Privacy Policy

1. Data Controller Information

The data controller responsible for your personal information is:

If you have any questions or concerns about how we handle your personal data, please contact us at the above email addresses.

2. Information We Collect

We collect and process the following types of personal information:

2.1 Information You Provide Directly

• Account Information: Email address, full name, date of birth, country, password (encrypted)
• Profile Information: Profile images, bio/description, location, interests
• Content: Posts, comments, messages, photos, videos, and other content you create or share
• Communications: Messages you send to other users, support inquiries, feedback
• Group Information: Group memberships, group posts, administrative actions

2.2 Information Collected Automatically

• Usage Data: Pages viewed, features used, time spent, interaction with content
• Device Information: IP address, browser type, operating system, device identifiers
• Log Data: Access times, error logs, referring URLs
• Cookies: Session cookies, preference cookies, analytics cookies (see Section 11)

2.3 Information from Third Parties

• Information from other users who interact with you on the platform
• Publicly available information if you link third-party accounts

3. Legal Basis for Processing Your Data

Under GDPR, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide the Service you've signed up for (Art. 6(1)(b) GDPR)
• Consent: Where you have given explicit consent for specific processing activities (Art. 6(1)(a) GDPR)
• Legitimate Interests: For security, fraud prevention, and service improvement (Art. 6(1)(f) GDPR)
• Legal Obligation: To comply with applicable laws and regulations (Art. 6(1)(c) GDPR)

4. How We Use Your Information

We use your personal information for the following purposes:

4.1 Service Provision

• Create and manage your account
• Provide access to features and functionality
• Enable communication between users
• Display your content to other users
• Process your requests and transactions

4.2 Communication

• Send account-related notifications (verification, password resets, security alerts)
• Notify you of activity on your account (messages, comments, friend requests)
• Respond to your inquiries and support requests
• Send service updates and important announcements

4.3 Security and Safety

• Verify your identity and prevent fraud
• Detect and prevent abuse, spam, and malicious activity
• Enforce our Terms and Conditions
• Protect the safety and rights of users

4.4 Service Improvement

• Analyze usage patterns to improve features
• Test new features and functionality
• Monitor and analyze trends and user preferences
• Conduct research and development

4.5 Legal Compliance

• Comply with legal obligations and regulatory requirements
• Respond to legal requests and prevent harm
• Resolve disputes and enforce our agreements

5. How We Share Your Information

We share your information in the following circumstances:

5.1 With Other Users

• Your profile information and content are visible to other users based on your privacy settings
• Posts, comments, and group activities may be visible to members or the public
• Your name and profile picture are visible when you interact with others

5.2 With Service Providers

• Cloud hosting providers (for data storage and infrastructure)
• Email service providers (for account verification and notifications)
• Analytics providers (to understand usage patterns)
• Security providers (for fraud detection and prevention)

All service providers are contractually obligated to protect your data and use it only for specified purposes.

5.3 For Legal Reasons

• To comply with legal obligations, court orders, or government requests
• To enforce our Terms and Conditions
• To protect the rights, property, or safety of miofori, users, or the public
• To prevent fraud, security threats, or illegal activity

5.4 Business Transfers

If miofori is involved in a merger, acquisition, or sale of assets, your personal information may be transferred. You will be notified of any such change.

5.5 With Your Consent

We may share information for other purposes with your explicit consent.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

• Account Information: Retained while your account is active and for up to 90 days after account deletion
• Posts and Content: Retained while your account is active; deleted within 90 days of account deletion
• Messages: Retained while your account is active or until you delete them
• Log Data: Typically retained for 12-24 months for security and analytical purposes
• Backup Data: May be retained in backups for up to 90 days before permanent deletion
• Legal Holds: Data may be retained longer when required for legal, regulatory, or dispute resolution purposes

7. Your Rights Under GDPR

As a user in the European Union, you have the following rights regarding your personal data:

8. How to Exercise Your Rights

To exercise any of your rights under GDPR, please contact us at:

Request Process:

1. Send an email with your request, clearly stating which right you wish to exercise
2. Include your registered email address and account information for verification
3. We will verify your identity to ensure security of your data
4. We will respond to your request within 30 days (extendable by 2 months for complex requests)
5. If we decline your request, we will explain the reasons and inform you of your right to complain to a supervisory authority

Self-Service Options:

• Access & Update: Most information can be accessed and updated in your account settings
• Delete Account: You can request account deletion through your account settings or by contacting us
• Export Data: Request a data export by contacting us at the above email
• Communication Preferences: Manage notification settings in your account preferences

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

• Encryption: Passwords are hashed and encrypted; sensitive data is encrypted in transit using TLS/SSL
• Access Controls: Strict access controls limit who can access personal data
• Regular Security Audits: We conduct regular security assessments and updates
• Secure Infrastructure: Data is stored in secure data centers within the EU
• Employee Training: Staff are trained on data protection and security practices
• Incident Response: We have procedures for detecting and responding to data breaches

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. International Data Transfers

miofori operates from and stores data within the European Union. Your personal data is primarily processed and stored in EU data centers.

If we transfer your data outside the EU/EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions confirming the recipient country has adequate data protection
• Binding Corporate Rules for intra-group transfers

You have the right to obtain information about the safeguards we use for international transfers by contacting us.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience and analyze usage of the Service.

Types of Cookies We Use:

Managing Cookies:

• You can control cookies through your browser settings
• Blocking essential cookies may prevent you from using certain features
• You can opt out of analytics cookies in your account settings (when available)

12. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

For users aged 13-16, we require parental consent as required by GDPR. If you are under 16, please ensure you have your parent or guardian's permission before using the Service.

If we become aware that we have collected personal data from a child under 13 without parental consent, we will take steps to delete that information promptly.

13. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

We may use automated systems for:

• Spam detection and content moderation (to maintain a safe platform)
• Fraud prevention and security monitoring
• Suggesting content or connections based on your activity

These systems do not make decisions that significantly affect your rights. Human review is available for disputed actions.

14. Third-Party Links and Services

The Service may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties.

We are not responsible for the privacy practices of third-party websites. We encourage you to review their privacy policies before providing any personal information.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons.

When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify you via email (to the address associated with your account)
• Display a prominent notice on the Service
• For significant changes, we may require you to review and accept the new policy

Your continued use of the Service after changes are posted constitutes acceptance of the updated Privacy Policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to all inquiries within 30 days. For urgent matters, please mark your email as "Urgent."