Effective Date: [INSERT DATE]
Last Updated: [INSERT DATE]
VFG Advisors Inc ("Company," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the YouHunt mobile application ("App" or "Service").
YouHunt is a GPS-based treasure hunt mobile application that enables users to create, share, and participate in location-based treasure hunting games. The App combines artificial intelligence technology with real-world exploration to provide an interactive entertainment experience suitable for users of all ages.
This Privacy Policy applies to all users of the YouHunt App, including both registered and unregistered users, hunt creators, and hunt participants. By downloading, installing, accessing, or using the App, you acknowledge that you have read, understood, and agree to the collection and use of your information as described in this Privacy Policy.
We understand that privacy is fundamental to building trust with our users. Our privacy practices are designed to:
- Be transparent about what information we collect and how we use it
- Provide you with meaningful choices about your personal information
- Implement appropriate security measures to protect your data
- Comply with applicable privacy laws and regulations
- Respect the privacy rights of children under 13 years of age
This Privacy Policy covers information collected through the YouHunt App and related services. It does not apply to third-party websites, applications, or services that may be linked to or integrated with our App, each of which has its own privacy practices.
We process your personal information based on various legal grounds, including:
- Consent: When you provide explicit consent for specific processing activities
- Contract Performance: When processing is necessary to provide the App services you have requested
- Legitimate Interests: When we have legitimate business interests that are not overridden by your privacy rights
- Legal Compliance: When processing is required to comply with applicable laws and regulations
If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us using the information provided in Section 15.
We collect various types of information to provide and improve our services. The information we collect falls into several categories, each serving specific purposes for App functionality and user experience enhancement.
Account Registration Information: When you choose to create an account with YouHunt, we collect the following information:
- Full Name: Used for account identification and personalization of your experience
- Email Address: Used for account verification, communication, and password recovery
- Phone Number: Used for account security and verification purposes
Account registration is optional for basic App usage but required for users who wish to create hunts or save their progress and achievements.
User-Generated Content: When you use the App to create or participate in hunts, we collect:
- Photographs: Images you capture when creating hunts or participating in treasure hunting activities
- Hunt Descriptions: Text descriptions and clues you create for your hunts
- Location Information: GPS coordinates associated with hunt objects and locations you designate
Location Data: YouHunt is fundamentally a location-based service that requires access to your device's GPS and location services. We collect:
- Precise Location Information: Real-time GPS coordinates necessary for hunt navigation and gameplay
- Location History: Records of locations you have visited during hunt participation for progress tracking
- Geofencing Data: Information about your proximity to hunt objects and designated areas
Device Information: We automatically collect certain information about your device and App usage:
- Device Identifiers: Unique device identifiers, including device ID, advertising ID, and hardware information
- Operating System Information: Details about your device's operating system, version, and configuration
- App Usage Data: Information about how you interact with the App, including features used, time spent, and navigation patterns
- Performance Data: Technical information about App performance, crashes, and errors
Network and Connection Information: Details about your internet connection, including IP address, network type, and connection quality, which help us optimize App performance and troubleshoot technical issues.
App Store Information: When you download the App through Apple App Store or Google Play Store, we may receive certain information from these platforms, including:
- Download and installation data
- App store account information (as permitted by platform policies)
- Purchase and subscription information for paid features
Social Media Integration: Currently, YouHunt does not integrate with social media platforms, but future versions may include such features with appropriate user consent.
Google Analytics Data: We use Google Analytics to collect and analyze usage patterns, including:
- User Behavior: How users navigate through the App and interact with different features
- Performance Metrics: App loading times, error rates, and technical performance indicators
- Demographic Information: General demographic data that helps us understand our user base (collected in aggregate and anonymized form)
Hunt Participation Data: Information about your participation in treasure hunts, including:
- Progress Tracking: Your advancement through hunt stages and completion rates
- Success Metrics: Data about successful object identification and hunt completion
- Interaction Patterns: How you engage with different types of hunts and challenges
Image Capture: The App requires camera access for core functionality:
- Hunt Creation Photos: Original photographs you take when creating treasure hunts
- Participation Photos: Images you capture when attempting to identify hunt objects
- AI Processing Data: Metadata and analysis results from our artificial intelligence photo comparison system
Photo Metadata: Technical information embedded in photographs, including:
- EXIF Data: Camera settings, timestamp, and technical parameters (location data is handled separately)
- Image Properties: File size, format, resolution, and quality metrics
Customer Support: When you contact our customer support team, we collect:
- Support Requests: Details of your inquiries, issues, and feedback
- Communication Records: Records of our interactions with you for quality assurance and follow-up purposes
App Notifications: Information about your notification preferences and interaction with push notifications and in-app messages.
Subscription Data: For users who purchase subscription services, we collect:
- Subscription Type: Which subscription plan you have selected (Small Group or Large Group)
- Payment Status: Information about subscription status, renewal dates, and payment success or failure
- Transaction Records: Records of subscription purchases and renewals (actual payment processing is handled by app store platforms)
Note that we do not directly collect or store credit card information or other payment details, as all payment processing is handled securely by Apple App Store and Google Play Store platforms.
We use the information we collect for various purposes related to providing, maintaining, and improving the YouHunt App experience. Our use of your information is guided by the principles of necessity, proportionality, and transparency.
