Privacy Policy

This Privacy Policy explains how Skillazo, Inc. ("PARRH," "we," "us," or "our") collects, uses, shares, and protects your information when you use our mobile application and services (the "Service"). By using PARRH, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

• Account Information: Email address (for account recovery) and date of birth (for age verification).
• Content You Create: Messages (retained until auto-delete), vibe prompt responses, profile information, and reports you submit about other users.
• Preferences: App settings, notification preferences, and mood/intent selections.

1.2 Information Collected Automatically

• Device Information: Device type and model, operating system version, unique device identifiers, and app version.
• Usage Information: Features used, time spent in the app, match and message activity (aggregated), and crash data.
• Location Information: Approximate location if permission is granted, hashed and bucketed -- never precise coordinates.
• Log Data: Truncated IP addresses, access times, and referring app information.

1.3 Information from Third Parties

• App Stores: Subscription status from Apple App Store and Google Play Store.
• Analytics Providers: Aggregated usage data from analytics services.
• Law Enforcement: Information received through valid legal process.

2. How We Use Your Information

We use the information we collect for the following purposes:

Purpose	Examples
Provide the Service	Enable matching, messaging, and features
Personalize Experience	Match you with compatible users
Safety and Integrity	Detect and prevent abuse, spam, and fraud
Improve the Service	Analyze usage, fix bugs, develop features
Communications	Send service updates and notifications
Payments	Process subscriptions and transactions
Legal Compliance	Respond to legal requests, protect rights
Enforcement	Enforce Terms of Service and policies

3. How We Share Information

3.1 We Do NOT Sell Your Personal Data

PARRH does not sell, rent, or trade your personal information to third parties for their marketing purposes. Period.

3.2 When We May Share

• Service Providers: We share data with trusted service providers who assist us in operating the Service, including:
  • Cloud hosting (Supabase/AWS)
  • Analytics (Mixpanel)
  • Push notifications (Expo)
  • Payment processing
  • Customer support tools

  All service providers are contractually bound to protect your data and use it only for the purposes we specify.

• Legal and Safety: When required by law, to protect safety, to prevent fraud, or to protect our legal rights.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred. This privacy policy will continue to apply to your data.
• Aggregated/De-Identified Data: We may share aggregated or de-identified data that cannot reasonably be used to identify you.

3.3 Other Users

• Your public identity (username, avatar) is visible to other users you match with.
• Messages are only visible to you and your match partner.
• Your mood, intent, and energy level are visible to other users during the matching process.

4. Legal Basis for Processing (EEA/UK)

If you are located in the European Economic Area (EEA) or United Kingdom (UK), we process your personal data based on the following legal grounds:

Purpose	Legal Basis
Provide the Service	Performance of contract
Process payments	Performance of contract
Send service communications	Performance of contract
Safety and integrity	Legitimate interests
Improve the Service	Legitimate interests
Analytics and research	Legitimate interests
Marketing (if any)	Consent
Legal compliance	Legal obligation

Where we rely on legitimate interests, we have conducted balancing tests to ensure that our interests do not override your fundamental rights and freedoms.

5. Identity Resets and Data Persistence

PARRH's weekly identity reset is a core privacy feature. Here's what happens each Sunday at 00:00 UTC:

6. Data Retention

We retain your data only as long as necessary to provide the Service and fulfill the purposes described in this policy.

Data Type	Retention Period
Messages	~24 hours from send (auto-delete)
Match data	Until match expires + 24 hours
Account data	Until you delete your account
Identity data	7 days (weekly reset)
Usage logs	90 days
Safety/integrity data	Up to 2 years
Payment records	7 years (legal requirement)
Deleted account data	Purged within 30 days
Backup copies	Up to 90 days

7. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have different data protection laws than your country of residence.

For transfers from the EEA/UK, we use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data receives an adequate level of protection.

8. Your Privacy Rights

8.1 All Users

Regardless of where you live, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your account and associated data.
• Opt out of non-essential communications.
• Request a copy of your data in a portable format.

8.2 EEA/UK (GDPR)

If you are located in the EEA or UK, you have additional rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of the personal data we process about you.
• Right to Rectification: Request correction of inaccurate data.
• Right to Erasure: Request deletion of your data ("right to be forgotten").
• Right to Restriction: Request that we limit processing of your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on consent, withdraw it at any time.
• Right to Complaint: Lodge a complaint with your local data protection authority.

8.3 California (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: What personal information we collect, use, and share.
• Right to Access: Request the specific personal information we have collected about you.
• Right to Delete: Request deletion of your personal information.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt-Out of Sale: Opt out of the sale of your personal information.
• Right to Limit Use of Sensitive Data: Limit how we use sensitive personal information.
• Right to Non-Discrimination: Not be discriminated against for exercising your rights.

We do not sell your personal information.

California Shine the Light: California Civil Code Section 1798.83 permits California residents to request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

8.4 Other U.S. States

Residents of Virginia, Colorado, Connecticut, Utah, and other states with comprehensive privacy laws may have similar rights to those described above, including the right to access, delete, correct, and opt out of certain data processing. Please contact us to exercise your rights.

8.5 How to Exercise Your Rights

You can exercise your privacy rights in the following ways:

• Email: privacy@parrh.com
• In-App: Settings > Your Data
• Please include your username, email address, and a description of your request.

Verification: We may need to verify your identity before processing your request. We will use the information you provided when creating your account to verify your identity.

Authorized Agents: You may designate an authorized agent to submit requests on your behalf. The agent must provide proof of authorization.

Response Time: We will respond to your request within 30-45 days. If we need additional time, we will notify you.

9. Security

We take the security of your data seriously and implement a variety of measures to protect it:

• TLS/HTTPS: All data transmitted between your device and our servers is encrypted using TLS/HTTPS.
• Encrypted Storage: Sensitive data is encrypted at rest.
• Row Level Security (RLS): Database-level access controls ensure users can only access their own data.
• Regular Security Assessments: We conduct regular security audits and vulnerability assessments.
• Limited Employee Access: Access to user data is restricted to authorized personnel on a need-to-know basis.
• Secure Authentication: We use industry-standard authentication mechanisms to protect your account.

10. Children's Privacy

PARRH is intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18.

If we learn that we have collected personal data from a minor, we will take immediate steps to delete that information. If you believe a minor has provided us with personal information, please contact us at privacy@parrh.com.

11. Cookies and Tracking Technologies

PARRH is a mobile application and does not use browser cookies. However, we may use the following technologies within the app:

Technology	Purpose
Device Identifiers	Identify your device for account security and fraud prevention
Analytics SDKs	Measure app usage, performance, and user engagement
Push Notification Tokens	Deliver push notifications to your device
Crash Reporting	Diagnose and fix app crashes and errors

Your Choices:

• Control push notifications through your device settings.
• Limit ad tracking through your device's privacy settings.
• Delete your account to remove all associated data.

12. Do Not Track

There is currently no accepted standard for how mobile applications should respond to "Do Not Track" signals. As a mobile app, PARRH does not track users across third-party websites. We do not respond to Do Not Track signals because there is no consistent industry standard for compliance in mobile applications.

13. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

• Investigate promptly: Begin an immediate investigation to determine the scope and impact of the breach.
• Notify affected users within 72 hours: Inform you of the breach, the data affected, and the steps we are taking.
• Notify relevant authorities: Report the breach to applicable data protection authorities as required by law.
• Provide information: Share details about what happened, what data was affected, and what steps you can take to protect yourself.

14. Third-Party Services

PARRH may contain links to or integrations with third-party services, websites, or applications. This Privacy Policy applies only to PARRH and does not cover the practices of third parties. We encourage you to review the privacy policies of any third-party services you interact with.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Notify you through the app or via email.
• Update the "Last Updated" date at the top of this page.
• Provide a summary of the changes.

Your continued use of PARRH after changes are posted constitutes your acceptance of the updated policy.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us:

• General Privacy Inquiries: privacy@parrh.com
• Privacy Rights Requests: privacy@parrh.com
• Security Concerns: support@parrh.com
• Data Protection Officer: privacy@parrh.com

Mailing Address:

Skillazo Inc.
251 Little Falls Drive
Wilmington, DE 19808
United States

Summary of Key Points

Topic	Summary
Data Collection	Minimal -- no real names or photos required
Messages	Auto-delete within ~24 hours
Location	Hashed and bucketed -- never precise
Selling Data	We do NOT sell your personal data
Your Rights	Access, delete, correct, port your data
Security	Encryption, RLS, limited access
Children	18+ only; no data collected from minors