← Back to homma
Privacy Policy
Effective Date: July 1, 2026 · Last Updated: March 25, 2026
homma ("we," "us," or "our") is operated by The Haven Co., Ltd., a company registered in Thailand. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the homma mobile application, website (homma.app), and related services (collectively, the "Service").
1. Information We Collect
1.1 Information You Provide
- Account Information: When you create an account, we collect your email address, display name, nickname, and profile photo. If you sign in through a third-party service (Google, Apple, or X), we receive your name, email address, and profile picture from that service.
- Profile Information: Bio, studio introduction, cover image, and social media links you choose to add to your homma profile.
- Content: Photos, videos, and text you upload to the Service.
- Messages: Direct messages you send to other users through the Service.
- Support Information: When you send a support ticket to a fan photographer ("Homma"), we record the item type and ticket amount.
- Settlement Information (Homma users only): Bank account details, account holder name, and tax identification number required for payment settlement processing.
- Customer Support: Information you provide when contacting us, including screenshots and descriptions of issues.
1.2 Information Collected Automatically
- Device Information: Device type, operating system, unique device identifiers, and mobile network information.
- Usage Data: Pages viewed, features used, time spent on the Service, and interaction patterns.
- Log Data: IP address, browser type, access times, and referring URLs.
- Location Data: We do not collect precise location data. We may infer your general location (country/region) from your IP address for language and currency localization.
1.3 Information from Third Parties
- Authentication Providers: When you sign in with Google, Apple, or X, we receive basic profile information as authorized by you.
- Payment Processors: Paddle (our Merchant of Record for web payments), Apple, and Google provide us with transaction confirmations. We do not receive or store your credit card numbers or payment method details.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Service
- Process transactions and send related information (ticket purchases, support transactions, settlements)
- Send push notifications (new posts from followed Hommas, support received, messages, announcements) — you can disable these in your settings
- Translate direct messages between users using automated translation services
- Respond to your customer support inquiries
- Monitor and analyze usage trends to improve user experience
- Detect, investigate, and prevent fraudulent transactions and other illegal activities
- Comply with legal obligations, including tax withholding requirements
3. How We Share Your Information
We do not sell your personal information. We may share your information in the following circumstances:
- Public Profile Information: Your nickname, display name, profile photo, bio, and uploaded content are visible to all users and visitors of the Service.
- Service Providers: We share information with third-party service providers who perform services on our behalf:
| Provider | Purpose | Data Shared |
|---|
| Supabase | Database, authentication, storage | Account data, content |
| Paddle | Payment processing (Merchant of Record) | Email, transaction data |
| Apple / Google | In-app purchase processing | Transaction data |
| Firebase (Google) | Push notifications | Device tokens |
| Google Cloud Translation | Message translation | Message content |
| Sentry | Error monitoring | Device info, error logs |
- Settlement Processing: For Homma users who request payment settlements, we share necessary information with our Korean subsidiary (Heidi) for domestic bank transfers and tax withholding processing.
- Legal Requirements: We may disclose your information if required by law, legal process, or governmental request.
- Safety: We may disclose information to protect the rights, property, or safety of homma, our users, or others.
4. Data Retention
- Account Data: Retained while your account is active. Upon account deletion request, we retain your data for 30 days (recovery period), after which it is permanently deleted.
- Content: Uploaded content is retained until you delete it or your account is terminated.
- Messages: Retained while both sender and receiver accounts are active.
- Transaction Records: Retained for 5 years as required by applicable tax and financial regulations.
- Settlement Records: Retained for 5 years for tax compliance purposes.
- Log Data: Retained for up to 12 months.
5. Data Security
We implement appropriate technical and organizational measures to protect your personal information, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Row-Level Security (RLS) policies ensuring users can only access their own private data
- Encrypted storage of sensitive settlement information (bank account details, tax ID)
- Regular security assessments and monitoring
No method of transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data.
6. Your Rights and Choices
6.1 All Users
- Access: You can access your personal information through your profile settings.
- Update: You can update your profile information at any time through the app.
- Delete: You can request account deletion through the app (MY → Settings → Delete Account). Your data will be permanently deleted after a 30-day recovery period.
- Push Notifications: You can enable or disable push notifications in your app settings.
- Block Users: You can block other users to prevent them from viewing your content or sending you messages.
6.2 European Users (GDPR)
If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):
- Right to access, rectify, or erase your personal data
- Right to restrict or object to processing
- Right to data portability
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
To exercise these rights, contact us at cs@homma.app.
6.3 California Users (CCPA)
If you are a California resident, you have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information.
7. Children's Privacy
The Service is not intended for users under the age of 14. We do not knowingly collect personal information from children under 14. If we become aware that we have collected personal information from a child under 14, we will take steps to delete such information promptly. If you believe a child under 14 has provided us with personal information, please contact us at cs@homma.app.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence, including Thailand (where The Haven Co., Ltd. is incorporated), South Korea (where our settlement subsidiary operates), and Singapore (where our database servers are located). We ensure appropriate safeguards are in place for such transfers.
9. Third-Party Links and Services
The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.
10. Cookies and Tracking Technologies
Our website (homma.app) uses essential cookies for authentication and session management. We do not use advertising cookies or third-party tracking cookies. The mobile app does not use cookies.
11. Push Notifications
We may send push notifications to your device about new content, messages, support received, and announcements. You can opt out of push notifications through your device settings or within the app settings.
12. Automated Decision-Making
We use automated translation services to translate direct messages between users. We do not use automated decision-making that produces legal effects or similarly significant effects on you.
13. Notice and Takedown (DMCA)
We respond to notices of alleged copyright infringement in accordance with the U.S. Digital Millennium Copyright Act (DMCA) and applicable laws. For copyright complaints, please contact us at cs@homma.app with the subject line "DMCA Notice."
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we will provide notice through the app or via email.
15. Contact Us
If you have any questions about this Privacy Policy, please contact us:
- General inquiries: cs@homma.app
- Payment & settlement: pay@homma.app
- Company: The Haven Co., Ltd.
- Address: 748 Sukhumvit Rd, Khlong Tan, Khlong Toei, Bangkok 10110, Thailand