Privacy Policy of "SAYLAVY APP"

This Privacy Policy applies to the SAYLAVY mobile application ("App") and any related web pages (the "Services").

The Services are operated by:

Saylavy Technologies, Inc.
320 Richmond St E, Toronto, Ontario, M5A1P9, Canada
Contact email: saylavyhelp@gmail.com

Saylavy Technologies, Inc. is the data controller for personal data described in this Policy.

This Policy explains what personal data we process, for what purposes, how long we keep it, who we share it with, and what rights you may have.

By creating an account or using the Services, you acknowledge this Policy.

If you do not agree, you must stop using the Services and may request account deletion at any time.

We do not sell or share personal data for cross-context behavioral advertising. We do not use your content to train third-party AI models. We do not track you across other companies' apps and websites.

Depending on how you use the Services, we may process the following categories of personal data:

Account data - email address, encrypted password/session credentials, sign-in provider identifiers (e.g., a stable Apple user identifier or Google user identifier when you use Sign in with Apple or Sign in with Google).

Profile data - first name, last name, birth date, city, short bio, profile avatar image, profile visibility setting (public/private).

User-generated content - content you choose to add to a Memory Page or time capsule, including photos, videos, audio recordings, written text, dates, names, captions, and quotes.

Memorial preferences and planning data - information you voluntarily provide for funeral, memorial, and end-of-life planning features.

Proof of Life data - your check-in status, optional location attached to a check-in if you enable it, configured check-in interval/grace period, and the identifiers of trusted contacts (friends) you choose to share status with.

Friends and social graph - friend connections you create, including pending and accepted requests.

Safety/moderation data - reports you submit (including the target user identifier and reason), users you block, and related metadata used to review potential policy violations.

Purchase data - records of Memory Page entitlements granted to your account through Apple In-App Purchase, Google Play Billing, or redemption of a promo code, including a transaction identifier and the product purchased. We do not receive or store your payment card details.

Promo code data - when you request, redeem, or are issued a promo code, we record the code, its status, the associated Memory Page entitlement, and (where applicable) the external order reference shared with us by an authorized partner.

Push notification data - device push tokens (e.g., Expo Push Token, APNs token, FCM token) so we can deliver in-app notifications you opt into.

Support communications - the contents of messages, screenshots, or attachments you send to support.

Technical and diagnostic data - app version, device model, operating system, language, time zone, crash logs, anonymized error diagnostics, and request metadata such as timestamps and approximate region.

We do not intentionally collect more data than is reasonably required for the features offered.

Memory Pages, time capsules, and memorial planning features may contain content that is personally meaningful or that you consider sensitive - for example, voice recordings of a deceased family member, photographs of loved ones, religious references, or end-of-life wishes.

Because this content is provided entirely at your initiative, we process it solely for the purpose of providing the Services you requested (storing, displaying, sharing it according to your settings).

We do not analyze, monetize, or sell this content, and we do not use it to train external artificial intelligence models.

If you grant location permission, the App may access your location to:

- Help detect and prefill your city in your profile.
- Optionally attach your current location to a Proof of Life check-in, if you have explicitly enabled "Share location on check-in" in the App settings.

Location access is optional and can be turned off at any time in your device settings. Disabling location does not prevent core account use, but city auto-detection and location-aware check-ins will not work.

We do not use precise location for advertising or share precise location with third parties for their own purposes.

The App may request the following device permissions, each subject to platform prompts:

- Photos: to upload images for your avatar, Memory Pages, or time capsules.
- Camera: to record video time capsules.
- Microphone: to record audio time capsules and voice messages.
- Location: as described in Section 5.
- Notifications: to send you reminders, check-in alerts, and Memory Page status updates.

Permissions are only requested when you use a feature that needs them. You can deny or revoke any permission at any time in your device settings.

We use personal data to:

1) Create, secure, and manage your account, including authentication via email/password, Sign in with Apple, or Sign in with Google.
2) Provide profile, Memory Page, time capsule, Proof of Life, friends, and memorial planning features you choose to use.
3) Process in-app purchases, redeem promo codes, and associate Memory Page entitlements with your account.
4) Deliver push notifications you opt into.
5) Operate moderation and safety tools (reporting, blocking, abuse prevention, manual review of Memory Pages before publication).
6) Maintain security, investigate misuse, detect fraud, and protect users and the integrity of the Services.
7) Troubleshoot, monitor stability, and improve performance and user experience.
8) Respond to support requests and comply with legal obligations.

