- December 28th, 2019 (CCPA clarification)
- July 26th, 2019 (clarified how your account might expire)
- Jul 18th, 2018 (minor wordings)
- May 25th, 2018 (major changes)
1. Information we collect
The main goal with our services is to help you connect with people. It is therefore essential that you provide relevant information about yourself and what kind of people you would like to meet. You can do this by creating and maintaining a profile.
We also collect information generated as you use our services, for example access logs, your activities and third party information. When you are not signed in to your account we use unique identifiers tied to your browsers and devices. Some of this is stored in cookies. When you are signed in, information will also be stored in your account.
A. Information you provide
As a general rule, please consider that all information you provide will be collected. Some information is temporary and will be deleted when no longer needed, whereas other information will be stored as long as you have an account with us.
Account and profile information
When you create an account, you provide us with things like login credentials and some basic profile information such as your gender and date of birth.
You may also choose to provide more detailed profile information about yourself. Some information may be considered "sensitive" in certain jurisdictions, such as your ethnicity, sexual orientation and religion. If you choose to provide sensitive information, you consent to our processing of that information. Your profile will be visible to the public.
We may also collect private information such as your email address and your cell phone number. Your private information will remain hidden from the public unless you choose to make it public, but may be reviewed by staff and trusted moderators.
We collect the content you create, upload, send to or receive from others when using our services. This can for example be messages you write and receive, and photos and other media that you upload.
Communications with oyoy.com
If you communicate with us directly, we will collect the information you provide to us in this communication.
B. Information we collect when you use our services
Your browsers and devices
We collect information about the browsers and devices you use to access our services. This enables us to tailor the user experience to your browser and/or device. For example, you may be able to see more information on a big screen than a small, and sometimes things that work with some devices will not work in others. We constantly tweak our software to deliver to best possible experience to different browsers and devices. We may also use this information in order to prevent fraudulent behavior and other abuse.
We collect information about your activities while using our services. This can be things like your searches, members whom you interact with, view, pin, like, block, report, photos you flag and so on.
Your location information
We may collect information about your location using your IP address or your browser's Geolocation API. Your browser may or may not use your device's GPS, Wi-Fi access points, cell towers, sensor data and Bluetooth-enabled devices in order to provide this information. You can switch off (or choose not to enable) Geo Location sharing with our services in your browser, but you cannot choose to disable Geo Location determined by your IP address. We will always know your IP address, as it would be impossible to send you the pages your browser requests without this information.
C. Information from third parties
Sometimes we will collect information we find about you in publicly accessible sources, such as for example Google Search. We also use information offered by security partners in order to protect against abuse. For example, when you sign up in our site, we may ask you for a cell phone number which we use for verification. We may or may not check if your cell phone number has been associated with abuse, or if you purchased your number online to hide your true location. We also check your IP address up against various sources to see if it has been associated with abuse, if it is a proxy or VPN address and more.
What are cookies?
Cookies are small pieces of textual information sent from websites you visit to your browser. When you visit the websites again (even hours, days, months or years later), the cookie will be sent back from your browser to the website. Using this mechanism, the website can remember information about your previous visits.
You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. However, please note that our site will not work properly if you disable cookies. For example, you will not be able to sign in to your account.
Site features and layout
These are cookies that will make a website remember you between page requests. If you close your browser completely, session state cookies are usually deleted and your session with the website is terminated. This is usually OK and intended behavior.
Cookies and Web Beacons used by Third Party Advertisers and Traffic Measurement Services.
A Web Beacon is a technology to unobtrusively (usually invisibly) allow checking that a user has accessed some content. A common technique is to place a small transparent graphic image on a web page and monitor when this image is loaded from the server and by which IP address.
We use third parties for advertising and analytics
We use Google AdSense and partners of Google AdSense to show both personalized and non-personalized advertisements on our services.
Google's use of advertising cookies enables it and its partners to serve ads to our users based on their visit to our sites and/or other sites on the Internet.
Users may opt out of personalized advertising by visiting Google's Ads Settings
Other advertising partner's settings can be found by visiting www.aboutads.info
Show list of AdSense partners
Our services use third party traffic measurement services such as Google Analytics to analyze traffic. These services may also be placing and reading cookies on your browser or use web beacons to collect information.
