Privacy Policy of cOMmon
1. Introduction
cOMmon values the privacy of its Members. We process personal data in line with the General Data Protection Regulation (GDPR) and applicable European data protection law.
This Privacy Policy explains what data we collect, why we collect it, how we use and share it, how long we keep it, and what rights you have.
​
​
2. Data Controller
The entity responsible for processing your personal data is:
cOMmon, Solvondo BV
Waalstraat 81, 9870 Zulte, Belgium
Company number: 0866.464.574
Privacy contact: [email protected]
​
If we appoint a Data Protection Officer in the future, we will update this Policy with their contact details.
​
​
3. Scope
This Policy applies to the personal data processed when you use the cOMmon platform, including account creation, profiles, messaging, participation in projects and events, and any platform features related to exchanges between Members.
​
​
4. Data We Collect
We only collect data that is relevant for operating and improving the platform.
​
​
4.1 Data you provide
Account and identification data
Name, email address, password, and other information you provide during registration.
Profile information
Biography, skills, interests, profile photo, and an approximate location indication if you choose to provide it.
Content and interactions
Messages, support requests, content you post or submit, and your participation in projects, events, or community features such as reviews.
Transaction and contribution data
Membership contributions, records of contributions or exchanges, and platform-related credit activity where applicable.
​
4.2 Data collected automatically
Technical and usage data
IP address, device and browser information, log data, and usage statistics.
Cookies and similar technologies
We use cookies and similar technologies as described in Section 12 and in our Cookie Policy.
​
4.3 Data from third parties
We may receive limited data from service providers that support platform operations, such as payment confirmation from a payment provider, or delivery and engagement metrics from an email provider.
​
​
5. How We Use Personal Data
We process personal data for the following purposes:
Account creation and management
To create, maintain, and secure Member accounts.
Community connection and matching
To help Members connect, find relevant projects, spaces, and collaborations, and use platform features.
Platform operations and administration
To manage memberships, contributions, platform credits, and cooperative administration where applicable.
Safety and integrity
To prevent misuse, fraud, and harmful behavior, and to maintain platform security.
Support and communication
To answer requests, provide platform updates, and send newsletters where you opt in.
Service improvement
To understand platform usage and improve functionality, performance, and Member experience.
​
​
6. Legal Bases for Processing
We process personal data under one or more of the following legal bases:
Contract
Processing is necessary to provide the platform and membership services you request.
Consent
For optional features such as newsletters and non-essential cookies where required.
Legal obligation
For example accounting and tax obligations related to memberships or contributions.
Legitimate interests
To operate, secure, and improve the platform, including fraud prevention, abuse detection, and network and information security. Where we rely on legitimate interests, we consider and balance these interests against your rights and freedoms.
​
​
7. Visibility of Profiles and Member Content
Some profile information may be visible to other Members depending on your settings and the features you use. This can include your name, photo, biography, skills, interests, and approximate location.
Messages are visible to the participants of the conversation.
If you choose to post content in community areas, projects, events, or reviews, that content may be visible to other Members as part of the platform experience.
​
You are responsible for the personal data you choose to share through your profile and content.
Please avoid sharing sensitive personal data about yourself or others unless necessary and you have a lawful basis to do so.
​
​
8. Jobflow, Reviews, and Platform Safety Signals
cOMmon may provide platform features such as confirmations, cancellations, completion statuses, no-show flags, reviews, or reliability indicators. These features are intended to support community trust and platform safety.
​
Where automated signals are used, they are used for internal platform features and do not produce legal effects. If you believe a signal is incorrect or exceptional circumstances apply, you can contact us to request a human review.
​
​
9. Sharing of Data
We do not sell personal data.
​
We may share personal data with service providers that process data on our behalf, strictly for the purposes described in this Policy. This can include providers for hosting, email delivery, customer support, analytics, security monitoring, and payment processing.
​
These providers are bound by appropriate contractual obligations, including GDPR-compliant data processing agreements where required.
​
We may also share data when necessary to comply with a legal obligation or to protect the rights, safety, and integrity of Members, the platform, or third parties.
​
​
10. International Transfers
We aim to store and process personal data within the European Economic Area.
If personal data is transferred outside the EEA, we use appropriate safeguards as required by law, such as Standard Contractual Clauses. Where applicable, we may also rely on other recognized transfer mechanisms for specific providers.
​
​
11. Data Retention
We keep personal data only as long as necessary for the purposes described in this Policy.
Typical retention periods include:
Account and profile data
Kept while your account is active. If you delete your account, we delete or anonymize profile data within a reasonable period, unless retention is required by law or necessary for security, dispute prevention, or the establishment, exercise, or defense of legal claims.
​
Transaction and membership records
Kept for at least 7 years where required for legal bookkeeping and accounting obligations.
Support communications
Kept as long as needed to handle your request and for a reasonable period thereafter to improve support and ensure continuity.
Backups
Backup systems may retain copies of certain data for a limited period as part of security and continuity procedures, before being overwritten.
​
​
12. Cookies and Tracking
We use functional cookies that are necessary for basic platform operation.
Analytical or marketing cookies are only used where required with your consent. Details on cookies, purposes, and how to manage preferences are provided in our Cookie Policy.
​
​
13. Security Measures
We take appropriate technical and organizational measures designed to protect personal data. These may include:
Secure connections where appropriate (for example HTTPS).
Password protection using industry-standard hashing.
Access controls and role-based permissions.
Security updates and periodic reviews of technical measures.
No system can be guaranteed fully secure. We work to reduce risk and respond to issues responsibly.
​
​
14. Your Rights Under the GDPR
Subject to the conditions and exceptions in the GDPR, you have the right to:
Access your personal data.
Correct inaccurate data.
Request deletion of your data.
Restrict processing in certain cases.
Object to processing based on legitimate interests.
Data portability where applicable.
Withdraw consent at any time where processing is based on consent, without affecting prior lawful processing.
To protect your privacy, we may need to verify your identity before fulfilling certain requests.
You also have the right to lodge a complaint with your local data protection authority. If you are in Belgium, this is the Belgian Data Protection Authority.
​
​
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will display the “last updated” date and, where appropriate, provide additional notice through the platform.
​
Last updated: January 30th, 2026
​
16. Contact
For privacy questions or to exercise your rights, contact: