Flammoro Privacy Policy

1. Introduction

This Privacy Policy describes how the Flammoro mobile application (hereinafter referred to as the “Application” or “Flammoro”), operated by Maksim Pianykh as the operator of the Application (hereinafter referred to as “we”, “us”, or “our”), collects, uses, stores, protects, transfers, and otherwise processes users’ personal data (hereinafter referred to as “you” or the “User”).

The purpose of this Privacy Policy is to ensure transparency regarding the processing of personal data and to explain what data we collect, for what purposes we use it, on what legal bases it is processed, how long it is retained, with whom it may be shared, and what rights users have.

By using the Application, you confirm that you have read and understood this Privacy Policy. Personal data is processed on appropriate legal bases provided for under applicable law, including:

• user consent — where such consent is required;
• performance of a contract — where processing is necessary to provide the Application’s functionality;
• compliance with legal obligations;
• legitimate interests of Flammoro — for example, for security, fraud prevention, moderation, and service improvement purposes.

If you do not agree with this Privacy Policy, you should stop using the Application and, if necessary, delete your account.

Applicable Laws and Standards

Flammoro strives to comply with applicable data protection and privacy laws, including, depending on the user’s jurisdiction and the nature of processing:

• The General Data Protection Regulation (GDPR);
• The Austrian Data Protection Act (DSG);
• Applicable rules regarding international data transfers;
• Other applicable regulations in the field of personal data protection and digital services.

Our Core Data Processing Principles

When processing personal data, Flammoro adheres to the following principles:

• Lawfulness, fairness, and transparency;
• Data minimization;
• Purpose limitation;
• Accuracy and data up-to-dateness;
• Storage limitation;
• Confidentiality and security;
• Respect for users’ rights to control their data.

Scope of This Policy

This Privacy Policy applies to:

• Users of the Flammoro mobile application;
• Individuals interacting with Flammoro through in-app features, support, notifications, and other services;
• Personal data processed through trusted service providers and integrations necessary for the operation of the Application.

Important Note

This Privacy Policy should be interpreted in conjunction with the Flammoro Terms of Use. Where separate user consent is required for specific types of data processing, such consent will be requested additionally where required by applicable law.

2. Data Collection

As part of providing services within the Flammoro mobile application, we collect various categories of personal data. Data processing is carried out in accordance with the principles of data minimization, lawfulness, purpose limitation, and transparency.

We collect only the data necessary for the operation of the Application, ensuring user safety, and fulfilling legal obligations.

2.1. Data Provided by the User

When registering and using the Application, you may provide the following data:

Identification and Profile Data:

• First and last name (if provided);
• Username (nickname);
• Date of birth (for age verification and compliance with age restrictions);
• Gender and gender identity information (if provided);
• Profile information (bio, interests, communication goals, etc.).

Contact Information:

• Email address;
• Phone number (if used).

Media and User Content:

• Photos and videos uploaded to your profile;
• Content shared in chats (including photos, videos, voice messages, and text messages).

Payment Data:

• Subscription and transaction information processed via Apple App Store or Google Play;
• Flammoro does not store bank card details or payment credentials — these are processed by the respective platforms.

2.2. Age Verification and Safety

To comply with age restrictions, prevent fraud, and ensure user safety, Flammoro may process additional data related to age and identity verification.

Such data may include:

• Selfies or facial images provided to verify age (not used for biometric identification unless explicitly required for security purposes);
• Identity document data (if additional verification is required);
• Results of automated checks (e.g., age estimation, inconsistency detection, signs of forgery).

Processing of such data may involve automated technologies and, where necessary, third-party services.

This data is used exclusively for:

• Verifying the user’s age;
• Preventing fraud and fake accounts;
• Ensuring platform and user safety;
• Complying with applicable laws.

2.3. Automatically Collected Data

When using the Application, we may automatically collect the following data:

Geolocation:

• Approximate or precise location (depending on device permissions);
• Used to display nearby users, enable map functionality, and apply distance-based filters.

Device and Connection Data:

• Device type, model, operating system, and version;
• IP address and approximate region;
• Language and time zone;
• Connection type (Wi-Fi, mobile network).

