Privacy Policy
Last updated: April 19, 2026
Cafendium ("we", "us") operates https://cafendium.com. This page explains what personal data we collect, why, and your rights over it. We comply with Thailand's PDPA and the EU GDPR where applicable.
1. Data we collect
- Account data from your OAuth provider (Google, LINE, Apple): email, display name, profile picture.
- Usage data: cafés you check in to, reviews you write, followers, badges earned, GPS coordinates submitted at check-in time (used only to verify proximity, not stored as a track).
- Device data: IP address, browser, approximate location for rate-limiting and abuse prevention.
- Payment data if you subscribe: handled entirely by Stripe; we store only a customer reference and subscription status, never card numbers.
- Cookies: see our Cookies Policy.
2. How we use it
- Run the service: authentication, check-ins, leaderboards, badges.
- Show personalized content (your feed, friends' activity).
- Prevent abuse and enforce our Terms.
- Send transactional email (subscription receipts, security).
- Show advertising via Google AdSense to free-tier users (Gold Bean subscribers see no ads).
3. Sharing
We do not sell personal data. Processors we use: Neon (database), Vercel (hosting), Cloudflare (CDN/DNS), Sentry (errors), Stripe (payments), Google AdSense (ads), Mapbox (maps), Upstash (caching). Each is bound by a data-processing agreement.
4. Retention
Account data is kept while your account is active. Delete your account from settings to remove personal data within 30 days; aggregated and anonymized statistics may be retained.
5. Your rights
You can access, correct, export, or delete your data at any time — email privacy@cafendium.com. EU/UK residents may lodge a complaint with their supervisory authority. Thai residents may contact the PDPC.
6. Children
Cafendium is not directed at children under 13. We do not knowingly collect their data.
7. Changes
We'll post material changes on this page and notify signed-in users by in-app banner.