Security

1. Data Collection & Usage

In compliance with Apple App Store and Google Play Store data safety requirements, here is a transparent summary of the data JABB collects and how it is used.

Data we collect

• Account information — name, email address, and phone number provided during registration.
• Location data — GPS coordinates collected only during active missions to verify on-site presence (Golden Proof Protocol).
• User-generated content — reviews, audio notes, photos, and survey responses you submit.
• Device information — device model, OS version, and app version for compatibility and diagnostics.
• Usage analytics — anonymized interaction patterns to improve the app experience.

How we use your data

• Verify mission completions with GPS-locked proof
• Generate anonymized CX reports for business partners
• Process JABB Coin rewards and wallet transactions
• Send account notifications and mission updates
• Improve app performance and user experience

Data we do NOT collect

• Financial information (credit cards, bank accounts)
• Health or fitness data
• Contact lists or address books
• Browsing history outside the app
• Background location tracking when not on a mission

2. Data Sharing & Third Parties

JABB never sells your personal data. Business partners only receive anonymized, structured evaluation reports — your identity as a JABBer is always protected.

We share limited data only with:

• Cloud infrastructure providers — for secure hosting and storage (encrypted at rest and in transit).
• Payment processors — for processing reward redemptions (minimal data shared under PCI-DSS compliance).
• Analytics services — anonymized usage data only, with no personal identifiers.

We do not share data with advertising networks or data brokers.

3. Encryption & Infrastructure Security

• In transit — all communications encrypted with TLS 1.3. Certificate pinning enforced on mobile clients.
• At rest — all stored data encrypted with AES-256. Database backups are encrypted and access-controlled.
• Authentication — secure token-based authentication with automatic session expiry and refresh rotation.
• Infrastructure — hosted on enterprise-grade cloud infrastructure with firewall protection, DDoS mitigation, and regular security patching.

4. Golden Proof Protocol

Every mission and review submitted through JABB is verified by our Golden Proof Protocol, which ensures data integrity through:

• GPS verification — confirms physical presence at the evaluated location.
• Timestamp validation — records exact time of review submission.
• Photo evidence — optional photo proof with EXIF metadata verification.
• Device fingerprinting — prevents duplicate or fraudulent submissions.

5. Data Retention & Deletion

We retain your personal data only for as long as your account is active and as needed to provide our services. Specifically:

• Account data — retained while your account is active. Deleted within 30 days of account deletion request.
• Mission data — anonymized and retained for reporting purposes after account deletion. Personal identifiers are removed.
• Location data — purged within 90 days of mission completion. Not retained beyond verification needs.
• Usage analytics — anonymized data may be retained indefinitely for product improvement.

You can request full deletion of your data at any time by contacting contact@jabb.pro or through the app's Settings > Privacy > Delete Account.

6. Your Rights

You have the right to:

• Access — request a copy of all data we hold about you.
• Correction — update or correct inaccurate personal information.
• Deletion — request permanent deletion of your account and associated data.
• Portability — receive your data in a machine-readable format.
• Opt-out — disable optional data collection (analytics, location) at any time through app settings.

7. App Permissions

JABB requests only the permissions necessary for core functionality:

• Location (when in use) — required for GPS verification during missions. Never tracked in the background.
• Camera — optional, for photo evidence during reviews and missions.
• Microphone — optional, for audio review recordings.
• Notifications — optional, for mission alerts and reward updates.
• Internet — required for syncing reviews and accessing the platform.

All optional permissions can be revoked at any time through your device settings without affecting core app functionality.

8. Children's Privacy

JABB is not intended for children under 16. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 16, we will promptly delete it. Parents or guardians who believe their child has provided us with personal data can contact us at contact@jabb.pro.

9. Security Vulnerability Reporting

We take security seriously. If you discover a vulnerability in our platform, please report it responsibly:

• Email contact@jabb.pro with the subject line "Security Vulnerability Report".
• Include a detailed description of the vulnerability and steps to reproduce.
• Allow us reasonable time to investigate and patch before public disclosure.

10. Contact

For security-related questions or concerns, contact our team at contact@jabb.pro.

Last updated: March 2026