Privacy Policy for Giyo
1. Introduction
This Privacy Policy ("Policy") explains how Giyo ("we", "us", "our") collects, uses, discloses, and protects personal information of users ("you", "your") of the Giyo mobile application (the "App"). This Policy applies to all users aged 18 years or older accessing or using the App in all global regions except the People's Republic of China, including users who make in-app purchases ("IAP").
By using the App (including its in-app purchase features), you acknowledge that you have read, understood, and agreed to the collection and use of your information as described in this Policy. We comply with the General Data Protection Regulation (GDPR) for users in the European Economic Area (EEA), United Kingdom, and Switzerland, as well as other applicable regional data protection laws (e.g., CCPA, PIPEDA).
Last updated: February 9, 2026
2. Information We Collect
2.1 Personal Information
- Contact information (e.g., email address if you choose to provide it for account creation, support requests, or purchase confirmations)
- Device information (e.g., device model, operating system version, unique device identifiers, IP address, device language)
- Usage data (e.g., features you use, interactions with the App, access times, session duration, navigation paths)
- Location data (only if you explicitly grant permission, for location-based features of the App)
- Preference data (e.g., your app settings, notification preferences, content interests)
- Payment-related data (processed by Apple App Store; we do not store your payment card details, CVV, billing address, or full payment credentials)
2.2 User-Generated Content (UGC)
We may collect content that you submit, post, share, or upload through the App ("UGC"), including but not limited to text, images, videos, audio recordings, comments, and other multimedia materials. We collect UGC only with your explicit consent and solely for the purposes outlined in Section 3.
2.3 In-App Purchase (IAP) Data
When you make an in-app purchase through the App, we collect limited transaction data from Apple App Store (processed by Apple's secure payment infrastructure):
- Purchase confirmation ID (Apple-generated unique identifier)
- Date and time of purchase
- Type of product purchased (e.g., premium feature, one-time purchase, subscription)
- Price (in your local currency)
- Transaction status (completed, refunded, cancelled, pending)
- Apple ID anonymized reference (for purchase verification only)
3. How We Use Your Information
- To provide, maintain, and improve the App's core functionality (including premium features accessed via IAP)
- To process and display your UGC to other authorized users of the App (in accordance with your privacy settings)
- To process in-app purchases, activate premium features, and provide purchase confirmations/receipts
- To communicate with you regarding App updates, technical support, purchase receipts, refund status, and service announcements
- To ensure compliance with applicable laws, regulations, and our Content Policy (Section 7)
- To protect the security, integrity, and safety of the App, our users, and our business operations
- To analyze usage trends (including purchase behavior), optimize the App's performance, and develop new features (on an aggregated, non-identifiable basis)
- To resolve billing disputes, process refund requests (in coordination with Apple), and maintain accurate financial records
- To respond to your inquiries, feedback, and requests for assistance (including IAP-related support)
4. GDPR Compliance
For users in the EEA, UK, and Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):
- Right to access: You may request a complete copy of all personal information we hold about you, including UGC metadata, usage records, and IAP transaction data
- Right to rectification: You may request correction of inaccurate, incomplete, or outdated personal information
- Right to erasure: You may request deletion of your personal information and UGC (IAP transaction records may be retained for 7 years to comply with tax/accounting laws in your jurisdiction)
- Right to restriction of processing: You may request limitation of processing of your personal information in specific circumstances (e.g., while verifying the accuracy of data or contesting its use)
- Right to data portability: You may request transfer of your personal information to another data controller in a structured, commonly used, machine-readable format
- Right to object: You may object to processing of your personal information for legitimate interests, direct marketing, or profiling, and we will cease processing unless we have compelling legitimate grounds
- Right to withdraw consent: You may withdraw your consent to processing at any time (where processing is based on consent), without affecting the lawfulness of processing before withdrawal
To exercise any of these GDPR rights, please contact us at the email address provided in Section 11. We will respond to your request within one month of receipt, and may extend this period by two additional months if necessary (we will notify you of any extension and the reasons for it).
