1. Introduction and Scope
This Privacy Policy describes how FABY, INC. ("Faby," "we," "us," or "our") collects, uses, discloses, and protects information in connection with our mobile applications and informational website (the "Service").
2. Data Controller and Contact
Data Controller: FABY, INC., a Delaware, USA corporation. Contact: support@getfaby.com.
3. Categories of Data We Collect
- Identifiers and Account Data: name, username, email, phone number, profile photo, birth year or declared age range, preferences, and account settings.
- Profile, Social, and Experience Data: bios, interests, dating or social preferences, host or attendee status, RSVP or application information, Experience details, favorites, attendance history, reviews, and related activity.
- Verification Data: optional identity verification via third-party providers, such as government ID plus selfie checks. We store verification outcomes and metadata, such as pass or fail status, timestamps, and provider ID, not your ID images unless explicitly stated otherwise.
- Location Data: approximate location, such as city or region, and precise geolocation when you grant permission.
- Usage and Device Data: IP address, device IDs, OS or browser information, app version, crash logs, cookies or SDK events, and interaction data such as pages or screens viewed, taps, and time on page.
- Payments and Commercial Data: purchases, subscriptions, transaction dates and amounts, refund status, and limited payment details such as last four digits, card brand, or tokenized IDs provided by payment processors.
- User Content and Communications: Experience listings, photos, bios, reviews, reports, messages, chats, support requests, and other content you submit or send through the Service.
- Safety and Investigation Data: reports, moderation decisions, trust and safety notes, account activity, abuse signals, fraud signals, and information related to disputes, policy violations, or legal claims.
- Inferences: preferences or segments derived from other data, such as categories of Experiences you may like.
4. Sensitive and Higher-Risk Data; Face Data
Because Faby helps people host and attend real-world social Experiences, some information may be sensitive or higher-risk in context. This may include precise location, photos or images, messages, dating or social preferences, identity verification result metadata, and reports or safety investigation records.
Users may upload images that contain faces. Faby does not itself extract biometric identifiers or perform facial recognition unless separately disclosed. If a third-party identity verification provider uses ID or selfie checks, that provider may process face-related data under its own privacy policy and terms.
Faby stores verification result metadata, not ID images, unless explicitly stated otherwise. We use this information to operate verification, improve trust and safety, prevent fraud, enforce policies, and comply with legal obligations.
5. Sources of Data
We collect data directly from you when you create an account, post content, host or join Experiences, message other users, complete optional verification, make purchases, or contact support. We also collect data automatically from your device and usage, and from third parties such as identity verification, payment processing, analytics, anti-fraud, security, maps, communications, and customer support providers.
6. How We Use Data
- • Provide, operate, maintain, and improve the Service.
- • Create and manage accounts; enable hosting, discovery, RSVPs, applications, messaging, and attendance features.
- • Process transactions, subscriptions, refunds, and related support.
- • Personalize content, discovery, invitations, recommendations, and user experience.
- • Promote safety, investigate misuse, prevent fraud, moderate content, and enforce Terms.
- • Communicate with you about features, updates, support, safety, security, account activity, and marketing with your consent or as permitted by law.
- • Measure performance, debug, analyze usage, and develop new features.
- • Comply with legal obligations, resolve disputes, and protect our rights, users, and the public.
7. Legal Bases for Processing
Where privacy laws such as GDPR require a legal basis, we rely on the following bases:
- Contract: account creation, hosting and joining Experiences, messaging, payments, subscriptions, support, and other features you request.
- Legitimate interests: safety, fraud prevention, moderation, analytics, service improvement, debugging, protecting users, and enforcing our Terms.
- Consent: precise location, marketing communications, optional verification where required, and other processing where we ask for consent.
- Legal obligation: compliance, law enforcement requests, tax and accounting requirements, dispute resolution, and legal claims.
