Privacy Policy
How Diasporalia collects, uses, protects, and retains personal data.
Last Updated: April 2026
1. Data Controller
Yordanos Technologies LLC, located at 8 The Green STE B, Dover, DE 19901, USA, operates Diasporalia and is the data controller responsible for personal data processed through the app and related website experiences. Privacy-related questions may be sent to contact@diasporalia.com.
2. Information We Collect
We collect personal data necessary to operate, secure, and improve Diasporalia. Depending on how you use the service, this may include:
- Account information, such as your name, email address, phone number, and optional profile photo when you create or maintain an account.
- Listing data, such as photos, descriptions, pricing, category information, and location information you provide when creating or editing listings. Limited poster profile details, such as display name, general location, and account creation month, may be shown with listings or other user-facing marketplace surfaces.
- Message and content data, including in-app messages, uploaded images, and other content you choose to share through the platform.
- Usage and technical data, such as device information, crash reports, IP address, app interactions, browser details for website visits, and general analytics needed to improve performance and reliability.
- Location-related data, such as listing addresses, approximate search locations, or map interaction data you provide or trigger while using location-based features.
3. How We Use Your Information
We use the information we collect to operate Diasporalia, provide and improve our services, maintain your account, display your listings and limited public profile details to other users, enable messaging and other platform features, send important account and security notifications, understand product usage, investigate abuse or fraud, and protect the safety, security, and integrity of the platform.
4. Legal Basis for Processing
Where applicable law requires a legal basis, we process personal data based on one or more of the following: your consent, performance of a contract with you, our legitimate interests in operating and securing Diasporalia, and compliance with legal obligations. We rely on consent for activities such as optional communications where required, on contract performance to provide core marketplace features, on legitimate interests for fraud prevention, security, product improvement, and support, and on legal obligations when required by law or regulatory process.
5. Data Sharing and Recipients
We never sell your personal data. We share personal data only as needed to operate Diasporalia, comply with the law, or protect users and the platform.
- Service providers that support hosting, infrastructure, authentication, analytics, customer support, notifications, or similar operational needs.
- Other users, to the extent your listings, profile information, or messages are intentionally shared through the platform.
- Law enforcement, regulators, courts, or other parties when disclosure is required by law, valid legal process, or necessary to protect rights, safety, or security.
Where appropriate, our service providers are subject to contractual confidentiality and data protection obligations, including data processing agreements where required.
6. Data Security
We use reasonable technical and organizational measures to protect personal data. These measures may include encryption in transit, secure backend and storage infrastructure, credential protection, access controls, end-to-end encryption for supported private messaging, logging, monitoring, and other security practices designed to protect confidentiality, integrity, and availability. No system can be guaranteed completely secure, but we work to reduce risk appropriately.
End-to-End Encrypted Messaging: Private messages between users are protected with end-to-end encryption. This means messages are encrypted on your device before being sent and can only be decrypted by the intended recipient's device. We do not have the ability to read the content of your private messages.
Message Recovery: You may create a recovery code to restore your encrypted messaging key if you reinstall the app or move to a new device. The recovery code is known only to you. Diasporalia stores only an encrypted key backup and cannot read your messages or recover the code for you.
Security Incidents: We monitor for security and reliability issues using crash reports, application error logs, service-provider logs, and administrative review tools. If we determine that a personal data breach has occurred, we will assess the scope and risk, notify applicable regulators within required timelines such as 72 hours where legally required, and notify affected users when the breach is likely to result in a risk to their rights or freedoms.
7. Data Retention
We retain personal data only for as long as necessary for the purposes described in this policy, including to provide the service, maintain business records, resolve disputes, enforce agreements, and comply with legal obligations.
- Account data is generally retained until you delete your account, subject to lawful retention requirements.
- Listings and related content may remain until deleted by you or removed under platform rules, and may be retained for a limited period afterward for compliance, dispute resolution, or backup purposes.
- Messages, logs, and technical records may be retained for limited periods based on operational, security, or legal needs.
- When you delete your account, we aim to permanently remove personal data within 30 days unless a longer retention period is required by law or justified for security, fraud prevention, or dispute resolution.
