1. Controller Information
Contact: official.myora.co@outlook.com
2. Lawful Basis for Processing
We process your personal data based on the following lawful bases under GDPR Article 6:
- Consent (Article 6(1)(a)): When you explicitly consent to data processing
- Contract (Article 6(1)(b)): To perform our services under contract
- Legitimate Interest (Article 6(1)(f)): For business operations and service improvement
- Legal Obligation (Article 6(1)(c)): To comply with legal requirements
3. Categories of Personal Data We Collect
Identity Data
Name, email address, username, profile picture
Contact Data
Email, phone number, billing address
Technical Data
IP address, browser type, device information
Usage Data
How you use our services, preferences, analytics
4. How We Use Your Personal Data
Service Provision
To provide and maintain our influencer management platform, calculate rates, and generate analytics
Account Management
To create and manage your account, process payments, and provide customer support
Communication
To send service updates, support communications, and marketing (with consent)
5. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:
- Account Data: Until account deletion or 3 years of inactivity
- Transaction Data: 7 years for tax and legal compliance
- Marketing Data: Until consent is withdrawn
- Technical Data: 2 years maximum
- Analytics Data: Anonymized after 2 years
6. Your GDPR Rights
Under GDPR, you have the following rights:
Right of Access (Article 15)
Request copies of your personal data
Right to Rectification (Article 16)
Correct inaccurate or incomplete data
Right to Erasure (Article 17)
Request deletion of your data
Right to Restrict Processing (Article 18)
Limit how we process your data
Right to Data Portability (Article 20)
Receive your data in a structured format
Right to Object (Article 21)
Object to processing based on legitimate interests
7. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- End-to-end encryption for sensitive data
- Regular security assessments and updates
- Access controls and multi-factor authentication
- Staff training on data protection
- Incident response procedures
- Secure data storage and transmission
8. International Data Transfers
If we transfer your data outside the EEA, we ensure adequate protection through:
- Adequacy decisions by the European Commission
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules
- Certification schemes
9. Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours
- Inform affected individuals without undue delay
- Provide clear information about the breach and our response
10. Children's Privacy
Our services are not directed to children under 16. We do not knowingly collect personal data from children under 16 without parental consent.
11. Third-Party Services
Our app integrates with social media platforms (Instagram, TikTok, YouTube) to fetch your analytics data. These integrations:
- Are secure and only access data you explicitly authorize
- Use OAuth 2.0 for secure authentication
- Do not store your social media passwords
- Allow you to revoke access at any time
12. Cookies and Tracking
We use cookies and similar technologies to:
- Enhance your experience and provide personalized content
- Analyze usage patterns and improve our services
- Remember your preferences and settings
- Ensure security and prevent fraud
13. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any material changes via email or through our services.
14. Contact Information
Contact: official.myora.co@outlook.com
Exercise Your Rights: To exercise any of your GDPR rights, please contact us at official.myora.co@outlook.com with your request. We will respond within one month.