8. Data Visibility
Some information is visible to other users depending on your use of the Service and the visibility settings for an Experience. Other users may see:
- your profile name, profile photo, and basic profile details;
- your host or attendee status and limited participation information;
- Experience details you create or help manage;
- messages you send to them;
- application, RSVP, or attendance information visible to Hosts; and
- public or semi-public content depending on Experience visibility and product settings.
9. Location Data
We may use approximate location for city discovery and local relevance. We collect precise location only with your permission. Precise or approximate location may be used for recommendations, nearby invites, maps, fraud prevention, safety, personalization, and service improvement.
You can disable location permissions through your device settings, but some features may not work or may be less relevant without location data.
10. Safety and Moderation Data
Faby may review reports, messages, user content, Experience details, and account activity to investigate safety issues, fraud, abuse, policy violations, support requests, disputes, or legal claims.
We may preserve relevant records after account deletion when needed for safety investigations, legal compliance, dispute resolution, fraud prevention, enforcement, or protecting users and Faby.
11. How We Share Data
- Service Providers and Processors: vendors that help us operate, secure, analyze, support, and improve the Service.
- Other Users: profile, Experience, messaging, RSVP, application, and participation information needed for the social and hosting features you use.
- Legal and Safety: with law enforcement, authorities, legal advisors, or other parties when required by law or when we believe disclosure is needed to protect users, the public, our rights, safety, or the integrity of the Service.
- Business Transfers: in connection with mergers, acquisitions, financing, reorganization, bankruptcy, or sale of assets.
- With Your Consent: when you direct us to share information or otherwise consent.
12. Third-Party Providers
We may use third-party providers in categories such as:
- cloud hosting and storage;
- analytics and product measurement;
- crash reporting and debugging;
- SMS, email, push notifications, and other communications;
- payments, subscriptions, payouts, and fraud prevention;
- identity verification;
- maps, geocoding, and location services;
- anti-fraud, security, and abuse prevention; and
- customer support and operations tools.
13. Data Retention
We retain data for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, prevent abuse, and enforce agreements. Examples include:
- account and profile data for as long as your account is active;
- messages and User Content while needed for the Service, safety, support, or legal reasons;
- payment and commercial records as required for accounting, tax, chargeback, audit, and legal purposes;
- safety reports and investigations as needed to protect users, prevent abuse, enforce policies, and defend legal claims; and
- deleted account data, which we delete or de-identify unless retention is needed for legitimate or legal reasons.
14. Security
We implement reasonable administrative, technical, and physical safeguards designed to protect personal data. No security measures are perfect; we cannot guarantee absolute security.
15. Your Rights (GDPR / CCPA / CPRA)
EU/EEA/UK residents: You may have the right to access, correct, delete, or port your personal data, and to object to or restrict processing. You may withdraw consent at any time where processing is based on consent. You also have the right to lodge a complaint with your local supervisory authority.
California residents: You may have the right to request access, deletion, correction, portability, and opt-out of sale or sharing of personal information where applicable. Faby does not sell personal information for money. We may "share" personal information for analytics or advertising as defined by California law if applicable. To exercise rights, email support@getfaby.com. We will not discriminate against you for exercising your rights.
Verification: We may require information to verify your identity before acting on requests. Authorized agents may submit requests where permitted.
16. International Transfers
We may transfer your data to the United States and other countries that may not provide the same level of data protection as your home jurisdiction. Where required, we use appropriate safeguards, such as Standard Contractual Clauses, for cross-border transfers.
17. Children's Privacy
The Service is not directed to children under 13, and we do not knowingly collect personal data from them. If we learn that a child under 13 has provided personal data, we will take steps to delete such information and terminate the account.
18. Do Not Track and Global Privacy Control
Our Service does not currently respond to "Do Not Track" signals. Where legally required, we will honor Global Privacy Control signals for opt-out of sale or sharing.
19. Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will provide reasonable notice, such as in-app notice. Your continued use after changes take effect means you accept the updated Policy.