Last updated: January 22d 2026

Flarecast Privacy Policy

Data Controller: A-Promo Ltd (Cyprus)
Website:  https://flarecast.com
Email:  connect@flarecast.com

1. Introduction
1.1. This Privacy Policy (“Policy”) describes how A-Promo Ltd (“Flarecast”, “we”, “us”, “our”) collects, uses, stores, and protects your personal data when you use the Flarecast mobile application and website (collectively, the “Platform”).

1.2. This Policy complies with the General Data Protection Regulation (GDPR) and the Cyprus Data Protection Law 125(I)/2018, and explains your rights and our obligations regarding the processing of your personal data.

1.3. By installing, accessing, or using the Platform, you agree to this Policy. If you do not agree with its terms, you must discontinue using Flarecast.
2. Definitions
  • User – any individual accessing or using the Platform.
  • Platform – the Flarecast mobile application, web version, and related online infrastructure operated by A-Promo Ltd.
  • Personal Data – any information that identifies or can reasonably identify an individual.
  • Processing – any operation performed on Personal Data (collection, recording, structuring, storage, alteration, retrieval, transmission, deletion, etc.).
  • Controller – A-Promo Ltd, determining the purposes and means of processing Personal Data.
  • Processor – any third party acting on behalf of the Controller under a data processing agreement.
  • Cookies – small text files placed on a device to store information about usage preferences and improve performance.
3. Categories of Personal Data Collected
Flarecast may collect the following categories of information:

3.1. Data Provided by You

  • Registration details (name, email, phone number, username, password).
  • Social media identifiers (optional) for authentication (e.g., TikTok, Google, Instagram).
  • Communication data (correspondence, feedback, support requests).
  • Payment and withdrawal details (PayPal or other payment account ID).

3.2. Automatically Collected Data

  • Device information (model, operating system, version, language, and time zone).
  • IP address and connection metadata.
  • Device identifiers (IDFA, GAID, or similar).
  • App usage data (actions performed, buttons clicked, screens visited).
  • Diagnostic data (errors, crashes, logs).

3.3. Location Data

If you enable location access, Flarecast may collect and process approximate geolocation for analytics, fraud prevention, and optimization of regional settings.

3.4. Cookies and Tracking Technologies

We use cookies, SDKs, and similar technologies to:
  • remember login sessions;
  • analyze usage patterns;
  • display relevant features or promotions;
  • improve Platform performance and security.
You can manage or disable cookies through your browser or device settings.
4. Purposes and Legal Bases of Processing
Your Personal Data is processed for the following purposes and on the listed legal bases:

Purpose of Processing

Legal Basis (GDPR)

Providing access to the Platform, registration, and authentication

Performance of a contract (Art. 6(1)(b))

Payment processing and Rewards

Performance of a contract (Art. 6(1)(b))

Communication and support

Legitimate interest (Art. 6(1)(f))

Fraud detection and security monitoring

Legitimate interest (Art. 6(1)(f))

Analytics and service improvement

Legitimate interest / consent (Art. 6(1)(a), (f))

Legal compliance (e.g., accounting, tax)

Legal obligation (Art. 6(1)(c))



5. Data Retention
5.1. Personal Data is retained for as long as necessary to fulfill the purposes described above, but not longer than required by applicable law.

5.2. Typically, account data is retained for the duration of account activity and for five (5) years after deletion, unless a longer retention period is required for tax, regulatory, or legal reasons.
.
5.3. Data may be anonymized for statistical and analytical purposes after the retention period.
6. Data Sharing and International Transfers
6.1. Flarecast may share your Personal Data with:
  • Payment providers (PayPal, Payoneer);
  • Cloud service providers (Google Cloud);
  • Analytics and performance tools (Amplitude, Appsflyer);
  • Contractors and technical partners under confidentiality agreements;
  • Public authorities when required by law.
6.2. Data transfers outside the European Economic Area (EEA) occur only:
  • to countries with an adequacy decision by the European Commission; or
  • under Standard Contractual Clauses (SCCs) ensuring adequate protection.
6.3. All processors are bound by GDPR-compliant Data Processing Agreements (DPAs) with A-Promo Ltd.
7. Security Measures
The Company applies technical and organizational security measures consistent with international standards (ISO/IEC 27001), including:
  • encryption of data in transit (TLS 1.3) and at rest (AES-256);
  • restricted access control and multi-factor authentication;
  • regular vulnerability testing and security audits;
  • internal data-protection policies and staff training;
  • incident response and breach notification procedures.
In the event of a data breach, Users will be notified within 72 hours, as required by Article 33 of the GDPR.
8. Your Rights under GDPR
You have the following rights regarding your Personal Data:

  • Right of Access – to obtain confirmation whether your data is being processed and to receive a copy.
  • Right to Rectification – to correct inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”) – to request deletion of data in certain cases.
  • Right to Restriction of Processing – to limit how we process your data.
  • Right to Data Portability – to receive data in a structured, machine-readable format.
  • Right to Object – to object to processing based on legitimate interests.
  • Right to Withdraw Consent – at any time, without affecting the lawfulness of processing prior to withdrawal.
  • Right to Lodge a Complaint – with the Office of the Commissioner for Personal Data Protection (Cyprus).
To exercise your rights, contact us at connect@flarecast.com. 
9. Automated Processing and Profiling
Flarecast does not perform automated decision-making or profiling that produces legal effects concerning Users. Any personalization (e.g., localized offers or features) is non-binding and based on aggregated analytics.
10. Children’s Data
The Platform is not intended for individuals under 18 years of age. We do not knowingly collect or process personal data of minors. If you believe a child has provided us with personal data, please contact connect@flarecast.com, and we will promptly delete it.
11. Data Deletion and Account Removal
11.1. Users may request deletion of their account and personal data at any time by contacting connect@flarcast.com

11.2. The request will be verified, and data will be deleted within 30 days, unless retention is required for compliance purposes.

11.3. Data that has been anonymized or aggregated for analytics may be retained without the ability to identify Users.
12. Amendments to this Policy
The Company reserves the right to modify this Policy at any time.
The updated version will be published on https://flarecast.com and within the Application.
If significant changes are made, Users will be notified via email or in-app notification.
13. Contact Details
To communicate with our Data Protection Officer, please email at connect@flarecast.com for DPO.

If you have any questions or concerns about your privacy, any provisions of this Privacy Policy, or any of your rights, you may contact us at connect@flarecast.com.
14. Governing Law and Jurisdiction
This Policy and any disputes arising from it shall be governed by the laws of the Republic of Cyprus. All disputes shall be resolved exclusively by the competent courts of Nicosia, Cyprus.