Privacy Policy

1. Introduction

Welcome to WaiFai ("we", "us", "our") We are committed to protecting your personal data and respecting your privacy in compliance with the EU General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website www.waifai.co (the "Site"), mobile applications, or our network services for remote workers, or interact with any related media forms or channels. This policy applies to all users whose personal data is processed in the context of our services offered in the European Economic Area (EEA), regardless of their residency. If you do not agree with this policy, please do not use our services.

2. Data We Collect

We collect personal data you voluntarily provide when you engage with our services, such as signing up for our network, creating a user profile, subscribing to newsletters, or contacting us. The personal data we collect depends on your interactions and choices, including:

• Contact Information: Email address and, if provided, name or other contact details when you sign up for our network, newsletter, or waitlist via our Site or app.
• Profile Data: Information you provide to join our remote worker network, such as username, job role, or professional preferences (e.g., for matching with collaboration opportunities).
• Usage Data: Limited data about your interactions with our Site or services (e.g., pages visited, features used), if applicable.

We do not collect sensitive personal data (e.g., race, ethnicity, political opinions, religious beliefs, or health data) unless explicitly required and consented to for specific network purposes.

3. How We Use Your Data

• To provide and manage our network services for remote workers (e.g., user authentication, profile creation, or facilitating connections).
• To send updates, newsletters, or promotional materials, where you have explicitly consented.
• To manage our waitlist and notify you about service launches or availability.
• To respond to inquiries and fulfill requests.
• To improve our services through analytics (e.g., understanding user engagement), where consented.
• To ensure network security and prevent fraud (e.g., monitoring connection logs).

4. Legal Basis for Processing (GDPR)

When we process personal data in the context of offering services in the EEA, we comply with GDPR for all users, regardless of their residency. Our legal bases for processing are:

• Consent: For non-essential processing, such as sending newsletters, marketing, or collecting usage data for analytics, we obtain your explicit, informed, and freely given consent through an affirmative action (e.g., an un-ticked checkbox). You may withdraw consent at any time (see Section 7).
• Legitimate Interests: For activities like network security, fraud prevention, or service improvement, provided they do not override your rights and freedoms.
• Legal Obligation: When required to comply with applicable laws.

We clearly inform you of the purpose and legal basis at the point of data collection (e.g., via signup forms or network login interfaces).

5. Data Storage and Security

Your personal data, such as email addresses or profile information, is stored securely in a Google Sheet managed via Google Apps Script, leveraging Google’s robust security infrastructure. We implement appropriate technical and organizational measures, including:

• Encryption of data in transit (e.g., secure protocols for network connections).
• Access controls to limit data access to authorized personnel.
• Anonymization or pseudonymization of device identifiers where feasible.
• Regular security audits to protect against unauthorized access or breaches.

Despite these measures, no system is completely secure. We strive to protect your data but cannot guarantee absolute security against interception or misuse.

6. Data Sharing

We do not sell, trade, or rent your personal data for third-party marketing purposes. We may share data with:

• Service Providers: Third-party vendors (e.g., Google for Google Sheets and Google Apps Script) who process data on our behalf under GDPR-compliant data processing agreements. Their use of your data is governed by their privacy policies.
• Network Partners: Limited data (e.g., profile information) may be shared with other users or partners in our network to facilitate remote work connections, only with your consent or as necessary for the service.
• Legal Requirements: We may disclose data if required by law, to protect our rights, prevent fraud, or ensure user safety.

7. Your Data Protection Rights under GDPR

As we process personal data in the context of offering services in the EEA, all users have the following GDPR rights, regardless of residency:

• Right to Access: Request copies of your personal data.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data, subject to certain conditions.
• Right to Restrict Processing: Request limitation of data processing in specific cases.
• Right to Object: Object to processing based on legitimate interests (e.g., marketing).
• Right to Data Portability: Request your data in a structured, machine-readable format.
• Right to Withdraw Consent: Withdraw consent at any time, without affecting prior processing, via admin@waifai.co or an unsubscribe link.

To exercise these rights, contact us at admin@waifai.co. We will respond within one month, as required by GDPR.

8. Cookies and Tracking Technologies

We use minimal cookies and tracking technologies (e.g., web beacons, pixels) for basic Site and service functionality. Our Cookie Policy details how we use these technologies and how you can manage preferences. You can refuse non-essential cookies via browser settings or our cookie consent tool.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy (e.g., until you remain an active user of our network or subscribed to our newsletter), unless a longer period is required by law. For example:

• Email addresses for newsletters are retained until you unsubscribe.
• Profile and connection data are retained while your account is active or as needed for security. You may request deletion at any time (see Section 7).

10. Changes to This Privacy Policy

We may update this policy to reflect changes in our practices or legal requirements. Updates will be indicated by a revised “Last updated” date and take effect upon posting. We encourage you to review this policy periodically.

11. Contact Us

For questions, comments, or to exercise your GDPR rights, contact us at: admin@waifai.co.