Privacy Policy
Last updated: April 20, 2026
HelloGenz ("we", "our", or "us") operates the platform at hellogenz.online. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights. By using our platform you agree to this policy.
1. Data We Collect
Account & Profile Data
- •Full name, display name, and username
- •Email address and UAE phone number
- •Social media handles (Instagram, TikTok, YouTube, etc.)
- •Profile photo, bio, niche, follower counts, and engagement rate
- •Nationality, gender, and languages spoken
- •Hire cost preferences
Identity Verification (KYC)
For verified plans, identity verification (KYC) is conducted by our partner Didit (business.didit.me). Didit processes your identity documents under their own privacy policy. We do not store raw identity documents; only a verification status is retained in our systems.
Payment Data
All subscription payments are processed by Paddle.com Market Limited ("Paddle"), our authorised reseller and Merchant of Record. We do not receive or store your card number, CVV, or full payment details. We receive only a transaction reference and subscription status from Paddle. Paddle's privacy practices are described at paddle.com/legal/privacy.
Usage & Technical Data
- •IP address, browser type, device type, and operating system
- •Pages visited, referrer URLs, and time spent on pages
- •Profile view counts (anonymised)
2. How We Use Your Data
- •Create and manage your public influencer profile at hellogenz.online/username
- •Enable brands to discover and contact you via WhatsApp
- •Process and manage your subscription through Paddle
- •Conduct identity verification for the Verified badge
- •Send transactional emails (account confirmation, subscription receipts)
- •Provide customer support
- •Improve our platform and detect fraud or abuse
- •Comply with applicable UAE laws and regulations
3. Data Sharing & Third Parties
We do not sell your personal data. We share data only with trusted processors necessary to operate the platform:
| Third Party | Purpose & Data Involved | Privacy Policy |
|---|---|---|
| Supabase | Hosts our PostgreSQL database and provides user authentication. Stores your profile data, email, encrypted password hash, and session tokens. Servers are located in the EU (AWS Frankfurt). | supabase.com/privacy |
| Vercel | Hosts and deploys the HelloGenz web application. Handles edge routing and CDN delivery. Vercel may log request metadata (IP address, user-agent, URL path) for operational purposes. | vercel.com/legal/privacy-policy |
| Paddle | Acts as Merchant of Record for all paid subscriptions. Processes payment card data, issues invoices, and handles VAT/tax compliance. We receive only a transaction reference and subscription status — we never see your card details. | paddle.com/legal/privacy |
| Didit | Optional identity verification (KYC) for influencers who choose to obtain a Verified badge. Didit processes government-issued ID documents and a selfie directly under their own privacy policy. We do not receive or store raw identity documents — only a verification status (approved / rejected) is stored in our systems. | business.didit.me |
| Icons8 | Provides icon and illustration assets used in the HelloGenz interface. Icons may be loaded from Icons8's CDN, which could expose your IP address to Icons8 servers in the course of a standard browser request. No personal profile data is transmitted to Icons8. | icons8.com/privacy |
Your public profile data (name, photo, bio, niche, social handles, and follower counts) is visible to any visitor of your public profile URL and to brands browsing the directory.
4. Cookies & Local Storage
We use essential cookies and browser local storage solely to maintain your login session (provided by Supabase Auth). We do not use advertising, analytics, or tracking cookies.
| Set by | Purpose |
|---|---|
| Supabase | Session token stored in local storage to keep you signed in |
| Paddle | Checkout session cookies set during payment flow — governed by Paddle's policy |
| Vercel | Edge routing and performance cookies for CDN delivery |
| Didit | Session cookies set during the optional KYC verification flow — governed by Didit's policy |
5. Data Retention
We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are legally required to retain it (e.g., for tax or fraud-prevention records). Paddle retains transaction records independently in accordance with their own retention policy.
6. Your Rights
You have the right to:
- •Access the personal data we hold about you
- •Correct inaccurate data
- •Request deletion of your account and associated data
- •Object to or restrict processing of your data
- •Data portability (receive a copy of your data in a structured format)
To exercise any of these rights, contact us at support@hellogenz.online.
7. Security
We use industry-standard security measures including encrypted connections (HTTPS), row-level security on our database, and access controls. No internet transmission is 100% secure; you use the platform at your own risk.
8. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated by email or by a prominent notice on the platform. Continued use of the platform after changes constitutes acceptance of the updated policy.
Privacy Contact
For privacy-related questions or requests, email us at support@hellogenz.online. We aim to respond within 5 business days.