Last Updated: 2025

This Privacy Policy describes how Tova (“we,” “us,” or “our”) collects, uses, discloses, and protects the personal information of our members and users (“you” or “your”) when you download, install, register with, access, or use our mobile application (“App”) and related services (collectively, the “Services”). By using Tova, you consent to the practices described in this Privacy Policy.

1. Information We Collect

a. Personal Information

When you register for Tova, we collect personal information you provide directly, including:

  • Account Details: name, email address, phone number, date of birth, profile photo, city of residence.
  • Profile Content: interests, bio, social media handles, compatibility‑survey responses, and any additional information you choose to add to your profile.

b. Usage & Interaction Data

We automatically collect information about your use of the App and your interactions with other users, including:

  • Navigation & Activity: pages/screens visited, time spent, taps/clicks, feature usage, and device/app metadata (e.g., device type, operating system, app version).
  • Profile Browsing: which user profiles you view, view durations, likes/favorites, and any profile‑interaction events.
  • Chat & Messaging Metadata:
    • Although your message content is transmitted and stored by a third‑party chat SDK, we access and process that content (including text, multimedia, timestamps, and chat metadata) via secure API calls.
    • We collect chat logs solely to power in‑app messaging features, to enforce our Community Guidelines, and to support user safety and dispute resolution.

c. Communications with Us

We collect information when you contact customer support or provide feedback via email, in‑app messaging, or surveys.

d. Sensitive Personal Data

We do not knowingly collect sensitive categories of personal data (e.g., health information, racial/ethnic origin). If we do so in the future, we will obtain your explicit consent before processing.

2. How We Use Your Information

a. Personalization & Matching

  • To power our Compatibility Algorithm and recommend events, connections, and content tailored to your interests, location, and past interactions.
  • To refine and improve matching accuracy using data from profile browsing and chat interactions.

b. Communication & Notifications

  • To send transactional messages (e.g., account confirmations, password resets, event reminders).
  • To deliver promotional content, newsletters, and surveys, with an option to opt‑out at any time.

c. Service Improvement & Analytics

  • To analyze aggregated usage patterns for product development, performance monitoring, and feature enhancements.
  • To detect, prevent, and investigate fraud, abuse, or other prohibited behavior.

d. Safety & Moderation

  • We may review chat content—via automated tools or manual moderators—to enforce our Community Guidelines, detect abuse, and resolve disputes.
  • Even though chat messages reside on the third‑party SDK’s servers, we retrieve and process them under the same confidentiality and security measures described in Section 4.

3. Data Sharing & Disclosure

a. Third‑Party Service Providers

We share data with trusted vendors who support our operations, including:

  • Hosting & Infrastructure: cloud providers and database services.
  • Analytics & Performance: usage‑tracking and crash‑reporting tools.
  • Payment Processing: billing and subscription management services.
  • Chat SDK Provider: a third‑party chat service that stores and delivers message content. That provider processes your chat data strictly on our behalf, under contract and confidentiality obligations. Tova accesses chat content via encrypted API calls; the SDK provider does not use your data for its own purposes.

b. Legal & Regulatory Requirements

We may disclose your information to comply with legal obligations, respond to lawful requests by public authorities, or protect our rights, property, or safety, or that of others.

c. Business Transfers

If Tova undergoes a merger, acquisition, or asset sale, your information may be transferred to the acquiring entity. We will notify you before your data is transferred and becomes subject to a different privacy policy.

4. Data Security

We implement industry‑standard technical and organizational measures to protect your personal information—whether stored on our systems or retrieved from third‑party services—including:

  • Encryption: TLS for all data in transit (including API calls to the chat SDK); AES‑256 (or equivalent) for data at rest on our servers.
  • Access Controls: Role‑based permissions, multi‑factor authentication, and least‑privilege principles for internal access to both our systems and the chat SDK.
  • Regular Audits: Security assessments and penetration testing to identify and remediate vulnerabilities.

While we strive to protect your data, no system is completely secure. We will promptly notify you and relevant authorities of any confirmed data breach in accordance with applicable laws.

5. Data Retention

  • Account & Profile Data: Retained for as long as your account is active and thereafter as needed to comply with legal obligations or legitimate business purposes (e.g., dispute resolution).
  • Chat Logs & Interaction Data: Although the third‑party chat SDK retains message history, Tova’s policy is to retain chat content for up to 24 months from creation. After that period, we remove our access permissions. You may also request earlier deletion via support@tova.social.
  • Usage & Analytics Data: Aggregated or de‑identified data may be retained indefinitely for analytical purposes.

Right to Erasure: You may request deletion of your personal data by contacting us at support@tova.social. Certain data may be retained if required by law or for legitimate business reasons.

6. Your Privacy Controls

  • Profile Visibility: Control whether your profile appears in browse results or is discoverable by location‑based features via Settings.
  • Chat History: Delete your chat history at any time; however, copies may remain on the other party’s device or in system backups until fully purged.
  • Marketing Opt‑Out: Unsubscribe from promotional emails via the link in any communication or by contacting support.
  • Access & Correction: Request a copy of your data or corrections by emailing support@tova.social. We may charge a nominal fee where permitted by law.

7. Children’s Privacy

Tova is intended for users aged 18 and over. We do not knowingly collect data from anyone under 18. If you believe we have inadvertently collected information from a minor, please contact us to request deletion.

8. International Data Transfers

Your information may be transferred to and processed in countries outside your jurisdiction, including Hong Kong and the United States. We ensure that such transfers comply with applicable data protection laws through mechanisms such as Standard Contractual Clauses or other approved safeguards.

9. Changes to This Privacy Policy

We may update this Privacy Policy periodically. For material changes, we will provide at least 14 days’ notice via email or in‑app notification before they take effect. Your continued use of Tova after such changes constitutes acceptance of the revised policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: support@tova.social
  • Mailing Address: Unit 2A, 17/F Glenealy Tower, No.1 Glenealy, Central, Hong Kong

Thank you for trusting Tova with your personal information. We are committed to safeguarding your privacy and providing you with a safe, engaging social experience.