We do not sell personal data. We do not use personal data for cross-context behavioral advertising.

A Memory Page is created and edited by you using content you provide (photos, videos, audio, text, dates, captions).

A Memory Page is private by default. It becomes accessible to others only when you choose to share its private link, or when its visibility is explicitly set to public. You are responsible for choosing who receives the link.

Before a Memory Page is published, our team may review the page for quality and respect, in accordance with our content guidelines. This review is performed solely for moderation purposes.

You can edit or delete the content of your Memory Page at any time from within the App.

The Services may, in the future, offer optional, opt-in AI features (such as an "AI Profile" that responds in the style of a Memory Page subject based on content you have added to that page).

Such features will be disabled by default. You will be asked to enable them explicitly and you can disable them at any time.

We do not use Memory Page content, time capsules, voice recordings, or other user-generated content to train third-party generative AI models.

If you enable an AI feature, processing will be scoped to the specific Memory Page or context you authorize, and we will describe the data flow and any service providers involved in the in-product disclosures at the time the feature is enabled.

The Proof of Life feature lets you periodically confirm you are well and shares this status with friends you have connected within the App.

Friends may see: your most recent check-in status, the time of your last check-in, and - only if you have explicitly enabled location sharing on check-in - your location attached to that specific check-in.

A friend can send you a reminder when your check-in is overdue, subject to a cooldown to prevent abuse.

You can disable Proof of Life, change the interval, disable location sharing, or remove a friend at any time.

Sign in with Apple. When you use Sign in with Apple, Apple sends us an identity token containing a stable user identifier and, on your first sign-in only, your name and email (which may be a private relay address ending in @privaterelay.appleid.com). We use this to create or sign you into your account. We do not receive your Apple ID password.

Sign in with Google. When you use Sign in with Google, Google sends us an identity token containing a stable user identifier, your email, and your name. We use this to create or sign you into your account. We do not receive your Google password.

Email and password. If you create an account with email and password, your password is stored only in hashed form.

You can disconnect a social sign-in provider by deleting your account and (if desired) creating a new one with a different method.

With your permission, the App registers a push notification token (Apple APNs on iOS, Google FCM on Android) so we can deliver reminders, friend activity alerts, Memory Page status updates, and other in-app notifications.

You can disable push notifications at any time in your device settings. Disabling them does not affect other features.

We do not include personal data in push payloads beyond what is necessary to display the notification.

Memory Page entitlements can be obtained by:

- Purchasing through Apple In-App Purchase on iOS.
- Purchasing through Google Play Billing on Android (where applicable).
- Redeeming a promo code issued by Saylavy or an authorized partner.

Apple In-App Purchase. All payments made through the App on iOS are processed by Apple under Apple's terms and privacy policy. We do not receive your payment card number, billing address, or full Apple ID. Apple shares with us a transaction identifier and the product purchased, which we use to grant the Memory Page entitlement to your Saylavy account.

Refunds. Refunds for in-app purchases are handled by Apple (or Google, where applicable) under their respective policies. If Apple or Google notifies us that a transaction has been refunded or revoked, we may revoke or limit the corresponding Memory Page entitlement.

Promo codes. When a code is issued to you by an authorized partner (for example, after a related off-platform purchase), we may receive an external order reference from that partner solely to associate the code with the correct recipient. We do not receive partner payment details.

Memory Page entitlements are tied to your Saylavy account and are not transferable to another account.

The App includes in-app reporting and user-blocking tools to improve safety.

When you submit a report, we process report details (including the target user identifier, content reference, and reason) to review potential violations.

We may take moderation actions such as restricting, hiding, or removing content or accounts that violate applicable law or our content guidelines, including refusing to publish a submitted Memory Page.

We may retain moderation records (including the substance of removed content) for a reasonable period to enforce our rules and defend against repeat abuse.

Where required by applicable law (for example, in the EEA, UK, or Switzerland), we rely on one or more of the following legal bases:

- Performance of a contract - to provide the Services you have requested.
- Your consent - for optional permissions, optional AI features, push notifications, and location-aware check-ins. You may withdraw consent at any time.
- Legitimate interests - for security, fraud prevention, safety, moderation, and product improvement, balanced against your rights.
- Compliance with legal obligations - including tax, accounting, and lawful requests from authorities.

