Skip to main content
JustBAU Protocol
Sign In

Privacy Policy

Last Modified: April 8, 2026

1. Overview

JustBAU ("we," "us," or "the Platform") is committed to transparency about how we collect, use, and protect your information. This Privacy Policy explains what data we gather, how it is processed, and your rights regarding that data. By using JustBAU, you agree to the practices described below.

2. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Contract Performance: Processing necessary to provide the services you've signed up for (account creation, profile hosting, discovery features).
  • Legitimate Interest: Processing necessary for platform security, abuse prevention, and service improvement โ€” balanced against your privacy rights.
  • Consent: Where you explicitly opt in to optional features (e.g., granting browser location permission).

3. Information We Collect

3.1 Account & Identity

  • Authentication Data: When you sign in via a third-party authentication provider, we receive your name, email address, and profile picture. The provider processes your credentials under its own privacy policy.
  • Session Tokens: We use essential cookies to maintain your login state (see Section 7).

3.2 Profile Content

  • All text, descriptions, tags, and professional identifiers you enter into your profile.
  • Contact information (phone numbers, website URLs, social handles) you explicitly provide for public display.
  • Media uploads (photos, videos, logos) stored in cloud object storage and served via our content delivery network.

3.3 Location Data

  • If you grant browser location permission during profile setup, we capture coordinates that are truncated to city-level precision (~1.1 km grid) before storage. Full-precision coordinates are never stored.
  • Location search queries are processed by open-source geocoding services. No personal identifiers are transmitted with these requests.

3.4 Technical Data

  • Standard server logs: IP addresses, browser type, referrer URLs, and request timestamps.
  • Privacy-focused, cookie-free analytics: page views, browser/OS type, and approximate geographic region. No personally identifiable information is collected by our analytics and no tracking cookies are set.

4. How We Use Your Information

  • Service Delivery: To create and display your public profile, power the discovery feed, and facilitate connections.
  • Security: To verify your identity, maintain session state, prevent abuse, and block automated bot traffic.
  • Communications: To send transactional messages (e.g., verification codes, support responses) via email and SMS providers.
  • Service Improvement: To analyze aggregate, anonymized usage patterns and improve the user experience.

5. We Never Sell Your Data

JustBAU will never sell, distribute, license, or broker your personal data to third parties for advertising or marketing purposes.

We share data with service providers only to the extent necessary to operate the Platform (e.g., hosting, email delivery, SMS verification, content delivery). These providers act as Data Processors under contractual obligations to protect your data.

6. Bot Protection & Security Services

Cloudflare Turnstile

We use Cloudflare Turnstile to protect forms and sensitive actions from automated abuse. Turnstile processes your IP address, browser characteristics, and interaction patterns to verify that you are human โ€” without requiring a traditional CAPTCHA.

Cloudflare, Inc. acts as an independent Data Controller for the data it processes through Turnstile. Cloudflare's handling of this data is governed by its own Privacy Policy.

Additionally, our content delivery network and DNS infrastructure are operated by Cloudflare, which processes request metadata (IP addresses, headers) as part of standard traffic routing and DDoS protection.

7. Cookies & Local Storage

We use only essential cookies required to operate the Platform. We do not use any advertising, marketing, or non-essential tracking cookies.

  • Session Cookie: Maintains your server-side session during a browsing session. Expires when you close your browser.
  • Authentication Token: A signed cookie that persists your login across sessions (30-day expiry, HTTPS-only, HttpOnly).
  • Security Token: Protects form submissions from cross-site request forgery.
  • Theme Preference: Stored in browser localStorage (not a cookie) to remember your display settings.

Our analytics service does not set any cookies. Because we use only essential cookies, no cookie consent popup is required.

8. Data Retention & Deletion

Your profile data and media remain active for as long as your account exists. When you delete your account:

  • All database records are permanently erased via cascading deletion.
  • All uploaded media (photos, videos, logos) are deleted from cloud storage.
  • Authentication tokens and session data are invalidated immediately.

Anonymized analytics data and server logs may persist in automated backups for up to 30 days before being purged.

To delete your account, visit the Delete My Data page.

9. Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct inaccurate data by editing your profile directly.
  • Deletion: Request complete account and data deletion at any time.
  • Data Portability: Request your data in a machine-readable format.
  • Objection: Object to processing based on legitimate interest.
  • Withdraw Consent: Where processing is based on consent (e.g., location), you may withdraw it at any time via your browser or device settings.

To exercise any of these rights, contact us via our Support Hub.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. All data is encrypted in transit and access to personal data is restricted to authorized personnel only.

11. Children's Privacy

JustBAU is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.

12. International Data Transfers

JustBAU is operated from the United States. All data is stored and processed on servers in the United States. If you access the Platform from outside the US, your data will be transferred to and processed in the United States. We rely on contractual safeguards with our service providers to ensure adequate protection of transferred data.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the "Last Modified" date above. Continued use of the Platform after changes constitutes acceptance of the revised policy.

14. Contact Us

For privacy-related questions, data access requests, or deletion requests, please contact us via our Support Hub.