Location-Based Services: Your location data is essential for the treasure hunt experience:
- Navigation and Directions: Providing GPS-based navigation to hunt locations and objects
- Proximity Detection: Determining when you are near hunt objects to enable photo capture and comparison
- Hunt Creation: Enabling hunt creators to associate objects with specific geographic locations
- Safety Features: Helping ensure hunt locations are accessible and appropriate
Artificial Intelligence Photo Comparison: We use Google Gemini AI technology to process your photographs for:
- Object Recognition: Comparing photos you take during hunts with original hunt creator images
- Match Verification: Determining whether you have successfully identified the correct hunt objects
- Progress Tracking: Enabling advancement through hunt stages based on successful photo matches
- Quality Assessment: Ensuring photo quality is sufficient for accurate comparison
Hunt Management: For registered users who create hunts:
- Content Organization: Storing and organizing your hunt creations, including photos, descriptions, and location data
- Sharing Capabilities: Enabling you to share hunts with others through QR codes and privacy settings
- Progress Tracking: Maintaining records of hunt participation and completion by other users
Account Services: For users who choose to register:
- Account Creation and Maintenance: Setting up and managing your user account
- Authentication: Verifying your identity when you log into the App
- Password Recovery: Enabling password reset and account recovery processes
- Subscription Management: Managing your subscription status and access to premium features
Personalization: Customizing your App experience based on your preferences and usage patterns:
- Content Recommendations: Suggesting hunts that may interest you based on your location and past participation
- Interface Customization: Adapting the user interface to your preferences and usage patterns
- Achievement Tracking: Recording your hunt completions and progress for personal achievement tracking
Customer Support: Providing assistance and resolving issues:
- Technical Support: Helping you troubleshoot App problems and technical issues
- Account Assistance: Helping with account-related questions and subscription management
- Feedback Processing: Collecting and responding to your feedback and suggestions for App improvement
Important Notifications: Communicating essential information about the App:
- Service Updates: Notifying you about App updates, new features, and service changes
- Security Alerts: Informing you about security-related issues or account concerns
- Policy Changes: Notifying you about updates to our Terms of Service or Privacy Policy
Performance Optimization: Using analytics data to improve App functionality:
- Bug Detection and Resolution: Identifying and fixing technical issues and crashes
- Performance Enhancement: Optimizing App speed, reliability, and user experience
- Feature Development: Understanding how users interact with features to guide future development
Usage Analytics: Analyzing user behavior to enhance the App experience:
- User Engagement: Understanding which features are most popular and useful
- Content Optimization: Improving hunt creation tools and participation features
- Geographic Analysis: Understanding usage patterns across different locations and regions
Platform Security: Protecting the App and its users:
- Fraud Prevention: Detecting and preventing fraudulent activities and abuse
- Content Moderation: Monitoring user-generated content for inappropriate or harmful material
- System Security: Protecting against unauthorized access and security threats
User Safety: Promoting safe use of the App:
- Location Safety: Analyzing hunt locations for potential safety concerns
- Content Safety: Ensuring user-generated content is appropriate for all ages
- Privacy Protection: Implementing measures to protect user privacy and personal information
Legal Obligations: Using information as required by law:
- Regulatory Compliance: Meeting requirements under applicable privacy laws and regulations
- Legal Proceedings: Responding to legal requests, court orders, and law enforcement inquiries
- Terms Enforcement: Ensuring compliance with our Terms of Service and community guidelines
Business Operations: Supporting legitimate business interests:
- Financial Management: Managing subscriptions, payments, and financial reporting
- Business Analytics: Understanding business performance and user demographics
- Strategic Planning: Informing business decisions and strategic planning processes
Minimization: We collect and use only the information necessary for the specified purposes and do not process personal information for purposes incompatible with those for which it was collected.
Accuracy: We take reasonable steps to ensure that personal information is accurate, complete, and up-to-date, and we provide mechanisms for users to correct inaccurate information.
Purpose Limitation: We use personal information only for the purposes for which it was collected or for compatible purposes that are clearly communicated to users.
Retention Limitation: We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.
We are committed to protecting your personal information and do not sell, rent, or trade your personal data to third parties for their marketing purposes. However, we may share your information in certain limited circumstances as described below.
Third-Party Service Providers: We work with trusted third-party companies that provide services on our behalf. These service providers have access to your personal information only to perform specific tasks and are contractually obligated to protect your information:
Google Services: We utilize several Google services that may process your information:
- Google Gemini: Processes photographs for AI-powered image comparison and object recognition. Images are analyzed to determine matches between hunt creator photos and participant photos.
- Google Cloud: Stores and processes user data, including account information, hunt data, and photographs, using Google's secure cloud infrastructure.
- Google Analytics: Collects and analyzes usage data to help us understand user behavior and improve the App experience.
App Store Platforms: We share certain information with app store platforms for distribution and payment processing:
- Apple App Store: For iOS users, subscription and payment information is processed through Apple's payment systems.
- Google Play Store: For Android users, subscription and payment information is processed through Google's payment systems.
Hunt Sharing: When you create and share hunts with other users:
- Public Hunts: Information about public hunts, including hunt descriptions, photos, and location data, is made available to all App users who discover and participate in these hunts.
- Private Hunts: Information about private hunts is shared only with users you specifically designate, typically family members or close contacts.
- QR Code Sharing: When you share hunt QR codes, recipients gain access to the associated hunt information and content.
User-Generated Content: Content you create within the App may be visible to other users:
- Hunt Photos and Descriptions: Images and descriptions you create for hunts are shared with users who participate in those hunts.
- Progress Information: Other users may see general information about hunt completion and participation statistics.
Legal Compliance: We may disclose your information when required by law or in response to legal processes:
- Court Orders and Subpoenas: Responding to valid legal requests from courts and law enforcement agencies.
- Regulatory Requirements: Complying with applicable laws, regulations, and government requests.
- Legal Proceedings: Protecting our legal rights and defending against legal claims.
Safety and Security: We may share information to protect the safety and security of our users and the public:
- Emergency Situations: Disclosing information when we believe it is necessary to prevent harm to individuals or property.
- Terms Enforcement: Sharing information necessary to enforce our Terms of Service and community guidelines.
- Fraud Prevention: Cooperating with law enforcement and other organizations to prevent fraudulent activities.
Corporate Changes: In the event of a merger, acquisition, sale of assets, or other business transaction:
- Due Diligence: Sharing information with potential buyers or partners as part of due diligence processes.
- Asset Transfer: Transferring user information as part of business asset sales or transfers.
- Successor Obligations: Ensuring that successor entities honor existing privacy commitments and user rights.
Statistical Data: We may share aggregated, anonymized, or de-identified information that cannot be used to identify individual users:
- Usage Statistics: General statistics about App usage, user demographics, and feature popularity.
- Research and Development: Anonymized data for research purposes and product development.
- Business Analytics: Aggregate data for business reporting and strategic planning.
Explicit Consent: We may share your information with third parties when you provide explicit consent:
- Integration Services: If we add integrations with social media or other platforms, sharing will require your explicit consent.
- Marketing Partners: Any sharing with marketing partners would require your opt-in consent.
- Research Participation: Sharing data for research purposes would require your explicit agreement.
Contractual Protections: All third-party service providers are bound by contractual agreements that:
- Limit Data Use: Restrict the use of your information to specified purposes only.
- Require Security Measures: Mandate appropriate technical and organizational security measures.
- Ensure Compliance: Require compliance with applicable privacy laws and regulations.
- Provide Audit Rights: Allow us to monitor and audit their data protection practices.
Data Processing Agreements: We maintain data processing agreements with all service providers that handle personal information, ensuring they meet our privacy and security standards.
Cross-Border Data Transfers: Your information may be transferred to and processed in countries other than your country of residence:
- United States: Our primary servers and operations are located in the United States.
- Google Services: Data processed by Google services may be transferred internationally in accordance with Google's global infrastructure.
- Adequate Protections: We ensure that international transfers include appropriate safeguards to protect your privacy rights.
Commitment Against Sale: We do not and will not sell your personal information to third parties for monetary consideration. This commitment applies to all categories of personal information we collect, including:
- Account and contact information
- Location data and GPS coordinates
- Photographs and user-generated content
- Device information and usage data
- Any other personal information collected through the App
California Residents: For California residents, this commitment aligns with the California Consumer Privacy Act (CCPA) requirements regarding the sale of personal information.
We take the security of your personal information seriously and implement comprehensive technical, administrative, and physical safeguards to protect your data from unauthorized access, alteration, disclosure, or destruction.
Google Cloud Platform: All user data is stored using Google Cloud services, which provide enterprise-grade security and reliability:
- Secure Data Centers: Data is stored in Google's secure data centers with multiple layers of physical security, including biometric access controls, security cameras, and 24/7 monitoring.
- Redundancy and Backup: Data is automatically replicated across multiple geographic locations to ensure availability and prevent data loss.
- Infrastructure Security: Google Cloud infrastructure includes advanced security features such as encryption at rest, network security, and regular security audits.
Data Location: Your data is primarily stored in data centers located in the United States, with potential replication to other Google Cloud regions for redundancy and performance optimization.
Encryption in Transit: All data transmitted between your device and our servers is protected using industry-standard encryption:
- HTTPS/TLS: All communications use HTTPS with Transport Layer Security (TLS) encryption to protect data during transmission.
- API Security: All API communications are encrypted and authenticated to prevent unauthorized access.
- Certificate Management: We use valid SSL/TLS certificates and implement proper certificate management practices.
Encryption at Rest: Data stored on our servers is encrypted using strong encryption algorithms:
- Database Encryption: All database contents are encrypted using AES-256 encryption or equivalent standards.
- File Storage Encryption: User-uploaded files, including photographs, are encrypted when stored.
- Key Management: Encryption keys are managed using secure key management systems with appropriate access controls.
Administrative Access: Access to user data is strictly controlled and limited to authorized personnel:
- Role-Based Access: Access permissions are granted based on job responsibilities and the principle of least privilege.
- Multi-Factor Authentication: All administrative accounts require multi-factor authentication for access.
- Access Logging: All access to user data is logged and monitored for security purposes.
- Regular Reviews: Access permissions are regularly reviewed and updated as needed.
Application Security: The App itself implements multiple security measures:
- Secure Authentication: User authentication uses secure protocols and password hashing.
- Session Management: User sessions are managed securely with appropriate timeout and invalidation procedures.
- Input Validation: All user inputs are validated and sanitized to prevent security vulnerabilities.
Continuous Monitoring: We implement comprehensive security monitoring:
- Intrusion Detection: Automated systems monitor for unauthorized access attempts and suspicious activities.
- Vulnerability Scanning: Regular security scans identify and address potential vulnerabilities.
- Log Analysis: Security logs are continuously analyzed for signs of security incidents.
- Threat Intelligence: We stay informed about emerging security threats and update our defenses accordingly.
Incident Response: We maintain a comprehensive incident response plan:
- Rapid Response: Security incidents are detected and responded to quickly to minimize impact.
- Investigation Procedures: All security incidents are thoroughly investigated to determine cause and scope.
- User Notification: Users are notified of security incidents that may affect their personal information, as required by law.
- Remediation: Appropriate remediation measures are implemented to address security incidents and prevent recurrence.
Backup Procedures: Regular backups ensure data availability and recovery capabilities:
- Automated Backups: Data is automatically backed up on a regular schedule to prevent data loss.
- Geographic Distribution: Backups are stored in multiple geographic locations for disaster recovery.
- Backup Testing: Backup and recovery procedures are regularly tested to ensure effectiveness.
- Retention Policies: Backup data is retained according to established policies and legal requirements.
Disaster Recovery: We maintain comprehensive disaster recovery capabilities:
- Recovery Planning: Detailed recovery plans ensure rapid restoration of services in case of disasters.
