lost and Found Items: We compare lost item reports with found items to help reunite you with your belongings
  • Facilitating Communication: We enable matched users to contact each other securely
  • Account Management: We manage your account, process logins, and send important notifications
  • Fraud Prevention: We analyze patterns to detect and prevent fraudulent activity
  • Platform Improvement: We use aggregated, anonymized data to improve our matching algorithms and user experience
  • Customer Support: We respond to your questions and resolve issues
  • Legal Compliance: We fulfill legal obligations and protect our rights

Important: We never use your data for marketing purposes without your explicit consent, and we never sell your personal information to third parties.

5. Data Sharing & Third Parties

We never sell your personal data to anyone.

We only share your information in the following limited circumstances:

With Matched Users

When we match a lost item with a found item, we share your contact information with the other user so you can arrange the return. This is the core purpose of our service.

With Service Providers

We may share data with trusted service providers who help us operate our platform (for example, hosting providers, email services). These providers are contractually obligated to protect your data and can only use it for the purposes we specify.

With Law Enforcement

We may disclose information when required by law or in response to valid legal requests from authorities (for example, a court order or police investigation).

In Business Transfers

If Mafkod is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before this happens and inform you of your choices.

6. Data Security Measures

We take the security of your personal information very seriously. Here are the measures we implement:

AES-256 Encryption

All personally identifiable information (PII) like your name, email, and phone number is encrypted using industry-standard AES-256 encryption.

Secure Password Storage

Passwords are hashed using bcrypt. We never store or see your actual password.

HTTPS Everywhere

All data transmission is protected with HTTPS/SSL encryption, preventing interception.

Regular Security Audits

We conduct regular security assessments and update our systems to protect against new threats.

While we implement strong security measures, no system is 100% secure. We cannot guarantee absolute security, but we continuously work to protect your data.

7. Data Retention & Deletion

We only keep your personal information for as long as necessary. Here are our specific retention periods:

Lost Item Reports: 365 Days

Lost item reports are automatically anonymized after 365 days (one year). We remove all personally identifiable information while keeping anonymized statistics for platform improvement.

Found Item Reports: Until Resolved

Found item reports are kept until the item is reunited with its owner or marked as resolved. After resolution, the same 365-day retention period applies.

User Accounts: Until Deletion Requested

Your account data is retained as long as your account is active. You can request account deletion at any time through your GDPR settings.

Technical Logs: 90 Days

Server logs and technical data are automatically deleted after 90 days, except where required for security investigations.

Anonymization Process

When data is anonymized, we permanently remove all information that could identify you, including:

  • Names, email addresses, and phone numbers
  • GPS coordinates and exact locations
  • IP addresses and device identifiers
  • Any uploaded photos or images

After anonymization, the data cannot be linked back to you and is used only for general statistics.

8. Your GDPR Rights

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data. These rights are fundamental and we are committed to honoring them:

1. Right to Access (GDPR Article 15)

You have the right to request a copy of all personal data we hold about you. This includes lost item reports, account information, and any other data associated with you.

Request Your Data Export

2. Right to Rectification (GDPR Article 16)

You have the right to correct any inaccurate or incomplete personal data we hold about you. You can update most information directly through your account.

Edit Your Profile

3. Right to Erasure / "Right to be Forgotten" (GDPR Article 17)

You have the right to request deletion of your personal data. We will delete your data unless we have a legal obligation to retain it (for example, for ongoing investigations).

Request Data Deletion

4. Right to Data Portability (GDPR Article 20)

You have the right to receive your personal data in a structured, commonly used format (JSON or CSV) and transmit it to another service.

Download Your Data

5. Right to Withdraw Consent (GDPR Article 7)

Where we process your data based on consent, you have the right to withdraw that consent at any time. You can manage your consent preferences in your account settings.

Manage Consent Settings

6. Right to Object (GDPR Article 21)

You have the right to object to processing of your personal data based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds.

Contact Us to Object

7. Right to Lodge a Complaint (GDPR Article 77)

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your rights. We encourage you to contact us first so we can address your concerns.

For EU residents, find your supervisory authority at: EDPB Member List

How to Exercise Your Rights

To exercise any of these rights, email us at privacy@mafkod.com with your request. We will respond within 30 days as required by GDPR.

9. Cookies & Tracking

We use cookies to make our website work properly and improve your experience. Here's what you need to know:

Essential Cookies (Required)

These cookies are necessary for the website to function and cannot be disabled:

  • Session Cookie: Keeps you logged in while you browse
  • CSRF Token: Protects against security attacks
  • Language Preference: Remembers your language choice

Analytics (If Enabled)

We may use analytics to understand how people use our website, but only with your consent. This helps us improve the user experience.

We do not use third-party tracking or advertising cookies.

10. Children's Privacy

Mafkod is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@mafkod.com and we will delete it immediately.

If you are under 16, please do not use this service or provide any personal information. Ask your parent or guardian to use the service on your behalf if needed.

11. Policy Changes & Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes:

  • We will update the "Effective Date" at the top of this policy
  • For material changes that affect your rights, we will notify you by email
  • We will maintain a version history so you can see what changed
  • You will have the opportunity to review the new policy before it takes effect

We encourage you to review this policy periodically to stay informed about how we protect your data.

View Policy Version History โ†’

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Contact

Response Time

We respond to all requests within 30 days as required by GDPR

Additional Resources

Last Updated: December 9, 2025 | Version 1.0

This policy is compliant with GDPR (EU Regulation 2016/679)

Your Privacy Matters

We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy policy, please contact us. Learn More

This policy is effective from December 09, 2025.