5. Data Storage and Retention
We store your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. The retention period varies based on the type of data:
- Device and usage data: Retained for 12 months after your last active use of the App
- Contact information: Retained until you request deletion or close your account
- UGC: Retained until you request its deletion, or if it violates our Content Policy (Section 7), in which case we may remove and delete it immediately
- IAP transaction data: Retained for 7 years (or longer if required by tax/accounting laws) for financial record-keeping and compliance purposes
- Support request data: Retained for 24 months to assist with future inquiries (including IAP-related support)
All data is stored on secure servers with industry-standard encryption (SSL/TLS 1.3 for data in transit, AES-256 for data at rest) and strict access controls. We use data centers located in the EEA, United States, and Singapore, and comply with applicable cross-border data transfer regulations (including Standard Contractual Clauses for GDPR).
6. Data Disclosure
We do not sell, rent, lease, or trade your personal information to third parties for commercial purposes. We may disclose your information in the following limited circumstances:
- With your explicit, informed consent
- To comply with applicable laws, regulations, court orders, subpoenas, or other legal processes
- To protect our rights, property, or safety, or the rights, property, or safety of our users or the public (e.g., responding to fraud, security breaches, or harmful content)
- To our trusted service providers who assist us in operating the App (e.g., cloud hosting providers, analytics services, customer support platforms). These providers are contractually obligated to protect your information and may only process data on our behalf
- To Apple App Store for the sole purpose of processing in-app purchases, verifying transactions, and resolving billing disputes
- In the event of a merger, acquisition, or sale of all or part of our assets (we will notify you of any such change and ensure the continuity of privacy protections)
7. User-Generated Content (UGC) Policy
7.1 UGC General Rules
When submitting UGC to the App (including premium UGC features accessed via IAP), you retain all intellectual property rights in your content (subject to applicable laws). By submitting UGC, you grant us a non-exclusive, worldwide, royalty-free, transferable license to use, reproduce, modify, adapt, display, distribute, and translate your UGC for the purpose of operating, promoting, and improving the App and our services. This license expires when your UGC is deleted from our systems.
You represent and warrant that: (1) you own or have all necessary rights to submit the UGC; (2) the UGC does not infringe the intellectual property, privacy, or other rights of any third party; (3) the UGC complies with this Policy and all applicable local and international laws.
7.2 Prohibited UGC Content
You must not submit, post, share, or upload UGC that contains, depicts, promotes, or links to any of the following:
- Adult/Explicit Sexual Content: Any pornographic, sexually explicit, or obscene material, including but not limited to depictions of nudity, sexual acts, sexual violence, child sexual abuse material, or sexually suggestive content involving minors. This includes content that solicits, facilitates, or promotes commercial sex acts or sexual encounters.
- Offensive/Disgusting Content: Content that is graphic, violent, gory, or otherwise causes reasonable discomfort, distress, or revulsion to ordinary users. This includes depictions of bodily harm, death, severe injury, self-harm, animal cruelty, or other content that violates common standards of decency and morality.
- Gambling Content: Content related to illegal gambling, sports betting, lottery schemes, poker rooms, casinos, or any form of wagering that violates applicable local or international laws. This includes content that promotes gambling services, shares gambling strategies, facilitates gambling transactions, or targets vulnerable individuals for gambling activities.
- Drugs and Controlled Substances: Content promoting, facilitating, or depicting the use, sale, distribution, manufacture, or procurement of illegal drugs, narcotics, controlled substances, or drug paraphernalia. This includes prescription drugs without valid medical authorization, synthetic drugs, psychoactive substances, and content that glorifies drug use.
- Political Content: Content that promotes or opposes political parties, political candidates, political ideologies, or government policies; content that seeks to influence electoral outcomes, public opinion on political matters, or political protests; or content that contains political propaganda, misinformation, or disinformation.
- Discriminatory Content: Content that is racist, sexist, homophobic, transphobic, xenophobic, anti-Semitic, Islamophobic, or otherwise discriminatory based on race, ethnicity, gender, sexual orientation, gender identity, religion, disability, age, national origin, socioeconomic status, or any other protected characteristic. This includes hate speech, slurs, and content that incites discrimination, prejudice, or violence against individuals or groups.
