Privacy Policy

When you register, verify your identity, or use Platform features, you may provide:

• ◆Account basics: display name, email address, password, nationality, languages spoken
• ◆Travel Persona: MBTI type and responses to our 20-question travel compatibility survey (lifestyle, dietary habits, comfort with strangers, etc.)
• ◆Identity verification: government-issued photo ID image and a selfie (processed solely for verification purposes; document numbers are not stored in your public profile)
• ◆Optional enhanced verification: LinkedIn profile or social media handle
• ◆Stay & hosting details: available dates, city, house rules, photos of your space
• ◆SisterGuide profile: experience tags, topic areas you are willing to discuss
• ◆Emergency contact: name and phone number of a trusted person (visible only to you and the Platform's moderation team; shared with your matched Sister only upon mutual agreement or in an emergency)
• ◆User-generated content: travel stories, reviews, ratings, guide uploads, and any content you choose to share on the Platform
• ◆Communications: messages exchanged with other members through the in-Platform chat

• ◆Device and browser information: IP address, browser type and version, operating system, device identifiers
• ◆Usage data: pages visited, features used, timestamps, session duration, referring URLs
• ◆Location data: city-level location when you publish a host listing or use the discovery map (we do not collect precise real-time GPS coordinates without explicit permission)
• ◆Log data: server logs, error reports, and diagnostic information

• ◆Identity verification providers: confirmation of document authenticity (not the document itself)
• ◆Optional social verification: publicly available profile data from LinkedIn or social platforms, solely to display a verified badge
• ◆Payment processors: transaction confirmation and billing metadata (we do not store full card numbers)

• ◆Creating and managing your account and Travel ID
• ◆Generating your Travel Persona card and powering the compatibility matching algorithm
• ◆Facilitating SisterBase space-sharing matches and SisterGuide session bookings
• ◆Processing Stay Agreements and managing the Trust Seed lifecycle (Tagged → Locked → Bloomed / Withered)
• ◆Enabling in-Platform chat, Stay stories, City Circles, and the World Map
• ◆Automatically drafting travel story summaries after a completed stay (you control whether these are private, limited, or public)
• ◆Improving matching accuracy, product features, and user experience through aggregated analytics

• ◆Verifying your identity to maintain a women-only, verified-member community
• ◆Administering the Bad Seed mechanism and account status system (Warning / Restricted / Banned) — account status is visible to other members; event details are kept internal
• ◆Investigating disputes via the Dispute Pool; moderation reviewers access relevant chat logs, photos, and contract records only for the duration of a dispute
• ◆Detecting fraud, abuse, and violations of our Community Guidelines

• ◆Sending transactional messages (match confirmations, Stay Agreement notifications, evaluation reminders, seed lifecycle alerts)
• ◆Sending service announcements and updates about the Platform
• ◆Sending optional marketing communications (Founding 500 news, Host webinar invitations) — you may unsubscribe at any time

• ◆Complying with applicable laws and regulations in the jurisdictions where we operate (including Taiwan, Japan, Germany, and the European Union)
• ◆Responding to lawful requests from law enforcement or regulatory authorities
• ◆Enforcing our Terms of Service and contractual obligations

Certain information is intentionally progressive — the more trust is established, the more is revealed:

• ◆Before a match: only your public Travel Persona (display name, MBTI type, verification status, travel history counts) is visible
• ◆After a match is confirmed and the Stay Agreement is signed: your real name, phone number, emergency contact, and precise address become mutually visible to the matched pair for the duration of the stay
• ◆After a stay closes: the above sensitive fields are no longer mutually accessible; only your public profile data remains visible

We share data with carefully selected vendors who process it on our behalf under confidentiality agreements, including: cloud hosting providers, identity verification services, video call infrastructure (SisterGuide sessions), map tile services, and email delivery platforms. These providers may not use your data for their own purposes.

We may disclose personal information if required by law, court order, or government authority, or to protect the rights, safety, or property of Co-Sister, our members, or the public. We will notify affected users of such disclosures where legally permissible.

If Co-Sister is involved in a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on the Platform before your information is subject to a different privacy policy.

We may share aggregated, de-identified, or anonymized data (e.g., the number of cities covered, average matching time) with partners, researchers, or the public. Such data cannot reasonably be used to identify you.

• ◆Access: request a copy of the personal information we hold about you
• ◆Correction: request that inaccurate or incomplete information be corrected
• ◆Deletion: request deletion of your personal information (subject to legal retention requirements)
• ◆Portability: request a machine-readable export of data you have provided to us
• ◆Objection to processing: object to the use of your data for direct marketing at any time

• ◆Restriction of processing: request that we limit how we use your data in certain circumstances
• ◆Withdraw consent: where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing
• ◆Lodge a complaint: you have the right to lodge a complaint with your local data protection supervisory authority

To exercise any of these rights, please contact us at privacy@co-sister.com. We will respond within 30 days (or within 72 hours for security-related requests). We may need to verify your identity before processing your request.