Application Usage Data:

• Date and time of login;
• Session duration;
• In-app actions (e.g., profile views, likes, messages);
• Use of specific features (map, filters, chat, etc.);
• Error and crash logs.

Identifiers and Notifications:

• Push tokens (APNs, FCM);
• Technical device identifiers (e.g., IDFV).

2.4. Data from Third-Party Sources

We may receive limited information from third-party services if you use:

• Sign in with Apple or Google — name and email (if provided);
• Infrastructure services (e.g., Firebase) — for authentication, data storage, and analytics;
• Payment platforms — for transaction and subscription confirmation.

All such data is processed in accordance with contractual obligations with the respective service providers.

2.5. General Provisions

All data described above is processed in accordance with applicable data protection laws.

Users can manage certain types of data collection, such as geolocation or notifications, through device or Application settings.

3. Use of Information

We process users’ personal data exclusively on lawful grounds, in compliance with the principles of fairness, transparency, and data minimization.

The collected information is used for the following purposes:

3.1. Account Management

• Creating and maintaining user profiles;
• Updating and editing account information;
• Authentication and login (email, phone, Apple ID, Google);
• Synchronizing data with cloud infrastructure;
• Storing user settings and preferences.

3.2. Providing Application Functionality

• Matching and displaying profiles based on selected criteria (age, interests, distance, etc.);
• Displaying users on the map based on geolocation;
• Enabling likes, matches, chats, media sharing, and calls;
• Providing paid (Premium) features and managing subscriptions;
• Handling blocks, reports, and user restrictions.

3.3. Safety, Moderation, and Age Verification

• Verifying users’ age and preventing access by minors;
• Analyzing uploaded content (photos, videos, audio) for violations;
• Detecting fraud, fake accounts, and abuse;
• Using automated systems (including machine learning algorithms) for preliminary assessment of content and behavior;
• Conducting manual reviews where additional evaluation is required;
• Maintaining activity logs for incident investigation and security purposes.

3.4. Notifications and Communication

• Sending push notifications (messages, likes, events);
• System notifications (updates, security, subscription);
• Informational messages related to service operation;
• Marketing notifications — only with separate user consent (opt-in).

Users can change notification settings at any time within the Application or at the device level.

3.5. Analytics and Service Improvement

• Analyzing application usage (behavior, features, errors);
• Conducting A/B testing and interface optimization;
• Processing feedback and support requests;
• Generating aggregated and anonymized statistics.

Such processing is not intended to identify specific users and is used to improve service quality.

3.6. Legal Obligations and Protection of Rights

• Complying with legal requirements;
• Maintaining financial and tax records;
• Responding to lawful requests from public authorities;
• Protecting the rights and legitimate interests of Flammoro;
• Enforcing measures against users who violate the Terms of Use.

3.7. Legal Bases for Processing

Personal data is processed on the following legal bases:

• User consent — for example, for geolocation or marketing notifications;
• Performance of a contract — to provide application functionality;
• Legal obligations — for compliance with applicable laws;
• Legitimate interests of Flammoro — including ensuring security, preventing fraud, and improving the service.

4. Disclosure of Information

We limit access to users’ personal data and share it with third parties only in cases provided for in this Privacy Policy and applicable law.

Data is shared only to the extent necessary to achieve the relevant purposes and subject to appropriate security and confidentiality safeguards.

4.1. Service Providers (Data Processors)

We may share data with a limited number of trusted service providers who process information on our behalf:

• Cloud infrastructure and data storage — including Firebase, Google Cloud, and similar services that support the operation of the Application;
• Analytics and performance tools — such as tools for usage analysis and error diagnostics (e.g., Firebase Analytics, Crashlytics);
• Push notifications and communication — Firebase Cloud Messaging (FCM), Apple Push Notification Service (APNs);
• Content moderation and safety — including automated systems for analyzing images, videos, and user behavior (third-party APIs may be used where necessary).

Such providers process data under Data Processing Agreements and only in accordance with our instructions and applicable law.

4.2. Payment Services

• Payments are processed via Apple App Store (StoreKit) and Google Play Billing;
• Flammoro does not receive or store bank card details or payment credentials;
• We only receive technical transaction data (status, subscription type, duration).