- Fraudulent/Deceptive Content: Content that promotes IAP fraud, counterfeit goods, misleading claims about App features or premium services, or content that attempts to manipulate users into making unauthorized purchases or sharing personal information.
- Other Illegal or Harmful Content: Content that promotes illegal activities, incites violence or harm against individuals/groups, harasses or bullies others, shares personal information without consent (doxxing), or contains malware, phishing links, or other malicious content that could harm users or their devices.
7.3 UGC Enforcement
We reserve the right to review, monitor, remove, or disable access to any UGC that violates this Policy, at our sole discretion and without prior notice. We may use automated content moderation tools and human moderators to enforce our UGC rules effectively.
Consequences of violating the UGC Policy may include: (1) immediate removal of the offending UGC; (2) temporary suspension of your ability to submit UGC or access premium features; (3) permanent termination of your access to the App (including revocation of access to purchased features); (4) reporting of illegal content to relevant law enforcement authorities. We will cooperate with law enforcement investigations related to illegal UGC as required by law.
8. In-App Purchase (IAP) Specific Terms
8.1 IAP Data Processing
All payment transactions for in-app purchases are processed exclusively by Apple App Store through Apple's secure payment infrastructure. We do not collect, store, or process your full payment details (e.g., credit card numbers, CVV, billing address, or bank account information). Apple's privacy practices apply to payment data processing, and we recommend reviewing Apple's Privacy Policy (https://www.apple.com/legal/privacy/en-ww/).
8.2 Refund and Cancellation Data
Refund requests for in-app purchases are handled by Apple App Store in accordance with Apple's refund policy (https://support.apple.com/en-us/HT204084). We collect data about refunds (e.g., refund amount, date, reason, purchase ID) only to deactivate premium features (if applicable) and maintain accurate financial records for tax and accounting compliance.
8.3 Subscription Data (if applicable)
If the App offers subscription services, we collect data about subscription status (active, cancelled, expired, renewed) to manage access to subscription-based features. Subscriptions are auto-renewed by Apple unless cancelled by the user, and we receive renewal confirmation data from Apple to maintain continuous access to premium features for active subscribers.
8.4 IAP Fraud Prevention
We may collect limited device and transaction data to detect and prevent IAP fraud (e.g., unauthorized purchases, account sharing, or use of fraudulent payment methods). This data is used solely for security purposes and is not shared with third parties except as required by law.
9. Security
We implement appropriate technical and organizational measures to protect your personal information (including IAP data) against unauthorized access, disclosure, alteration, or destruction. These measures include:
- Encryption of data in transit (SSL/TLS 1.3) and at rest (AES-256)
- Role-based access controls and multi-factor authentication for staff accessing user data (especially IAP records)
- Regular security audits, vulnerability assessments, and penetration testing
- Employee training on data protection, privacy best practices, and security protocols
- Regular data backup and disaster recovery procedures
- Segregation of IAP data from other personal information to minimize risk
However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information, and you assume some risk by using the App, submitting UGC, and making in-app purchases.
10. Third-Party Services
The App may contain links to third-party websites, services, or content that are not owned or controlled by us. We are not responsible for the privacy practices, content, or security of these third parties. This includes Apple App Store, which processes all in-app purchase transactions.
We encourage you to review the privacy policies of any third-party services you access through the App, including Apple's Privacy Policy and the policies of any payment processors or analytics providers we may use.
11. Contact Us
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the App's features (including IAP offerings). We will notify you of any material changes by: (1) posting the revised Policy on the App; (2) sending an email notification (if you have provided your email); or (3) displaying a prominent notice within the App for at least 30 days before the changes take effect.
Your continued use of the App (including in-app purchases) after the effective date of the revised Policy constitutes your acceptance of the changes. We encourage you to review this Policy periodically to stay informed about how we protect your information.
Last Updated: February 9, 2026