Privacy Policy - MyAleef App

Last updated: January 2026

Version: 1.1

MyAleef ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the MyAleef mobile application and related services.

1. Information We Collect

1.1 Basic Information

• Email address, name, profile photo, birthday, address (city/region), language, and preferences you provide during registration or later in settings
• Authentication identifiers (via email/password, Google, or Apple)
• Profile photos and images are stored in cloud storage (Firebase Storage) to enable profile display and sharing

1.2 Pet Information

• Pet name, breed, category/type, character traits, description, photos, documents, fertility history, vaccination status, size/weight/height, birthday, and other profile details
• Pet photos and documents are stored in cloud storage (Firebase Storage) to enable profile display and sharing

1.2.1 Professional Account Information

For professional/business accounts (groomers, walkers, sitters, trainers):

• Professional service type and description
• Service area and availability information
• Recommendation data: number of recommendations received from other users
• Professional account status and verification information (if applicable)

1.3 Location Data

• GPS coordinates or privacy-adjusted location (precise, approximate, city-level) when you enable location sharing
• Location status (enabled/disabled), last updated timestamps, and source (e.g., user_geolocation)
• We provide granular controls and allow disabling/clearing location data at any time
• Precise vs. Approximate Location: Precise Location (GPS coordinates) is only used to facilitate the "Nearby" feature for distance-based matching. The app functions at a limited capacity if you grant only Approximate Location (city/region level). Without Precise Location, the Nearby feature and distance-based matching will be unavailable, but all other app features remain functional.

1.4 Usage and Device Data

• App activity such as searches, recent search terms, interactions with pet profiles, match actions, and navigation events
• Push notification tokens (FCM) for delivering notifications to your device
• Device identifiers automatically collected by Firebase services, including device IDs, installation IDs, and analytics identifiers used for app functionality, crash reporting, and service improvement

1.5 Communications and Media

• Chat content: text messages, images, GIF links, and voice messages exchanged with other users. This data is stored in our cloud database (Firestore) to enable messaging functionality and message history
• Memories: videos and captions you upload to your profile. These are stored in cloud storage (Firebase Storage) to enable sharing and playback
• Associated metadata (timestamps, content type, sender/receiver IDs) stored with communications and media

1.6 Content Moderation Data

• Automated analysis outcomes for content safety (toxic language, harassment, spam, privacy violations, inappropriate media)
• Human moderator review notes for flagged content when necessary
• Moderation decisions linked to content/items and users

We do not collect sensitive financial data. Payment information is not processed in the app.

2. How We Use Your Information

2.1 Core Services

• Authenticate your account and keep you signed in
• Build and display owner and pet profiles
• Match you with other users based on preferences, pet attributes, and distance
• Enable chat, media sharing (images, GIFs, voice), and memories
• Provide push notifications for matches, messages, and app updates

2.1.1 Professional Account Services

• Display professional badges and service information on profiles
• Facilitate the recommendation system for professional service providers
• Calculate and display recommendation counts ("Recommended by X users")
• Enable users to discover and connect with professional service providers

2.2 Personalization and Safety

• Adjust search and recommendations using your preferences and activity
• Compute similarity and distance scoring for matching
• Prevent abuse, enforce blocks, and filter content from blocked users

2.3 Content Moderation

• Automatically analyze content using AI to detect violations (e.g., harassment, spam, inappropriate imagery)
• Store moderation results separately from your main content to maintain an audit trail
• Allow human review of flagged content where necessary
• Remove content, limit features, or suspend accounts for policy violations

We do not sell or rent your personal data. We do not share your data with third parties for their marketing.

3. Legal Bases

Where applicable, we process your data based on: (i) performance of a contract (providing the app), (ii) your consent (e.g., location sharing, notifications), (iii) legitimate interests (safety, fraud prevention, service improvement), and (iv) compliance with legal obligations.

4. Content Moderation: Your Consent and Choices

By using the app, you consent to:

• Automated analysis of your content by moderation systems
• Storage of moderation outcomes in a separate, secure area
• Human review of content flagged by automated systems
• Enforcement actions (content removal, feature limits, or account restrictions) for policy violations

You may withdraw consent for certain processing (e.g., location sharing, notifications) in settings, but this may limit app functionality.

5. Location Privacy Controls

• Location sharing is optional and off by default in some flows
• Choose among privacy levels: precise, approximate, city-level, or disabled
• Disable location sharing at any time; we will clear stored coordinates and mark location as disabled
• We may cache derived distances to improve performance; clearing location will reset related caches

6. Push Notifications

• We use Firebase Cloud Messaging (FCM) to deliver notifications
• You can control notification permissions via OS settings and in-app settings
• We store device tokens to route notifications and update/refresh them periodically

7. Blocking, Reporting, and Safety Tools

• You can block users; content from blocked users will be filtered where possible
• We may automatically block counterparties after specific safety flows (e.g., after a match deletion if configured)
• Report mechanisms may be provided to flag content or behavior; we will review and take appropriate action

8. Recent Searches and Recommendations

• We store recent searches locally on your device to simplify future searches
• We may use your searches and interactions to improve recommendations

9. Third-Party Services

• Firebase Services: We use Firebase (Authentication, Firestore, Storage, Cloud Messaging, Analytics, Crashlytics) for account management, data storage, notifications, and app analytics. Firebase automatically collects certain device identifiers and usage data as part of providing these services. This includes device IDs, installation IDs, crash reports, and analytics data. Firebase's use of this data is governed by Google's Privacy Policy (https://policies.google.com/privacy).
• Google Maps/Location services: Used for distance and discovery features
• GIPHY API: Used for GIF search and sharing in chat
• Social login providers (Google, Apple): Used for authentication (subject to their terms and privacy policies)

These partners may process limited data necessary to provide their services. Their use of data is governed by their own privacy policies.

10. Data Sharing and Disclosure

We share your information only:

• With other users to enable matches and communication according to your settings
• Professional account information (service type, recommendations) is shared with other users to enable discovery and connection with professional service providers
• With service providers under contract who support our operations
• When required by law, regulation, or legal process
• To investigate or prevent fraud, abuse, or security incidents
• In connection with a merger, acquisition, or asset sale, with appropriate notice

11. Data Retention

• We retain data for as long as necessary to provide the service and for legitimate business purposes
• You can delete your account and all associated personal data directly through the "Settings" menu within the App at any time. This deletion includes data stored on our servers, not just your local account. Some data may be retained to meet legal obligations or for safety and dispute resolution purposes as required by law.

12. Your Rights

Subject to your jurisdiction, you may have rights to:

• Access, correct, or delete your personal data
• Withdraw consent (e.g., location, notifications)
• Object to or restrict certain processing
• Port your data in a machine-readable format
• Appeal content moderation decisions when available

To exercise your rights, contact: contact@myaleef.com

13. Security

• We implement technical and organizational measures to protect your data (encryption in transit, access controls, audit logs)
• No method of transmission or storage is 100% secure; we strive to protect your information and encourage responsible use

14. Children's Privacy

The service is intended for users 18 years of age and older. We do not knowingly collect data from or allow registration for individuals under 18.

15. International Data Transfers

Your data may be processed and stored in countries different from your residence. We use appropriate safeguards where required by law.

16. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted in the app with the revised date. Material changes will be communicated via in-app notice or email where appropriate.

17. Contact

If you have any questions or concerns, please contact us at:

• Email: contact@myaleef.com
• Data Protection Officer (DPO): For privacy-related inquiries, data protection requests, or GDPR-related matters, please contact: contact@myaleef.com (attn: Data Protection Officer)
• In-App Support: via the help section

18. Moderation Transparency

• We notify you in-app when content is removed, visibility is limited, or features are restricted due to policy violations, where legally permissible.
• Notices include: the affected item/feature, the policy category, and available appeal options.
• Repeated or severe violations may lead to account suspension or termination.
• You can appeal moderation actions by contacting contact@myaleef.com with relevant context. We aim to review appeals in a reasonable timeframe.

19. Region-Specific Notices

19.1 GDPR and UK GDPR

• Controller: MyAleef.
• Data Protection Officer (DPO): contact@myaleef.com (attn: Data Protection Officer)
• Contact: contact@myaleef.com
• Purposes and legal bases: see Sections 2–3. We rely on contract, consent (e.g., location, notifications), legitimate interests (safety, service improvement), and legal obligations.
• Rights: access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. You can lodge a complaint with your local supervisory authority.
• International transfers: We use safeguards (e.g., SCCs) where required for transfers outside the EEA/UK.
• We minimize data and apply privacy by design, including location privacy levels.

19.2 CCPA/CPRA (California)

• Categories collected: identifiers (email, auth IDs), profile and pet data, geolocation (when enabled), internet/activity data, in-app communications, and device tokens.
• Purposes: provide services, matching, safety/moderation, analytics, notifications.
• Sale/Share: We do not sell personal information. We do not share for cross-context behavioral advertising beyond what is necessary to operate the service.
• Rights: know, delete, correct, opt-out of sale/share (not applicable as we do not sell/share for advertising), limit use of sensitive PI (we do not collect sensitive PI as defined), non-discrimination.
• Requests and appeals: contact@myaleef.com. We will verify your request and respond within statutory timelines. Authorized agents may submit on your behalf with proper authorization.

19.3 LGPD (Brazil)

• Legal bases: contract execution, consent (e.g., location), legitimate interests (safety, improvement), and legal obligations.
• Rights: confirmation of processing, access, correction, anonymization, blocking, deletion, portability, information about sharing, withdrawal of consent, and review of automated decisions per law.
• International transfers: conducted under appropriate safeguards as required by ANPD guidance.
• Contact: contact@myaleef.com to exercise rights or raise concerns.