8. Your Rights
Depending on your location and applicable law, you may have rights regarding your personal data, including the right to request access, correction, deletion, restriction, portability, or objection to certain processing, and the right to withdraw consent where processing is based on consent. Diasporalia also provides account-level tools for actions such as editing listings, updating profile information, exporting data, and deleting your account.
Privacy rights and required notices can vary by country, state, or region. For example, users in the EEA, UK, Switzerland, California, Virginia, Colorado, Connecticut, Utah, and other jurisdictions may have additional rights or disclosures under local privacy laws. We will honor applicable rights requests and provide additional region-specific notices where required by law.
9. International Data Transfers
Diasporalia may use service providers or infrastructure located in countries other than your own. Where personal data is transferred across borders, we take steps intended to provide appropriate safeguards where required by law, such as contractual protections or reliance on recognized transfer mechanisms.
Our current backend infrastructure is hosted in the United States, including a Supabase project region in Virginia. If you use Diasporalia from outside the United States, including from the EEA, UK, or Switzerland, your personal data may be processed in or transferred to the United States and other countries where our service providers operate. We use vendor data-processing terms, contractual safeguards such as Standard Contractual Clauses where applicable, access controls, encryption, and documented vendor reviews to help protect transferred personal data.
10. Children's Privacy
Diasporalia is not intended for children under 18, and we do not knowingly collect personal data directly from children under 18. If you believe a child has provided personal data to us in violation of this policy, contact us so we can investigate and take appropriate action.
11. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects on you without appropriate notice and safeguards as required by law.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When changes are material, we may provide notice through the app, the website, email, or another appropriate method. Company communications, legal notices, support responses, transactional emails, account emails, security emails, automated emails, and other official notices are primarily provided in English unless we choose otherwise. Any translations are provided for convenience only, and the English version controls if there is any conflict or ambiguity. The Last Updated date above indicates when this policy was last revised.
13. Third-Party SDKs and Crash Reporting
Diasporalia uses a crash reporting service to automatically detect and diagnose technical errors. When the app crashes or encounters an unhandled exception, this service may collect:
- Stack traces and exception details describing what went wrong.
- Device information such as model, operating system version, and available memory at the time of the crash.
- App version, foreground/background state, and session breadcrumbs — a sequence of events leading up to the crash.
- A randomly generated installation identifier that is not linked to your account, name, email, or any other persistent identifier.
Crash data is used solely to improve app stability and fix technical issues. It is not linked to your identity, not used for advertising, and not used for tracking. Crash reports are retained for a limited period for diagnostic purposes only.
14. Analytics and Usage Tracking
To improve the app experience, Diasporalia collects usage analytics. The following categories of events may be recorded:
- Navigation events — which screens you visit, how long you stay, and how you move between screens.
- Engagement events — session start and end times, app foreground/background state, feature interactions, and button taps.
- Business interaction events — listings viewed or favorited, searches performed, filters applied, and similar in-app actions. These are recorded using a random session identifier.
- Performance metrics — app startup time, screen render duration, and API response times, used solely to diagnose slowness.
- Network events — API errors and connectivity changes, used to detect reliability issues. No request payloads or response bodies are recorded.
Before any event is stored, personally identifiable information (such as email addresses) is automatically stripped. You control the level of data collected through your consent preference, which can be changed at any time in Settings → Privacy & Data. The available levels are: Full (all analytics linked to your account), Anonymous (analytics collected but not linked to your identity), Essential (only crash and error events), and None (no analytics collected). Analytics data is retained for approximately 90 days and then automatically deleted.
Usage Analytics Toggle: In your app settings under Settings → Privacy & Data, you will find a "Usage Analytics" toggle switch. When this toggle is ON (the default), usage analytics are collected as described above to help us improve the app experience. When this toggle is OFF, only essential crash and error reports are collected — no usage events or navigation data are recorded. You can turn this toggle on or off at any time, and your choice takes effect immediately. The date and time of each change is recorded to honour your preference consistently.
15. Contact
If you have questions about this Privacy Policy or our privacy practices, contact us at contact@diasporalia.com. Our registered business address is: Yordanos Technologies LLC, 8 The Green STE B, Dover, DE 19901, USA.