- Redundant Systems: Critical systems have redundant components to minimize downtime.
- Business Continuity: Procedures are in place to maintain essential services during emergencies.
Vendor Security: All third-party service providers must meet our security standards:
- Security Assessments: Third-party vendors undergo security assessments before integration.
- Contractual Requirements: Security requirements are included in all vendor contracts.
- Ongoing Monitoring: Vendor security practices are monitored on an ongoing basis.
- Compliance Verification: Vendors must demonstrate compliance with applicable security standards.
Google Cloud Security: Our use of Google Cloud services benefits from Google's comprehensive security measures:
- Industry Certifications: Google Cloud maintains numerous security certifications including SOC 2, ISO 27001, and others.
- Security Transparency: Google provides detailed information about their security practices and compliance.
- Shared Responsibility: Security responsibilities are clearly defined between Google and our organization.
Device-Level Security: The App implements security measures specific to mobile devices:
- Secure Storage: Sensitive data stored on devices is encrypted and protected.
- Certificate Pinning: The App uses certificate pinning to prevent man-in-the-middle attacks.
- Code Obfuscation: App code is obfuscated to protect against reverse engineering.
- Runtime Protection: The App includes runtime protection against tampering and unauthorized modifications.
Permission Management: The App requests only necessary permissions and explains their use:
- Location Permissions: GPS access is required for core functionality and is clearly explained to users.
- Camera Permissions: Camera access is necessary for photo capture and comparison features.
- Storage Permissions: Limited storage access is used only for App functionality.
Security Limitations: While we implement comprehensive security measures, no system is completely secure:
- Internet Risks: Data transmission over the internet carries inherent risks that cannot be completely eliminated.
- Device Security: The security of data on your device depends on your device's security settings and practices.
- User Behavior: Security also depends on user behavior, including password management and safe usage practices.
User Responsibilities: Users play an important role in maintaining security:
- Account Security: Keep your account credentials secure and do not share them with others.
- Device Security: Maintain appropriate security settings on your mobile device.
- Suspicious Activity: Report any suspicious activity or security concerns to our support team.
- Software Updates: Keep the App and your device operating system updated with the latest security patches.
Notification Procedures: In the event of a security incident affecting personal information:
- Assessment: We will promptly assess the nature and scope of the incident.
- Notification Timing: Users will be notified without unreasonable delay, as required by applicable law.
- Notification Content: Notifications will include information about the incident, affected data, and recommended actions.
- Regulatory Reporting: We will report incidents to relevant regulatory authorities as required by law.
We are committed to protecting the privacy of children under 13 years of age in compliance with the Children's Online Privacy Protection Act (COPPA) and other applicable laws. This section outlines our specific practices and protections for child users.
Age Verification: While YouHunt is suitable for users of all ages, we recognize that children under 13 require special privacy protections. We implement COPPA-compliant practices for all users who may be under 13 years of age.
Parental Consent: Before collecting personal information from children under 13, we obtain verifiable parental consent through appropriate mechanisms that comply with COPPA requirements.
Limited Collection: We collect only the minimum amount of personal information necessary from children to provide the App's core functionality.
Account Registration: Children under 13 may use the App without registration for basic hunt participation. If account registration is desired:
- Parental Consent Required: We require verifiable parental consent before allowing children under 13 to create accounts.
- Limited Information: We collect only essential information (name, parent's email address) with parental consent.
- No Direct Contact: We do not collect email addresses or phone numbers directly from children under 13.
Location Data: Location services are essential for App functionality:
- Parental Awareness: Parents are informed about location data collection and its necessity for the treasure hunt experience.
- Supervision Encouraged: We recommend parental supervision when children use location-based features.
- Safety Emphasis: Location data is used only for App functionality and is not shared for marketing purposes.
Photo Collection: Children may take photos as part of hunt participation:
- Parental Consent: Photo collection from children under 13 requires parental consent.
- Limited Processing: Photos are processed only for game functionality (AI comparison) and are not used for other purposes.
- No Public Sharing: Photos taken by children are not made publicly available without explicit parental consent.
Access Rights: Parents have the right to:
- Review Information: Access and review any personal information we have collected from their child.
- Correct Information: Request correction of inaccurate information about their child.
- Delete Information: Request deletion of their child's personal information.
- Refuse Further Collection: Refuse to allow further collection of their child's personal information.
Parental Control Mechanisms:
- Account Management: Parents can manage their child's account settings and privacy preferences.
- Communication Control: Parents control all communications related to their child's account.
- Activity Monitoring: Parents can review their child's App activity and hunt participation.
- Immediate Termination: Parents can immediately terminate their child's account at any time.
Consent Methods: We obtain verifiable parental consent through:
- Email Plus: Email confirmation followed by additional verification steps such as phone verification or signed consent forms.
- Credit Card Verification: For paid features, credit card verification serves as parental consent verification.
- Digital Signature: Electronic signature systems that verify parental identity.
- Video Conference: In some cases, video conferencing with parents to verify consent.
Consent Documentation: We maintain records of parental consent and make them available to parents upon request.
Consent Withdrawal: Parents may withdraw consent at any time, resulting in deletion of their child's personal information and account termination.
Limited Use: Information collected from children under 13 is used only for:
- App Functionality: Providing the core treasure hunt experience.
- Safety and Security: Ensuring the child's safety while using the App.
- Parental Communication: Communicating with parents about their child's account.
- Legal Compliance: Meeting legal obligations and protecting rights.
No Marketing: We do not use children's personal information for marketing purposes or targeted advertising.
Restricted Sharing: Children's information is not shared with third parties except:
- Service Providers: Necessary service providers bound by strict confidentiality and data protection requirements.
- Legal Requirements: As required by law or to protect the child's safety.