We share personal data only with service providers that help us operate the Services, under written agreements that restrict use of data to providing services to us. Current categories include:

- Cloud hosting and storage (compute, databases, object storage for media).
- Push notification delivery - Apple Push Notification service, Google Firebase Cloud Messaging, and Expo Push Service.
- Authentication providers - Apple (Sign in with Apple), Google (Sign in with Google).
- App distribution and in-app billing - Apple App Store, Google Play.
- Crash reporting and diagnostics.
- Customer support tooling.

We may also disclose data when required by law, valid legal process, or to protect the rights, safety, and integrity of users and the Services.

We do not sell personal data. We do not share personal data for cross-context behavioral advertising.

Saylavy Technologies, Inc. is based in Canada. Your data may be processed in Canada, the United States, the European Economic Area, or other countries where our infrastructure or service providers operate.

Where required by applicable law, we apply appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses or equivalent mechanisms.

We retain personal data only as long as necessary for the purposes described in this Policy, including account operation, support, safety, moderation, and legal compliance.

Memory Pages and other content you create remain in your account until you delete them or delete your account.

When data is no longer needed, we delete or anonymize it where reasonably feasible. Backups and log-cycle deletion may require a limited additional period.

You can permanently delete your Saylavy account directly from the App: Settings → Account → Delete Account. You may also request deletion by contacting saylavyhelp@gmail.com.

After deletion, your account, profile, Memory Pages, time capsules, friends, and Proof of Life data are removed or anonymized, except information we are required to retain for legal, security, safety, accounting, or dispute-resolution purposes.

Backup and log-cycle deletion may take up to 90 days.

Note that completed in-app purchase records may need to be retained for tax and audit purposes as required by law.

We apply administrative, technical, and organizational safeguards designed to protect personal data, including encrypted transport (HTTPS/TLS), encrypted credential storage on devices, hashed passwords, and access controls.

No system can be guaranteed 100% secure. You are responsible for protecting your own device, account credentials, and the recipients to whom you choose to share Memory Page links.

If we become aware of a security incident affecting your personal data, we will notify you and applicable authorities where required by law.

The Services are not directed to children under 13 years of age (or a higher minimum age where required by local law, such as 16 in parts of the EEA).

We do not knowingly process personal data from children below the applicable minimum age.

If you believe a child has provided us with personal data, please contact saylavyhelp@gmail.com so we can take appropriate action, including deleting the data.

Depending on your jurisdiction (including under the GDPR, UK GDPR, PIPEDA, CCPA/CPRA, and similar laws), you may have the right to:

- Access the personal data we hold about you.
- Correct inaccurate or incomplete personal data.
- Delete your personal data.
- Restrict or object to certain processing.
- Receive a portable copy of your personal data.
- Withdraw consent where processing is based on consent.
- Opt out of sale or sharing of personal data (we do not engage in either, but the right is available).
- Lodge a complaint with a competent supervisory authority.

To exercise any of these rights, contact saylavyhelp@gmail.com. We will respond within the timeframe required by applicable law. We will not discriminate against you for exercising your privacy rights.

For California residents, in the preceding 12 months, we have collected the categories of personal information described in Section 3, for the purposes described in Section 7, and disclosed it to the categories of recipients described in Section 16.

We have not sold or shared personal information for cross-context behavioral advertising in the preceding 12 months.

We do not knowingly sell or share the personal information of minors under 16.

California residents may exercise the rights described in Section 22 by contacting saylavyhelp@gmail.com. You may also designate an authorized agent to act on your behalf, subject to verification.

If you use the Services through the Apple App Store or Google Play, certain data is also processed by those platform providers under their own terms and privacy policies, including in connection with in-app purchases.

In-app platform-level permission prompts (photos, camera, microphone, location, notifications, tracking) and their wording are controlled by your operating system and store policies.

We do not engage in tracking as defined by Apple's App Tracking Transparency framework and we do not request the ATT permission.

The Services may contain links to third-party websites (such as our Terms of Service or external partner pages). We are not responsible for the privacy practices of those third parties. We encourage you to review their policies.

We may update this Privacy Policy from time to time.

If we make material changes, we will provide notice in the App, by email, or by other appropriate means before the changes take effect, where required by law.

The "Effective" date at the top reflects the latest version. Continued use of the Services after the effective date of an update means you accept the revised Policy where permitted by law.

For any privacy-related questions, requests, or complaints, please contact:

Saylavy Technologies, Inc.
320 Richmond St E, Toronto, Ontario, M5A1P9, Canada
Email: saylavyhelp@gmail.com