4.3. Legal Disclosure

We may disclose personal data:

• To public authorities — in response to lawful requests;
• In connection with investigations of violations, fraud, or security threats;
• To protect the rights, safety, and property of Flammoro, users, or third parties.

Such disclosure is limited to what is necessary to comply with legal obligations.

4.4. Business Transfers

• Personal data may be transferred to a new owner;
• All data protection obligations will continue to apply;
• Users will be notified of such changes where required by law.

4.5. International Data Transfers

Due to the use of cloud services, analytics tools, and infrastructure solutions, personal data may be processed outside the user’s country of residence, including countries outside the European Economic Area (EEA).

In such cases, Flammoro ensures an adequate level of data protection through:

• adequacy decisions (where applicable);
• Standard Contractual Clauses (SCCs);
• other mechanisms provided for under applicable law to ensure an appropriate level of protection.

4.6. No Sale of Data

Flammoro does not sell users’ personal data to third parties and does not share it for advertising purposes.

5. Data Retention

We adhere to the principles of storage minimization and limited retention periods for personal data in accordance with applicable law.

5.1. General Retention Principles

We retain personal data only for as long as necessary to:

• Provide services and ensure the operation of the Application;
• Administer user accounts;
• Ensure security, moderation, and user support;
• Comply with legal and regulatory obligations;
• Resolve potential disputes and claims.

Once these purposes are fulfilled, data is deleted or anonymized.

5.2. Deletion at the User’s Request

• Delete your account through the Application settings;
• Request data deletion by contacting support@flammoro.com.

We delete or anonymize personal data within a reasonable timeframe, generally within one month after confirming the request, unless retention is required by applicable law.

5.3. Exceptions (Mandatory Retention)

Certain data may be retained for a longer period after account deletion if necessary:

• To comply with tax and accounting requirements;
• To prevent fraud and abuse;
• To comply with lawful requests from public authorities;
• To protect Flammoro’s rights in legal disputes.

Such data is accessible only to a limited number of authorized persons and is used strictly for its intended purposes.

5.4. Retention Periods by Data Category

Profile and Account Data

• Retained: while the account is active
• Deleted: upon account deletion (within a reasonable timeframe, typically up to 30 days)

Contact Information

• Retained: until account deletion or until no longer necessary
• Used for: communication, notifications, and authentication

Media (Photos and Videos)

• Retained: until deleted by the user or upon account deletion
• May be temporarily retained: for moderation and complaint review purposes

Geolocation Data

• Retained: for a limited period necessary to provide functionality (typically short-term)
• May be used in anonymized form for analytics

Purchase Data

• Retained: in accordance with Apple App Store and Google Play requirements
• Flammoro stores only technical information (e.g., subscription status)

Activity Logs and Errors

• Retained: typically up to 90 days
• Used for: security and service improvement

Age Verification Data

• Retained: for the period necessary to complete verification and ensure safety
• May be retained longer if required to prevent fraud or comply with legal obligations

5.5. Inactive Accounts

Flammoro may delete or archive accounts that have been inactive for an extended period (e.g., more than 24 months).

Prior to deletion, users may be notified via the associated email address (if provided).

6. Your Rights

We respect and ensure the exercise of your rights regarding personal data in accordance with applicable law, including the GDPR, the Austrian Data Protection Act (DSG), and other relevant regulations.

You have the following rights:

6.1. Right of Access

You have the right to obtain confirmation as to whether your personal data is being processed and to request a copy of such data, including:

• The purposes of processing;
• The categories of data;
• The recipients of the data;
• Retention periods (if applicable).

6.2. Right to Rectification

You may request the correction of inaccurate or incomplete personal data.

6.3. Right to Erasure (“Right to be Forgotten”)

You may request the deletion of your data if:

• The data is no longer necessary for the purposes of processing;
• You withdraw your consent (where processing is based on consent);
• The data has been processed unlawfully;
• Otherwise required by applicable law.

6.4. Right to Restriction of Processing

You may request the restriction of data processing in cases where:

• You contest the accuracy of the data;
• The processing is unlawful (instead of deletion);
• The data is required for the establishment, exercise, or defense of legal claims;
• Your objection to processing is under consideration.