- Parental Direction: As specifically directed by the child's parent or guardian.
Enhanced Security: Children's accounts receive additional security protections:
- Restricted Features: Certain features may be limited or disabled for child accounts.
- Enhanced Monitoring: Additional monitoring for inappropriate content or interactions.
- Safety Filters: Automated systems to detect and prevent potentially harmful situations.
Educational Resources: We provide resources to help parents and children understand:
- Online Safety: Best practices for safe internet and App usage.
- Privacy Awareness: Age-appropriate information about privacy and data protection.
- Reporting Mechanisms: How to report concerns or inappropriate content.
Good Faith Compliance: We make good faith efforts to comply with COPPA requirements and maintain safe harbor protections by:
- Regular Training: Training staff on COPPA requirements and children's privacy protection.
- Policy Updates: Regularly reviewing and updating our children's privacy practices.
- Legal Consultation: Consulting with legal experts on COPPA compliance matters.
- Industry Best Practices: Following industry best practices for children's online privacy protection.
Global Standards: While COPPA is a U.S. law, we apply similar protections globally:
- GDPR Compliance: For European users, we comply with GDPR's enhanced protections for children under 16.
- Local Laws: We respect local laws regarding children's privacy in all jurisdictions where the App is available.
- Consistent Standards: We maintain consistent high standards for children's privacy protection worldwide.
Dedicated Support: Parents can contact us regarding their child's privacy through:
- Email: [INSERT PRIVACY EMAIL] with "Child Privacy" in the subject line
- Phone: [INSERT PHONE NUMBER] during business hours
- Mail: VFG Advisors Inc, 8107 Loyola Blvd, Los Angeles, CA 90045
Response Time: We respond to parental inquiries regarding children's privacy within 48 hours during business days.
We believe you should have control over your personal information. This section outlines the rights and choices available to you regarding your personal data and how to exercise them.
Right to Access: You have the right to know what personal information we collect, use, and share about you. You can request:
- Data Categories: Information about the categories of personal data we collect and process.
- Specific Data: Access to the specific personal information we have about you.
- Processing Purposes: Details about why we collect and use your information.
- Data Sources: Information about the sources from which we collect your data.
- Sharing Practices: Details about how we share your information with third parties.
Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format, allowing you to transfer your data to another service provider.
How to Exercise: Submit access requests through our contact methods specified in Section 15. We will respond within the timeframes required by applicable law.
Right to Correction: You have the right to request correction of inaccurate or incomplete personal information:
- Account Information: Update your name, email address, or phone number through your account settings.
- Profile Data: Modify your profile information and preferences within the App.
- Data Accuracy: Request correction of any inaccurate information we maintain about you.
Self-Service Options: Many corrections can be made directly through your account settings without contacting customer support.
Verification Process: For security purposes, we may require verification of your identity before processing correction requests.
Right to Deletion: You have the right to request deletion of your personal information in certain circumstances:
- Account Deletion: Delete your entire account and associated personal information.
- Specific Data Deletion: Request deletion of specific categories of personal information.
- Withdrawal of Consent: Delete information collected based on your consent when you withdraw that consent.
Deletion Process:
- Account Deletion: Contact us through the methods in Section 15 to request account deletion.
- Verification Required: We may require identity verification before processing deletion requests.
- Completion Timeline: Deletion will be completed within 30 days of verification, unless legal obligations require retention.
Deletion Limitations: Some information may be retained when required by law or for legitimate business purposes such as:
- Legal Compliance: Information required to be retained by applicable laws.
- Security Purposes: Data necessary for fraud prevention and security.
- Business Records: Information needed for financial reporting and business operations.
Location Services Management: You have several options for controlling location data collection:
Device-Level Controls:
- App Permissions: Enable or disable location access for the YouHunt App through your device settings.
- Precision Settings: Choose between precise location and approximate location (where supported by your device).
- Background Location: Control whether the App can access location when not actively in use.
App-Level Controls:
- Hunt Participation: Choose which hunts to participate in based on location requirements.
- Location Sharing: Control whether your location is shared with other users during hunt participation.
- Location History: Request deletion of stored location history data.
Important Note: Disabling location services will significantly limit App functionality, as YouHunt is fundamentally a location-based service.
Email Communications: Control the types of emails you receive from us:
- Account Notifications: Essential account-related communications (cannot be disabled for security reasons).
- Service Updates: Information about App updates and new features.
- Marketing Communications: Promotional emails and newsletters (opt-in only).
Push Notifications: Manage push notifications through:
- Device Settings: Control all App notifications through your device's notification settings.
- App Settings: Customize specific types of notifications within the App.
- Granular Control: Choose which types of activities trigger notifications.
Analytics Opt-Out: You can limit analytics data collection:
- Google Analytics: Opt out of Google Analytics tracking through Google's opt-out tools.
- Usage Analytics: Request limitation of usage data collection for analytics purposes.
- Advertising ID: Reset or limit ad tracking through your device settings.
Marketing Opt-Out: We do not currently engage in marketing activities, but if we do in the future:
- Email Marketing: Easy unsubscribe options in all marketing emails.
- Targeted Advertising: Opt out of any targeted advertising programs.
- Third-Party Marketing: Control sharing of information with marketing partners.
Account Settings: Manage your account through various options:
- Profile Management: Update your profile information and preferences.
- Privacy Settings: Adjust privacy settings for hunt sharing and visibility.
- Subscription Management: Manage your subscription through app store settings.
- Data Download: Request a copy of your personal data for your records.
Account Deactivation: Temporarily deactivate your account while retaining your data:
- Temporary Suspension: Suspend account activity while preserving your information.
- Reactivation: Easily reactivate your account when you're ready to return.
- Data Preservation: Your hunts and progress are preserved during deactivation.
