1.1 Account & profile information
When you create an account, we collect:
1.2 Payment & donation information
When you make a donation, we collect:
We do not store card numbers or raw payment credentials. All card data is handled directly by PayWay, our PCI-compliant payment processor.
1.3 Donor messages
If you post a public donor message after a completed donation, we collect and display: display name (or "Anonymous"), your message, donation amount and currency, and timestamp. Donor messages are publicly visible.
1.4 Device & notification data
If you enable push notifications, we collect FCM device tokens to deliver notifications and may collect notification interaction data (e.g. delivery success/failure).
1.5 Technical & usage data
We collect technical data to operate the service: Firebase User ID (UID), session tokens, timestamps of account creation and transactions, and payment callback data archived for audit purposes. We may use analytics and crash reporting (e.g. Firebase Crashlytics) to improve stability and performance.
| Purpose | Data used |
|---|---|
| Account creation and authentication | Email, password, display name, photo URL |
| Processing donations | Name, email, phone, donation/payment details |
| Displaying public donor boards | Display name, message, amount, currency |
| Sending push notifications | FCM device token, language preference |
| Donation history and receipts | Donation and transaction records |
| Fraud prevention and security | HMAC-verified payment callbacks, App Check |
| Service configuration and improvements | Remote Config, anonymized usage data |
| Audit and compliance | Payment callback archives in cloud storage |
We do not sell or rent your personal information to third parties for marketing purposes.
We share data with the following third-party services to operate the platform:
We may also share information when required by law, court order, or government request, or to protect our rights or the safety of users.
| Data | Retention |
|---|---|
| User accounts | Until account deletion is requested |
| Donations and transactions | Indefinitely (financial record-keeping) |
| Donor messages | Stored indefinitely; publicly visible for a configurable period |
| Payment callback archives | Indefinitely (audit/compliance) |
| Push notification logs | Indefinitely |
We implement industry-standard measures, including:
No system is 100% secure. We encourage you to use a strong password and keep your credentials private.
Depending on your location, you may have the right to:
To exercise any of these rights, contact us at the details below. We will respond within 30 days. Account deletion and data export may require a manual process — please contact us directly.
The App is not intended for children under 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take steps to delete it.
Our platform is operated primarily for users in Cambodia. Data is stored on Google Cloud infrastructure, which may be located outside your country of residence. By using the App, you consent to such processing. We ensure appropriate safeguards where required by law.
We may update this Privacy Policy from time to time. Material changes will be notified via push notification or by updating the "Last Updated" date. Continued use of the App after changes constitutes your acceptance of the updated policy.
For questions, requests, or complaints about this Privacy Policy or your data:
National Olympic Committee of Cambodia
No. 1, Republic of Poland Blvd. (163)
Phnom Penh 120307, Kingdom of Cambodia
Email: info@noc-cambodia.org
Phone: +855 23 426 666
Office Hours: Monday – Friday, 8:00 AM – 5:00 PM
© National Olympic Committee of Cambodia. All rights reserved. Privacy Policy v1.0 (16 March 2026). For the NOCC Campaign app on the App Store, Google Play, and other distribution channels.