6.5. Right to Data Portability

Where applicable, you may receive your data in a structured, commonly used, and machine-readable format and transmit it to another controller.

6.6. Right to Withdraw Consent

If data processing is based on your consent, you may withdraw it at any time.

Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

6.7. Right to Object

You have the right to object to the processing of your data, including:

• For direct marketing purposes;
• Where processing is based on legitimate interests.

6.8. Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing if such decisions produce legal or similarly significant effects.

Where applicable, you may request human intervention in such decisions.

6.9. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority:

• In your country of residence;
• At the place of the alleged infringement;
• Or in Austria (Datenschutzbehörde).

6.10. How to Exercise Your Rights

To exercise your rights, you may contact us:

• Email: support@flammoro.com

We may request additional information to verify your identity before processing your request.

Requests are handled within a reasonable timeframe and, as a rule, within one month from receipt of the request, in accordance with applicable data protection laws.

7. Data Security

We place the highest priority on the security of users’ personal data and implement appropriate technical and organizational measures to protect information from unauthorized access, disclosure, alteration, or destruction.

7.1. Technical Security Measures

• Data transmission between the Application and servers is carried out using secure communication protocols (e.g., HTTPS/TLS);
• Data is stored using modern protection methods and encryption (where applicable);
• Infrastructure protection mechanisms and access control systems are implemented.

7.2. Infrastructure and Data Storage

• Server infrastructure is hosted by reliable cloud providers (e.g., Google Cloud / Firebase) that apply industry-standard security practices;
• Measures are in place to protect databases, including authentication, access control, and activity monitoring;
• Regular updates of software and system components are performed.

7.3. Access Control

• Access to personal data is granted only to authorized personnel to the extent necessary for their duties;
• Access control measures are implemented, including authentication and activity logging;
• Access rights are periodically reviewed.

7.4. User-Side Security

• The Application uses standard platform security mechanisms (e.g., iOS), including secure data transmission channels;
• Additional device features (such as biometric authentication) may be used if available and enabled by the user.

7.5. Incident Response

In the event of a data security incident, Flammoro takes necessary measures to address the issue, minimize its impact, and comply with applicable legal requirements.

Where required, users and competent authorities may be notified in accordance with applicable laws.

7.6. Limitation of Security Guarantees

Despite the measures taken, no method of data transmission over the internet or method of storage can guarantee absolute security.

We continuously improve our processes and technologies to enhance the protection of personal data.

8. Geolocation

We respect your right to privacy and process location data only with user permission and in accordance with applicable law.

8.1. Collection of Geolocation Data

The Application requests access to geolocation through the device’s system settings (e.g., iOS).

Depending on your settings, the following may be used:

• Precise location — for accurate functionality related to displaying nearby users;
• Approximate location — for search functionality and improving user experience.

8.2. Purposes of Use

Geolocation data is used exclusively for:

• Displaying nearby users and enabling search functionality;
• Calculating distance between users;
• Supporting map features and related functionality;
• Adapting the interface and recommendations based on region;
• Enhancing safety and detecting suspicious activity.

8.3. Data Retention

Geolocation data is processed only for the limited time necessary to provide Application functionality.

Flammoro does not create a persistent history of user movements and does not use location data for third-party advertising.

8.4. Control and Disabling

You may disable access to geolocation at any time:

Device Settings → Flammoro Application → Location

After disabling, the following features may become unavailable:

• Display of nearby users;
• Map functionality;
• Display of distances between users;
• Certain personalized recommendations.

8.5. General Provisions

Geolocation data is not shared with third parties for marketing purposes.

Processing is carried out in accordance with applicable data protection laws and only within the scope of Application functionality.

9. Analytics and Data Processing Technologies

To ensure the stable operation of the Flammoro application, analyze usage, and improve user experience, we use analytical and technical tools.

9.1. Technologies Used

The mobile application does not use traditional browser cookies. Instead, it relies on technical identifiers and events necessary for its operation.

These technologies allow us to:

• Store user preferences;
• Ensure proper functioning of features;
• Analyze application usage;
• Improve stability and performance.

9.2. Services Used

We may use the following tools:

• Firebase Analytics — for analyzing application usage;
• Firebase Crashlytics — for diagnosing crashes and errors;
• Apple App Analytics — within App Store Connect;
• Internal analytics events (custom events).

