Privacy Policy

• Data Controller:
  Dildy LLC,
  Address: Illinois, USA
  Email: team@dildy.co
  
• Applicability:
  This Policy applies to all users of our App, including without limitation users in the European Union, United Kingdom, and California.
• Scope: Covers all categories of personal information collected via the App, including but not limited to user location data (such as current city, state, and country), and information obtained through third-party integrations such as Google Sign-In, Firebase Authentication, and AWS face-verification services.

When you use the App, we collect the following categories of personal information:

• Account Information: When you register or log in, we collect identifiers such as your name, email address, phone number, and authentication credentials via third-party services (e.g.Google Sign-In, Firebase Authentication).
• Profile Information: This includes your profile photo, dating preferences, gender, age, biography, and images uploaded to use the dating feature, including a real-time selfie for identity verification using AWS facial recognition services.
• Social Networking Content: Any content you post or engage with in the Events Feed, including comments, event posts, and interactions with other users.
• Device and Usage Information: We may collect information about the type of device you use, operating system, app version, device identifiers, and usage behavior within the app.
• Location Information: We may access your precise location (latitude and longitude) while you use map features in the app. This information is used only to show you nearby cafés and is not stored or shared. If you create an event, the location of the chosen café (latitude and longitude) is saved as part of the event details. This helps enhance user interactions, such as showing nearby events. Location access is optional, and it is only required if you want to create an event.
• Facial Data (Biometric Verification): For the dating feature, we use AWS-based facial recognition to verify your identity from uploaded images and a real-time selfie. This is done solely to enhance safety and ensure authenticity.
• Event Information and Location Details: When you create or join an event within the App, we collect the event’s description, scheduled date and time, and location details which may include a venue name and precise geolocation coordinates (latitude and longitude). We also collect your self-reported location information—such as your current city, state, and country—at the time of registration or through your profile settings.
  We do not collect or access your device’s calendar or track your precise GPS location. All location data collected is limited to general location information that you provide manually.

We use the personal information we collect for the following purposes:

1. To Provide and Improve Services: Enable user registration and login, maintain user profiles, suggest matches, and support social networking features like posting and joining events.
2. To Personalize User Experience: Use your approximate location (city, state, country) to suggest local events and nearby users, improving relevance in the dating and social networking experiences.
3. event details and your self-reported location: We use the information we collect, including event details and your self-reported location (city, state, country), to:
   -- Enable users to create, view, and join events
   -- Display relevant events based on location
   -- Improve your social networking and dating experience
   -- Facilitate voluntary, real-world meetups between users where appropriate
   Participation in events or in-person meetups is completely voluntary and user-initiated. The App does not mandate or enforce real-world interactions.
4. To Authenticate and Verify Identity: Use AWS facial recognition to ensure user authenticity and prevent fake profiles or impersonation.
5. To Ensure Safety and Compliance: Detect fraudulent activity, enforce community standards, and comply with legal obligations.
6. To Communicate With You: Send service-related messages and updates
7. To Analyze Usage: Improve app performance, fix issues, and conduct analytics for better feature development.

We collect crash logs and diagnostic data (e.g., app error reports, performance data) to identify and resolve technical issues, improve performance, and maintain app stability. This may include device information, operating system version, crash stack traces, and other system-level metrics. This information is collected through tools like Firebase Crashlytics and is not used to personally identify users.

We may use third-party software development kits (SDKs), including but not limited to:

• Firebase (Google LLC) – for authentication, real-time messaging, cloud storage, crash reporting, and analytics.
• AWS Rekognition (Amazon Web Services, Inc.) – for face detection and verification during user registration.
• Google Play Services – for device authentication, account validation, and app updates. These SDKs may collect and transmit personal and technical data as required for functionality, diagnostics, or analytics. We ensure that all third-party providers process user data in accordance with applicable data protection laws.
• Google Maps & Places SDK (Google LLC) – Used to display maps, show nearby cafés, and provide search/autocomplete functionality for event locations. These SDKs may collect device identifiers, location, and usage data in accordance with Google’s Privacy Policy.

Some aspects of our App involve automated processing, including:

• Facial recognition–based identity verification using AWS Rekognition, which determines whether a user is eligible to activate or use the dating feature;
• Personalized user recommendations (e.g., suggested matches) based on profile data, interests, location, and usage patterns.

These processes are in place to:

• Protect our community from impersonation and fake accounts;
• Enhance user safety;
• Improve the relevance of suggestions and features.

