Privacy policy

Aveola 

This Privacy Policy (“Policy”) describes how we collect, process, use and share your personal information when you use the Aveola mobile application (the “App”), the website located at: link (the "Website"), the services and products provided through them (together with the App and Website, the "Service").”). 

In order to use the service, we will ask you to enter your name and email. We will also automatically collect from your device language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, Facebook ID, and other unique identifiers (such as IDFA and AAID). We need this data to provide our services, analyze how our customers use the service and to measure ads.

For improving the service and serving ads, we use third party solutions. As a result, we may process data using solutions developed by, Google, Snapchat, Amplitude, Appsflyer, Firebase, TikTok. Therefore, some of the data is stored and processed on the servers of such third parties. This enables us to (1) analyze different interactions (how often users make purchases); (2) serve and measure ads (and show them only to a particular group of users, for example, only to those, who made a purchase).

Please read our Privacy Policy below to know more about what we do with data (Section 4), what data privacy rights are available to you (Section 6) and who will be the data controller (Section 1). If any questions will remain unanswered, please contact us at [email protected].

BY USING THE SERVICE, YOU PROMISE US THAT (I) YOU HAVE READ, UNDERSTAND AND AGREE TO THIS PRIVACY POLICY, AND (II) YOU ARE OVER 18 YEARS OF AGE (OR HAVE HAD YOUR PARENT OR GUARDIAN READ AND AGREE TO THIS PRIVACY POLICY FOR YOU). If you do not agree, or are unable to make this promise, you must not use the Service. In such case, you must (a) contact us and request deletion of your data; (b) delete the App from your device or leave the Website and not access or use it; and (c) cancel any active subscriptions or trials.

"GDPR" means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

"EEA" includes all current member states to the European Union and the European Free Trade Association. For the purpose of this policy EEA shall include the United Kingdom of Great Britain and Northern Ireland.

“Personal Information" means any information that allows someone to identify, or reasonably link to, you directly or indirectly.

"Process", in respect of personal data, includes to collect, store, and disclose to others.

1.              CONTROLLER’S NAME AND CONTACT DETAILS

The data controller in respect of our Service (as defined below) is:

Pepitama Limited ("Aveola", "We", "Us" or "Our")

Registered number HE 432934
loanni Mina, 8, Agios loannis, 4871,
Limassol, Cyprus
Email: [email protected]

2.              GENERAL INFORMATION IN BRIEF

We process Personal Data only when necessary for the performance of a contract with you, for compliance with a legal obligation to which we are subject, or based on our legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms for which require the protection of your Personal Data.

 We also process your data to keep you and all of our members safe and secure while using our service.  For more information regarding processing your personal data for security purposes please refer to Section 5.

3.              INFORMATION WE COLLECT

In relation to your use of our Service, we collect information either directly from you or indirectly.

3.1.          INFORMATION WE COLLECT DIRECTLY

We collect Personal Data and other information that you provide to us. You provide us information about yourself when you register for and/or use the Service. For example: email, name (nickname), gender, date of birth, access to camera/microphone. You may also decide to answer quiz questions and upload a photo.

3.2.          INFORMATION WE COLLECT INDIRECTLY

We indirectly collect a variety of information through your interaction with and use of our Service.

a)              Data about how you found us

We collect data about your referring app or URL (that is, the app or place on the Web where you were when you tapped on our ad).

b)              Device and Location data

We collect data from your mobile device. Examples of such data include: language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, and Facebook ID. We also record the ads in our App with which you interact (and the Internet links to which those ads lead).

c)              Usage data

We record how you interact with our Service. For example, we log your taps on certain areas of the interface, the features, and content you interact with, how often you use the App, how long you are in the App, your subscription orders.

d)              Advertising IDs

We collect your Apple Identifier for Advertising (“IDFA”), Identifier for Vendor (“IDFV”) or Google Advertising ID (“AAID”) (depending on the operating system of your device). You can typically reset these numbers through the settings of your device’s operating system (but we do not control this).

How opt out of targeted advertising and analytics

If you wish to limit behaviourally targeted advertising, you can do so by limiting ad tracking in your device settings. Please note that opt-outs are specific to each browser and device and it may take a little bit of time before your opt-out choice will take effect.

For mobile advertising in apps, you can reset your Advertising Identifier and depending on your device, select to opt out of interest-based ads (Android) or turn on the Limit Ad Tracking setting (iOS).

3.3.          INFORMATION FROM OTHER SOURCES

When you use sign in with Apple to register an account in the App, we get personal data from your Apple ID account. This data may include, in particular, your name and verified email address. You may choose to share your real email address or an anonymous one that uses the private email relay service. Apple will show you their detailed privacy information on the sign in with Apple screen. Find more about sign with Apple here.

