Privacy Policy

Melaaj's Privacy Policy

Last Updated: 30/10/2024

1. Introduction

At Melaaj, your privacy is our priority. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data when you use our platform and services. Whether you’re engaging in social interactions, making use of our marketplace, or exploring the rich features of our platform, we are committed to ensuring that your personal information is handled with the utmost care and security.

Purpose of the Privacy Policy

The purpose of this Privacy Policy is to provide transparency about how we manage your data, explaining clearly and in detail what information we collect, why we collect it, how we use it, and under what circumstances we share it. We believe that you have the right to know exactly what happens to your information when you use our platform. This serves as a guide to help you understand your rights regarding your data and the measures we take to protect it.

Scope and Applicability

This Privacy Policy applies to all users who access or interact with Melaaj, including members, visitors, and anyone else using our services, regardless of location. By using Melaaj, you agree to the practices described in this policy. It covers all personal data collected through our website, mobile applications, APIs, and other services we provide. This policy also extends to any other interactions you may have with us, such as through customer support or promotional campaigns.
Additionally, this Privacy Policy complies with applicable global privacy regulations, including but not limited to:

The General Data Protection Regulation (GDPR) for users within the European Economic Area (EEA)
The California Consumer Privacy Act (CCPA) for users within California
Other regional and national privacy laws that may be relevant, depending on your location.

Key Definitions

To ensure clarity, we provide the following definitions of terms that will be used throughout this Privacy Policy:

Personal Data: Any information that can identify an individual, either directly or indirectly. This includes, but is not limited to, your name, email address, phone number, profile data, and payment information.
Non-Personal Data: Information that cannot be used to identify an individual, such as aggregated data, usage statistics, or technical data like browser type, device model, and internet service provider.
Processing: Any operation performed on your data, including collection, storage, use, sharing, and deletion.
Data Controller: The entity responsible for determining the purposes and means of processing your personal data (in this case, Melaaj).
Data Processor: Any third party that processes data on behalf of the Data Controller, such as hosting services, payment gateways, and analytics providers.

Our Commitment to Your Privacy

Your trust is central to our relationship with you. We are committed to safeguarding your personal information by employing state-of-the-art security measures, including encryption, access controls, and anonymization techniques, to protect your data from unauthorized access, disclosure, alteration, or destruction. Additionally, we continuously review and improve our privacy practices to comply with evolving legal standards and to align with best practices in data protection.

As part of our dedication to transparency, this Privacy Policy is structured to give you full control over how your data is handled. We encourage you to review this policy carefully to understand how we manage your privacy. If at any time you have questions or concerns regarding your data, we are here to help. Our support team is available to address any inquiries you may have.

2. Data We Collect

At Melaaj, we gather various types of data from users to deliver a personalized, secure, and high-quality experience. The data we collect can broadly be classified into two categories: Personal Information and Non-Personal Information. Understanding what data we collect and why we collect it is key to ensuring transparency, and this section will provide a detailed breakdown of all the types of data we handle.

A. Personal Information

Personal Information refers to any data that identifies or can be used to identify an individual directly or indirectly. We collect Personal Information through various means, including during registration, profile creation, interactions on the platform, and when users make purchases or utilize services. Below is a detailed list of the personal data we collect.

Registration Data

Profile Information

When you create an account on Melaaj, we collect basic personal information necessary for identification and account management, including:

Full Name: To personalize your experience and for account verification purposes.
Email Address: Used for communication, account recovery, and login purposes.
Username and Password: Chosen by you to access your account securely.
Date of Birth: To ensure compliance with our age restrictions and provide age-appropriate content.

When building your profile, you have the option to provide additional personal information that enhances your social interactions on the platform. This may include:

Profile Picture: Helps personalize your account and interactions with other users.
Biography and Interests: Information you voluntarily provide to describe yourself, which allows for better personalization of content and recommendations.
Location Data: You may provide location data for services such as geolocation-based posts, but you control the visibility of this information through your profile settings.

Communication Data

When you interact with other users, customer support, or participate in forums or groups, we collect information related to those communications, including:

Messages: Text, audio, or video communications between you and other users.
Comments and Posts: Data related to your interactions with content, including likes, comments, or shared posts.
Support Requests: If you contact customer support, we may collect details of the issue and your contact information to resolve the matter.

Payment Information

If you make purchases on our marketplace or subscribe to services, we collect necessary payment details, such as:

Billing Address: For invoice generation and fraud detection.
Payment Method: Information such as credit/debit card details, though we only store the last four digits for security purposes.
Transaction History: A record of your purchases, including date, time, and amount, for auditing and refunds.

Sensitive Data

In some cases, we may collect sensitive information related to identity verification, such as:

Government-issued ID: For age verification (e.g., for content restrictions) and identity confirmation, especially when accessing restricted features (such as safemode).

B. Non-Personal Information

Non-Personal Information includes data that cannot, by itself, be used to identify an individual. This type of data helps us understand user behavior, optimize platform performance, and enhance the overall user experience. Below is a breakdown of the non-personal information we collect:

Browsing Data

When you visit or interact with Melaaj, we automatically collect technical data about your browsing activity, including:

IP Address: Used for identifying your general location, preventing fraud, and improving platform security.
Browser Type and Version: Helps us optimize the platform for different web browsers and ensure compatibility.
Operating System: Information about your device’s operating system helps improve performance and troubleshoot issues.
Referral URLs: Tracks how you were referred to our platform, which assists in marketing and user acquisition strategies.

Device Information

We collect information related to the device you use to access Melaaj, including:

Device Type (e.g., smartphone, tablet, desktop): Helps us tailor the user experience for different device types.
Device Model and Manufacturer: Used for debugging purposes and ensuring optimal platform performance on various hardware.
Unique Device Identifiers: Information such as device IDs or advertising IDs, which help in tracking usage across devices.

Analytics and Usage Data

To continuously improve our platform and services, we collect usage data via analytics tools. This data helps us understand how users interact with the platform, including:

Page Views: Tracks which sections of the platform are most popular and how long users stay on them.
Click Patterns: Collects information about where users click, to enhance user interface (UI) design and feature placement.
Session Duration: Measures how long users stay on the platform, helping us identify patterns of engagement or areas of improvement.
Search Queries: Tracks search terms entered by users, allowing us to better understand user intent and improve content discoverability.

How We Treat Aggregated or Anonymized Data

In some cases, we may aggregate or anonymize personal data in such a way that it cannot reasonably be used to identify any individual user. This anonymized data may be used for research, analysis, and marketing purposes, as well as to improve platform performance and develop new features.

Why We Collect This Data

The data we collect serves several important purposes, including:

Personalization: We use your data to provide tailored content, product recommendations, and a personalized user experience.
Security: Collecting data helps us detect, prevent, and respond to security threats, fraud, and unauthorized access to accounts.
Improvement: Usage data helps us continually improve our platform by identifying trends, troubleshooting technical issues, and optimizing features.
Communication: We collect data to send you important updates about your account, such as security alerts, changes to services, and policy updates.
Legal Compliance: We collect data to comply with applicable laws, regulations, and contractual obligations, especially regarding age verification, payment services, and identity protection.

3. How We Collect Data

At Melaaj, we collect data through multiple channels to ensure we provide a seamless, personalized, and secure user experience. Data collection happens both actively (when you voluntarily provide information) and passively (through automated systems such as cookies and analytics tools). In this section, we’ll explain the various methods by which we collect both Personal Information and Non-Personal Information, ensuring that all users understand the full scope of our data collection practices.

A. Direct Collection (User-Provided Information)

Many of the interactions you have with Melaaj involve providing us with personal information directly. Below are the main ways we collect data directly from you.

1. Account Registration

When you sign up for an account, you provide us with essential personal details, including:

Full Name, Email, and Date of Birth: Used for identity verification, account creation, and age-appropriate content delivery.
Username and Password: Chosen by you to ensure secure access to your account.

This information is necessary to identify you as a unique user, secure your account, and allow you to use various platform features.

2. Profile Setup and Updates

As part of personalizing your profile, you may voluntarily provide additional information, such as:

Profile Picture, Bio, Interests, and Location: This information helps others discover you on the platform, while also enabling us to tailor content recommendations to your preferences.

You control how much personal information you want to share, and you can update or modify these details at any time.

