Privacy Policy

By using CoSeeker, you acknowledge that you have read and understood this Policy.

1 Introduction

CoSeeker is operated by K4M2A Foundation (“we”, “us”, “our”). CoSeeker is a platform for seekers, a place to read, write, and connect with fellow CoSeekers. CoSeeker runs on the Authenticated Transfer Protocol (“AT Protocol”), an open, decentralized protocol.

This Policy explains what personal data we collect, how we use it, and your rights and choices to manage your data. Your use of CoSeeker is also governed by our Terms of Service and Guidelines.

What this Policy does not cover: third-party applications and services built on the AT Protocol that you may use to access content originating on CoSeeker. Those services operate under their own privacy policies.

2 What is Personal Data?

“Personal Data” is any information that identifies you or could reasonably be linked to you, directly or indirectly. Aggregated, de-identified, or anonymized information that cannot be linked back to you is not Personal Data and is not covered by this Policy. Where we de-identify data, we maintain it in de-identified form and will not attempt to re-identify it, except as required or permitted by law.

3 A Note on Decentralization and Public Content

CoSeeker is built on the AT Protocol, where most user activity is public by design. Your profile, posts, reflections, comments, likes, follows, and blocks are publicly visible not only on CoSeeker, but potentially on other applications and services built on the AT Protocol that we do not control. Deleting content from CoSeeker removes it from our systems, but copies may persist on third-party services in the open network. Please exercise care when deciding what to share, particularly given the personal nature of spiritual and contemplative writing.

4 Personal Data We Collect

a. Data you provide directly

• Identity and Contact Data: email address, username/handle, display name, profile image, and birth date (for age confirmation).
• Your Content: posts, reflections, comments, profile information, and other content you publish. This content is public (see Section 3).
• Direct Messages: we store and process direct messages so you can communicate with other users. Messages are not end-to-end encrypted and may be accessed for trust and safety purposes.
• Communication Information: information you provide when you contact support, report content, or respond to surveys.
• Feedback: if you give feedback on the Services (ratings, reports, suggestions), we may store the related content as part of that feedback.
• Verification Data: if we ever need to verify your age or identity (e.g., for account recovery or where required by law), we collect only what is needed for that verification.

b. Technical Information (collected automatically)

• Device and Connection Information: device type, operating system, browser information, IP address (which can indicate general location), time zone, and similar identifiers.
• Usage Information: dates and times of access, content viewed, links clicked, and other information about how you use the Services.
• Log and Troubleshooting Information: error logs and application state at the time of an error, used to debug and repair the Services.
• Cookies and similar technologies: see Section 5.

c. Data from other sources

• Information from third-party services you connect to CoSeeker or direct to share data with us.

5 Cookies

We use cookies and similar technologies for two purposes:

• Strictly necessary cookies required to operate CoSeeker (e.g., keeping you signed in). The service cannot function without them.
• Analytics cookies to understand usage and improve the Services.

We do not use advertising or cross-site tracking cookies. You can block or delete cookies via your browser settings, though blocking strictly necessary cookies may prevent parts of CoSeeker from working. Where required by law, we will ask for your consent before setting non-essential cookies.

6 How We Use Personal Data

We use Personal Data to:

• Provide the Services — managing your account, delivering features, responding to support requests, and sending essential service communications;
• Maintain trust and safety — detecting abuse, fraud, and security incidents; acting on reports; and enforcing our Community Guidelines;
• Improve the Services — analytics, debugging, research, and quality control, using aggregated or de-identified data wherever possible;
• Comply with legal obligations; and
• Other purposes disclosed to you at the time of collection, or with your consent.

Some features may use AI systems — for example, content moderation, recommendations, or summaries. Content you submit may be processed by these systems to provide the feature. We do not use your content to train AI models unless you opt in.

7 How We Share Personal Data

• Public content and the open network: as described in Section 3, your public activity is shared by design across the AT Protocol network.
• Other users: when you interact with others (messages, replies, mentions), they receive the content you share.
• Service providers: we share data with vendors who provide hosting, infrastructure, email delivery and similar services on our behalf, under appropriate confidentiality obligations.
• Legal and safety: we may preserve or disclose information if we believe in good faith it is reasonably necessary to comply with law, regulation, or legal process; to prevent serious harm to any person; to detect or prevent fraud or illegal activity; or to enforce our terms and protect the rights, property, or safety of our users, the public, or CoSeeker.
• Corporate transactions: if we are involved in a merger, acquisition, reorganization, or sale of assets, Personal Data may be transferred as part of that transaction.
• Research: we may publish aggregated, de-identified findings about how the Services are used. These never identify individual users.

We do not sell Personal Data, and we do not share it for targeted advertising.

8 International Data Transfers

We may process and store Personal Data in countries other than your own. Where required by applicable law, we use appropriate safeguards such as adequacy decisions or standard contractual clauses for cross-border transfers. Contact us for details of the safeguards we use.

9 Retention

We retain Personal Data for as long as your account is active or as needed to provide the Services, and afterwards as necessary to resolve disputes, maintain safety, comply with legal obligations, or enforce our agreements. When data is no longer needed, we delete or de-identify it. Public content that has propagated across the AT Protocol network may persist on services we do not control.

10 Your Rights and Choices

Depending on the laws that apply to you (including India's Digital Personal Data Protection Act, 2023, the EU/UK GDPR, and certain US state laws), you may have the right to:

• Know and access the Personal Data we hold about you, and receive a portable copy;
• Correct inaccurate or incomplete data;
• Delete your Personal Data (subject to legal and safety exceptions, and the network propagation described in Section 3);
• Object to or restrict certain processing;
• Withdraw consent (for processing based on consent), without affecting prior processing;
• Nominate another individual to exercise your rights in the event of death or incapacity (where applicable under Indian law);
• Lodge a complaint with your data protection authority (e.g., the Data Protection Board of India, an EEA DPA, or the UK ICO).

To exercise any of these rights, contact us using the details in Section 13. We may ask you to verify your identity before fulfilling a request, and we will respond within the timelines required by applicable law. If we decline a request, you may have the right to appeal by contacting us again with “Appeal” in the subject line. We will never discriminate against you for exercising your privacy rights.

Email: you can opt out of non-essential emails via the unsubscribe link in any such email. You will still receive essential account and service notifications.

Push notifications: you can disable these in your device settings.

11 Security

We use reasonable physical, technical, and organizational safeguards to protect Personal Data. However, no online service can guarantee absolute security, and you share information at your own discretion — especially public content.

12 Children

CoSeeker is not directed to children under 18, and we do not knowingly collect Personal Data from children. If you believe a child has created an account or provided Personal Data, contact us at the address below and we will investigate and, if appropriate, delete the data and remove the account.

13 Contact Us

For questions about this Policy or to exercise your rights:

K4M2A Foundation
Email: contact@coseeker.org

14 Changes to this Policy

We may update this Policy from time to time. Updates will be posted on CoSeeker with a revised effective date, and we will keep previous versions available on request. For material changes, we will make reasonable efforts to notify you in advance — in the app or by email — before the changes take effect.