Privacy Policy

Effective Date: April 11, 2026 | Last Updated: April 11, 2026
Amaze Social Mobile Application | Operated by Dibolky

1. Introduction

This Privacy Policy describes how Dibolky ("Company", "we", "us", "our") collects, uses, shares, and protects your personal information when you use the Amaze Social mobile application ("App", "Service"), available on the Apple App Store and Google Play Store under the identifier com.dibolky.amaze.

We are committed to protecting your privacy and handling your personal information in an open and transparent manner. By using Amaze Social, you consent to the data practices described in this Privacy Policy.

This policy complies with applicable data protection laws including the Information Technology Act, 2000 (India), the Digital Personal Data Protection Act, 2023 (India), the General Data Protection Regulation (GDPR) for users in the European Economic Area, and the California Consumer Privacy Act (CCPA) for users in California.

2. Information We Collect

2.1. Information You Provide Directly

Data Category	Specific Data	Purpose
Account Information	Name, username, mobile phone number, email address, country code, date of birth, gender	Account creation, authentication, age verification
Profile Information	Bio, profile images, preferred languages, interests, profession, call type preferences (audio/video)	Profile display, user matching
Identity Verification	Video recording (for profile verification, applicable to certain users)	Identity verification, fraud prevention
Financial Information	Bank account number, IFSC code, account holder name, bank branch, passbook image	Withdrawal processing
Payment Information	Transaction IDs, order IDs, payment receipts (processed via Apple App Store / Google Play Store In-App Purchases)	Payment verification, transaction records
Communications	Chat messages (text, images, audio, video), support ticket messages, ratings, reviews	Service delivery, support
User Preferences	Favourite users, blocked users, block reasons, notification preferences	Personalization, safety

2.2. Information Collected Automatically

Data Category	Specific Data	Purpose
Device Information	Device model, operating system, app version, unique device identifiers	App compatibility, debugging
Network Information	IP address, network type (Wi-Fi/cellular), connection status	Service delivery, security
Location Data	GPS coordinates (latitude, longitude), country, state, city	Nearby user discovery, localized content
Usage Data	App interactions, features used, session duration, screens visited	Analytics, service improvement
Call Data	Call logs (caller, receiver, duration, type, status, start/end times), disconnection events	Billing, call quality, analytics
Transaction Data	Coin purchases, coin spending, coin earning, withdrawal history	Financial records, billing
Push Notification Tokens	Firebase Cloud Messaging (FCM) tokens	Delivering push notifications

2.3. Information from Third-Party Services

We may receive information from third-party services integrated into the App:

Firebase (Google): Authentication data, analytics data, crash reports
Apple / Google: In-App Purchase confirmation data, transaction status, subscription status
Agora: Call quality metrics, connection data
Apple/Google: App Store or Play Store account information used during payment

3. How We Use Your Information

3.1. Service Delivery

Creating and managing your account
Enabling audio and video calls between users
Facilitating real-time messaging and media sharing
Processing coin purchases, spending, and earning
Processing withdrawal requests to your bank account
Matching you with other users based on preferences, language, and location
Delivering push notifications for calls, messages, and updates

3.2. Safety and Security

Verifying user identity and age
Detecting and preventing fraud, abuse, and unauthorized access
Enforcing our Terms and Conditions
Investigating and responding to reported violations
Managing user blocking and moderation

3.3. Improvement and Analytics

Analyzing usage patterns to improve the App
Monitoring call quality and connection reliability
Understanding user preferences and behavior
Generating aggregated, anonymized analytics

3.4. Communication

Sending service-related notifications (call alerts, payment confirmations, withdrawal updates)
Sending promotional notifications (subject to your notification preferences)
Responding to support tickets and inquiries

3.5. Legal Compliance

Complying with applicable laws, regulations, and legal processes
Enforcing our legal rights and preventing harm
Meeting financial reporting and tax obligations

4. Legal Basis for Processing (GDPR Users)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

Legal Basis	Processing Activities
Consent	Profile creation, location access, push notifications, marketing communications
Contractual Necessity	Account management, service delivery, payment processing, call facilitation
Legitimate Interests	Fraud prevention, security, analytics, service improvement
Legal Obligation	Tax reporting, regulatory compliance, law enforcement requests

You may withdraw your consent at any time by contacting us at amazeappofficial@gmail.com or adjusting your device permissions.