3. Interactions with Content and Other Users

When you interact with content or other users on the platform, you actively provide us with data through:

Posts, Comments, and Likes: Your activity on posts (whether creating, commenting, or reacting) generates data that we use to personalize your feed and content recommendations.
Messaging and Chat Data: Private communications, such as direct messages or group chats, are stored for your convenience and safety. These communications are encrypted and accessible only to you and the recipients, with strict monitoring in place to ensure compliance with our policies.

4. Purchases and Subscriptions

When you make purchases on our platform, such as buying products or subscribing to services, you provide financial data, including:

Payment Information: Collected during transactions, such as credit/debit card details, billing addresses, and transaction history. This information is shared securely with payment processors to complete the transaction and ensure a smooth user experience.

We use trusted third-party payment processors to ensure that your financial information is handled securely and is not stored on our servers beyond what is necessary for legal and auditing purposes.

5. Customer Support Requests

If you contact our support team for assistance, we collect information related to your inquiry, which may include:

Issue Details and Contact Information: Used to resolve the problem and improve our customer service. This may include chat logs, email exchanges, or call recordings.

We also gather feedback from these interactions to help us enhance the overall quality of the platform.

B. Automatic Collection (Cookies, Log Files, and Other Technologies)

In addition to the data you provide directly, we also collect data automatically through technologies that monitor your activity on our platform. This helps us improve functionality, provide a better user experience, and protect our platform from unauthorized use. Below are the main ways we collect data automatically:

1. Cookies and Similar Tracking Technologies

Cookies are small text files that are stored on your device to help websites remember your actions and preferences. We use cookies to:

Recognize You: When you return to the platform, cookies help us remember who you are, so you don’t have to log in repeatedly.
Customize Your Experience: Cookies allow us to remember your preferences, such as language settings, and tailor content based on your prior interactions.
Monitor Performance: We use cookies to measure how well different parts of the platform are performing, allowing us to identify issues and improve the user experience.

We may also use pixel tags and web beacons, which are small pieces of code embedded on our site that help us track activity such as which emails have been opened or which pages have been visited.

2. Log Files

Every time you interact with Melaaj, our servers automatically log certain data, which includes:

IP Address: Captured to help identify and prevent unauthorized access, monitor security, and understand user locations for marketing purposes.
Browser Type and Version: Logged to ensure compatibility and optimize performance across different browsers.
Date and Time of Access: Stored to analyze trends, manage server loads, and enhance platform security.
Referral URLs: If you arrived at our platform through a third-party link, this information is logged to understand traffic sources and improve marketing campaigns.

These logs help us troubleshoot issues, secure the platform, and improve the overall functionality of the services we offer.

3. Device Information

When you use Melaaj on your smartphone, tablet, or other device, we automatically collect information related to your device, such as:

Device Type (e.g., iPhone, Android): Helps us optimize our app and web versions for different devices.
Device Identifiers: We collect unique device IDs to ensure account security and synchronize user settings across multiple devices.

This data allows us to provide you with a smooth, responsive experience no matter what device you use to access the platform.

4. Analytics Tools

To better understand how users engage with Melaaj, we use analytics tools that automatically track and report website traffic. These tools collect data such as:

Pages Viewed: Tracks the pages you visit to help us understand user interest and optimize the content.
Time Spent on Pages: Measures engagement, allowing us to improve sections of the platform where users are most active.
Click Behavior: Tracks how users navigate through the platform, helping us identify usability issues and improve the overall interface.

All data collected through these tools is anonymized and aggregated, ensuring that your personal identity is not tied to any specific analytics report.

C. Data from Third-Party Sources

We may also collect data from third-party sources to enhance your experience on the platform. This happens in several ways:

1. Social Media and Connected Services

If you link your Melaaj account to third-party services like WordPress we may collect the following data:

Social Profile Information: Such as your username, profile picture, and friend list (with your permission) to help you connect with people you know on Melaaj.
Activity from Other Platforms: If you choose to share content from Melaaj to other platforms (or vice versa), we collect data related to that content exchange, such as shared posts or liked content.

2. API Integrations

We may collect data from third-party services and apps that use our platform’s API, such as:

Developer Services: Information from developers who integrate with our platform, which helps us improve interoperability and enhance user experiences through third-party tools.

These integrations are governed by the privacy settings you control with those third-party services.

Transparency and Control

We believe in giving you control over how your data is collected and used. You can manage many aspects of data collection through your account settings, including:

Opting out of certain types of cookies: Manage your preferences through our cookie consent tool.
Controlling which personal information is shared publicly: Through your profile visibility settings, you can determine who can see your posts, profile details, and more.
Disconnecting from third-party services: You have the option to unlink any third-party services connected to your Melaaj account at any time.

4. How We Use Your Data

At Melaaj, your privacy and trust are our top priorities. The data we collect is used with the primary goal of delivering an engaging, personalized, and secure user experience. Our approach to data usage is rooted in transparency and responsibility, ensuring that we only use your information for clearly defined purposes that benefit you. This section will explain, in detail, how we use the data we collect, covering a wide range of functionalities and services offered by our platform.

A. Personalizing Your Experience

We use your data to create a more tailored and personalized experience on the platform. The better we understand your preferences, the more relevant content, services, and interactions we can offer. Below are some key ways we personalize your experience:

1. Content Recommendations

Based on Interests: By analyzing your interactions with posts, groups, and pages, we can recommend content that aligns with your interests.
Location-Based Content: If you provide location data, we may suggest events, posts, or groups relevant to your geographical area.
Friend and Group Suggestions: Using the information from your connections and interactions, we recommend friends, groups, or communities that match your interests and social circle.

2. Feed Customization

Tailored Posts: We use data about your likes, comments, shares, and the people you follow to prioritize posts and updates that are most relevant to you.
Relevant Ads: Based on your browsing history, demographics, and interests, we show ads that are more aligned with your preferences, minimizing irrelevant advertising.

3. Profile Personalization

Content Visibility: We use your privacy settings to control who can view your profile, posts, and activities, ensuring that you maintain control over what others see.

B. Enhancing Security and Safety

Your data plays a crucial role in maintaining the security of our platform. We use your information to protect both you and the entire Melaaj community from malicious activity, fraud, and unauthorized access. Key ways we use your data for security purposes include:

1. Account Security and Authentication

Login Credentials: Your username, password, and other account information help us verify your identity every time you log in.
Two-Factor Authentication: If enabled, we may use your authenticator app data to provide an extra layer of security when accessing your account.
Session Management: We track login sessions to monitor for suspicious activity, such as multiple logins from different locations, and notify you if we detect any anomalies.

2. Fraud Detection and Prevention

IP and Device Data: We analyze login patterns, device types, and IP addresses to detect fraudulent activity and take necessary steps to secure compromised accounts.
Payment and Transaction Monitoring: For financial transactions, we monitor payment patterns to detect fraud or unauthorized payments, helping prevent issues like chargebacks or account theft.

3. User Verification for Age-Restricted Content

Identity Verification: For content marked as SafeMode, we use your data (such as date of birth or government-issued ID) to verify that only eligible users can view or interact with such content. This ensures the protection of younger users while maintaining compliance with legal regulations.

C. Facilitating Communication and Interaction

A core function of Melaaj is enabling communication between users. Your data is essential in facilitating these interactions in a seamless, meaningful, and efficient manner. Here are some examples of how we use your data to enhance communication:

1. Messaging and Group Chats

Messages: We use your account data to allow you to send and receive private messages, group chats, and audio/video calls.
Media Sharing: Any files, images, or videos you share through messaging are processed using your data to ensure smooth delivery and proper storage.

2. Notifications and Alerts

Real-Time Updates: We use your preferences and interactions to notify you of new messages, comments, likes, and important updates related to your activity or interests.
System Alerts: If there are security updates, new features, or policy changes, we use your contact information to send timely and relevant system alerts.

D. Facilitating Transactions and Payments

If you engage in financial transactions on Melaaj, whether through the marketplace or other payment-related services, we use your data to manage and process these activities. Here are some examples:

1. Processing Payments

Payment Information: When you make purchases or subscribe to services, we use your payment data to process transactions securely through trusted payment processors.
Transaction History: We store records of your transactions for auditing purposes, refunds, and resolving disputes.

2. Wallet and Earnings Management

Wallet Features: If you use our wallet system, we manage your balance, transfers, and withdrawals using your account information and payment details.
User Earnings: For users earning money on the platform (e.g., selling content or offering services), we use transaction data to track income and provide reports.

E. Improving Platform Functionality

We are constantly working to improve the user experience on Melaaj, and your data is instrumental in helping us achieve that. By analyzing user behavior and interactions, we can identify areas for improvement and introduce new features that benefit the community. Here’s how your data supports platform optimization:

1. Performance and Usability Testing

Usage Data: By analyzing how you interact with various features (e.g., posts, comments, or live streaming), we can optimize the platform’s performance and fix any technical issues.
Bug Reporting: If you encounter errors or glitches, we may collect data related to the issue to resolve it and prevent future occurrences.

2. Feature Development

Feedback and Usage Patterns: We use your feedback and track patterns in user behavior to develop and improve features that align with user needs. For instance, if we notice a high demand for certain tools or services, we may prioritize development in those areas.

F. Legal Compliance and Enforcement

As a global social platform, we are committed to complying with all applicable laws and regulations. Your data may be used to fulfill our legal obligations or to enforce our policies and community guidelines. Specific instances include:

1. Compliance with Laws

Age Verification: To comply with age restrictions, we may use data like your date of birth or identity verification documents.
Tax Reporting: If required by law, we may use your financial data to report earnings or transactions to tax authorities.

2. Enforcing Terms and Conditions

Account Monitoring: We use data to monitor compliance with our Terms of Service, and if necessary, take actions like warning, suspending, or banning accounts that violate our policies.
Content Moderation: Data related to your posts, interactions, or streamings may be used to moderate content and ensure it aligns with our community standards.

G. Marketing and Promotions

To keep you informed and engaged with Melaaj, we may use your data for marketing purposes. This could include notifying you of new features, promotions, or special offers, based on your preferences:

1. Email and In-App Notifications

Personalized Offers: We may send you personalized offers and recommendations based on your activity, such as discounts on marketplace products, or notifications about services that align with your interests.

2. Advertising Campaigns

Ad Targeting: Using demographic information, browsing behavior, and interests, we may show you advertisements relevant to you. This ensures that ads are tailored to your preferences and less intrusive.

H. Research and Analytics

We also use your data to gain insights into user behavior, market trends, and platform performance. This helps us understand how users engage with different features and services, and allows us to make data-driven decisions about platform improvements:

1. User Behavior Analysis

Aggregated Data: We analyze aggregated and anonymized data to understand trends and user preferences, allowing us to optimize content delivery, improve engagement, and enhance overall user satisfaction.

2. Market Research

Surveys and Feedback: We may conduct surveys or gather user feedback to understand broader market trends and identify opportunities for new services or features that align with user expectations.

5. How We Share Your Data

At Melaaj, we take your privacy seriously and are committed to protecting your data. We only share your information when it is necessary to provide services, comply with legal obligations, or improve your experience on the platform. This section will provide a detailed overview of how and when your data may be shared, who it may be shared with, and the safeguards in place to protect your information.

A. Sharing with Service Providers and Partners

To operate Melaaj efficiently and deliver high-quality services, we work with trusted third-party service providers and partners who assist us in various aspects of our platform’s functionality. These partners help us process payments, maintain platform security, and more. Here are key ways in which we share your data with these entities:

1. Payment Processors

Financial Transactions: When you make purchases, subscriptions, or other transactions on Melaaj, we share the necessary payment information (such as credit card details, billing addresses, and transaction amounts) with payment processors. These third parties process the payments securely, ensuring the transaction is completed.
Compliance and Security: Payment processors adhere to the highest standards of security (such as PCI-DSS compliance) to safeguard your financial information.

2. Hosting and Cloud Service Providers

Data Storage: Your account data, posts, messages, and other content are stored securely on cloud servers managed by trusted hosting providers. These providers ensure the availability, security, and scalability of our platform.
Data Encryption: Any personal data shared with hosting providers is encrypted to prevent unauthorized access and ensure compliance with data protection laws.

3. Analytics and Performance Monitoring Tools

User Behavior Insights: We use third-party analytics services to track and report on user behavior, helping us improve platform performance, understand trends, and identify areas for improvement. The data shared with these services is typically anonymized and aggregated, ensuring that your identity remains protected.
Crash and Bug Reporting: In the event of platform errors or crashes, we may share limited data (such as device details or logs) with diagnostic tools to resolve issues and enhance platform stability.

B. Sharing with Other Users

Melaaj is designed to foster communication, collaboration, and social interaction. Some of your personal information is shared with other users as part of the platform’s social functionalities. The extent of this sharing is largely controlled by you through your privacy settings:

1. Public Profile Information

Profile Visibility: Depending on your privacy settings, certain elements of your profile (e.g., username, profile picture, bio) may be visible to other users or the general public. You can control who can see your posts, connections, and other personal details by adjusting your account settings.
Friend and Follower Interactions: If you interact with others (e.g., sending friend requests, following users, joining groups), your basic profile information is shared with those users to facilitate connections and social interactions.

2. Posts, Comments, and Interactions

Public and Private Posts: When you create posts or comment on other users’ content, your interactions may be visible to the intended audience based on your post settings. You can choose whether your posts are public, visible to friends only, or restricted to specific groups.
Tagging and Mentions: When other users tag you in posts, comments, or media, your profile and username may be shared with others involved in the interaction.

3. Marketplace and Transactions

Buyer and Seller Information: If you engage in transactions on our marketplace (e.g., buying or selling products), certain data (such as your name, contact information, and shipping details) may be shared with the other party involved in the transaction to complete the sale and ensure delivery of goods or services.

C. Sharing for Legal Compliance

6. Data Retention

In certain situations, we may be required by law to share your data with governmental authorities, regulators, or other third parties. This is done in compliance with legal obligations to ensure that Melaaj operates within the boundaries of applicable laws and regulations:

1. Compliance with Legal Requests

Court Orders and Subpoenas: We may share your personal data in response to a court order, subpoena, or other legally binding request from law enforcement agencies, government authorities, or regulators. This includes sharing information to comply with investigations into fraud, criminal activity, or other illegal conduct.
Law Enforcement Requests: If there is a legal requirement or a legitimate concern for public safety, we may share your data with law enforcement to assist in the prevention, detection, or prosecution of crime.

2. Compliance with Regulatory Requirements

Tax and Financial Reporting: If you earn money through Melaaj, we may be legally required to share information (such as your earnings and transaction history) with tax authorities to comply with reporting obligations.
Age Verification for Restricted Content: To comply with regulations related to age-restricted content, we may share your identification details with verification services or regulators to ensure that only eligible users access specific content.

D. Sharing in the Event of a Business Transfer

In the event that Melaaj undergoes a merger, acquisition, or sale of all or part of its assets, your data may be shared as part of the business transfer. This is a common practice when companies change ownership or undergo restructuring. If such a transfer occurs, we will ensure that the new owners adhere to the commitments made in this privacy policy:

1. Mergers and Acquisitions

Corporate Restructuring: If Melaaj merges with or is acquired by another company, your data will be transferred to the new entity to ensure continued operation of the platform.

2. Sale of Assets

Asset Transfers: If Melaaj sells part or all of its assets, user data may be included in the transferred assets. We will notify you in advance and provide you with the opportunity to opt out of the data transfer, where applicable.

E. Sharing for Advertising and Marketing Purposes

We work with advertising partners to deliver relevant ads to users on and off Melaaj. We may share limited, non-personally identifiable information with advertisers and marketing partners to help them target ads more effectively. Here’s how we share your data for advertising purposes:

1. Data Shared with Advertisers

Campaign Performance: Advertisers may receive reports on how their ads are performing on our platform, including metrics like views, clicks, and conversions. These reports are usually aggregated and do not include personal details unless you have explicitly engaged with the advertiser’s content or services.

F. Sharing with API Integrations and Third-Party Apps

Melaaj offers API integrations and third-party app services that allow developers to extend platform functionalities. If you choose to interact with these third-party services, your data may be shared with or accessed by those services:

1. Third-Party App Integrations

Linked Accounts: If you link your Melaaj account with third-party services (e.g., WordPress, or other apps), we share certain data with those services to facilitate the integration. This may include your name, email address, and profile information.
Permissions: When you connect to third-party apps or use third-party features, you will be prompted to grant the necessary permissions for data sharing. You have full control over which permissions you grant or deny.

2. Developer Access

API Data Sharing: Developers using our platform’s API may request access to certain data to build applications that integrate with Melaaj. We only allow developers to access data that is necessary for the functionality of their apps, and they must comply with our data protection policies.

