1INTRODUCTION
2WHO WE ARE
3SCOPE OF THIS POLICY
- This Privacy Policy applies to:
- all Miyraa applications
- websites
- features
- services
- platforms
- devices
- integrations
- and communication tools
including future updates, enhancements, AI features, and connected services.
4ACCEPTANCE OF THIS POLICY
By using Miyraa, creating an account, or accessing any services, you acknowledge that you have read, understood, and agreed to the practices described in this Privacy Policy.
If you do not agree, please do not use Miyraa or provide personal information.
5MODIFICATIONS TO THIS PRIVACY POLICY
We may modify, update, or revise this Privacy Policy at any time to reflect:
- new services
- changes in law
- regulatory requirements
- AI and safety features
- operational updates
- or internal policies
We will update the “Last Updated” date accordingly. Continued use of the Services after changes constitutes acceptance of the revised Privacy Policy.
6LEGAL BASIS FOR PROCESSING
Depending on your location, Miyraa may rely on one or more of the following legal bases:
- your consent
- contractual necessity
- compliance with legal obligations
- legitimate interests
- safety and protection of users
- public interest in safety (e.g., minors)
Where required, Miyraa will seek explicit consent for biometric and facial identity processing.
Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing.
7REGIONS COVERED
This Policy is intended to comply with applicable laws in:
- India (DPDP Act, IT Act, POCSO)
- European Union (GDPR)
United States (COPPA, and relevant state laws including CCPA/CPRA where applicable)
- United Kingdom (UK GDPR)
and other international data regulations where legally required.
Different regions may provide different privacy rights. Miyraa will comply with mandatory regional requirements.
8CHILDREN AND MINORS
Miyraa includes safety features designed for minors.
Additional rules apply to minor accounts and parental control features described later in this Policy.
Where required, parental consent or verification may be necessary.
9BIOMETRIC & FACIAL DATA DISCLAIMER
Further details are provided in the Biometric & AI sections of this Policy
Biometric data is not used for marketing or advertising purposes.
We may process biometric or facial data without consent only where required by mandatory law, safety obligations, fraud detection, identity verification or life-threatening situations.
Miyraa does not derive, infer, or predict any sensitive attributes such as health status, psychological conditions, political beliefs, sexual orientation, or religious views from biometric or emotional data.
10YOUR PRIVACY RIGHTS
Depending on your region, you may have rights to:
- access your data
- correct your data
- delete your data
- restrict processing
- withdraw consent
- request a copy of your data
ask us not to use data for certain purposes
More details will follow in later sections.
11GOVERNING TERMS
This Privacy Policy forms part of Miyraa’s Terms & Conditions. Where conflicts exist, the Terms & Conditions shall prevail unless mandatory law requires otherwise.
If you have questions about this Privacy Policy or your privacy rights, you may contact us at the details provided at the end of this Policy.
12DATA WE COLLECT
Depending on how you use Miyraa, we may collect the following types of data:
Account Data
- name (optional)
- username
- email address
- phone number (optional)
- age (required for age verification)
- country or region
Usage Data
We collect information about how users interact with Miyraa, including:
- features used
- content viewed
- buttons clicked
- device actions
- interaction time
- frequency of usage
Usage data is generally processed in aggregated or de-identified form for analytics and safety purposes wherever possible.
Device Information
- We may collect:
- device type
- operating system
- IP address
- mobile network info
- app version
- language settings
Safety & Abuse Signals
To detect harmful behavior, misuse or fraud, we may collect:
- reports submitted by users
- abuse flags
- risk signals
- suspicious behavior patterns
Biometric & Emotional Data
- If enabled by the user:
- facial identity detection
emotional sensing signals (e.g., stress, fear, etc.)
Only encrypted biometric templates or measurements may be processed for safety features.
Biometric and emotional data is processed only where features are enabled, and access is strictly limited to authorized systems and personnel with a need to know.
Miyraa does not store raw emotional signals or biometric images on its servers unless legally required or technically unavoidable for core safety purposes.
13BIOMETRIC DATA (DETAILED)
- Biometric information may include:
- facial recognition templates
- face verification data
- emotional sensing measurements
- Miyraa Does NOT:
- sell biometric data
- use biometric data for ads
- share biometric data with advertisers
allow unauthorized facial reuse.
Biometric data is stored in encrypted form and is subject to stricter access, logging and retention controls than other categories of data.
Where legally required, biometric data is deleted or irreversibly de-identified when it is no longer necessary for the purposes for which it was collected.
We use biometric data only when necessary,
Miyraa processes biometric or emotional information only to the extent strictly necessary for safety purposes, detection of harmful behavior, identity fraud prevention, and compliance with law.
Biometric and emotional data processing is based on explicit consent where required by law, and may be withdrawn at any time.
