Effective Date: January 12, 2026
Welcome to Chaya! Chaya ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our video chat and social application (the "App").
We understand that privacy is crucial, especially in an app built around personal communication and connection. Please read this policy carefully to understand our practices regarding your personal data.
By downloading, accessing, or using the App, you signify your acceptance of the terms outlined in this Privacy Policy. If you do not agree with this policy, please do not access or use the App.
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy in the App and updating the "Last Updated" date. Your continued use of the App after such modifications constitutes your acknowledgment of the modified policy.
The Chaya mobile application (the "Service") is operated by VINSTO LLC ("we," "us," or "our"). We are the "data controller" responsible for your information.
This Privacy Policy applies to the websites, apps, events, and other services we operate under the Chaya brand. For simplicity, we refer to all of these as our "Service" in this policy.
If a particular service requires its own separate privacy policy, that policy will be made available and will supersede this one.
We cannot help you build meaningful connections without some information about you. We also collect some information automatically and allow you to share additional information to improve your experience.
| Category | Description |
|---|---|
| Profile Information | When you set up your account, you can provide an avatar image and a display name. |
| User-Generated Content | We process the content you create on the Service, such as photos, videos, audio messages, and text communications you share with other users. |
| Category | Description |
|---|---|
| Account and Device Identifiers | When you create an account, we automatically generate a unique User ID to identify your account. We also collect unique device identifiers (e.g., Google Advertising ID) to recognize your device. |
| Usage Data | We collect information about your activity on our Service. This includes how you use it (e.g., date and time you logged in, features you've been using, your interactions with others) and how others interact with you. |
| Technical & Device Information | We collect information from and about the device(s) you use to access our Service, including hardware and software information such as IP address, device model, operating system version, app version, network connection type, and quality data for optimizing service performance. |
| Transaction Data | If you make purchases within the app, we process information about the transaction, such as the date and item purchased. We do not collect or store your full payment card details. |
| Category | Description |
|---|---|
| Microphone Access | We require access to your microphone to enable you to record voice messages and use our real-time audio communication features. |
| Camera Access | We require access to your camera to enable video calling and allow you to capture photos and videos directly within the app. |
| Storage Access | We require storage access to allow you to save and retrieve media files (photos, videos, audio) on your device for sharing in chats and setting up your profile. |
| Phone State & Bluetooth | We require permission to monitor your phone's call status to appropriately pause/resume audio during voice chats and to manage connections with Bluetooth audio peripherals (e.g., headsets) for better call quality. |
We are committed to collecting only the data necessary to provide our Service. We do not collect the following sensitive information:
The main reason we use your information is to deliver and improve our Service. Here is a detailed breakdown of the various purposes for which we process your data, along with the legal bases we rely on and the categories of data used.
| Purpose of Processing | Legal Basis | Categories of Data Used |
|---|---|---|
| To create and manage your account and provide our Service to you • Create and maintain your Chaya account. • Enable real-time messaging, voice, and video calls. • Process your in-app purchases. |
Performance of our contract with you. | Profile Information, User-Generated Content, Account Identifiers, Technical & Device Information, Transaction Data, Microphone, Camera, Storage access. |
| To improve our service and develop new features • Analyze usage patterns to understand which features are popular. • Optimize audio/video quality based on network conditions. • Conduct research to enhance user experience. |
Our legitimate interest to improve and innovate our Service for our users. | Usage Data, Technical & Device Information. |
| To provide advertising and marketing • Measure the performance of marketing campaigns. |
Our legitimate interest to promote our Service. We will obtain your consent where required by law. | Account & Device Identifiers (e.g., AD_ID), Usage Data, Technical & Device Information. |
| To ensure safety, security, and prevent fraud • Detect and combat violations of our Terms of Service. • Analyze interaction patterns to identify spam, harassment, and fraudulent behavior. • Authenticate sessions and prevent unauthorized access. |
Our legitimate interest to protect our platform, our users, and the public from harmful activity. | Profile Information, User-Generated Content, Usage Data, Technical & Device Information. |
| To comply with legal obligations • Respond to lawful requests from law enforcement or other government bodies. • Fulfill statutory data retention requirements where applicable. • Enforce our rights and defend ourselves in legal claims. |
Compliance with a legal obligation; Our legitimate interest to protect our legal rights. | All categories of data may be used as necessary to comply with a specific legal request or to address a legal claim. |
We share some users’ information with service providers and partners who assist us in operating the services.
Given that our Service is global, the sharing of information laid out in Section 5 sometimes involves cross-border data transfers. Your information may be transferred to, stored, and processed in countries outside of where you live, including the United States, where our servers are located and our central database is operated. These countries may have data protection laws that are different from the laws of your country.
However, we take steps to ensure that your privacy is protected through appropriate safeguards. When we transfer your personal data from regions like the European Economic Area (EEA), the UK, or Switzerland to other countries, we rely on legally-provided mechanisms to lawfully transfer data across borders, such as:
If you would like more information on the safeguards we have in place, please contact us.
We want you to be in control of your information. You have the following general rights, which you can exercise at any time.
| Your Right | How to Exercise It |
|---|---|
| The Right to Access / Know To know what personal data we collect and request a copy. |
Email us at team@thevinsto.com with the subject line "Privacy Request - Data Access". |
| The Right to Rectification / Correction To correct inaccurate or incomplete information. |
Update your profile within the app's settings or email us for assistance. |
| The Right to Erasure (Deletion) To request that we delete your personal data. |
Use the account deletion feature in the app or email us. (Subject to legal retention obligations). |
| The Right to Portability To receive your data in a structured, machine-readable format. |
Email us at team@thevinsto.com with "Data Portability Request". |
| The Right to Object / Opt-Out To object to processing or opt-out of targeted advertising. |
Reset your advertising identifier in device settings or email us with "Opt-Out Request". |
Our team will acknowledge your request within 48 hours and aim to complete it within the statutory timeframe (usually 30-45 days depending on your jurisdiction).
Depending on your location, you may have additional specific rights under local privacy laws:
We retain your personal data only for as long as we need it for legitimate business purposes (as laid out in Section 4) and as permitted by applicable law. When you delete your account, we initiate a process to remove your data from our systems within 30 days, except where legal obligations or legitimate interests (like fraud prevention) require extended retention.
We implement industry-standard security measures, including encryption in transit (TLS 1.2+), limited access controls, and regular security assessments to protect your data. However, no electronic transmission or storage method is 100% secure.
Our Service is intended solely for users who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from anyone under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at team@thevinsto.com. We will take swift action to verify the report and permanently delete all associated information.
For more information on our commitment to child safety, please see our Child Safety Policy.
We may update this Privacy Policy from time to time. We will always post the current version within the app settings. If we make a change that we believe materially affects your rights, we will notify you in advance. Your continued use of the Service after any modifications constitutes acceptance of the updated terms.
For any questions, concerns, or requests related to this Privacy Policy, please contact our Data Protection Officer: