Data Safety, Child Safety, CSAE Prevention Policy & Processing Disclosure

Effective Date: 15-Jan-2026
Last Updated: 15-Jan-2026

This Data Safety & Processing Disclosure explains how Cafiot (“we”, “our”, “us”) processes user data when you use the Cafiot mobile application, web application, and related services (“Services”).

This document complements our Privacy Policy and Terms & Conditions and is provided for transparency and regulatory compliance.

1. Purpose of Data Processing

Cafiot processes limited user data to:

• Provide a crowd-powered media authenticity service
• Enable user reporting and voting
• Maintain platform integrity and prevent abuse
• Improve app performance and reliability
• Comply with legal and regulatory requirements

Cafiot does not perform automated fact-checking or AI-based content verification in its current phase.

2. Categories of Data Processed

2.1 User-Provided Data

• Name (optional)
• Email address (required for account login)
• Phone number (optional, for login where enabled)
• Reports, votes, and tags submitted by users
• Support communications

2.2 Automatically Processed Data

• Device type, OS version, app version
• IP address (used only for security and regional compliance)
• App usage metrics (screens, features used)
• Crash and diagnostic data

2.3 Data Explicitly Not Processed

Cafiot does not process:

• Downloaded or hosted media files
• Private social media account data
• Passwords for third-party platforms
• Biometric data
• Government-issued identifiers
• Financial or payment card details

3. Legal Basis for Processing (GDPR / UK GDPR)

Cafiot processes data under the following lawful bases:

• Contractual necessity – to provide app functionality
• User consent – for optional features and communications
• Legitimate interest – fraud prevention, security, analytics
• Legal obligation – compliance with applicable laws

4. How Data Is Processed

Data is processed to:

• Aggregate community reports into authenticity indicators
• Detect and prevent manipulation or abuse
• Monitor system performance and stability
• Support customer service requests
• Manage subscriptions and entitlements

All processing is proportionate, limited, and purpose-bound.

5. Data Storage & Infrastructure

• Data is stored on secure cloud infrastructure (e.g., Google Firebase)
• Servers may be located in multiple regions
• Access is restricted to authorized personnel only
• Industry-standard encryption is used in transit and at rest

6. Third-Party Processing

Cafiot uses trusted third-party service providers strictly for:

• Cloud hosting and database services
• Analytics and crash reporting
• Payment processing (handled by app stores)

All providers are contractually obligated to maintain confidentiality and data protection standards.

7. Data Sharing

Cafiot:

• Does not sell personal data
• Does not share data with advertisers for targeting
• Shares limited data only where legally required or for core service operation

8. Data Retention

Data is retained only for as long as necessary to:

• Provide the Services
• Meet legal obligations
• Resolve disputes
• Prevent abuse

Users may request account deletion at any time. Upon deletion, personal data is removed or anonymized in accordance with our Account Deletion & Data Retention Policy.

9. User Rights

Depending on jurisdiction, users may have the right to:

• Access personal data
• Correct inaccurate information
• Request deletion
• Restrict or object to processing
• Withdraw consent

Requests can be made at privacy@cafiot.com.

10. Children’s Data

Cafiot does not knowingly process data from children under 13 years of age. If such data is identified, it will be deleted promptly.

11. Security Measures

Cafiot applies:

• Secure authentication mechanisms
• Access controls
• Abuse detection and rate limiting
• Regular monitoring and audits

However, no system is entirely risk-free, and users acknowledge this.

12. Updates to This Disclosure

This Disclosure may be updated periodically. Changes will be reflected by an updated “Last Updated” date.

Continued use of the Services indicates acceptance of the updated Disclosure.

13. Contact Information

For questions regarding data processing:

📧 contact@cafiot.com

Important Clarification

Cafiot processes user-submitted opinions and reports, not verified facts.
Data processing supports community insights, not authoritative determinations.

Child Safety & CSAE Prevention Policy — Cafiot

Effective Date: 15-Jan-2026
Last Updated: 15-Jan-2026

Cafiot (“we”, “our”, “us”) is committed to protecting children and preventing the misuse of our platform for any form of child sexual abuse or exploitation (CSAE).

This Child Safety & CSAE Prevention Policy is established in accordance with Google Play Child Safety Standards, applicable laws, and global best practices.

1. Platform Scope & Intended Audience

Cafiot is a media awareness and reporting platform designed for users aged 13 years and above.

• Cafiot is not intended for children under 13
• We do not target minors as a primary audience
• We do not provide child-directed features or content

Users must meet minimum age requirements to access the Services.

2. Zero Tolerance for CSAE

Cafiot has zero tolerance for any content or activity involving:

• Child sexual abuse material (CSAM)
• Sexual exploitation of minors
• Sexualized content involving children
• Grooming, solicitation, or trafficking
• Any content that promotes, depicts, or facilitates harm to minors

Such activity is strictly prohibited.

3. Content Handling Model

Cafiot operates as a link-based, crowd-reporting platform:

• We do not host, upload, store, or stream media content
• We only allow references (links) and thumbnails to third-party content
• All media remains hosted on external platforms

Despite this, CSAE-related links or reports are not permitted on Cafiot.

4. Detection & Moderation Measures

To prevent misuse, Cafiot employs the following safeguards:

• Manual and automated monitoring of reports and tags
• Prohibition of sexualized or exploitative tags involving minors
• Abuse detection and rate limiting
• Immediate restriction of suspicious accounts
• Review and removal of CSAE-related references

Cafiot reserves the right to remove any content or account suspected of violating this policy.

5. Reporting CSAE Content

Users are encouraged to report any suspected CSAE-related activity immediately.

How to report:

• In-app reporting tools (where available)
• Email: contact@cafiot.com

Reports are treated with urgency and confidentiality.

6. Response to CSAE Violations

If CSAE-related content or activity is identified, Cafiot may:

• Immediately remove references or reports
• Suspend or permanently terminate involved accounts
• Preserve relevant information for legal compliance
• Report the activity to appropriate authorities, including:
  • National Center for Missing & Exploited Children (NCMEC)
  • Local law enforcement agencies
  • Other legally mandated reporting bodies

7. Cooperation with Law Enforcement

Cafiot cooperates fully with lawful requests from:

• Law enforcement agencies
• Regulatory authorities
• Child protection organizations

Where required by law, we will report confirmed CSAE incidents.

8. User Responsibilities

All users agree to:

• Avoid submitting or referencing any CSAE-related content
• Report suspected violations immediately
• Comply with applicable laws and platform policies

Violation of this policy may result in immediate termination and legal action.

9. Education & Prevention

Cafiot is committed to:

• Maintaining clear safety standards
• Preventing misuse of the platform
• Continuously improving safeguards against abuse

10. Policy Updates

This Policy may be updated to reflect changes in law, platform requirements, or safety practices. Updates will be posted with a revised “Last Updated” date.

11. Contact Information

For child safety concerns or CSAE reports:

📧 contact@cafiot.com

Final Statement

Cafiot exists to improve trust and safety in digital media.
Any attempt to misuse the platform to harm minors will be met with immediate action.