View KicksFolio Legal on GitHub

KicksFolio Privacy Policy

Last update : 29/08/2025

1. Collected data

KicksFolio collects the following personal data to provide you with a comprehensive sneaker collection management experience:

Account Information

  • Email address (required for authentication)
  • Username (unique identifier)
  • First name and last name
  • Preferred sneaker size
  • Profile picture (optional)
  • Instagram username (optional for social media integration)

Collection Data

  • Sneaker information (brand, model, SKU, size, condition, status)
  • Purchase information (price paid, estimated value, purchase date)
  • Sneaker photos and descriptions
  • Collection organization preferences (wishlist items, status tracking)

Device and Technical Data

  • Photos from device library (for sneaker images)
  • Camera access (for taking sneaker photos and barcode scanning)
  • Push notification tokens (Expo push tokens)
  • Device identifiers (for notification delivery)
  • App preferences (language, currency, display settings)

Social and Interaction Data

  • Followers and following relationships
  • Collection sharing preferences and tokens
  • User search queries and results
  • Activity feed data
  • Social media visibility settings

Technical Usage Data

  • Session information and authentication tokens
  • App usage patterns and navigation data
  • Error reports and crash logs (for bug fixing)
  • Filter and search preferences

2. Data usage

Your data is used exclusively to provide and improve KicksFolio’s services:

Core Application Features

  • User authentication and account management
  • Sneaker collection creation, management, and display
  • Photo management with automatic optimization
  • Collection organization and filtering
  • Wishlist management and tracking

Social Features

  • User discovery and search functionality
  • Follow/unfollow system with real-time updates
  • Collection sharing with customizable privacy controls
  • Activity feed generation for followed users
  • Social media profile integration

Communication Features

  • Push notifications for new followers and collection updates
  • In-app notifications and activity updates
  • Password reset emails with secure deep linking
  • Bug report submission to our development team

Personalization and Preferences

  • Multi-language support (English/French)
  • Currency display preferences
  • Size unit preferences (US/EU conversion)
  • Theme and display customization
  • Collection display mode preferences

External Integrations

  • SKU lookup via external sneaker databases
  • Barcode scanning for automatic sneaker identification
  • Social media profile linking (Instagram)

3. Storage and security

Data Storage Infrastructure

Local Device Storage (Expo SecureStore & AsyncStorage)

  • Authentication tokens (encrypted)
  • User preferences and settings
  • Cached collection data for offline access
  • Session information
  • Language and currency preferences

Cloud Database (Supabase PostgreSQL)

  • User profiles and account information
  • Complete sneaker collection data
  • Social relationships (followers/following)
  • Shared collection tokens and settings
  • Push notification tokens and preferences
  • Activity notifications and history

Security Measures

Authentication and Access Control

  • JWT token-based authentication with automatic refresh
  • Row Level Security (RLS) in database ensuring users can only access their own data
  • Secure password hashing (passwords never stored in plain text)
  • Automatic session timeout and cleanup
  • Biometric authentication support (handled by native OS)

Data Protection

  • End-to-end HTTPS encryption for all communications
  • Native encrypted storage on iOS and Android devices
  • Database-level security policies preventing unauthorized access
  • Input validation and sanitization for all user data
  • Secure image upload with file type validation
  • API rate limiting to prevent abuse

Privacy Controls

  • Granular privacy settings for profile and collection visibility
  • Anonymous collection sharing with secure token generation
  • Social media integration controls
  • Notification preferences management
  • Complete account deletion with data cleanup

Data Retention and Cleanup

Active Account Data

  • Personal data retained as long as your account remains active
  • Collection data preserved to maintain service functionality
  • Activity history maintained for 12 months for notification purposes
  • Shared collection links remain active until manually disabled

Account Deletion

  • Complete data deletion available through account settings
  • 30-day grace period for account recovery
  • Automatic cleanup of all personal data, collections, and social connections
  • Irreversible removal of all shared collection links
  • Push notification tokens immediately deactivated

Automatic Cleanup

  • Inactive push tokens automatically removed after 90 days
  • Temporary session data cleared upon logout
  • Cached image data periodically cleaned to free device storage
  • Expired password reset tokens automatically deleted

4. Third-party services and data sharing

Essential Service Providers

Supabase (Database and Authentication)

  • Data shared: All user account and collection data
  • Purpose: Database hosting, user authentication, real-time synchronization
  • Location: European Union (GDPR compliant)
  • Security: End-to-end encryption, row-level security, regular security audits

Expo (Development and Notifications)

  • Data shared: Push notification tokens, device identifiers
  • Purpose: Push notification delivery, app analytics
  • Privacy: Tokens anonymized, no personal information shared
  • Retention: Tokens removed when notifications are disabled

External Sneaker APIs (Optional Feature)

  • Data shared: SKU codes for product lookup (no personal data)
  • Purpose: Automatic sneaker information retrieval
  • Usage: Only when you use the SKU lookup feature
  • Data: No storage of your searches by third parties

Development and Support Services

GitHub (Bug Reporting)

  • Data shared: Optional error reports and logs (anonymized)
  • Purpose: Bug fixing and app improvement
  • Control: Only shared when you submit a bug report
  • Content: Technical information only, no personal data

Data Sharing Policy

  • No commercial sharing: Your data is never sold or shared for commercial purposes
  • No advertising: We do not share data with advertising networks
  • Legal compliance: Data may be shared only if required by valid legal process
  • Service provision: Third-party access limited to essential service functionality

5. Your rights and controls

Account Control

  • Access: View all your stored data through the app
  • Correction: Edit profile information and collection data anytime
  • Deletion: Complete account and data deletion available in settings
  • Export: Contact us for data export in standard formats

Privacy Controls

  • Profile visibility: Control who can see your profile and collections
  • Social features: Enable/disable following and social features
  • Collection sharing: Generate or revoke anonymous sharing links
  • Notification control: Manage push notification preferences

Communication Preferences

  • Push notifications: Enable/disable follower and activity notifications
  • Email communications: Opt out of non-essential emails
  • Language preferences: Choose your preferred app language
  • Social media integration: Control Instagram profile linking

Data Portability

  • Collection export: Export your sneaker collection data
  • Account information: Download your account information
  • Settings backup: Export your app preferences and settings

6. Children’s privacy

KicksFolio is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected personal information from a child under 13, we will promptly delete such information.

7. International data transfers

Your data is processed within the European Union to ensure GDPR compliance. When using third-party services (like Expo for notifications), data may be transferred to other regions, but only with adequate privacy protections in place.

8. Changes to this privacy policy

We may update this privacy policy to reflect changes in our practices or applicable law. We will notify you of material changes through the app or by email. Your continued use of KicksFolio after such changes constitutes acceptance of the updated policy.

9. Contact information

For privacy-related questions or requests:

  • Email: privacy@kicksfolio.com
  • In-app: Use the bug report feature for privacy concerns
  • Response time: We aim to respond within 72 hours

For data deletion requests or privacy rights inquiries, please include your username and registered email address to help us process your request quickly.

KicksFolio Privacy Policy - Version 2.0
This policy reflects our commitment to protecting your privacy while providing the best sneaker collection management experience.