3. Why we collect data
Our services are based on organizing and processing data in meaningful ways so that we can provide you with the best possible experience:
Provide our services
We use your and other users' information to deliver our services. For example, we process your searches and profile information in order to connect you with people who may be of interest to you, and to present you to people who may be interested in you. We provide you with messaging features so that you can communicate with others and so on. These services are all based on data from you and our other users.
Maintain, operate and improve our services
We may use your information to ensure that our services are working properly, to find errors and make improvements. For example, we may discover that our messaging feature does not work well for you, that certain pages crash or respond slowly, that how we organize information makes it hard to find and understand, that users request new or improved features and so on.
Provide personalized services
We use your information to provide you with services tailored specifically to you. For example, we may suggest other users to you based on the ones you already like. We also try to adjust the user experience based on the capabilities of the device(s) you are using.
It would be impossible to provide our free services without any income. We use Google Ads to monetize our services.
Google Ads will try to target ads that are most useful to you. For example, if you like pizza, Google Ads may use your IP address to determine your approximate location so that we perhaps can show you an advertisement for a nearby pizza restaurant.
We use Google Analytics to analyze website traffic. This helps us better understand how our services are used and to identify which pages perform well or poorly, from which locations our services are visited, which devices, browsers and operating systems that are used and so on. We also use Google Analytics to measure marketing effectiveness.
Communication and notifications
We use information we collect from you to interact with you directly. This can for example be your email address or your cell phone number if you give us permission to do so. This communication can be responses to support requests, or notifications for various events such as when someone contacts you in our services. Notifications can be controlled by you here.
Security, fraud and abuse prevention.
We use information we collect to protect our users, the public and oyoy.com.
We use information we collect to assist law enforcement authorities, to comply with legal requirements and to enforce or exercise our rights.
4. How we share information
Your profile and profile photos
Your profile and profile photos will always be publicly available. Please consider carefully what information you share. Do not disclose any contact information such as phone numbers, email addresses and other social media usernames on your profile. This can be given in private messaging with those you trust.
Because your profile is publicly visible, it may also appear on public search engines and other third party sites. We do not control who reads your publicly available information and how they use this information, so please consider your privacy carefully.
Your private messages
We may share information with third party service providers which help us provide our services. For example, if we send an SMS to your cell phone, we use the services of a third party, and thus we must provide your cell phone number and the SMS content to them. All of our service providers and partners must agree to strict confidentiality obligations.
We work with third party advertising partners to show you ads that we think may interest you. Our advertising partners may set and access their own cookies and web beacons on our services, and they may otherwise collect or have access to information about you which they may collect over time and across different online services.
We use analytics providers such as Google Analytics. These partners may also set and access their own cookies and web beacons on our services.
We may share some information with our sister services. Currently the only sister service is dateinasia.com.
The purpose of this information sharing is only for security, fraud and abuse prevention.
If our services are acquired (for example sold), all the data will be transferred to the new owner.
With your consent
We may share information with your consent.
For legal reasons
We will share your personal information when we in good faith believe it is necessary for us to do so in order to comply with a legal obligation under applicable law, or respond to valid legal process, such as a search warrant, a court order, or a subpoena. We will also share personal information if we in good faith believe that access, use, preservation, or disclosure of the information is reasonably necessary to:
- Detect and prevent illegal activities, fraud, abuse and security issues.
- Protect against harm to the rights, property or safety of oyoy.com, our users, or the public as required or permitted by law.
5. Cross-border data transfers
oyoy.com is a global service. We may transfer personal data to countries other than the country in which the data was originally collected.
Our main servers are currently located in the US. This may or may not change in the future. Your private data is only stored in countries recognized by The European Commision as providing adequate protection, and with EU-US Privacy Shield certified companies in the US. This is only required by law for residents of the European Economic Area (EEA), but we provide the same level of privacy and security for residents of all countries.
We also use Content Delivery Networks for public data such as your public photos. Content Delivery Networks distribute data to servers near the end users in order to improve access speeds and availability. We may use specific contracts approved by the European Commission if Content Delivery Network Servers are located in countries that are not considered by the European Commission to offer an adequate level of protection for personal data. This gives the data the same protection it has in Europe.
We only use the finest data centers with security staff, backup power and high-quality hardware. Data is backed up at least every hour to physically separated backup servers, and we use encryption to keep your data private while in transit.
We routinely check for security vulnerabilities and attacks, and we keep our servers up-to-date with the latest security patches. If we suspect or detect any breach of security we may suspend your account. We take a "better safe than sorry approach" to security issues.
Still, no system is without failure, so we cannot guarantee absolute security. We will notify you and any applicable regulator of a breach where we are legally required to do so.
7. Data retention and deletion
We keep your personal data only as long as we need it to provide you with our services, to comply with legal or regulatory requirements, to resolve disputes, and when necessary for security purposes, fraud and abuse prevention.
A. When you delete your account
You can delete your account from this link. If you have forgotten your login credentials, we will ask you to verify your identity. If you cannot prove your identity, data will be retained until your account expires.
When you choose to delete your account, we immediately start the process of removing it. First, we aim to immediately remove your profile from view by others using our services. Then we start the process of completely deleting the data from our storage systems. Because we backup data continuously, it may take up to 30 days for all data contained in those backup archives to be deleted.
Please note that deleted accounts cannot be restored if you regret deleting it, and that all data sent to and from deleted accounts (for example messages) also will be deleted. If you have sent important information to other users that have not yet read it, they will never be able to.
B. When your account expires
Inactive accounts might be deleted after 360 days, incomplete accounts might be deleted after 7 days, and accounts containing junk or inappropriate data might be deleted immediately.
Legal or regulatory requirements
Sometimes we must keep data as evidence in compliance with applicable laws and regulatory requirements.
If there is an outstanding issue, claim or dispute, we are required to keep the relevant information until it is resolved.
Security, fraud and abuse prevention.
Some data from banned users may be anonymized and used to train our system to detect and prevent security breaches, fraud and abuse in the future. Such data cannot be traced back to the user and is kept for as long as our services exist.
8. Your rights
If you are located in the EEA, special rights set down in the General Data Protection Regulation or "GDPR" applies to you.
We will respond to all legitimate GDPR related requests which do not infringe on trade secrets or intellectual property or the privacy of another user within 30 days as required by the GDPR. This is usually free of charge, but we are allowed to charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We may request proof of identity before we can answer your request. You have the right to complain to a data protection authority. For more information, please contact your local data protection authority. We can be contacted using our contact us form.
Right of access
Also, sometimes referred to as "right of portability", you have the right to review the personal information we keep about you, and you may contact us to request a copy of your personal information. However, please note that most of your private information already is accessible to you in your account.
Right to rectification and deletion
Right to object and restrict and to withdraw your consent
You have the right to object to us processing your personal data, and the right to ask us to temporarily or permanently stop processing all or some of your personal data.
You may withdraw your previously given consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in accordance with applicable laws.
If you ask us to restrict processing of your personal data / withdraw your consent, we will no longer be able to provide our services to you. In this case, we recommend deleting your account. This will automatically stop all processing of your personal data.
Right to opt-out of notifications and marketing communication
If you do not want to receive notifications and marketing communication from us, you can opt-out in your notification settings or click/tap the "unsubscribe" link in the communication we send to you.
9. Children's privacy
We do not knowingly collect information from children. Individuals under the age of 18 are prohibited from using our services. If you encounter any children on our services, please alert us immediately!
10. CCPA (California Consumer Privacy Act)
Our services are exempt from The California Consumer Privacy Act because:
- Our annual global gross revenues is not in excess of $25 000 000.
- We do not buy, receive (for commercial purposes), sell, or share (for commercial purposes) the PI of 50 000 or more California resident consumers, households or devices on an annual basis.
- We do not derive 50% or more of our annual revenues from selling the PI of California residents.
On top of this page you will find a "Last updated" time stamp. If the changes are significant, we may email you about it or notify you by other means when you access our services.
12. Contact us
We can be contacted by using our contact us form: