This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use the Faytish website and mobile application (collectively, the "Service"). We understand that privacy and discretion are fundamental within the gay kink, fetish, and BDSM community. This policy also outlines your rights concerning your data. We are committed to protecting your personal information. We implement and maintain appropriate organizational, technical, and security measures designed to prevent unauthorized or unlawful processing, and to guard against accidental loss, destruction, or damage of your data.

We have always taken the protection of your personal data very seriously and continuously take appropriate organizational, contractual and technical measures to protect your data from unauthorized or unlawful processing and against accidental loss, destruction or damage.

1. Introduction
The data controller for the Service is DC Cloud Tech Ltd (referred to as "we," "us," or "our"). For general support inquiries, please contact us at: supports@faytish.com.

We are a company based outside the European Economic Area ('EEA'). While the technical infrastructure for the Service is located within the EEA, the legal collection of your information occurs under the jurisdiction of a 'Third Country.' We are committed to respecting the data protection standards applicable under laws like the GDPR. Details regarding international data transfers are provided in Section 7.

2. Data Controller

We collect information from you in two main ways: automatically, and information you provide directly.

A. Information Collected Automatically:

When you visit our website or use our app, certain technical data is transmitted to our servers. This occurs regardless of account registration.
Website Visits: We collect standard server log data, which includes: timestamp of your visit, status of the request, the specific page requested, amount of data transferred, the website that referred you (referrer URL), and your browser type/version.
App Usage: We collect your IP address; app identifier, name, and version; device model and identifier; operating system and version; device language; and, with your explicit permission, GPS location data.
We use cookies and similar technologies (like API tokens) to facilitate this data collection and to enhance your experience on the Service. When you create a profile, a unique, non-changeable User ID is assigned to you for identification within our system.

If you create a profile on our Service, we will assign a so-called unique user ID to it. Besides your chosen profile name, the unchangeable Unique User ID allows us to uniquely identify your profile.

B. Information You Provide Directly:

The scope of data you provide depends on how you use the Service. Information you make public on your profile is visible to other users and may be searchable.

- Required Profile Data:
To create an account, you must provide: a username, password, email address, gender, country, state/province, city, age, height, weight, the gender(s) you are seeking, what you are looking for (e.g., kinky dates), a bio description, your interests, and a profile photo.
- Optional Profile Data: You may choose to provide additional details about physical characteristics, specific sexual preferences, kinks, role (e.g., Dom, Sub, Switch), or beliefs. You can also upload additional photos or videos to a public or private gallery.
- Location Data: During registration, we request access to your GPS location once to determine your approximate area. You can control this permission within your device or app settings at any time.
- Communication Data: Messages and conversations with other users are stored to maintain your chat history. We may scan for specific keywords to prevent criminal activity and ensure community safety.
- Customer Service Data: When you contact support, we save your communications and related notes to provide consistent service.
- Verification Data: To verify your profile, you may be asked to provide a photo showing your face and a specific hand gesture.
- Device Permissions: Granting the app access to your camera or photo library allows you to upload content. We only receive the specific images or videos you choose to share. We do not access your device's contact list.
- Social Login: If you use "Sign in with Apple," you transmit your Apple ID username and a chosen email address. 

3. How We Use Your Information (Purposes & Legal Basis)

We process your personal information for the following purposes, relying on legal bases under the GDPR and similar regulations:
- To allow you and other users to use the Service and to ensure its functionality
- To provide you with additional Services that you have purchased
- To keep you up to date with relevant information about our Service and to send you system notifications to the email address you have provided
- To send our newsletter and other information about our Services to the provided email address (such as for example about discount campaigns, events, satisfaction surveys or other similar offerings of our online platforms).
- To adapt the provision of the Service to your needs.
- To display advertising tailored to your interests.
- To continuously improve the Service offer and to correct errors.
- To detect and prevent fraud attempts.
- To ensure the protection of minors.
- To enable the exchange with Customer Service in case of questions.
- To check information published on your profile or shared by you through the Service.
- To disclose your personal data to third parties if we are legally obliged to do so.
- To assert legal claims and to defend against legal disputes.
- To ensure IT security and smooth operation of IT systems.
- To assist the competent authorities in discovering and prosecuting criminal offence including, but not limited to, offence causing bodily injury or death of the victims.

In doing so, we rely on various legal bases in accordance with the so-called General Data Protection Regulation, a European Union legal framework for the standardization of data protection law (‘GDPR’ for short). We refer in detail to the following legal bases:
YOUR CONSENT (ART. 6 (1) LIT. A & ART. 9 (2) LIT. A GDPR)
When visiting the Website without registration, you agree to the cookie guidelines in the pop-up. If you have given us your consent to process personal data for specific purposes, this consent ensures the legality of the processing. By registering and creating your profile, you expressly agree to its use for the purposes described in detail in this Privacy Notice by ticking the box before submitting the registration form. So, if we process your data, it is because you have expressly allowed us to do so when you registered. Your consent is therefore the most important legal basis for the processing of your personal data by us. If you provide us with information about your sexual orientation or preferences, we will process this data exclusively on the basis of your consent.

FULFILMENT OF CONTRACTUAL OBLIGATIONS (ART. 6 (1) LIT. B GDPR)
At the same time, the processing of personal data takes place also for the provision of the Service and in the context of the performance of our contract with you. In many cases, the processing is not only justified by your consent, but also because it is necessary to fulfil our contract with you: In order to fulfil your claim to the Services described in more detail in our General Terms and Conditions, it may be necessary, for example, to process your personal data, for example, if you wish to pay for your VIP or Premium membership the processing of your payment information is required.

PROTECTING VITAL INTERESTS (ART. 6 (1) LIT. D GDPR)
We invoke this legal basis in narrowly defined case constellations (e.g. reported suicide announcements) where the processing is necessary for the protection of the vital interests of the data subject or another natural person.

SAFEGUARDING LEGITIMATE INTERESTS (ART. 6 (1) LIT. F GDPR)
By registering to use the Service, you consent to the processing of your data in accordance with this Privacy Notice. That is why we process your data in principle, because you have allowed us to do so. However, there are some cases in which we would be entitled to process your data without your consent because it is necessary to protect our legitimate interests (or the interests of third parties). In this respect, the purposes for which we process your data also represent legitimate interests. We pursue legitimate interests, for example, if we check images or texts for content relevant under applicable criminal law or if we take measures to secure our ‘virtual domiciliary rights. In these cases, we will not ask you in advance whether you agree to this processing, since processing is otherwise permitted by law.

LEGAL REQUIREMENTS OR IN THE PUBLIC INTEREST (ART. 6 (1) LIT. C & E GDPR)
In addition, we are legally obliged to provide certain information to criminal prosecution, tax or other authorities in individual cases upon request, if such processing is necessary for safeguarding public interest. Additionally, commercial and tax law contain such obligations for processing in some cases.

4. International Data Transfers
We treat your personal data with care and confidentiality and will only pass them on to third parties and other recipients to the extent described below and not beyond.

A. TO OTHER USERS:
As our Service is a platform for getting to know each other, it is in the nature of things that we forward your profile data as well as other data (e.g. messages you send and other communication you have with other users and the community) at your request and on your behalf to the corresponding users of the Service.

1. THIRD PARTIES AND OTHER RECIPIENTS (BOTH WHEN USING WEB AND APP):

In addition, we transmit data to external service providers who enable us to provide the Service to you. These include hosting providers, delivery service providers, payment service providers and providers of analytics platforms. We require each of these service providers to comply with strict rules about the security of your personal information when processing personal information on our behalf. Such processing operations are therefore principally based on your explicit consent as well as contractual agreements guaranteeing an adequate level of protection for your data.

1. THIRD PARTIES (ONLY WHEN USING THE APP):
   Microsoft Bing Ads & Microsoft Conversion Tracking
   This Website uses the Bing tracking feature of Microsoft Corporation (location USA). Bing can track the activity of the users as they interact the ads that are being displayed in Bing. We us Bing Ads services to advertise our brand with the purpose of bringing more users to the site. As the users of Bing type specific keywords, our ads will be shown in accordance to the words they have used in their query. When interacting with such ads, Bing will place cookies so it can display similar ads or ads that may be of your interest in the future. The data Bing collects can include: searches and location, websites, videos and ads viewed, user information if the user possesses a Microsoft account (age range, email, telephone and gender). Information on opt-out options - Additional information about the cookies used by Microsoft Bing and Microsoft Inc.'s privacy policy.
   
   Alibaba OSS
   This hosting service (processing in USA) is used by us to store and deliver videos and images.
   
   Google
   Google LLC is a provider from the USA. Google Analytics is used to analyse the behavior of users of our Services. With the help of Google Captcha, we can determine whether a visitor is a human being or a machine for certain actions. YouTube videos are embedded in our Service in ‘advanced privacy mode’. While no Youtube cookies are set due to this particularly data protection-friendly method of embedding, calling up the pages nevertheless leads to a connection being established with YouTube and the DoubleClick network. A click on the video can trigger further data processing operations over which we have no control Information on opt-out options.