G. Protecting Your Privacy When Sharing Data

At every stage of data sharing, we take significant measures to ensure that your information is protected and used responsibly. This includes:

1. Data Minimization

Sharing Only What’s Necessary: We only share the minimum amount of data necessary to fulfill the specific purpose. For example, if a third-party service needs your location for a feature, we will not share other unrelated data such as your payment details.

2. Contracts with Service Providers

Strict Data Protection Agreements: We have strict contracts with all service providers, partners, and third-party platforms to ensure they comply with our privacy standards. These agreements include confidentiality clauses and obligations to secure your data.

3. User Control

Privacy Settings: You have control over how much data you share with other users, advertisers, and third-party services. Our platform offers privacy settings that allow you to manage your data-sharing preferences easily.

At Melaaj, we recognize the importance of managing your data responsibly and transparently. This section outlines how long we retain your personal data, the factors that determine the retention periods, and your rights regarding data deletion or modification. Our data retention practices are designed to ensure we keep your information for only as long as necessary to fulfill the purposes for which it was collected, while also complying with legal, regulatory, and contractual obligations.

A. Retention Periods Based on Data Type

The retention of your data is determined based on its category and the purpose for which it is processed. Below is a breakdown of how long different types of data are retained on our platform:

1. Account Information

User Profiles: Your personal details, such as name, email address, and profile information, are retained for as long as your account remains active. If you choose to delete your account, we will anonymize or delete your data, except where retention is required for legal obligations (e.g., for financial or regulatory reasons).

2. Posts, Media, and Content

Public and Private Posts: The content you post on the platform (such as text posts, photos, videos, and comments) remains available until you delete it or deactivate your account. If you manually delete a post, it will be removed from public view immediately, but residual copies may be retained in backup or archival systems for a limited period (typically up to 90 days) for security and legal purposes.
Stories: Temporary content, like Stories, which are designed to expire after 24 hours, are automatically deleted from public view once the expiration period has passed. However, metadata (e.g., views or reactions) may be stored for a limited time to improve user experience and platform performance.

3. Messages and Chats

Direct Messages: Messages exchanged between users are stored until you or the other party deletes them. Even after deletion, messages may be retained in backup systems for a limited duration to ensure the integrity of the platform and protect against spam or abuse.
Group Chats: Similar to private messages, group chats are retained as long as they remain active. When group members delete messages or exit the chat, those messages are removed from their view but may remain accessible to other members unless the entire chat is deleted.

4. Financial Data

Transaction History: Payment-related information, including invoices, transaction records, and withdrawal history, is retained for a period dictated by financial and tax laws (typically 7 years). This retention helps ensure we meet legal obligations such as accounting and auditing requirements.

5. Logs and Activity Data

Login and Usage Data: We retain logs of user activity, including login details, IP addresses, and device information, for security purposes. This information is typically kept for 1–2 years to assist in fraud prevention, dispute resolution, and platform analytics.

6. Support and Communication

Customer Support Interactions: Any communication between you and our support team (via email, live chat, or other means) is stored for up to 5 years. This allows us to track issues, follow up on queries, and maintain a history of your interactions to improve service quality.

B. Criteria for Determining Retention Periods

We apply the following criteria to determine how long we retain your data:

1. Purpose of Collection

Service Provision: Data is retained for as long as it is necessary to provide you with services. For example, your account data will be stored until you decide to deactivate or delete your account.
Security and Legal Compliance: Some data must be retained to ensure compliance with legal, financial, and regulatory requirements (e.g., data retention for tax purposes).

2. Legal Obligations

Regulatory Requirements: Certain laws require us to keep specific types of data for set periods. For example, financial data must be kept to comply with tax laws, and information related to user activity may be retained to comply with data protection regulations or law enforcement requests.

3. User Preferences and Requests

Account Deletion: When you request to delete your account, we will anonymize or erase your personal data unless retention is legally required. While the deletion process is immediate, it may take up to 90 days to completely remove data from all backup systems.
Content Deletion: You have the ability to delete content (such as posts, comments, or messages) at any time. Once deleted, your content is removed from the platform and from public view, although it may be retained in secure backups for a limited period.

4. Platform Maintenance and Security

Backup and Recovery: We maintain regular data backups to ensure platform stability and prevent data loss. These backups are typically stored for a short period (up to 90 days) and are only accessed in cases of system recovery or security incidents.

5. Improvement of Platform Services

Aggregated and Anonymized Data: In some cases, we may retain aggregated or anonymized data (which no longer identifies you personally) to improve platform features, generate insights, and analyze trends. This data may be retained indefinitely, as it does not pose any privacy risks.

C. Data Retention for Legal Disputes and Enforcement

In certain cases, we may retain personal data beyond our standard retention periods if it is required to resolve legal disputes, enforce our agreements, or comply with government investigations:

1. Dispute Resolution

Pending Claims: If there is a legal dispute or a claim related to your use of the platform, we may retain your data until the issue is resolved. This ensures that we have the necessary information to protect our interests and support your claims.
User Complaints: If you file a complaint with our customer service or regulatory authorities, we may retain relevant data to respond to the issue and prevent similar occurrences in the future.

2. Law Enforcement and Investigations

Compliance with Law Enforcement: If required by law or a valid legal process, we may retain your data for an extended period to assist law enforcement agencies in investigating potential violations of the law or responding to subpoenas and court orders.

D. Your Rights Regarding Data Retention

You have certain rights regarding the retention of your data, and we are committed to providing you with control over your personal information:

1. Request for Deletion

Data Erasure: You have the right to request the deletion of your personal data at any time. Upon receiving your request, we will erase or anonymize your data unless we are required to retain it for legal or regulatory reasons. Please note that while deletion is immediate, it may take up to 90 days for data to be fully removed from our backup systems.

2. Data Portability

Exporting Your Data: You may request a copy of your data in a machine-readable format if you wish to transfer it to another platform or service. We provide you with tools to download your account data, including your posts, messages, and transaction history.

3. Correction and Modification

Updating Your Information: You have the right to request the correction or modification of any personal data we hold about you. If any information is inaccurate, incomplete, or outdated, we encourage you to update it through your account settings or by contacting our support team.

E. Deletion of Inactive Accounts

To maintain the efficiency and security of our platform, we may delete or deactivate accounts that have been inactive for extended periods. In such cases:

1. Inactivity Policy

Account Dormancy: If your account has been inactive for a specified period (e.g., 2 years), we may reach out to notify you before deactivating it. If you do not take any action, your account data may be deleted or anonymized after a grace period.
Account Reactivation: You can reactivate your account by logging back in within the dormancy period. Once your account is deleted, reactivation may not be possible, and your data may no longer be retrievable.

2. Notification of Account Deletion

Advance Notice: Before any inactive account is deleted, we will send you a notification via email or through the platform, providing you with the option to log back in and prevent the deletion.

7. Your Privacy Rights

At Melaaj, we believe in empowering you with control over your personal data. We are committed to upholding your privacy rights and providing you with the necessary tools to manage how your information is collected, used, and shared. This section outlines the various privacy rights you have under data protection laws and how you can exercise them on our platform.

We encourage you to regularly review your privacy settings and use the options available to protect your data and manage your experience.

A. Right to Access Your Data

You have the right to request access to the personal data we hold about you. This is sometimes referred to as a “Data Subject Access Request” (DSAR). Through this right, you can obtain the following information:

Confirmation of Data Collection: You can request confirmation of whether we are processing your personal data.
Details of Data Processing: You may ask for details about the purposes of the processing, the types of data we hold, and any third parties with whom your data has been shared.
Copies of Your Data: You have the right to request a copy of the personal data we hold about you. This data will be provided in a commonly used format (e.g., PDF, CSV, or another electronic format).

To exercise this right, you can submit a request via your account settings or by contacting our support team. We aim to respond within 30 days, though in some cases, this may take longer depending on the complexity of the request.

B. Right to Rectify Your Data

You have the right to correct or update any personal data that we hold if it is inaccurate or incomplete. This ensures that the data we use to provide our services is accurate and up-to-date.

Updating Personal Information: You can modify certain account details (such as your name, email, or profile settings) directly through your account. For other data corrections, you may need to contact our support team.
Error Resolution: If you notice any discrepancies in the data we have about you, please notify us immediately, and we will take the necessary steps to rectify it as soon as possible.