Unauthorized attempts to bypass biometric safety systems, manipulate identity verification, or impersonate another person may result in account suspension or legal action.
Unauthorized biometric use, impersonation, or identity manipulation may result in account suspension or legal action.
Users are responsible for the accuracy of information they provide.
Processing of personal data may vary depending on regional legal requirements including GDPR, CCPA/CPRA and COPPA where applicable.
This Privacy Policy does not grant users any rights to Miyraa’s technology, algorithms, AI models or datasets. All such rights are reserved by Miyraa.
14LOCATION DATA
- Miyraa may collect:
- country
- city
- IP-based region
- safety alerts
- emergency response
- required legal compliance
You may disable location permissions at any time.
Approximate location derived from IP does not represent precise physical location and cannot be relied upon as exact geolocation.
15COOKIES & TRACKING
- We may use:
- cookies
- analytics tools
- device identifiers
- session logs
- Why?
- platform improvement
- security monitoring
- detecting abuse
remembering preferences..
Where required by law, we will provide cookie notices or settings that allow you to manage certain tracking technologies.
Users may disable cookies in device settings; however, certain features may not function without essential cookies.
16COMMUNICATION DATA
- We may process:
- messages you send
- reports you submit
- feedback forms
- support requests
- These are used only to:
- support users
- improve service
detect violations.
17SENSITIVE DATA
Miyraa does not require sensitive personal data unless necessary for:
- biometric safety features
- identity protection
- child safety
- fraud detection
- compliance with legal obligations
- Sensitive data includes:
- biometric identifiers
- emotional detection signals
- age verification data
All processing follows legal safety requirements.
We ask that you do not share highly sensitive information (such as health records, financial account numbers or government ID numbers) within public areas of Miyraa.
Sensitive personal data is processed only when strictly necessary and only with appropriate technical and organizational security controls.
18DATA YOU PROVIDE VOLUNTARILY
- Optional data shared by users includes:
- profile info
- posts
- photos
- comments
- reactions
- feedback
Users remain responsible for what they choose to make public.
19DATA FROM THIRD-PARTY SERVICES
- If you connect external services (examples):
- Google Login
- Apple Login
- cloud backup
- We may receive:
- your verified identity
- email confirmation
- login token
Third-party login providers may provide Miyraa with limited data for authentication. Miyraa is not responsible for how those providers process your data.
Any data received from third-party services is processed in accordance with this Privacy Policy and the privacy settings you have with those services.
Miyraa does not sell personal data. Miyraa does not sell biometric data. Miyraa does not sell children’s information.
Where applicable law defines “sale” or “sharing” of personal data more broadly, Miyraa commits not to engage in such practices without providing any required notices and choices.
All rights not expressly granted to users are reserved by Miyraa.
Miyraa does not use biometric templates or facial data to build marketing profiles or targeted advertising.
Miyraa does not perform automated decision-making that legally affects users without human oversight.
Miyraa does not process biometric data for emotional manipulation.
Miyraa does not take responsibility for inaccuracies or changes in third-party data provided by external login providers.
20HOW WE USE YOUR DATA
We may use your data for the following purposes:
Platform operation
- account creation
- login and authentication
- service delivery
- profile setup
- communication between users
- feature access
Safety and protection
- We may use data to:
- detect harmful behavior
- prevent fraud
- protect against impersonation
- enforce platform rules
- verify identity
- age verification
- prevent illegal activity
Safety systems may operate using automated detection combined with human review when necessary to assess risks, fraud attempts, or identity misuse.
Biometric & emotional data usage
Biometric or emotional data may be used only for:
- safety features
- identity verification
- fraud detection
- emotional safety protections
- preventing manipulation or harassment
Biometric and emotional data is not used for:
- targeted advertising
- selling data
- emotional profiling
- unauthorized facial reuse
Emotional or biometric data is processed locally on the device whenever technically possible to reduce server exposure.
Platform improvement
- We may use data for:
- performance analysis
- AI improvement
- error detection
- product development
- algorithmic updates
Any analytics used for improvement will be de-identified or aggregated where possible.
Personalization
- We may personalize:
- feed content
- suggestions
- recommendations
- app experience
Communication
- We may use your information to:
- send important service emails
- security notices
- policy updates
- support responses
You cannot opt-out of essential security communications.
Legal and compliance
- We may process information to:
- comply with legal obligations
- respond to lawful requests
- assist investigations when required by law
We will not share personal data with authorities unless legally required.
We may temporarily preserve logs for security investigations.
Preventing abuse
- We may process data to detect:
- scams
- inappropriate behavior
- fake accounts
- automated abuse
- harmful interactions
“We may use anomaly detection systems to identify unusual activity or rapid interactions.”
Abuse prevention systems may involve automated detection combined with human review when necessary.
Child protection
- We may use information to:
- verify age
- enforce child safety rules
- block harmful interactions
Parental consent may be required for users below applicable legal age.
AI functionality
We may use anonymized or aggregated data to:
- improve AI performance
- prevent harmful content
- detect emotion patterns
- increase user safety
Emotional or biometric information is not used to make automated legal decisions affecting users without human verification.
Miyraa’s AI systems operate as assistive tools only and do not replace human judgment in matters requiring legal or safety oversight.
Where required by law
We may process your information only when necessary for:
- consent
- contractual necessity
- legitimate interests
- legal obligations
- Legal Basis (where required)
Depending on your region, processing may rely on:
- your consent
- legitimate interest
- performance of contract
- legal compliance
We will request consent where required by law.
These practices ensure that Miyraa processes personal data only in ways necessary to provide a safe and trusted platform.
Wherever technically possible, emotion and biometric processing is performed locally on the device rather than our servers to reduce risk and exposure.
We may publish transparency information regarding government requests where legally permitted.
We periodically review our data practices to ensure we continue to collect only what is necessary.
21WHEN WE SHARE YOUR DATA
Miyraa may share personal information only when strictly necessary for:
- service operation
- security purposes
- legal requirements
- platform functionality
We may share limited, non-biometric information with fraud prevention partners where legally permitted.
Service Providers
We may share information with trusted third-party processors that help us operate the platform, including:
- cloud hosting providers
- analytics services
- safety technology providers
- identity verification services
- customer support systems
All service providers are required to follow:
- confidentiality agreements
- data protection laws
- data processing contracts
Security & Fraud Prevention
- We may share limited information to:
- prevent fraud
- protect users
- detect malicious behavior
- enforce platform policies
Data may be anonymized whenever possible.
Legal Requirements
We may disclose information when legally required to:
- comply with law
- respond to lawful requests
- enforce legal rights
- assist investigations
Only specific legal requests are honored.
International Data Transfers
Data may be processed internationally.
- Where required, we apply:
- Standard Contractual Clauses (SCC)
- GDPR-compliant safeguards
- industry-standard encryption
- equivalent international protections
We evaluate jurisdiction risks before transferring any information.
Business Transfers
- If Miyraa becomes involved in:
- merger
- acquisition
- restructuring
- asset transfer
data may be transferred as part of the transaction, but only if:
- privacy protections continue
- users are notified where required
No Sale of Personal Data
- We do not sell:
- personal data
- emotional data
- biometric data
- identity-related information
No Government Backdoor Access
Miyraa does not grant government or commercial organizations direct system access.
We require valid legal process for any request.
Aggregated and Anonymous Data
We may share aggregated information such as usage statistics that cannot identify individuals, for purposes including:
- platform optimization
- safety research
- product development
Aggregated data contains no personal identifiers.
Data Processing Agreements
All third-party vendors must sign Data Processing Agreements (DPA) governing permitted use, access controls, deletion procedures, and security standards.
Sub-Processors
User Notification
We will notify users where required by law when their information is requested by authorities, except where prohibited by law.
Encryption
“industry-standard encryption protocols including TLS for data in transit and AES-256 or equivalent for data at rest.”
Data Residency
Certain users may request local data storage based on regional legal requirements when applicable.
Whenever technically possible, sensitive data is processed locally and Miyraa does not have access to raw emotional or biometric readings.
Miyraa does not store biometric templates unless technically required and only with user consent.
Miyraa is designed with a privacy-first architecture to ensure that emotional and biometric information remains under your control at all times.
We may share limited, non-biometric information with fraud prevention partners where legally permitted.
22DATA RETENTION
Miyraa retains personal data only for as long as necessary to provide core services, comply with legal obligations, resolve disputes, and maintain security.
Retention periods may vary depending on account activity, data type, and applicable regional regulations.
Users may request deletion of their account and personal data at any time where legally permitted.
We may anonymize or aggregate data and retain such information for analytical purposes where legally permitted.
Miyraa’s systems are designed so sensitive emotional signals remain under user control.
Emotional inferences are processed with safety-first design principles.
23YOUR RIGHTS
Depending on your country or region, you may have rights such as:
- access your information
- request correction
- request deletion
- restrict processing
- object to certain processing
- export your data (data portability)
You may exercise these rights by contacting us.
We may request verification of identity before processing requests.
You may withdraw consent at any time where processing is based on consent.
If you are a parent or guardian and believe your child has provided personal data, please contact us to request removal.
We may deny requests where disclosure would compromise the privacy, safety, or rights of another individual.
24CHILDREN’S RIGHTS
Parents or guardians may request review or deletion of information relating to an underage user if applicable by law.
25INTERNATIONAL TRANSFERS
Where applicable, Miyraa relies on adequacy decisions, binding corporate rules, or equivalent transfer mechanisms recognized under international law.
Where international transfers are not permitted by law, Miyraa will restrict or block access to certain features to ensure compliance.