Back to home

Privacy Policy

Last updated: February 2026

In accordance with Law 18-07 of June 10, 2018 relating to the protection of natural persons in the processing of personal data, amended by Law 11-25 of July 2025, Trokacha is committed to protecting the personal data of its users.

Article 1 – Data Controller

Trokacha
Trokacha – Online intermediation platform – Algeria

Data Protection Officer (DPO) : contact@trokacha.com

Article 2 – Data Collected

Trokacha only collects data necessary for the operation of the service:

2.1 – Identification Data

  • Last name, first name, date of birth
  • Email address, phone number
  • Profile photo (optional)

2.2 – Identity Verification Data

  • Photo of an official identity document (national ID card, driver's license or passport)
  • Verification selfie for comparison with the identity document
  • For drivers (carpooling and transport services): copy of driver's license

This data is processed solely to verify the user's identity and assign the "Verified User" badge. Identity document images are stored encrypted during the verification period, then deleted within 30 days after badge validation. Only the verification status (verified/unverified) is retained thereafter.

2.3 – Geolocation Data

  • User's geographic position (with explicit consent)
  • Used for: displaying nearby ads, carpooling and parcel transport services
  • Geolocation only works when the app is active (no background collection)
  • The user can disable geolocation at any time in their device settings

2.4 – Transaction and Usage Data

  • History of published ads, proposed and completed exchanges
  • User ratings and reviews
  • Messages exchanged via built-in chat (text, photos, voice messages, documents)
  • Browsing and platform usage data (pages visited, session duration)
  • Points, badges and gamification data

2.5 – Technical Data

  • IP address
  • Operating system type and version (iOS, Android)
  • Device model
  • Unique device identifier
  • Performance and diagnostic data (crashes, errors)

Article 3 – Legal Basis for Processing

Processing is based on:

  • Consent: the user gives express and informed consent during registration and activation of each feature (geolocation, identity verification, notifications)
  • Contract performance: data necessary for service delivery (ads, exchanges, chat, carpooling)
  • Legal obligations: data retention required by Algerian law
  • Legitimate interests: fraud prevention, platform security, service improvement

Article 4 – Third-Party Services and Processors

Trokacha uses third-party services necessary for the operation of the platform. These providers act as data processors and are contractually bound to respect data confidentiality:

4.1 – Firebase (Google LLC)

  • Firebase Authentication: user registration and login management
  • Cloud Firestore: secure storage of application data (ads, profiles, messages)
  • Firebase Storage: image hosting (ad photos, profile photos)
  • Firebase Cloud Messaging: push notification delivery
  • Firebase Crashlytics: technical error detection and correction (anonymized data)

Google Privacy Policy

4.2 – Expo / React Native

Technical infrastructure for the development and distribution of the mobile application. No personal user data is shared with Expo.

Expo Privacy Policy

4.3 – Analytics Services

If analytics tools are enabled (Firebase Analytics or similar), the data collected is anonymized and used solely to improve the user experience. The user can opt out of this collection in the application settings.

Article 5 – Your Rights

In accordance with Law 18-07, you have the following rights:

  • Right of access: obtain all your personal data held by Trokacha
  • Right to rectification: correct any inaccurate or incomplete data
  • Right to erasure: request deletion of your data (right to be forgotten)
  • Right to object: object to the processing of your data on legitimate grounds
  • Right to restriction: request restriction of processing in certain circumstances
  • Right to portability: receive your data in a structured and readable format
  • Right to withdraw consent: withdraw your consent at any time, without affecting the lawfulness of prior processing

These rights can be exercised by contacting : contact@trokacha.com

Trokacha commits to responding to any request within a maximum of 30 days.

Article 6 – Data Retention

Personal data is retained according to the following periods:

  • Active account data: retained during the period of account use
  • Inactive account: data is retained for 3 years after last activity
  • After account deletion: data is archived in accordance with legal obligations then permanently deleted
  • Identity verification data (ID photos/selfie): deleted within 30 days of validation
  • Chat messages: retained during the account lifetime, then deleted with the account
  • Diagnostic and crash data: retained for a maximum of 90 days

Article 7 – Data Security

Trokacha implements appropriate technical and organizational measures to protect personal data:

  • Data encryption in transit (TLS/SSL) and at rest
  • Enhanced encryption for sensitive data (identity documents, driver's licenses)
  • Firebase security rules (Firestore Security Rules) limiting access to authorized data only
  • Strict authentication-based access controls
  • Regular security audits
  • Regular data backups

Article 8 – Breach Notification

In the event of a data breach likely to result in a high risk to your rights and freedoms:

  • The ANPDP will be notified within 5 days (in accordance with Law 11-25)
  • Affected users will be informed as soon as possible via in-app notification and/or email
  • The notification will include: the nature of the breach, the data concerned, the measures taken and recommendations for users

Article 9 – Data Transfers

Personal data is processed through Google's Firebase services, whose servers may be located outside Algeria (European Union, United States).

Trokacha ensures that these transfers benefit from adequate safeguards:

  • Google complies with international data protection standards (SOC 2, ISO 27001 certifications)
  • Standard contractual clauses govern these transfers
  • Any prior authorization required from the ANPDP will be obtained in accordance with applicable law

Article 10 – Minor Users

Trokacha is not intended for persons under 18 years of age. No minor user may create an account on the platform.

If Trokacha discovers that a user is a minor, their account will be immediately suspended and their data deleted within 48 hours.

If you are a parent or guardian and believe your child has created an account on Trokacha, please contact us at contact@trokacha.com.

Article 11 – Technical Identifiers and Cookies

The Trokacha mobile application does not use cookies. However, the following technologies may be used:

  • Device identifier: used for push notification delivery and account security
  • Authentication tokens: stored locally on your device to maintain your logged-in session
  • Advertising identifier (Advertising ID): not used by Trokacha. No data is shared for advertising purposes

The trokacha.com website may use technical cookies necessary for its operation. No advertising tracking cookies are used.

Article 12 – Policy Modifications

Trokacha reserves the right to modify this privacy policy at any time. Users will be informed of any substantial modification by:

  • In-app notification
  • Update of the "last updated" date at the top of this document

Continued use of Trokacha after notification constitutes acceptance of the modified policy.

Article 13 – Right to Complain

If you believe your rights have not been respected, you may:

  • Contact Trokacha at contact@trokacha.com
  • File a complaint with the National Personal Data Protection Authority (ANPDP)

ANPDP website : https://www.anpdp.dz/

Contact

For any questions regarding this privacy policy:

Email : contact@trokacha.com

Support : support@trokacha.com

Website : https://www.trokacha.com

Terms of UseContact us