4.              HOW WE USE YOUR INFORMATION

We need to process your Personal Data in order to perform the contract with you as a user. We will use your Personal Data, unless otherwise prohibited by law, for the following purposes:

·                to provide you with the Service you request;

·                to research and analyze your use of the Service;

·                to communicate with you about your Account or transactions with us and send you information about features on our Sites or changes to our policies;

·                to provide support including, but not limited to, Service updates and other similar communications;

·                to send you marketing communications;

·                to personalize your advertising;

·                to enforce our Terms of Services;

·                to combat fraud;

·                to comply with our legal obligations

4.1 We also process your data to keep you and all of our members safe and secure while using our service. We use a combination of automated systems, user reports and a team of moderators to monitor and review accounts and content to identify breaches of Terms of Service and our Comminity Guidlines. 

To detect illigal and/or prohibited content we use Hive - a leading AI content moderation platform on the market, providing instant detection of violence and nudity in Aveola video chats. To find more information please refer to Hive’s Privacy Policy.

All messages are moderated and checked for prohibited words using an internal model based on AI technologies.

5.              HOW WE SHARE YOUR INFORMATION

For the performance of a contract with you, compliance with a legal obligation to which we are subject, and based on our legitimate interests, we may share your personal data with the following categories of third parties:

(1)            Advertising and advertising measurement partners

a)       We use Facebook Ads Manager together with Facebook Custom Audience, which allows us to choose audiences that will see our ads on Facebook or other Facebook’s Service (for example, Instagram). Through Facebook Custom Audience we may create a list of users with certain sets of data, such as an IDFA, choose users that have completed certain actions in the Service (for example, installed the App). As a result, we may ask Facebook to show some ads to a particular list of users. As a result, more of our ads may show up while you are using Facebook or other Facebook’s Service (for example, Instagram). You may learn how to opt out of advertising provided to you through Facebook Custom Audience here.

b)       Facebook also allows its users to influence the types of ads they see on Facebook. To find how to control the ads you see on Facebook, please go here or adjust your ads settings on Facebook.

c)       We use Facebook pixel on the Website. Facebook pixel is a code placed on the Website collecting data that helps us track conversions from Facebook ads, build targeted audience and remarket to people who have taken some action on the Website.

d)       We also use Snapchat Advertising Platform together with Snapchat Audience Based Match, which is an ad delivery service provided by Snapchat that can link the activity of some users of our App with the Snapchat advertising network and show some of our ads to them. As a result, you may see more of ads on Snapchat in case you use our App. Snapchat allows you to Opt Out of their audience based ads. Privacy Policy.

e)       TikTok Ads is the service provided by TikTok that can deliver ads to its users. The ads can be tailored to specific categories of users (for instance, based on their geographical location). TikTok’s Privacy Policy.

f)        Unity Ads is a comprehensive monetization platform for Unity, iOS, and Android developers. For more information, please refer to Unity Privacy Policy.

(2)            Data storage partners: we store some of your information using third-party data storage services owned or operated by other entities.

a)       To host personal data and enable our Service to operate and be distributed we use Amazon Web Services, which is a hosting and backend service provided by Amazon.

b)       We use Firebase Performance Monitoring, which is monitoring service provided by Google. To learn more, please visit Google’s Privacy policy and Privacy and Security in Firebase.

c)       To monitor infrastructure and the App’s performance, we use Crashlytics, which is a monitoring service provided by Google. Here’s its Data Collection Policy.

(3)            Communication service providers. The services that we use for these purposes may collect data concerning the date and time when the message was viewed by our Service’s users, as well as when they interacted with it, such as by tapping on links included in the message.

a)       To communicate with you we also use Firebase Cloud Messaging, which is message sending service provided by Google. Firebase Cloud Messaging allows us to send messages and notifications to users of our Website across platforms such as Android and iOS when you access our Website from a mobile device or across your internet browser when you access our Website from a laptop. We integrate Firebase Notifications with Firebase Analytics to create analytics-based audiences and track opening and conversion events. As a result, we can, for example, send reminders only to users who used the Website more frequently. Google's privacy policy. 

b)       We use Apple Push Notification service (“APNs”), that is a notifications service provided by Apple. APNs allows us to send information to iOS devices. Apple’s privacy policy.

(4)            Research ana analytics partners: we may provide access to some of your data to provide marketing-related and other research. 

a)       To perform research and analysis about how users interact with our App we use Appsflyer. Appsflyer enables us to understand, in particular, how users find us (for example, who was the advertiser that delivered an ad to users, which led you to an app store with our App). Appsflyer also provides us with different analytics tools that enable us to research and analyze your use of the Service. Privacy Policy. Appsflyer allows you to Opt Out of having data from my device sent to Appsflyer's servers for apps usage collection.

b)       We use Facebook Analytics, which is a service provided by Facebook that allows us to use different analytical tools. On Facebook Analytics we get, in particular, aggregated demographics and insights on how many people visit our Website, how often users make purchases, and other interactions. Lean more about Facebook’s approach to data from its Privacy Policy.

c)       To track and analyze behavior of our App’s users (in particular, how they react to changes of the App structure, text or any other component), we use Firebase Remote Config. Firebase Remote Config is an A/B testing and configuration service provided by Google, which also enables us to tailor the content that our App’s users see (for example, it allows us to show different onboarding screens to different users). Privacy Policy and Privacy and Security in Firebase.

d)       Amplitude is an analytics service provided by Amplitude Inc. We use this tool to understand how customers use our Service. Amplitude collects various technical information, in particular, time zone, type of device (phone, tablet or laptop), unique identifiers (including advertising identifiers). Amplitude also allows us to track various interactions that occur in our App. As a result, Amplitude helps us to decide what features we should focus on. Amplitude provides more information on how they process data in its Privacy Policy.

e)       We also use Firebase Analytics, which is an analytics service provided by Google. In order to understand Google's use of data, consult Google's partner policy. Firebase Privacy information. Google’s Privacy Policy.

f)        We also use RevenueCat, a mobile subscription toolkit. If you want to learn more about how RevenueCat handle your data, please read its Privacy Policy.

