Privacy policy
Shinkofa is committed to protecting user privacy in compliance with GDPR.
Data collected
Account information (email, name), holistic questionnaire responses, usage data (conversations, journal, planner), and payment data (processed by Stripe — we do not store card numbers).
Use of data
Your data is used exclusively to: generate your holistic profile, personalize the AI experience, improve the service, and communicate with you. Your data is never sold to third parties.
Storage and security
Data stored on European servers (OVH, France). Encryption at rest and in transit (TLS 1.3). Access restricted to authorized administrators.
Your rights
Under GDPR: rights of access, rectification, deletion, portability and objection. Contact: contact@shinkofa.com. Response time: 30 days.
Sensitive data (Art. 9 GDPR)
Some collected data is considered sensitive under GDPR: emotional state and well-being (EMA questionnaire), psychological profile (personality questionnaire), and optionally menstrual cycle tracking. This data requires explicit and separate consent before collection.
Third-party services
The following third-party services process user data: Stripe (payments — PCI-DSS, EU), OpenStreetMap Nominatim (birth city geocoding — anonymized request, no account), TimeAPI.io (timezone from coordinates), DeepSeek API (AI insight generation from holistic profile — servers outside EU). No data is sold or shared for advertising purposes.
Cookies
Shinkofa uses only essential cookies (httpOnly authentication session). The Telegram login widget is loaded only after explicit user action. No advertising tracking cookies.
Retention
Data retained while the account is active. After account deletion: server data is erased within 30 days. Local browser data (preferences, questionnaire progress) is automatically cleaned on logout.
Last updated: March 2026