Google Services: Manage your data with Google services:
- Google Account: Control your Google account settings that may affect YouHunt data processing.
- Google Privacy Controls: Use Google's privacy controls to manage data sharing with third-party apps.
- Google Takeout: Export your data from Google services if desired.
App Store Controls: Manage your relationship with app stores:
- Subscription Management: Control subscriptions through Apple App Store or Google Play Store settings.
- Purchase History: Review and manage your purchase history through app store accounts.
- Family Sharing: Manage family sharing settings that may affect the App.
Request Methods: You can exercise your privacy rights through:
- Email: Send requests to our privacy contact email specified in Section 15.
- In-App Contact: Use the contact features within the App to submit requests.
- Written Request: Send written requests to our mailing address.
- Phone: Call our customer support line during business hours.
Required Information: To process your request, please provide:
- Identity Verification: Information to verify your identity and account ownership.
- Specific Request: Clear description of the rights you wish to exercise.
- Scope of Request: Specific data or activities covered by your request.
- Preferred Response Method: How you would like to receive our response.
Response Timeline: We will respond to your requests:
- Acknowledgment: Within 48 hours of receiving your request.
- Completion: Within 30 days for most requests, or as required by applicable law.
- Extensions: We may extend the response time by an additional 60 days for complex requests.
- Status Updates: We will provide status updates for requests that take longer to process.
No Discrimination: We will not discriminate against you for exercising your privacy rights, including by:
- Service Denial: Denying you access to the App or its features.
- Price Changes: Charging different prices or rates for services.
- Service Quality: Providing different levels or quality of services.
- Retaliation: Taking any retaliatory action against you.
YouHunt is operated from the United States, and your personal information may be transferred to, stored, and processed in the United States and other countries where our service providers operate. This section explains how we protect your information during international transfers.
Primary Data Location: Your personal information is primarily stored and processed in:
- United States: Our primary servers and operations are located in the United States.
- Google Cloud Regions: Data may be stored in various Google Cloud regions globally for performance and redundancy.
- Service Provider Locations: Third-party service providers may process data in their respective operating locations.
Cross-Border Processing: Data may be transferred internationally for:
- Service Delivery: Providing App functionality and user support across different regions.
- Data Backup: Maintaining backup copies in multiple geographic locations for disaster recovery.
- Performance Optimization: Using content delivery networks and regional servers to improve App performance.
- Legal Compliance: Meeting legal requirements in different jurisdictions.
Adequacy Decisions: Where possible, we rely on adequacy decisions by relevant authorities that recognize certain countries as providing adequate data protection.
Standard Contractual Clauses: For transfers to countries without adequacy decisions, we use Standard Contractual Clauses (SCCs) approved by relevant authorities to ensure appropriate safeguards.
Consent: In some cases, we may rely on your explicit consent for specific data transfers.
Necessary Transfers: Some transfers may be necessary for:
- Contract Performance: Fulfilling our obligations under our Terms of Service.
- Legal Claims: Establishing, exercising, or defending legal claims.
- Vital Interests: Protecting your vital interests or those of others.
Contractual Protections: All international data transfers are protected by:
- Data Processing Agreements: Comprehensive agreements with all service providers handling personal data.
- Security Requirements: Mandatory security standards that meet or exceed our own requirements.
- Audit Rights: Rights to audit and monitor service provider data protection practices.
- Incident Notification: Requirements for immediate notification of any data security incidents.
Technical Safeguards: International transfers are protected by:
- Encryption: All data is encrypted during transmission and storage.
- Access Controls: Strict access controls limit who can access transferred data.
- Monitoring: Continuous monitoring of data access and processing activities.
- Compliance Verification: Regular verification of compliance with data protection requirements.
GDPR Compliance: For users in the EEA, we ensure that international transfers comply with GDPR requirements:
- Article 44-49 Compliance: All transfers comply with GDPR Chapter V requirements.
- Appropriate Safeguards: Implementation of appropriate safeguards for data protection.
- Data Subject Rights: Preservation of data subject rights during international transfers.
- Supervisory Authority Cooperation: Cooperation with relevant supervisory authorities regarding transfer mechanisms.
UK Considerations: For users in the United Kingdom, we comply with UK data protection laws and any specific requirements for international transfers post-Brexit.
Google Services: Our use of Google services involves international transfers:
- Google's Global Infrastructure: Google operates a global infrastructure with data centers worldwide.
- Google's Transfer Mechanisms: Google implements appropriate transfer mechanisms including SCCs and adequacy decisions.
- Google's Compliance: Google maintains compliance with international data transfer requirements.
App Store Platforms: Transfers related to app store services:
- Apple: Data processed by Apple may be transferred internationally according to Apple's data transfer practices.
- Google Play: Data processed by Google Play may be transferred internationally according to Google's transfer mechanisms.
Information Rights: You have the right to:
- Transfer Information: Receive information about international transfers of your personal data.
- Safeguard Details: Obtain details about the safeguards implemented for your data transfers.
- Copy of Safeguards: Request a copy of the safeguards implemented for transfers (subject to confidentiality restrictions).
Objection Rights: In certain circumstances, you may have the right to:
- Object to Transfers: Object to specific international transfers of your personal data.
- Seek Alternatives: Request alternative processing arrangements that avoid international transfers.
- Withdraw Consent: Withdraw consent for transfers based on consent (where applicable).
Transfer Monitoring: We continuously monitor international transfers to ensure:
- Ongoing Compliance: Continued compliance with applicable data transfer requirements.
- Safeguard Effectiveness: Effectiveness of implemented safeguards and protections.
- Legal Changes: Adaptation to changes in international data transfer laws and regulations.
- Risk Assessment: Regular assessment of risks associated with international transfers.