(5)            Public authorities and auditors: some personal data shall be disclosed to public authorities, e.g., tax and customs authorities, auditors, and other competent parties, in accordance with the laws of each local jurisdiction where we operate;

(6)           Legal Obligations. We may access, preserve, and disclose Personal Information to investigate, prevent, or take action in connection with: (i) enforcement of the Terms of Service; (ii) claims that any content or behavior violates our policies, including Community Guidline, or the rights of third parties; (iii) requests for customer service; (iv) technical issues; (v) protecting the rights, property, or personal safety of Aveola; its users; or the public; (vi) lawful legal requests including subpoenas, warrants, or court orders or in connection with any legal process; (vii) establishing or exercising our legal rights or defending against legal claims; (viii) tax and accounting purposes; or (ix) as otherwise required by law, collectively "Legal Obligations".

(7)           Change of control: we may share your information as part of, or during the negotiation/preparation of, our company’s sale, merger, change in control, or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business.

6.              YOUR RIGHTS

You have the right of access, portability, or to know, meaning you can access and review some of your personal data directly by logging into your account.

You also have the right to rectification or correction of your personal data if it is inaccurate or incomplete. You may update your data directly within the service by editing your profile. 

In accordance with your right to deletion or erasure, you can delete certain data that you have provided directly within the service. You may also delete your account as explained here, after which your data will be deleted as outlined in the Privacy Policy. 

You have the right to object (opt-out) or request restriction of data processing. This means you may object to certain uses of your personal data or request temporary or permanent cessation of processing. Some of these settings can be managed directly in your account. 

You have the right to withdraw your consent at any time regarding the processing of your personal data for specific purposes. This can be done by updating your account settings or adjusting device permissions (e.g., revoking access to contacts, pictures, advertising identifiers). Note that withdrawing consent may affect the functionality of some services. 

To exercise any of your privacy rights, please send a request to [email protected].

To protect your privacy and the security of all our members, we may require you to provide information verifying your identity or your authority to act on behalf of a member before we can respond to any of the above requests. This helps ensure that your personal data remains secure and is not accessed by unauthorized individuals.

In certain countries, including in the European Economic Area and the United Kingdom, the right to a judicial remedy and to lodge a complaint with the appropriate data protection authority is available to you if you have concerns about how we process your personal data. Information about your data protection regulator in the European Economic Area can be found here, and in the United Kingdom here. The data protection authority with which a complaint may be lodged may be that of your habitual residence, where you work, or where an alleged infringement took place.

7.              OPT-OUT OF DIRECT MARKETING AND RIGHT TO OBJECT

You can unsubscribe from marketing email in the footer of any marketing email. Please note that even if you unsubscribe from all our personalized marketing emails and messages, we will still send you some notifications (we often refer to them as “transactional”), e.g. to confirm purchases or changes in your Account, give warranty or security information, information about changes to the Terms of Use and Privacy Policy. We will be able to stop all communications only after your Account is deleted. 

Where processing of your Personal Data is based on legitimate interests, you can use your right to object at any time. If you object we will no longer process your Personal Data unless there are compelling and prevailing legitimate grounds for the processing or the data are necessary for the establishment, exercise or defense of legal claims. To exercise your right to object please send a request to [email protected].

8.              AGE LIMITATION

We do not knowingly process personal data from persons under 18 years of age. If you learn that anyone younger than 18 has provided us with personal data, please contact us via [email protected].

9.              INTERNATIONAL DATA TRANSFERS

We may transfer personal data to countries other than the country in which the data was originally collected in order to provide the Service set forth in the Terms of Use and for purposes indicated in this Privacy Policy. If these countries do not have the same data protection laws as the country in which you initially provided the information, we deploy special safeguards.

In particular, if we transfer personal data originating from the EEA to countries with not adequate level of data protection, we use one of the following legal bases: (i) Standard Contractual Clauses approved by the European Commission (details available here), or (ii) the European Commission adequacy decisions about certain countries (details available here).

10.           CHANGES

We may change this Policy from time to time for various reasons, such as legal and regulatory changes, changes in industry practices and technological developments that need to be reflected. If the changes are material, we may provide you additional notice to your email address.

11.           DATA RETENTION 

We will store your personal data for as long as it is reasonably necessary for achieving the purposes set forth in this Privacy Policy (including providing the services to you). We will also retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

12.           SHINE THE LIGHT

Customers who are residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To exercise a request, please write us at the email or postal address set out above and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.

13.           CONTACT

You can contact us via [email protected].

Effective as of: 03 April 2025