Data Policy

1. What Data We Store

The Khench platform stores the following categories of data:

• User records: Profile details (name, email, phone, date of birth), role (customer or provider), XP, level, tier status, badge achievements, and verification state.
• Job records: Service type, job description, geographic area polygon, base bid amount, timestamps (created, expires, completed), photos, and job status history.
• Offer and Assignment records: Provider bids, counter-offer negotiation history, accepted offers, assignment state transitions (enroute → onsite → working → complete), and scheduled times.
• Payment records: Stripe PaymentIntent IDs, lifecycle states (authorized / captured / voided / refunded), amounts authorized and captured, timestamps. We never store raw card numbers or CVVs.
• Location pings: GPS coordinates (latitude, longitude, speed, heading) recorded during active assignments only — not during browsing or idle time.
• Push tokens: Device push notification identifiers (Expo push tokens), associated platform (iOS / Android).
• Legal acceptance records: Immutable records of when you accepted our Terms of Service and Privacy Policy — including IP address, user agent, and timestamp. These records cannot be deleted (legal compliance requirement).
• Event audit log: Append-only log of sensitive actions (payments, legal acceptances, disputes, admin actions) for fraud prevention and regulatory compliance.

2. How Data Flows

• Job posting: When you post a job, details are stored in our PostgreSQL database and immediately broadcast to nearby providers via Socket.IO (WebSocket). Only providers in your geographic area see your job.
• Photo uploads: Photos are uploaded directly to our MinIO/S3-compatible storage via presigned URLs. Photos are never routed through our API server — they go straight from your device to storage.
• Payments: When you accept a bid, a Stripe PaymentIntent is created with manual capture. Your card is authorized (a hold is placed) but funds are not transferred until the provider marks the job complete and you confirm. Stripe handles all card data — we never see or store it.
• Location during assignments: Your GPS coordinates are shared with the other party (provider sees customer's approximate area; customer sees provider's real-time location when enroute). Location data is not accessible to other users or stored beyond the assignment window.

3. Data Security

• JWT authentication tokens (HS256, 7-day expiry) for all API requests
• Passwords hashed with bcrypt (12 rounds) — magic-link email auth is the recommended flow
• HTTPS enforced everywhere (TLS in transit, encrypted at rest)
• Stripe handles all card data (PCI-DSS Level 1 compliant)
• Age verification performed server-side — never trusted from the client
• Webhook event deduplication prevents double-processing of payment events

4. Retention Schedule

5. Data Deletion Requests

You may request deletion of your account and associated personal data at any time by contacting [email protected].

Account deletion removes your name, email, phone number, and profile photo. We are required by law to retain anonymized job and payment records for 7 years (CRA obligations). Legal acceptance records and audit logs are append-only and cannot be deleted. All remaining personal identifiers in retained records are anonymized upon account deletion.

6. Third-Party Data Processors

7. Contact

For data-related inquiries, deletion requests, or questions about your rights, contact:

Khench Technologies Inc.
Ontario, Canada
[email protected]

For privacy-related inquiries (access requests, corrections, consent withdrawal), see our Privacy Policy or email [email protected].