Compliance Updates: We regularly update our transfer practices to:
- Reflect Legal Changes: Incorporate changes in data transfer laws and regulations.
- Improve Protections: Enhance safeguards and protections for international transfers.
- Address Risks: Address any identified risks or vulnerabilities in transfer mechanisms.
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. This section outlines our data retention practices and timelines.
Purpose Limitation: We retain personal information only for as long as necessary to achieve the specific purposes for which it was collected or for compatible purposes that are clearly communicated to users.
Minimization: We regularly review stored data and delete information that is no longer necessary for our legitimate business purposes or legal obligations.
Legal Compliance: Some information may be retained longer when required by applicable laws, regulations, or legal proceedings.
User Control: You can request deletion of your personal information at any time, subject to legal and business requirements outlined below.
Active Accounts: For users with active accounts:
- Account Data: Name, email address, and phone number are retained while your account remains active.
- Profile Information: User preferences and settings are maintained for the duration of account activity.
- Authentication Data: Login credentials and security information are retained while the account exists.
Inactive Accounts: For accounts that become inactive:
- Dormancy Period: Accounts are considered inactive after 24 months of no login activity.
- Notification Process: We will notify users before deleting inactive accounts, providing opportunity to reactivate.
- Deletion Timeline: Inactive accounts and associated data are deleted after 36 months of inactivity, unless legal obligations require longer retention.
Account Deletion: When you request account deletion:
- Immediate Deactivation: Account access is immediately disabled upon deletion request.
- Data Removal: Personal information is deleted within 30 days of the deletion request.
- Backup Removal: Data is removed from backup systems within 90 days of deletion.
Real-Time Location: Current location data used for active hunt participation:
- Session Duration: Real-time location data is retained only during active App sessions.
- Temporary Storage: Location data may be temporarily cached for performance optimization.
- Session Cleanup: Location data is automatically purged when App sessions end.
Historical Location: Location data associated with completed hunts:
- Hunt Association: Location data is retained as part of hunt records for hunt creators and participants.
- Retention Period: Historical location data is retained for 2 years after hunt completion.
- User Deletion: Users can request deletion of their location history at any time.
Location Analytics: Aggregated and anonymized location data:
- Anonymization: Location data used for analytics is anonymized and cannot be linked to individual users.
- Retention Period: Anonymized location analytics data may be retained indefinitely for business intelligence purposes.
Hunt Photos: Images uploaded for hunt creation and participation:
- Active Hunts: Photos are retained while hunts remain active and accessible to participants.
- Completed Hunts: Photos are retained for 3 years after hunt completion to allow for continued access by participants.
- Creator Control: Hunt creators can delete their hunts and associated photos at any time.
- Participant Photos: Photos taken by hunt participants are retained for 1 year after hunt completion.
AI Processing Data: Data generated from photo analysis:
- Processing Results: AI analysis results are retained for 6 months after photo processing.
- Model Training: Anonymized data may be used for AI model improvement with indefinite retention.
- User Deletion: Users can request deletion of their photo processing data.
Customer Support: Records of customer support interactions:
- Support Tickets: Support requests and responses are retained for 3 years for quality assurance and follow-up purposes.
- Communication Records: Email and other communications are retained for 2 years.
- Resolution Documentation: Records of issue resolution are maintained for 1 year after case closure.
System Communications: Automated communications and notifications:
- Delivery Records: Records of sent notifications are retained for 6 months.
- Preference History: Communication preference changes are retained for 2 years.
Usage Analytics: Data about how users interact with the App:
- Individual Usage: Personal usage data is retained for 18 months.
- Aggregated Analytics: Anonymized usage statistics may be retained indefinitely.
- Performance Data: App performance and error data is retained for 1 year.
Google Analytics: Data collected through Google Analytics:
- Retention Settings: Google Analytics data is configured with a 26-month retention period.
- User Control: Users can opt out of Google Analytics tracking through Google's opt-out tools.
Legal Hold: When information is subject to legal proceedings:
- Litigation Hold: Data subject to legal proceedings is retained until the matter is resolved.
- Regulatory Investigations: Information may be retained longer when subject to regulatory investigations.
- Court Orders: Retention periods may be extended by court orders or legal requirements.
Compliance Requirements: Retention for regulatory compliance:
- Financial Records: Subscription and payment records are retained for 7 years for tax and financial compliance.
- Security Logs: Security and access logs are retained for 2 years for security monitoring and compliance.
- Audit Requirements: Some data may be retained longer to meet audit and regulatory requirements.
Automated Deletion: We implement automated systems to:
- Schedule Deletion: Automatically delete data when retention periods expire.
- Verify Deletion: Confirm that data has been properly removed from all systems.
- Log Deletion: Maintain logs of deletion activities for compliance purposes.
Manual Deletion: For user-requested deletions:
- Verification Process: Identity verification is required before processing deletion requests.
- Scope Confirmation: We confirm the scope of deletion with users before processing.
- Completion Notification: Users are notified when deletion is complete.
Secure Deletion: All data deletion follows secure procedures:
- Overwriting: Data is securely overwritten to prevent recovery.
- Backup Removal: Data is removed from all backup systems and archives.
- Third-Party Notification: Service providers are notified to delete data from their systems.
|
Data Type |
Retention Period |
Notes |
|
Account Information |
While account active + 30 days after deletion |
Subject to legal requirements |
|
Location Data (Real-time) |
Session duration only |
Automatically purged |
|
Location Data (Historical) |
2 years after hunt completion |
User can request earlier deletion |
|
Hunt Photos |
3 years after hunt completion |
Creator can delete anytime |
|
Participant Photos |
1 year after hunt completion |
User can request earlier deletion |
|
Customer Support Records |
3 years |
For quality assurance |
|
Usage Analytics |
18 months |
Anonymized data retained longer |
|
Financial Records |
7 years |
Legal compliance requirement |
|
Security Logs |
2 years |
Security monitoring |
Information Rights: You can request information about:
- Retention Periods: How long we retain specific categories of your personal information.