Your Rights Under Applicable Law

If you are located in the European Economic Area (EEA), the United Kingdom (UK), or any jurisdiction that provides similar rights under applicable data protection laws (such as the GDPR), you have the right to:

• Request human intervention in cases where a decision affecting you was made solely based on automated processing;
• Express your point of view and contest the decision;
• Object to the processing, particularly if it impacts your legal rights or produces similarly significant effects.

How to Request Human Intervention

If you believe that our automated verification or recommendation processes have affected your ability to access features unfairly or inaccurately, you may contact us at:

team@dildy.co

Please include:

• The email or phone number associated with your account;
• A short description of your concern;
• Any additional identity documentation or clarification that may help with review.

A member of our team will manually review your account, including submitted photos or data, and will respond to your request in a timely manner, typically within 7 business days.

If you are in the European Economic Area, we rely on the following legal bases:

• Consent:
  For optional features (e.g., marketing communications, biometric identity verification). You may withdraw consent anytime via your account settings.
• Performance of a Contract:
  To authenticate your account, deliver services you request, and enforce our Terms & Conditions.
• Legitimate Interests:
  To maintain the security and integrity of our App, analyze usage, prevent fraud, and improve services, provided we do not override your rights.
• Legal Obligation:
  To comply with EU or local laws (e.g., tax, reporting).

We may share your Personal Data with:

• Service Providers:
  – Firebase Authentication & Analytics (Google Cloud–hosted)
  – Google (social login provider)
  – AWS Rekognition (face verification)
  
• Business Transfers:
  In connection with any merger, sale, or asset transfer, subject to confidentiality.
• Legal & Safety:
  To comply with subpoenas, court orders, or lawful government requests; to protect rights, property, or safety.
• Your Consent:
  With third parties when you explicitly agree.

We do not sell your Personal Data as “sale” is defined under CCPA. If our practices change, we will notify you and provide an opt‑out.

GDPR Rights (EU/UK)

• Access & Portability: Obtain a copy of your data in machine‑readable format.
• Rectification: Correct inaccurate or incomplete data.
• Erasure (“Right to be Forgotten”): Delete your data, subject to legal exceptions.
• Restrict Processing & Object: Limit or object to certain uses (e.g., direct marketing).
• Withdraw Consent: At any time for consent‑based processing.

CCPA Rights (California)

• Know & Access: Request disclosure of the categories and specific pieces of personal information we’ve collected.
• Delete: Request deletion of your personal information (subject to legal exceptions).
• Opt‑Out of Sale: Although we do not sell data, you may request to opt‑out if this changes.
• Non‑Discrimination: You will not be discriminated against for exercising any privacy rights.

To exercise any rights, contact:
team@dildy.co
We will respond within the timeframes required by applicable law.

We retain your Personal Data only as long as necessary to:

• Provide you the App’s services
• Comply with our legal obligations (e.g., tax, litigation holds)
• Resolve disputes and enforce agreements

Upon account deletion, we will permanently delete your profile and User Content within [30] days, except where retention is required by law.

We implement reasonable organizational, technical, and administrative safeguards, including:

• Encryption: HTTPS/TLS in transit; encryption at rest where appropriate
• Access Controls: Least‑privilege access for employees and service providers
• Monitoring: Regular audits, vulnerability scanning, and incident response procedures

However, no system is 100% secure. We cannot guarantee absolute security of Personal Data.

User Safety and Event Participation Disclaimer

While our App provides tools for users to create and join events, we do not verify event hosts or participants, and we do not facilitate or monitor in-person meetings. Users are solely responsible for their safety and for making informed decisions when interacting or meeting with others through the App. We recommend meeting in public places and notifying a trusted contact when attending an event.

Your data may be processed and stored on servers located in the United States and elsewhere. We rely on:

• European Commission Standard Contractual Clauses (SCCs)
• Adequacy decisions (where applicable)

to ensure adequate safeguards for transfers from the EEA/UK.

Our App is intended for users 18 or older. We do not knowingly collect or solicit personal information from minors under 18. If we discover that we have collected data from a minor, we will delete it promptly.

We may update this Policy to reflect changes in our practices or legal requirements. We will:

1. Revise the “Effective Date” above.
2. Provide notice via the App or by email (if required).

Your continued use after changes constitutes acceptance.

If you have questions, concerns, or requests regarding this Privacy Policy, please contact:
Dildy LLC
Email: team@dildy.co
Address: Illinois, USA