Legal · CookingSocial LLC
When you create an account using Google Sign-In or Apple Sign-In, we receive your name, email address, profile photo (if provided), and a unique identifier to maintain your session. We do not offer email/password accounts.
In-app activity we collect: volunteer sign-ups, shifts, check-ins, and hours; badges earned; resource saves; daily intent entries; event RSVPs.
Location: We use your ZIP code to surface local resources. We do not collect precise GPS location unless you explicitly grant permission for map features.
Without signing in, we do not collect your name, email, or any personally identifiable information, and we do not create a persistent identifier tied to your device.
Resources related to domestic violence, immigration status, mental health, and substance use are classified under Sensitivity Tier 2 or Tier 3. We do not send push notification previews that could expose sensitive resource use, suppress prompts and upsell that could associate a person with a sensitive resource, and do not store resource identifiers in our anonymous signal database.
Field reports are permanently anonymous. We generate a one-way hash for deduplication only — it cannot be reversed to identify you. We cannot link a field report to your identity even in response to a legal request, because the data architecture does not retain it.
When your organization onboards, we collect your organization name, address, contact information, billing details for paid subscription tiers (handled by Stripe), and content you post including listings, events, bulletins, volunteer postings, and impact stories.
| Purpose | Information Used | Legal Basis |
|---|---|---|
| Authenticate your account | Sign-in provider ID, email | Contract |
| Surface relevant resources | ZIP code, resource saves | Legitimate interest |
| Manage volunteer activity | Shifts, hours, check-ins | Contract |
| Process partner subscription payments | Billing details (via Stripe) | Contract |
| Send transactional notifications | Email, preferences | Contract / Consent |
| Improve the platform | Aggregate, de-identified data | Legitimate interest |
| Safety and abuse prevention | Account identifiers, activity flags | Legitimate interest |
We do not use your information for targeted advertising and do not build behavioral profiles for sale or transfer to data brokers.
For partner organizations, we use information to operate your profile and listings, process volunteer management and reporting, bill paid subscription tiers via Stripe, send transactional communications, issue certifications, provide analytics, and enforce platform policies.
Pantoh Commons includes an AI assistant called Pantoh AI, powered by Anthropic's Claude.
Conversation history is stored on your device only. We do not store your conversations on our servers. Pantoh AI uses only session context — your ZIP code and the resource you're viewing — not your full account history.
Pantoh AI includes references to crisis resources including DV hotlines, mental health support, and SAMHSA. This is a safety requirement, not optional behavior.
We do not use AI or machine translation for SNAP/WIC legal advisory language, crisis references, or immigration safety notices. These are always translated by qualified human translators.
We do not sell your personal information. We share information only with the following parties:
| Provider | Purpose |
|---|---|
| Stripe | Payment processing for partner subscription billing |
| Firebase (Google) | Authentication and infrastructure |
| Postmark | Transactional email delivery |
| Anthropic | AI features (session context only; no conversation history retained) |
| Maps and location features (Powered by Google where applicable) |
These vendors are contractually prohibited from using your information for their own purposes. If you volunteer with a partner organization, we share your name, contact information, and volunteer hours with that organization. We may disclose information as required by law; however, field reports are permanently anonymous and AI conversations are device-only, so we cannot produce this data even in response to legal requests.
| Data Type | Retention Period |
|---|---|
| Account information | Until account deletion request |
| Volunteer records | Until account deletion; partner copy per their legal obligations |
| Partner billing records | 7 years (financial record-keeping) |
| Aggregate analytics | Per the retention window of the partner's subscription tier |
| Field reports | No personal data (permanently anonymous) |
| AI conversation history | Not on our servers — device only |
| Open Door session data | No personal data retained |
When you delete your account, we delete your personal information within 30 days, except where retention is required by law.
We treat the following categories with heightened protection: domestic violence or safety situations, immigration status, mental health or substance use, sexual orientation or gender identity, and information about minors. These protections are enforced at the system level and cannot be disabled by administrators or users.
Pantoh Commons is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact legal@pantoh.app and we will delete it promptly. Users between 13 and 18 should use the platform only with parental or guardian involvement.
We implement TLS encryption in transit, encryption at rest, a physically separate database instance for sensitive signal data with separate encryption keys and no cross-application join keys, need-to-know access controls, and regular security testing. If you believe your account has been compromised, contact legal@pantoh.app immediately.
You may access and correct your account information in-app at any time, manage notification preferences in settings, and use Open Door mode without an account. To request account deletion, contact legal@pantoh.app.
California Residents (CCPA): You have the right to know what personal information we collect, the right to delete it, the right to opt out of sale (we do not sell personal information), and the right to non-discrimination for exercising your rights.
Other State Privacy Laws: Residents of Virginia, Colorado, Connecticut, Texas, and other states with comprehensive privacy laws may have similar rights. We respond to verified requests within 45 days.
This Privacy Policy does not apply to third-party sites. Data sources including OpenStreetMap, USDA FoodData Central, and Google Places are subject to their own terms. Attribution is displayed within the app.
We may update this Privacy Policy from time to time. We will update the "Last Updated" date and notify you through the app or by email for material changes. Continued use after the effective date constitutes acceptance.
CookingSocial LLC
legal@pantoh.app
Terms of Service: commons.pantoh.app/tos