- Deletion Schedules: When your data is scheduled for automatic deletion.
- Legal Basis: The legal basis for retaining your information beyond standard periods.
Deletion Rights: You can request:
- Early Deletion: Deletion of your data before standard retention periods expire.
- Selective Deletion: Deletion of specific categories of data while retaining others.
- Confirmation: Confirmation that your data has been deleted from all systems.
YouHunt integrates with several third-party services to provide enhanced functionality. This section explains how these integrations affect your privacy and data protection.
Google Gemini AI: Used for photo comparison and analysis:
- Data Processing: Your photos are processed by Google's AI systems to compare hunt images.
- Privacy Policy: Google's privacy policy applies to data processed by Gemini AI.
- Data Retention: Google may retain data according to their retention policies.
- User Rights: You can exercise rights regarding data processed by Google through Google's privacy controls.
Google Cloud Platform: Used for data storage and hosting:
- Infrastructure: All user data is stored on Google Cloud infrastructure.
- Security: Benefits from Google's enterprise-grade security measures.
- Compliance: Google Cloud maintains various compliance certifications.
- Data Location: Data may be stored in multiple Google Cloud regions globally.
Google Analytics: Used for usage analytics and App improvement:
- Data Collection: Collects anonymized usage data and user behavior patterns.
- Opt-Out: Users can opt out through Google's Analytics opt-out tools.
- Retention: Data is retained according to our Google Analytics configuration (26 months).
- Privacy Controls: Subject to Google's privacy policy and user controls.
Apple App Store: For iOS users:
- Distribution: App distribution and updates through Apple's platform.
- Payment Processing: Subscription payments processed by Apple.
- Privacy: Subject to Apple's privacy policy and App Store guidelines.
- User Rights: Users can exercise rights through their Apple ID account settings.
Google Play Store: For Android users:
- Distribution: App distribution and updates through Google's platform.
- Payment Processing: Subscription payments processed by Google.
- Privacy: Subject to Google's privacy policy and Play Store policies.
- User Rights: Users can exercise rights through their Google account settings.
Users should review the privacy policies of integrated third-party services:
- Google Privacy Policy: https://policies.google.com/privacy
- Apple Privacy Policy: https://www.apple.com/privacy/
- Google Play Privacy Policy: https://policies.google.com/privacy
YouHunt uses limited tracking technologies to provide and improve our services.
Local Storage: The App uses local device storage for:
- App Preferences: Storing user settings and preferences locally.
- Session Data: Maintaining session information for App functionality.
- Cache Data: Temporarily storing data to improve App performance.
Analytics Tracking: Google Analytics uses tracking technologies to:
- Usage Measurement: Measure App usage and user engagement.
- Performance Monitoring: Monitor App performance and identify issues.
- User Behavior: Understand how users interact with App features.
Device Controls: Users can control tracking through device settings:
- App Permissions: Manage App permissions through device settings.
- Advertising ID: Reset or limit ad tracking through device privacy settings.
- Analytics Opt-Out: Use Google's opt-out tools to disable analytics tracking.
California residents have specific privacy rights under the California Consumer Privacy Act (CCPA).
Right to Know: Request information about personal information collected, used, and shared. Right to Delete: Request deletion of personal information. Right to Opt-Out: Opt out of the sale of personal information (we do not sell personal information). Right to Non-Discrimination: Not be discriminated against for exercising CCPA rights.
We collect the following categories of personal information from California residents:
- Identifiers: Name, email address, phone number, device identifiers.
- Geolocation Data: GPS coordinates and location information.
- Sensory Information: Photographs and images.
- Internet Activity: App usage data and interaction patterns.
California residents can exercise their rights by contacting us through the methods in Section 15. We will verify your identity and respond within the timeframes required by CCPA.
Users in the European Economic Area have specific rights under the General Data Protection Regulation (GDPR).
Right of Access: Obtain confirmation of data processing and access to personal data. Right to Rectification: Correct inaccurate or incomplete personal data. Right to Erasure: Request deletion of personal data in certain circumstances. Right to Restrict Processing: Limit how we process your personal data. Right to Data Portability: Receive personal data in a portable format. Right to Object: Object to certain types of data processing.
We process personal data based on:
- Consent: For optional features and marketing communications.
- Contract: To provide App services and fulfill our obligations.
- Legitimate Interests: For App improvement, security, and business operations.
- Legal Compliance: To comply with applicable laws and regulations.
EU residents can exercise their rights by contacting us through the methods in Section 15. We will respond within one month of receiving your request.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will notify users through:
- In-App Notifications: Prominent notices within the App.
- Email Notifications: For registered users, email notifications about significant changes.
- Website Posting: Updated policy posted on our website with effective date.
Changes become effective immediately upon posting unless otherwise specified. Continued use of the App after changes constitutes acceptance of the updated Privacy Policy.
For questions about this Privacy Policy or our privacy practices, contact:
VFG Advisors Inc
Privacy Officer
8107 Loyola Blvd
Los Angeles, CA 90045
United States
Email: [INSERT PRIVACY EMAIL]
Phone: [INSERT PHONE NUMBER]
Business Hours: Monday-Friday, 9:00 AM - 5:00 PM Pacific Time
For users in the European Economic Area, you can contact our Data Protection Officer at: Email: [INSERT DPO EMAIL]
EU residents have the right to lodge complaints with their local supervisory authority regarding our data processing practices.
This Privacy Policy was last updated on [INSERT DATE]. Please review this policy periodically for any changes.
By using YouHunt, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein.