Privacy Policy

Last updated: 4 June 2026  |  Effective date: 4 June 2026

TaskMari ("we", "us", "our") is committed to protecting your personal data in accordance with Malaysia's Personal Data Protection Act 2010 (PDPA). This policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

• Account data: Name, email address, phone number, password (hashed).
• Profile data: Display name, username, bio, location, profile photo.
• Verification data: Phone OTP records, MyKad document uploads, bank account details.
• Transaction data: Wallet top-ups, withdrawals, task payments, earnings.
• Task data: Tasks posted, offers made, proof photos, chat messages.
• Usage data: Pages visited, device type, IP address, browser information.

2. How We Use Your Data

• To provide and operate the TaskMari platform.
• To verify your identity and prevent fraud.
• To process payments and withdrawals.
• To send transactional emails and notifications.
• To resolve disputes and enforce our Terms of Service.
• To improve our platform through aggregated analytics.

3. Data Sharing

We do not sell your personal data. We share data only with:

• Service providers: Supabase (database and auth), Resend (email), Vercel (hosting).
• Other users: Your display name, username, level, rating, and profile information are visible to other TaskMari users as part of the platform's trust system.
• Law enforcement: When required by Malaysian law or court order.

4. MyKad and Verification Documents

MyKad images uploaded for verification are stored securely and accessed only by TaskMari's verification team. We do not share verification documents with third parties. Documents are retained for as long as your account is active and for 7 years thereafter as required by Malaysian law.

5. Data Retention

We retain your personal data for as long as your account is active. If you deactivate your account, we retain transaction and legal records for 7 years as required by Malaysian financial regulations. You may request deletion of non-essential data at any time.

6. Your Rights Under PDPA

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate data.
• Withdrawal of consent: Withdraw consent for non-essential data processing (note: this may affect your ability to use certain features).

To exercise your rights, email us at hello@taskmari.com.

7. Cookies

TaskMari uses essential cookies for authentication and session management. We do not use third-party advertising cookies.

8. Security

We use industry-standard security measures including HTTPS encryption, hashed passwords, and row-level security on our database. No system is 100% secure — if you suspect a breach, contact us immediately at hello@taskmari.com.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by email. Continued use of TaskMari after changes constitutes acceptance.

10. Contact

For privacy-related questions or requests, contact our Data Protection Officer at hello@taskmari.com.