Logo

Privacy Policy

Last Updated: 2025-05-23

Cofferral ("we", "our", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use the Cofferral platform and services.

1. Information We Collect

1.1 Information You Provide

We collect the following directly from you:

Account Information:

Name, email, personal background (e.g., education, professional experience), LinkedIn profile (required for Sharers, optional for Seekers), and account settings (e.g., preferred language, time zone, notification preferences).

Referral Documents:

CVs are required when you request a referral. They become accessible to the Sharer at the time of request submission, provided the Sharer has opted to consider referrals. Access is revoked if the request is declined, withdrawn, expired, or the associated chat is canceled or unfulfilled.

Payment & Identity Verification:

  • For Seekers: For Seekers: Payments are processed by third-party providers; no payment info is stored on our servers.
  • For Sharers:
    • Canadian Sharers: Canadian Sharers: Full name, residential address, and SIN (only if annual income exceeds $500 CAD). Data is securely stored by Cofferral for T4A reporting.
    • U.S. and International Sharers: U.S. and International Sharers: No tax-related documents are collected by Cofferral.

1.2 Automatically Collected Data

We collect usage data such as:

  • Chat request history and attendance
  • Platform engagement metrics (e.g., response time, punctuality)
  • Device/browser data, IP address, and cookies

Coffee Chat Recordings:

Chats are automatically recorded for internal use only. This includes video and audio recordings, used to ensure service quality, resolve disputes, and assess platform compliance. Recordings are stored securely and are not shared externally.

2. How We Use Your Information

We use your personal data to support your experience on the platform in the following ways:

  • Operate and manage coffee chats and referrals
  • Calculate earnings and issue payments
  • Comply with legal tax obligations (Canada only)
  • Improve and secure the platform
  • Communicate service updates and provide support

3. Data Sharing and Storage

We do not sell or rent your data.

Data is shared only in the following contexts:

  • Payments: Payments: Payments and identity verifications are handled by trusted third-party providers. We do not store payment card details.
  • Tax Reporting (Canada only): Tax Reporting (Canada only): Data (including SIN) shared with CRA for T4A compliance. SINs are encrypted using AES-256.
  • Service Infrastructure: Service Infrastructure: Trusted providers under confidentiality agreements support platform operations (e.g., cloud storage, analytics).

4. Your Rights and Choices

You have the following rights and options regarding your personal data, in accordance with applicable privacy laws and platform practices:

  • Access and correct your personal data via your account
  • Request account deletion and data removal by contacting support
  • Withdraw consent for optional data submissions (e.g., referral CVs)

5. Cookies and Tracking

We use cookies and similar technologies to support core platform functionality and improve user experience. These include:

  • Session management
  • Security
  • Traffic analytics

You may disable cookies in your browser, but this may affect functionality.

6. Data Retention

We retain data only as needed for legal, contractual, and operational purposes:

  • Financial and tax data is stored in compliance with local laws (e.g., 6 years for CRA)
  • Account and profile data (e.g., name, email, LinkedIn, background) are retained while your account remains active and may be deleted upon request
  • Coffee Chat recordings are retained for a limited period solely for quality assurance and dispute resolution, after which they are permanently deleted
  • Technical and usage data (e.g., logs, analytics) may be retained in anonymized or aggregated form for platform improvement and security monitoring

7. International Transfers

Cofferral is based in Canada, and most of our data processing occurs within Canada and the United States. However, if you are located in the European Economic Area (EEA) and your data is transferred outside of that region, we will apply appropriate safeguards—such as Standard Contractual Clauses (SCCs)—to ensure your personal data remains protected in accordance with the EU General Data Protection Regulation (GDPR).

We supplement these legal safeguards with technical protections outlined in Section 8.

8. Security Measures

In addition to legal compliance measures for international data transfers (see Section 7), we also apply robust technical and organizational safeguards to protect all user data. These include:

  • End-to-end encryption
  • Access controls
  • AES-256 encryption for sensitive data (e.g., SINs)
  • PCI-compliant third-party payment processing

9. Changes to This Policy

We may revise this Privacy Policy to reflect changes in legal requirements, technology, or how we operate. Updates will be posted on our website with a new "Last Updated" date.

10. Contact Us

If you have questions or concerns about your privacy:

📧Email:info@cofferral.com