D. THIRD PARTIES AND OTHER RECIPIENTS (ONLY WHEN USING THE APP):
Apple
We use Apple (location USA) and its Apple Push Notification Service (APNS) to send push notifications to iOS users that may contain personally identifiable information.

Additional Google Services
Google Fabric (incl. Crashlytics and Answers) and Google Firebase (both: USA) help us to monitor the performance of our App, identify crashes and analyse user behavior. We use Google Firebase and its Firebase Cloud Messaging (FCM) service to send push notifications to Android and iOS users that may contain personally identifiable information. Google AdMob (location: USA) enables us to deliver relevant ads in our app and is powered by ads from Google Ads and other Third Party Ad Buyers on Google's Ad Exchange. More information on how Google manages data in its ads products

Advertising Networks & Affiliates
When using our App, our ad networks and affiliates may use so-called device identifiers to create an anonymous profile of your click behavior for mobile advertising. In our App we work with various mobile advertising partners beyond Google Admob, including the following companies:
Apple Search Ads (location USA)
Fyber (location Germany, adequate level of data protection)

The link to the current privacy policy and an option to disable behavioral advertising, if available, can be found in our cookie matrix. Further information on the stored data can also be obtained there. These cookies and device identifiers can be used to display personalised advertisements to you. A profile is also created based on comparable information obtained by Google, Facebook, and other third-party ad networks (see list above) from your visits to other Websites or Apps on their networks.
Deactivation of personalised advertising in the App
You can disable personalised advertising via the settings of your device:
Android
On Android, this option can be found in the Google Preferences App. Depending on the device, this is called ‘Google Settings’ or only ‘Settings’. Under the menu item ‘Google’ > ‘Ads’ you will find the option ‘Deactivate Interest Based Advertising’ or ‘Deactivate Personalised Advertising’ depending on the device. The selection can be used to deactivate personalised advertising.

iOS
On iOS, this option is located in the "Settings" app. Under the menu item "Privacy" > "Tracking" you will find the option "Allow apps to request to track". Personalised advertising can be deactivated with the deactivated selection.

5. PROCESSING OF PAYMENT DATA
When purchasing on our Service through the Website or mobile Website, we transfer different information to our collection partners for each payment method. If you want to use paid offers via the App, you will provide further additional information depending on the chosen payment method. However, you will not transfer this information to us, but will transfer it directly to the Apple App Store or the Google Play Store after you have given your consent to the respective terms and conditions and privacy policy. Such purchases are made directly through the relevant store.

6. INFORMATION ON BEHAVIOURAL ADVERTISING
‘Behavioral advertising’ means the use of tracking measures to determine the potential interest of users in advertisements on our Website and in our App and to display them according to their interests. For this we use the following features: Gender, membership type, 18+ status, preferences, interest in membership, number of logins and which gender a member is looking for. Members with a Premium and VIP membership have the possibility to turn off advertising.

7. TRANSMISSION TO COUNTRIES OUTSIDE THE EU OR THE EEA
All servers of the Service are located in the European Economic Area (‘EEA’), so your data do not leave the EEA from a technical perspective, instead the technical provision and processing of the data for the operation of the Service takes place in the EEA.

However, when you submit information to us, it is legally collected by a data controller located in a country outside the EEA because we are based in China. In addition, our development company is also based in China, from where it has technical access to the servers in the EEA in certain situations.

According to the GDPR, there are special requirements for transfers of data to so-called ‘Third Countries’ not guaranteeing an adequate level of data protection, without applicable adequacy decisions and without specific guarantees to compensate for this deficit. This means that, from a European perspective, personal data and data subjects enjoy less protection and rights there.

Where no adequate level of protection for personal data can be guaranteed in a specific country, this means that it is possible that government bodies such as criminal prosecution services and intelligence agencies might be able to access data under less strict requirements than within the territory of the EEA (including secret disclosures without any pre-notification to you). Further, it is likely that you will have no effective remedy to challenge such access to your personal data in or out of court. While you might find this acceptable, we strongly urge you to cautiously assess the level of protection you deem appropriate for the personal data we process when providing the Service to you.

If, as a data controller, we transfer data to a third country, we generally guarantee an adequate level of data protection. This applies regardless of whether it is a transfer to an affiliated company or to another recipient (such as an external service provider acting as a data processor). In these cases, we will ensure that the transfer is either based on approved standard contractual clauses (as well as the prerequisite additional safeguards required under the Articles 44 and following of the GDPR), that there is an adequacy decision for the respective country, or that other appropriate safeguards such as binding corporate rules have been provided to guarantee an adequate level of data protection.

However, please be reminded: When justifying the transfer of personal data to third countries we, first and foremost, rely on the informed explicit consent you have freely given to us when signing up for our Service (as per Article 49 (1) lit. a GDPR). Specifically, you consent to the transfer of the data mentioned in this Privacy Statement to the US, the UK as well as China. If you would like to suspend the third-country transfer of your personal data, you are free to not sign up for our Service or to close the account you have opened with us.

8. HOW LONG WILL MY DATA BE STORED?
We process and store your personal data for as long as it is necessary for the fulfillment of our contractual or legal obligations. Thus, we store the data in principle only as long as our contractual relationship with you exists and also after termination only as far as the laws of the Federal Republic of Germany and the People's Republic of China require this. If the data are no longer necessary for the fulfillment of such obligations, they shall be deleted regularly and without delay, unless their further processing is necessary for the protection of legitimate interests or for the preservation of evidence within the framework of statutes of limitations. In this sense, in particular the storage of age and profile verification photos and videos is carried out expressly for the entire duration of the contract, since we hold this data in particular for the ongoing guarantee of the protection of minors and the prevention of fraud attempts.

The data collected under 2.a are stored for 90 days. This storage period serves our protection against attacks on the systems of our Service, e.g. by so-called Distributed Denial of Service attacks, in which the systems are deliberately overloaded by a large number of accesses to our Service in order to interrupt the provision of our Service.

9. INFORMATION ON THE VOLUNTARY NATURE OF THE INFORMATION PROVIDED
You are not legally obliged to provide us with the above data. In principle, the contractual relationship that you have entered into with us by agreeing to our General Terms and Conditions does not result in any obligation to provide this personal data. However, the transmission of the compulsory data is a basic requirement for a conclusion of a contract with us. In addition, if you do not provide us with certain information or if you object to its use, you may not be able to use the Service, or only to a limited extent. This is because the Service essentially only becomes ‘alive’ through the content posted by the users.

10. INFORMATION ABOUT YOUR RIGHTS
You can assert the following rights:
Your right to information according to article 15 GDPR,
Your right to rectification according to article 16 GDPR,
Your right to erasure according to article 17 GDPR,
Your right to restriction of processing according to Article 18 GDPR as well as
Your right to data portability according to Article 20 GDPR.

If you have any questions in this regard, please contact customer service at supports@faytish.com.

You can revoke your consent to the processing of personal data at any time.

In addition, you have the right to lodge a complaint with the responsible data protection supervisory authority.

11. INFORMATION ABOUT YOUR RIGHT OF OBJECTION
a. Right of Objection in Individual Cases
In addition to the rights already mentioned, you have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data relating to you on the basis of Article 6 (1) lit. e GDPR (‘public interest grounds’) or of Article 6 (1) lit. f GDPR (‘legitimate interests’). If you object, we will no longer process your personal data unless we can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims
b. Right to Object to the Processing of Data for Advertising Purposes
You also have the right to object at any time to the processing of your personal data for the purpose of direct marketing. If you object, we will no longer process your personal data. Please also note the information in Section 9 of this Privacy Policy: If we terminate the processing due to your objection, it may be that the Service can no longer be made available to you or only to a limited extent. The objection can be made in each case form-free and should be addressed to supports@faytish.com if possible.

12. INFORMATION ON YOUR LEGAL RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT (CCPA)
Please note: We do not sell personal data. This means we will not transmit data to any third party except for the recipients mentioned in this Privacy Statement, for the stated purposes. The relevant recipients have agreed to contractual limitations as to their retention, use, and disclosure of personal data.

California law grants state residents certain rights, including the rights to access specific types of personal data, to learn how we process personal data, to request deletion of personal data, and not to be denied goods or services for exercising these rights. If you are a California resident under the age of 18 and have registered for an account with us, you may also ask us to remove content or information that you have posted to our Services. For information on how to exercise your rights under the CCPA, please refer to Section 10 above.

As a data controller under GDPR and a business regulated under CCPA, we ensure that your rights are respected in all jurisdictions. If you are an authorized agent wishing to exercise rights on behalf of a California resident, please contact our privacy team and provide us with a copy of the consumer’s written authorization designating you as their agent.

We may need to verify your identity and place of residence before completing your CCPA rights request.

13. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other reasons. The "Effective Date" at the top will indicate when it was last revised. We will notify you of material changes via the Service or email. Your continued use of the Service after such notice constitutes your acceptance of the updated policy.

14. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: Email: support@faytish.com