C. Right to Erasure (Right to be Forgotten)

You have the right to request the deletion of your personal data in certain circumstances. This is often referred to as the “Right to be Forgotten.” We will delete or anonymize your personal data when you request it, provided that:

Your Data is No Longer Needed: If we no longer need your data for the purposes for which it was originally collected or processed.
You Withdraw Consent: If you previously provided consent for us to process your data and later choose to withdraw it, we will honor your request unless we are legally required to retain your data.
Objection to Processing: If you object to our processing of your data and there is no legitimate overriding reason for us to continue, your data will be erased.
Legal Obligations: If your data must be erased to comply with a legal obligation, such as under specific data protection regulations.

To request the deletion of your data, you can use the account deletion option in your profile settings, or you can contact our support team. Please note that while deletion is immediate from the active platform, it may take up to 90 days for your data to be completely removed from backups and archives.

D. Right to Restrict Processing

In certain situations, you have the right to restrict the processing of your personal data. This means we will continue to store your data, but will stop using it for certain purposes. You may request this restriction when:

You Contest the Accuracy of Your Data: If you believe your data is incorrect and you want us to verify its accuracy.
Unlawful Processing: If you believe our processing is unlawful, but you do not want your data erased.
Pending Objection: If you have objected to our processing of your data and we are evaluating whether our legitimate grounds override your objection.

While your data is restricted, we will only process it with your consent, for legal reasons, or to protect the rights of others. Once the reason for the restriction has been resolved, we will inform you before resuming processing.

E. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. This right allows you to:

Obtain Your Data: Request a copy of the personal data you have provided to us and which we process based on your consent or a contractual obligation.

This right applies to the data you have provided directly to us, such as your account information, posts, and transaction history. You can request this data via the export tools available in your account settings, or by contacting our support team for assistance.

F. Right to Object to Processing

You have the right to object to the processing of your personal data in certain situations. This includes:

Direct Marketing: You have the absolute right to object to the processing of your personal data for direct marketing purposes. We will immediately stop processing your data for marketing if you object.
Legitimate Interests: If we process your data based on our legitimate interests, you can object to the processing if you believe it impacts your rights and freedoms. In this case, we will evaluate your objection and either stop processing or provide a compelling reason to continue.

To exercise this right, you can adjust your marketing preferences in your account or submit a request via email.

G. Right to Withdraw Consent

If you have previously given your consent for the processing of your personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of any processing carried out before the withdrawal.

How to Withdraw Consent: You can modify your consent settings in your account or contact us directly to revoke your consent for specific processing activities (such as marketing communications).

Once consent is withdrawn, we will cease processing your data for the purposes covered by the consent unless we have a legal or contractual reason to retain it.

H. How to Exercise Your Rights

To exercise any of the rights mentioned above, you can do the following:

Access Your Account Settings: Many of your privacy rights can be managed directly from your account settings, where you can review, modify, or delete your data and preferences.
Contact Us: If you need additional assistance or prefer to submit a formal request, you can contact our privacy team via here, providing details of your request.

We aim to respond to all privacy requests within 30 days. In some cases, depending on the complexity of the request or the volume of requests, this may take longer, but we will always notify you of any delays.

8. Cookies and Tracking Technologies

At Melaaj, we use cookies and similar tracking technologies to enhance your experience on our platform, ensure the proper functionality of our services, and provide personalized content and advertising. This section explains what cookies and tracking technologies are, the types we use, and how you can manage your preferences.

A. What Are Cookies?

Cookies are small text files stored on your device (such as a computer, smartphone, or tablet) when you visit a website. These files allow websites to remember your preferences, improve your experience, and collect data that helps us analyze how users interact with our platform. Cookies can be classified based on their lifespan, function, and origin:

Session Cookies: These cookies are temporary and are deleted from your device when you close your web browser. They are typically used to keep you logged in or remember your actions during a single session on our platform.
Persistent Cookies: These cookies remain on your device for a set period or until you manually delete them. They help us remember your preferences (such as language settings or login credentials) across multiple sessions.
First-Party Cookies: These cookies are placed by Melaaj and are primarily used to ensure the platform functions as intended (e.g., keeping you logged in).
Third-Party Cookies: These cookies are placed by third-party service providers (e.g., analytics tools) to gather information about your activities.

B. What Are Tracking Technologies?

In addition to cookies, we use other tracking technologies that collect and store data about your usage of our platform. These include:

Web Beacons: Also known as “pixel tags” or “clear GIFs,” web beacons are tiny graphic images embedded in emails or web pages. They help us track whether you have interacted with certain content (such as opening an email or viewing a specific page).
Local Storage: We use local storage technologies (e.g., HTML5 local storage or browser cookies) to collect and store information locally on your device. This helps us retain your preferences and settings without needing to continuously query our servers.
Device Fingerprinting: This technology allows us to identify your device by collecting certain attributes (such as screen resolution, browser type, and IP address). It is used for fraud prevention, security, and personalized content delivery.

C. Types of Cookies and Tracking Technologies We Use

To ensure the best experience on our platform, we use the following types of cookies and tracking technologies:

1. Strictly Necessary Cookies

Purpose: These cookies are essential for the proper functioning of our platform. They enable core features, such as secure login, payment processing, and user authentication.
Examples: Remembering your session, enabling secure access to your account, and preventing fraudulent activity.
Retention: These cookies are typically session-based and expire when you close your browser. Some may be persistent, depending on the purpose.

2. Performance and Analytics Cookies

Purpose: These cookies help us analyze how users interact with our platform and identify areas for improvement. They collect data on page visits, time spent on the site, error reports, and usage patterns.
Examples: Analytics, internal performance monitoring tools, and traffic analysis.
Retention: These cookies may be persistent, typically lasting anywhere from a few hours to several months. The data collected is anonymized and used for analytical purposes only.

3. Functionality Cookies

Purpose: Functionality cookies allow us to remember your preferences and provide enhanced, personalized features. These may include remembering your login details, language settings, or regional preferences.
Examples: Storing your language preference, remembering login credentials for faster access, and saving display settings.
Retention: These cookies are often persistent and remain on your device until you clear them or they expire.

4. Targeting and Advertising Cookies

Purpose: We use targeting and advertising cookies to deliver personalized ads based on your browsing activity and interactions. These cookies track your behavior across the platform to display ads that are relevant to your interests.
Retention: These cookies may persist for varying periods (typically from several weeks to a year), depending on the ad campaign.

D. How We Use Cookies and Tracking Technologies

We use cookies and tracking technologies for several purposes, all aimed at enhancing your experience and ensuring the platform operates efficiently. Below is a summary of how we use these tools:

1. Authentication and Security

Login Management: We use cookies to keep you logged in as you navigate the platform, preventing unauthorized access and maintaining session integrity.
Fraud Detection: Cookies and tracking technologies help us identify suspicious activities, such as multiple failed login attempts or unusual behavior, to protect your account.

2. Personalization

Customized Experience: We use cookies to remember your preferences (such as display settings or language preferences) and personalize your experience on the platform.
Content Recommendations: Based on your browsing and interaction history, we may suggest posts, articles, or products that are relevant to your interests.

3. Analytics and Performance Monitoring

User Behavior Analysis: Cookies allow us to track user activities, such as which pages are visited most frequently, how long users spend on the site, and what features are most popular. This helps us improve the platform’s performance and usability.
Error Reporting: We use cookies to monitor for performance issues and errors, which helps us identify and resolve technical problems more quickly.

4. Advertising and Marketing

Targeted Ads: Cookies enable us to show you ads that are tailored to your interests.
Ad Measurement: Cookies help us track the effectiveness of our advertising campaigns by analyzing metrics such as ad impressions, click-through rates, and conversions.

E. How to Manage Your Cookie Preferences

We believe in giving you control over the cookies and tracking technologies we use. You can manage your cookie preferences in several ways:

1. Browser Settings

Most web browsers allow you to control cookies through their settings. You can choose to block or delete cookies, or set your browser to notify you when a website attempts to place a cookie on your device. However, please note that disabling cookies may impact your experience on the platform and prevent certain features from working properly.

2. Cookie Consent Manager

We provide a cookie consent tool that allows you to manage which types of cookies you accept or reject. When you first visit our platform, you will be prompted to customize your cookie preferences.

3. Third-Party Tools

Certain third-party services provide their own cookie management tools. You can opt out of tracking through these services by visiting their respective privacy and cookie settings pages.

F. Changes to Our Cookie Policy

We may update our cookie policy from time to time to reflect changes in technology, legal requirements, or how we operate the platform. Any changes to this policy will be communicated clearly, and you will be given the opportunity to review and adjust your cookie preferences if necessary.

9. Data Security

At Melaaj, protecting your personal data is one of our top priorities. We understand the importance of data security, and we are committed to ensuring that your information is handled with the utmost care and protected from unauthorized access, breaches, and misuse. This section outlines the comprehensive measures we implement to safeguard your data, the technologies we use, and your role in maintaining a secure experience on our platform.

A. Security Measures We Implement

We employ a combination of technical, physical, and administrative security measures designed to protect your personal data. These measures are regularly reviewed and updated to address emerging threats and technological advancements. Below is a summary of the key safeguards we have in place:

1. Encryption

Encryption is a core element of our data protection strategy. We use strong encryption methods to protect your personal data both in transit and at rest:

Data in Transit: All data transmitted between your device and our servers is encrypted using industry-standard Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols. This ensures that your data is securely transmitted and cannot be intercepted by third parties.
Data at Rest: We store your data in encrypted form within our databases. This protects your information from unauthorized access, even if a data breach occurs.

2. Access Controls

We implement strict access controls to ensure that only authorized personnel have access to your personal data:

Role-Based Access: Access to sensitive data is restricted to employees and service providers who need it to perform their job functions. Each user has a role-based access level, which limits their ability to view or manipulate data beyond their designated permissions.
Multi-Factor Authentication (MFA): We require multi-factor authentication for all our employees who access our systems. This adds an extra layer of security by requiring two forms of verification before access is granted.
Least Privilege Principle: We follow the least privilege principle, which means that access is only granted to the minimum necessary data required to perform specific tasks.

3. Data Masking and Tokenization

To further protect sensitive data, we use data masking and tokenization techniques. These methods obscure your personal information so that it cannot be exposed in its original form, making it useless to unauthorized users:

Data Masking: Masking replaces sensitive data elements (such as credit card numbers or social security numbers) with random characters or symbols when displayed in reports or logs.
Tokenization: Tokenization replaces sensitive data with randomly generated tokens that can only be decoded using a secure key. This ensures that even if tokens are intercepted, they cannot be used to access your real data.

4. Firewalls and Intrusion Detection Systems

We employ advanced firewall and intrusion detection systems to monitor and protect our networks from external threats. These systems detect and block unauthorized access attempts, malicious traffic, and suspicious activities:

Firewalls: Firewalls serve as a barrier between our internal networks and the internet, blocking unauthorized access and preventing external attacks.
Intrusion Detection: Our intrusion detection systems (IDS) continuously monitor for suspicious activity and potential security breaches, allowing us to respond quickly to potential threats.

5. Regular Security Audits and Penetration Testing

We conduct regular security audits and third-party penetration testing to identify potential vulnerabilities in our platform and address them before they can be exploited:

Internal Audits: Our internal security team performs regular audits to evaluate our systems, procedures, and infrastructure to ensure compliance with industry best practices.
Penetration Testing: We work with external security experts who perform simulated attacks on our systems to uncover potential vulnerabilities. These tests help us proactively strengthen our defenses and prevent real-world attacks.

B. Data Breach Response Plan

Despite our best efforts to secure your data, no system is completely immune to potential breaches. To ensure rapid response and minimize any potential damage in the event of a data breach, we have a robust data breach response plan in place:

1. Immediate Containment

If we detect a data breach, our priority is to contain the incident to prevent further unauthorized access or data loss. This includes:

Isolating Affected Systems: We will immediately isolate any affected systems to prevent the breach from spreading to other parts of our infrastructure.
Disabling Compromised Accounts: If an account has been compromised, we will temporarily disable access and require multi-factor authentication to regain control.

2. Investigation and Impact Assessment

We will thoroughly investigate the breach to understand how it occurred, what data was affected, and the potential impact on users. This investigation will include:

Forensic Analysis: Our security team, in collaboration with external experts if necessary, will perform a forensic analysis to determine the root cause of the breach and identify any weaknesses in our defenses.
Impact Assessment: We will assess the scope of the breach, including the type and extent of personal data affected and the potential risk to users.

3. Notification

If your personal data is compromised in a breach, we will notify you as soon as possible. Our notification will include:

Details of the Breach: Information about what happened, what data was affected, and how the breach occurred.
Steps Taken: An outline of the steps we have taken to contain the breach and secure your data.
Actions for You: Recommendations for actions you can take to protect yourself (e.g., changing passwords or monitoring account activity).

4. Ongoing Monitoring and Improvement

After the breach is contained, we will implement additional security measures and enhance our defenses based on the findings of the investigation. We will also continue to monitor for any signs of residual threats or attempts to exploit the breach further.

C. Your Role in Data Security

While we are committed to maintaining the security of your data, you also play an important role in protecting your personal information. Here are some steps you can take to safeguard your account and personal data:

1. Choose Strong Passwords

We recommend that you use strong, unique passwords for your Melaaj account and avoid using the same password across multiple platforms. A strong password typically includes a mix of letters, numbers, and special characters.

2. Enable 2-Factor Authentication (2-FA)

Enabling 2-factor authentication (2-FA) adds an extra layer of security to your account by requiring you to enter a secondary form of verification (such as a one-time code sent to your phone) in addition to your password.

3. Be Cautious of Phishing Scams

Always be vigilant when receiving unsolicited emails, messages, or links that request your personal information or login credentials. Phishing scams often mimic legitimate organizations to trick you into providing sensitive data.

4. Keep Your Software Updated

Ensure that your device’s operating system, web browser, and security software are regularly updated to the latest versions. Updates often include security patches that help protect against known vulnerabilities.

5. Monitor Account Activity

Regularly monitor your account for any unusual or suspicious activity. If you notice any unauthorized access or changes to your account, contact our support team immediately for assistance.

D. Continuous Security Improvement

The landscape of digital security is constantly evolving, with new threats emerging every day. As part of our commitment to data security, we continuously invest in the latest security technologies and processes to stay ahead of potential threats:

Security Training: Our employees undergo regular security training to stay informed about the latest threats and best practices in data protection.
Threat Monitoring: We use sophisticated monitoring tools to detect and respond to suspicious activities in real-time, ensuring that potential threats are addressed before they escalate.
Collaboration with Security Experts: We work with external security consultants and participate in information-sharing initiatives to stay informed about emerging threats and vulnerabilities.

10. Children's Privacy

Protecting the privacy and safety of children is of utmost importance to us at Melaaj. We are committed to ensuring that our platform is a secure and responsible environment, especially for young users. This section outlines our policies and practices regarding the collection, use, and protection of personal data belonging to users under the age of 18, as well as how we comply with relevant child protection laws and regulations.

A. Age Restrictions and Eligibility

Our platform is designed for individuals aged 13 and above. We recognize the importance of safeguarding the privacy of minors, especially users who are between the ages of 13 and 17. As part of our commitment to children’s privacy, we enforce strict age verification measures and data collection policies for younger users to ensure that their personal information is handled with care and in accordance with applicable laws.

1. Minimum Age Requirement

Eligibility: To create an account and use our platform, users must be at least 13 years old. This minimum age complies with the Children’s Online Privacy Protection Act (COPPA) in the United States, the General Data Protection Regulation (GDPR) in the European Union, and other relevant international child protection laws.
Age Verification: We implement age verification measures during the account registration process. Users who do not meet the minimum age requirement will not be able to create an account. In cases where a user is suspected of providing false information regarding their age, we may request additional verification to confirm their eligibility.

2. Parental Involvement for Users Under 18

Parental Consent: For users between the ages of 13 and 17, we encourage parental involvement and recommend that parents or legal guardians supervise their children’s use of the platform. Where applicable by law, we may seek verifiable parental consent before collecting personal information from users in this age range.
Parental Controls: To further protect minors, we provide parental control features that allow parents or guardians to monitor and manage their child’s activity on our platform. These features include account activity reviews, content filtering, and the ability to control messaging or sharing permissions.

B. Types of Data We Collect from Children

While we aim to minimize the collection of personal data from users under 18, there are certain cases where collecting such information is necessary for account creation, security, and providing appropriate services. We strictly limit the type and amount of data we collect from younger users to ensure their privacy is respected. For users between the ages of 13 and 17, we collect the following types of data:

1. Account Information

Basic Account Details: When a minor registers on our platform, we collect essential account information such as their username, email address, and date of birth. This information is necessary to create their account and enforce age-appropriate settings.
Profile Information: We allow minors to create profiles with limited personal information such as their name, profile picture, and biography. We strongly advise against minors sharing sensitive details such as home addresses, phone numbers, or other identifying information.

2. Content and Activity Data

Posting Restrictions: We apply content moderation and restrictions to posts made by users under 18, ensuring that inappropriate, harmful, or sensitive content is either automatically filtered or requires age verification before viewing. We also restrict certain features (such as anonymous posting) for younger users to prevent misuse.
Data Collected Through Platform Use: We may collect data on how minors interact with the platform, such as their activity logs, posts, comments, likes, and interactions with other users. This helps us ensure that minors are engaging safely and appropriately with our community.

3. Location Data

Limited Location Data: We may collect geolocation data when minors use location-based features on our platform (such as tagging locations in posts), but only with explicit consent. Parents or guardians may disable location-sharing features through account settings to protect the child’s privacy.

4. Communication Data

Messaging: We offer messaging services for users under 18 but employ stricter privacy controls to ensure that their communication is safe and appropriate. We may apply monitoring systems to detect harmful or suspicious activity in chats and group conversations to protect younger users from inappropriate interactions.

C. How We Use Data from Children

We are committed to using the personal data of minors in a way that ensures their safety, privacy, and compliance with legal requirements. Data collected from users under 18 is used solely to provide essential services, ensure compliance with our age restrictions, and enhance the user experience within appropriate boundaries.

1. Providing Age-Appropriate Services

The primary use of personal data from children is to enable them to use the platform in a safe and age-appropriate manner. This includes:

Allowing access to features that are suited to their age group.
Applying stricter privacy settings by default to protect their information.
Offering content that is appropriate for their age range while filtering out harmful content.

2. Ensuring Safety and Moderation

We use data collected from minors to enforce safety and moderation features, ensuring that inappropriate content or interactions are detected and prevented. This includes:

Monitoring interactions for harmful behavior such as cyberbullying, harassment, or exploitation.
Applying content filters and age restrictions to posts, videos, and other media to protect minors from harmful or explicit content.

3. Complying with Legal Obligations

We may use the personal data of minors to comply with legal obligations such as data protection laws and child safety regulations. This includes:

Reporting suspected cases of abuse, exploitation, or illegal activities to the relevant authorities.
Retaining data in accordance with legal requirements while respecting the rights of the minor to privacy.

D. Data Sharing and Third-Party Access

We do not share personal data of minors with third parties for advertising, marketing, or any other purpose that is not aligned with the protection of their privacy. However, there are limited circumstances in which we may share data from minors, always ensuring compliance with applicable child privacy laws.

1. Service Providers

We may share limited data with trusted service providers who assist us in operating the platform, such as hosting services, security providers, or customer support teams. These providers are contractually obligated to protect the data and use it solely for the purpose of providing their services.

2. Legal Compliance and Safety

We may share data with law enforcement or government agencies if required by law or if we believe that such disclosure is necessary to:

Protect the safety and welfare of the minor.
Prevent or investigate illegal activities, including cyberbullying or exploitation.
Comply with legal processes such as subpoenas or court orders.

E. Parental Rights and Controls

Parents or guardians have the right to review, manage, and request the deletion of their child’s personal information collected by the platform. We provide several tools and options for parents to exercise their rights and manage their child’s privacy:

1. Review and Deletion Requests

Parents or guardians may request to review the personal data we have collected from their child and, if desired, request its deletion. We will comply with such requests, subject to legal limitations, and take steps to verify the identity of the parent or guardian before making any changes to the child’s data.

2. Parental Controls and Monitoring

Parents can access parental control features to manage their child’s account settings, monitor activity, and limit certain features or interactions. These controls include the ability to:

Limit content visibility.
Block messaging from specific users or groups.
Control sharing and posting permissions.

F. Compliance with Children’s Privacy Laws

We are committed to complying with all applicable child privacy laws, including the Children’s Online Privacy Protection Act (COPPA), GDPR’s provisions on child data protection, and other relevant international regulations:

1. Children’s Online Privacy Protection Act (COPPA)

In the United States, COPPA imposes specific requirements on operators of websites or online services directed at children under 13. We comply with COPPA by ensuring that we do not knowingly collect personal information from children under 13 without verifiable parental consent.

2. GDPR for Minors

The GDPR sets forth specific rules for the processing of personal data for users under the age of 16 in the European Union. We comply with these regulations by seeking parental consent when required and ensuring that minors’ data is treated with additional care and security.

G. Changes to Our Children’s Privacy Policy

We may update our children’s privacy practices from time to time to reflect changes in regulations or improvements to our platform’s safety features. If we make any material changes to how we handle children’s personal data, we will notify parents or guardians via email or through the platform.

11. International Data Transfers

In today’s interconnected digital world, data often flows across borders. At Melaaj, we recognize that users come from many different countries, each with its own data protection laws and regulations. To provide a seamless and global experience, we may transfer, process, and store your personal data in different countries outside of your home country. This section explains how we handle international data transfers and the steps we take to ensure that your information remains secure and protected, regardless of where it is processed.

A. Data Transfers Across Borders

As part of our global operations, your personal data may be transferred to, stored, and processed in countries other than the one in which you initially provided the data. These transfers occur for various purposes, including:

Service Delivery: To provide our services to you efficiently, we may use servers and data centers located in various regions.
Global Support: Our customer support, engineering, and operational teams may be located in different countries, requiring access to user data for troubleshooting and support.
Third-Party Services: We work with trusted third-party service providers (such as cloud storage, analytics providers, and payment processors) who may be based in or operate from different jurisdictions.

B. Legal Frameworks for International Data Transfers

When transferring your personal data internationally, we ensure compliance with applicable legal frameworks designed to protect your privacy. These frameworks include:

1. General Data Protection Regulation (GDPR)

For users located in the European Union (EU) or the European Economic Area (EEA), we follow the requirements of the GDPR. The GDPR establishes specific rules for transferring personal data outside of the EU/EEA, ensuring that any data transferred internationally receives the same level of protection as it would within the EU.

Adequacy Decisions: We may transfer data to countries that the European Commission has deemed to provide an adequate level of data protection, known as “adequacy decisions.”
Standard Contractual Clauses (SCCs): For countries not covered by adequacy decisions, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission. These are legally binding agreements that ensure the protection of your personal data when it is transferred outside the EU/EEA.

2. Other International Data Transfer Agreements

In addition to the GDPR, we comply with other regional and international data protection laws that regulate data transfers, such as:

United Kingdom: Post-Brexit, we comply with the UK GDPR and the Data Protection Act 2018 for transfers to and from the UK.
United States: For users in the United States, we may rely on frameworks like the EU-U.S. Data Privacy Framework (DPF) or similar mechanisms to govern transatlantic data transfers.

3. Binding Corporate Rules (BCRs)

We may also implement Binding Corporate Rules (BCRs) where applicable. BCRs are internal policies and procedures that multinational companies like ours use to transfer personal data securely within the organization, even if the data crosses international borders. These rules are approved by data protection authorities and ensure that data privacy is upheld regardless of where data is processed.

C. Safeguards for International Data Transfers

We take multiple measures to protect your data during international transfers, including the following safeguards:

1. Encryption and Data Security Measures

We use encryption protocols, both during transmission and at rest, to ensure that your personal data is protected from unauthorized access, alteration, or disclosure. Our servers are equipped with state-of-the-art security technologies, and we regularly update our systems to stay ahead of evolving security threats.

2. Data Minimization

We only transfer the minimum amount of data necessary to achieve the intended purpose, adhering to the principle of data minimization. This means that only the data required for processing is transferred across borders, reducing the potential exposure of personal information.

3. Access Control and Monitoring

Access to personal data, including data transferred internationally, is strictly controlled. Only authorized personnel and trusted service providers with a legitimate need are allowed to access the data, and we regularly audit and monitor access to ensure compliance with our security policies.

4. Data Processing Agreements (DPAs)

When we work with third-party service providers or partners located outside your country, we enter into legally binding Data Processing Agreements (DPAs) with these entities. These agreements outline their obligations to protect your data, adhere to international data protection standards, and ensure that your privacy is respected at all times.

D. Your Rights Regarding International Data Transfers

You have certain rights concerning how your personal data is transferred across borders. We are committed to respecting and upholding these rights, which may include:

1. Transparency

We will provide you with clear information about where your personal data is transferred and how it is protected in these regions. You can contact us at any time to inquire about the specific countries or regions where your data may be processed.

2. Data Access and Correction

You have the right to access your personal data, regardless of where it is processed, and to request corrections if the information is inaccurate or incomplete. We will work with you to fulfill these requests in a timely and efficient manner.

3. Objection to Data Transfers

In certain cases, you may have the right to object to the transfer of your personal data to specific countries or regions. While we will evaluate your request based on the legal requirements, there may be instances where continued processing is necessary for the provision of services or compliance with legal obligations.

4. Data Portability

Where technically feasible, you have the right to request that your personal data be transferred directly to another service provider in a commonly used, machine-readable format. This right ensures that you have control over your data, even when it is being transferred internationally.

E. Challenges and Future Considerations

International data transfers are subject to evolving legal frameworks and regulatory developments. We continuously monitor changes in international data protection laws and adjust our practices accordingly. For instance, recent decisions by courts or data protection authorities (such as the Schrems II decision by the Court of Justice of the European Union) may impact how we handle data transfers, and we remain committed to compliance.

In the event of significant changes to the laws governing international data transfers, we will update our policies and practices promptly to ensure your data remains protected. Additionally, we will notify you of any substantial updates to how your data is handled across borders and provide you with options to exercise your rights under the new regulations.

12. Changes to This Privacy Policy

At Melaaj, we are committed to safeguarding your privacy and ensuring transparency in how we handle your personal information. As part of our continuous efforts to comply with legal requirements, improve our services, and enhance your privacy, we may occasionally update or revise this Privacy Policy. This section outlines how we approach changes to our Privacy Policy, how you will be informed of such changes, and how these changes may affect your rights.

A. Why We May Update This Privacy Policy

The digital landscape is constantly evolving, as are the legal frameworks and technologies related to data privacy. Therefore, we may need to revise this Privacy Policy for several reasons:

1. Compliance with Laws and Regulations

As new data protection laws and regulations emerge, we may be required to update our Privacy Policy to ensure compliance. Changes in global privacy regulations such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or other regional laws may necessitate modifications to our policies and practices.

2. Changes in Our Services

As our platform evolves and introduces new features or services, it may be necessary to update this Privacy Policy to reflect how new technologies or functionalities interact with your personal data. These updates may include changes to how we collect, use, store, or share data.

3. Security Enhancements

As part of our ongoing commitment to data security, we regularly review and improve our security practices. Any significant improvements or modifications to how we protect your data may be reflected in updates to this Privacy Policy.

4. Business Developments

In the event of any business changes, such as mergers, acquisitions, or partnerships, this Privacy Policy may need to be updated to reflect changes in ownership, data handling practices, or third-party relationships that affect how your data is managed.

B. How We Will Notify You of Changes

We understand that changes to this Privacy Policy may affect your rights or the way your personal data is handled. To ensure you are informed about these changes, we take several steps to provide transparent and timely notifications:

1. Notification via Platform

When we make significant changes to this Privacy Policy, we will provide clear and prominent notifications within the platform itself. This may include pop-up notifications, banners, or in-app messages to alert you to the updated policy.

2. Email Notifications

For material changes that may impact how we process your data or your privacy rights, we will also notify you via the email address associated with your account. This ensures that even if you are not actively using the platform, you are made aware of important updates.

3. Review and Consent

In certain cases, where changes to the Privacy Policy significantly affect your rights, we may seek your consent before proceeding with any new data practices. You may be asked to review and accept the updated policy the next time you log into your account. By continuing to use the platform after changes take effect, you indicate your agreement with the revised Privacy Policy.

4. Effective Date of Changes

Each time we update this Privacy Policy, we will include the “Last Updated” date at the top of the document. This date indicates when the changes came into effect. We will also provide a brief summary or overview of the key updates, allowing you to quickly understand what has changed.

C. How Changes May Affect You

1. Your Continued Use of the Platform

By continuing to use Melaaj after the Privacy Policy has been updated, you agree to be bound by the revised terms. If you do not agree with the updated policy, you have the option to discontinue using our platform or to adjust your privacy settings within your account.

2. Reviewing Changes

We encourage you to periodically review this Privacy Policy to stay informed about how we protect your privacy. If you have any concerns or questions about the changes, you can contact our support team for clarification.

3. Impact on Your Rights

While most updates are aimed at improving transparency or compliance with regulations, certain changes may provide you with enhanced privacy rights or modify how you can control your data. We will always inform you about any significant changes that impact your ability to access, manage, or delete your personal data.

D. Historical Versions of the Privacy Policy

For transparency, we maintain a record of all previous versions of this Privacy Policy. If you wish to review any prior versions to understand how our practices have evolved, you may request access to them by contacting our support team.

E. Questions or Concerns

If you have any questions, concerns, or objections regarding changes to this Privacy Policy, or if you would like to better understand how these changes may impact your data, we invite you to reach out to us. Our team is available to provide clarification and to help you navigate any adjustments to your privacy settings or rights.

13. Contact Information

At Melaaj, we value transparency and open communication. We are committed to providing you with clear and accessible channels to address any questions, concerns, or feedback you may have regarding our Privacy Policy, your data, or any other aspect of our platform. Whether you need assistance with data protection issues, wish to exercise your privacy rights, or simply want more information about how we handle your personal data, we are here to help.

A. How to Contact Us

We encourage you to reach out if you have any inquiries or would like to exercise your privacy rights. You can contact us through any of the following methods:

1. Email

For general inquiries, privacy-related concerns, or specific questions about your data, please feel free to contact us via email at:

Email Address: support@melaaj.com

This is the quickest and most efficient way to get in touch with our privacy team, especially for matters that require detailed attention or written confirmation.

3. Customer Support Portal

For immediate assistance or to manage account-related privacy requests, you can visit our dedicated customer support portal. You can access the portal here:

Support Portal: Contact Us

On the portal, you can submit specific privacy requests, provide feedback, and communicate directly with our support team.

14. Appendix

A. Key Definitions

In order to ensure clarity and accuracy in the interpretation of this Privacy Policy, we have outlined the following key terms that may be used throughout the document:

1. Personal Data

Any information that can identify, directly or indirectly, an individual. This may include, but is not limited to, names, contact details, identification numbers, location data, or any other data specific to an individual’s identity.

2. Sensitive Personal Data

This refers to a subset of personal data that is more sensitive in nature and requires a higher level of protection. Sensitive personal data includes information such as health data, racial or ethnic origin, religious beliefs, political opinions, or biometric data.

3. Processing

Any operation or set of operations performed on personal data, including but not limited to collection, storage, use, retrieval, dissemination, or destruction.

4. Data Subject

The individual whose personal data is being processed. In this case, the data subject refers to you, the user of our platform, whose personal data we collect and process.

5. Controller

The entity responsible for determining the purposes and means of processing personal data. In this case, Melaaj is the data controller for the information we collect and process.

6. Processor

A third party that processes personal data on behalf of the controller. Our platform may share personal data with third-party service providers who act as processors, under strict contractual obligations to handle data in a secure and compliant manner.

7. Consent

The informed, explicit, and voluntary agreement given by the data subject for the processing of their personal data. Consent is required for certain data processing activities, particularly where sensitive personal data is involved.

8. Data Subject Rights

The rights granted to individuals under data protection laws, such as the right to access, rectify, delete, or restrict the processing of their personal data.

9. Cookies

Small text files placed on a user’s device by our platform to store information about your preferences or actions, enabling us to offer a more personalized experience.

10. Tracking Technologies

This refers to the use of cookies, pixels, web beacons, and similar tools to track user behavior, interactions with content, or other activities on our platform.

B. Legal References

The following is a list of relevant laws, regulations, and frameworks that govern the handling of personal data and privacy protection:

1. General Data Protection Regulation (GDPR)

The GDPR is a comprehensive regulation enacted by the European Union to protect the personal data and privacy of individuals within the EU and the European Economic Area (EEA). It sets out strict guidelines for the collection, processing, storage, and transfer of personal data.

Relevant Articles: Articles 5, 6, 7, 13, 15-22

2. California Consumer Privacy Act (CCPA)

The CCPA provides privacy rights to residents of California, granting them the right to access, delete, and control how businesses use their personal information.

Relevant Provisions: Section 1798.100 – 1798.199

3. Children’s Online Privacy Protection Act (COPPA)

COPPA is a U.S. federal law that protects the privacy of children under the age of 13. It imposes strict requirements on websites and online services directed at children to ensure that personal data is not collected from minors without verifiable parental consent.