9.3. Data Processed

Analytics tools may process:

• Technical device identifiers (e.g., IDFV);
• Device type, model, and operating system version;
• Session and in-app navigation data;
• Country, language, and time zone;
• Crash and error data;
• Interaction with application features.

9.4. Purposes of Processing

Analytics is used exclusively for:

• Improving application performance and stability;
• Developing new features and enhancing the interface;
• Detecting and fixing errors;
• Enhancing security and preventing abuse.

9.5. Legal Bases

Analytics data is processed based on:

• Legitimate interests of Flammoro — to ensure service stability and security;
• User consent — where required by applicable law.

9.6. Managing Settings

You can limit certain data collection:

• Through your device’s privacy settings;
• Through system tracking settings (where applicable).

You may also contact support to exercise your rights as described in Section 6.

9.7. No Advertising Tracking

Flammoro:

• Does not use analytics for personalized advertising;
• Does not engage in third-party advertising tracking;
• Does not sell users’ personal data.

10. Changes to the Privacy Policy

We reserve the right to update this Privacy Policy at any time to reflect:

• Changes in the Application’s functionality or data processing practices;
• New legal requirements applicable in the EU, the United States, or other jurisdictions;
• Decisions of supervisory authorities and regulators in the field of data protection;
• Changes in technologies or service providers used.

10.1. Updates and Notifications

Each update to the Policy will include:

• The effective date of the changes;
• A summary of key changes (where applicable);
• The opportunity to review the updated version before it takes effect (where required by law).

10.2. Methods of Notifying Users

We may notify users about changes in the following ways:

• Push notifications within the Flammoro Application;
• Notifications upon the next launch of the Application;
• Emails sent to the address associated with the user’s profile (if applicable).

10.3. Acknowledgment and Consent

By continuing to use the Flammoro Application after the changes take effect, you acknowledge that you have reviewed the updated Privacy Policy.

Where changes affect data processing activities requiring separate consent, such consent will be requested additionally through the Application interface.

If you do not agree with the updates, you have the right to stop using the Application and delete your account.

10.4. User Recommendations

We recommend that you periodically review this section to stay informed about our current data processing practices.

10.5. Legal Compliance

This Privacy Policy complies with applicable data protection laws, including:

• The General Data Protection Regulation (GDPR);
• The Austrian Data Protection Act (DSG);
• Other applicable international and national regulations.

11. Governing Law

This Privacy Policy is governed by the applicable laws of the European Union and the Republic of Austria, where the operator of the Flammoro Application is established.

• The General Data Protection Regulation (GDPR) — Regulation (EU) 2016/679 applies;
• The Austrian Federal Data Protection Act (Datenschutzgesetz, DSG) applies;
• Guidance from the European Data Protection Board (EDPB) and decisions of the national supervisory authority (Datenschutzbehörde, DSB) are taken into account.

11.1. Dispute Resolution

In the event of disputes related to the processing of personal data or the use of the Application:

• the user may apply to a competent court in Austria;
• if the user qualifies as a consumer, they may also bring proceedings before the courts of their place of residence, where provided for by applicable consumer protection laws;
• the user also has the right to lodge a complaint with a data protection supervisory authority (e.g., the Austrian Data Protection Authority — Datenschutzbehörde — or the relevant authority in their country of residence).

11.2. Handling of Complaints

We are committed to handling all user inquiries, complaints, and requests in good faith and within a reasonable timeframe in accordance with applicable data protection laws.

11.3. Use Outside the EU

If you use the Application outside the European Union:

• The processing of your data may be subject to the laws of your jurisdiction;
• Flammoro will nevertheless ensure a level of data protection consistent with European Union standards.

12. Contact Information and Data Controller

The data controller for the processing of personal data in connection with the Flammoro Application is Maksim Pianykh, acting as the operator of the Application.

For any questions related to the processing of personal data, you may contact us:

• Email: support@flammoro.com

If necessary, you may also lodge a complaint with a data protection supervisory authority:

• in your country of residence;
• or in Austria — Austrian Data Protection Authority (Datenschutzbehörde).

By using Flammoro, you confirm that you have read and understood this Privacy Policy.