CHERONTerms of Service

Privacy Policy

Last updated: February 2026

Cheron SAS (“Cheron”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Cheron mobile application and platform (“Service”).

1. Information We Collect

1.1 Information You Provide

  • Account information: name, email address, phone number, profile photo
  • Service request data: descriptions of issues, photos and videos of your property
  • Communications: messages exchanged with Professionals through the platform
  • Reviews and ratings you submit
  • Professional verification data: identity documents (processed by Stripe Identity), insurance documents, business registration

1.2 Information Collected Automatically

  • Location data: your address for service delivery, and real-time location during active jobs (with your consent)
  • Device information: device type, operating system, unique device identifiers
  • Usage data: app interactions, features used, timestamps
  • Push notification tokens (with your consent)

1.3 Information from Third Parties

  • Payment data: processed and stored by Stripe (we do not store your full card details)
  • Authentication data: if you sign in via Google or Apple, we receive your name and email from those services

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Match you with available Professionals in your area
  • Process payments and payouts
  • Send transactional notifications (job updates, payment confirmations)
  • Resolve disputes between customers and Professionals
  • Verify Professional identities and qualifications
  • Generate AI-powered price estimates using your service descriptions and photos
  • Detect and prevent fraud, abuse, and violations of our Terms
  • Comply with legal obligations

3. Legal Basis for Processing (GDPR)

Under the EU General Data Protection Regulation (GDPR), we process your data based on:

  • Contract performance: processing necessary to provide the Service you requested
  • Legitimate interests: fraud prevention, platform security, service improvement
  • Consent: location tracking, push notifications, marketing communications
  • Legal obligation: tax reporting, regulatory compliance

4. How We Share Your Information

We share your information only as described below:

  • With Professionals: your name, service address, and job details are shared with the Professional assigned to your job
  • With customers: Professional name, profile photo, ratings, and verification status are visible to customers
  • Payment processors: Stripe processes payments on our behalf
  • Cloud infrastructure: Supabase (database and authentication), Expo (push notifications)
  • AI providers: Google Gemini processes service descriptions and photos for pricing estimates (no personal identifiers are sent)
  • Legal requirements: when required by law, regulation, or legal process

We do not sell your personal information to third parties.

5. Data Retention

We retain your account data for as long as your account is active. After account deletion, we retain anonymized transaction records for 5 years for tax and legal compliance. Chat messages and photos are deleted within 90 days of account deletion.

6. Your Rights

6.1 GDPR Rights (EU/EEA Users)

You have the right to:

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate or incomplete data
  • Erasure: request deletion of your data ("right to be forgotten")
  • Restriction: limit how we process your data
  • Portability: receive your data in a structured, machine-readable format
  • Object: object to processing based on legitimate interests
  • Withdraw consent: at any time, without affecting prior processing

6.2 CCPA Rights (California Residents)

You have the right to:

  • Know what personal information is collected and how it is used
  • Delete your personal information
  • Opt out of the sale of personal information (we do not sell your data)
  • Non-discrimination for exercising your rights

7. Data Security

We implement industry-standard security measures including: encryption in transit (TLS/SSL) and at rest, row-level security on database tables, secure authentication with session tokens, PCI-compliant payment processing through Stripe, and regular security reviews.

8. International Data Transfers

Your data may be processed in countries outside the EU/EEA. When this occurs, we ensure adequate protections are in place through Standard Contractual Clauses or other approved transfer mechanisms under GDPR.

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we learn we have collected data from a child, we will delete it promptly.

10. Third-Party Links

The Service may contain links to third-party websites or services (e.g., Stripe for payments). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via the app or email. The “Last updated” date at the top indicates when the policy was last revised.

12. Contact Us

For privacy-related questions, data access requests, or to exercise your rights, contact us at:

Email: privacy@cheron.app

Data Protection Officer: dpo@cheron.app

Cheron SAS
Paris, France

EU residents may also file a complaint with your local data protection authority (e.g., CNIL in France).