5. How We Share Your Information

5.1. With Other Users

Your profile information (name, username, profile image, bio, languages, interests, online status, call rates, rating) is visible to other users of the App. Chat messages are visible only to the sender and recipient.

5.2. With Service Providers

Provider	Data Shared	Purpose
Agora (Agora.io)	User IDs, call metadata	Audio/video call infrastructure
Apple App Store / Google Play Store	Purchase receipts, transaction IDs, subscription status	In-App Purchase billing and verification
Firebase (Google)	Device tokens, user IDs, analytics events	Authentication, notifications, analytics
Amazon Web Services (AWS)	Uploaded files (images, videos)	Cloud file storage (S3)

These providers process data on our behalf and are contractually obligated to protect your information.

5.3. For Legal Reasons

We may disclose your information if required to:

Comply with a legal obligation, court order, or government request;
Protect the rights, property, or safety of Dibolky, our users, or the public;
Detect, prevent, or address fraud, security, or technical issues;
Enforce our Terms and Conditions.

5.4. Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections described in this policy.

5.5. We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

6. Device Permissions

6.1. Android Permissions

Permission	Why We Need It
Camera	Video calling with other users
Microphone (Record Audio)	Audio and video calling
Phone State	Detecting incoming phone calls during app calls
Internet & Network State	Connecting to our servers and third-party services
Storage (Read/Write)	Saving and sharing images, uploading media
Bluetooth	Connecting to Bluetooth audio devices during calls
Notifications	Receiving call alerts, messages, and updates
Foreground Service	Maintaining call connection when app is in background
Wake Lock	Keeping screen active during calls
Vibrate	Notification alerts

6.2. iOS Permissions

Permission	Why We Need It
Camera	Video calling with other users
Microphone	Audio during calls
Bluetooth	Connecting to Bluetooth audio devices
Background Modes	Receiving push notifications and maintaining call connections

You can revoke any permission at any time through your device settings. However, revoking certain permissions (such as camera or microphone) may prevent you from using specific features like video or audio calling.

7. Data Storage and Security

7.1. Storage Location

Your data is stored on secure servers hosted by cloud service providers. Database servers use MongoDB with encrypted connections. Files (images, videos) are stored on Amazon Web Services (AWS) S3 with access controls.

7.2. Security Measures

Encryption: All data transmitted between the App and our servers is encrypted using HTTPS/TLS;
Authentication: JWT (JSON Web Token) based authentication with token expiration and refresh mechanisms;
Password Security: Admin passwords are hashed using Argon2 (industry-standard cryptographic hashing);
Input Sanitization: MongoDB query sanitization to prevent injection attacks;
Access Controls: Role-based access control for admin operations;
OTP Security: One-time passwords expire after 5 minutes and are single-use.

7.3. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users and relevant authorities within 72 hours of becoming aware of the breach, as required by applicable law.

8. Data Retention

Data Type	Retention Period
Account Information	Until account deletion or 3 years of inactivity
Call Logs	2 years from the date of the call
Chat Messages	Until deleted by user or account deletion
Transaction Records	7 years (financial and tax compliance)
Withdrawal Records	7 years (financial and tax compliance)
Support Tickets	2 years after ticket closure
OTP Records	5 minutes (auto-deleted)
Verification Videos	Until verification decision; deleted within 90 days if rejected
Analytics Data	2 years in aggregated form

When your data is no longer needed, we will securely delete or anonymize it.

9. Your Rights

9.1. All Users

Access: Request a copy of the personal data we hold about you;
Correction: Request correction of inaccurate or incomplete data;
Deletion: Delete your account and associated data through the App (Profile > Delete Account);
Blocking: Block other users to prevent unwanted interactions;
Support: Contact us for any privacy-related concerns via amazeappofficial@gmail.com.

9.2. EEA/GDPR Users

In addition to the above, if you are in the European Economic Area:

Portability: Request your data in a structured, machine-readable format;
Restriction: Request that we restrict processing of your data;
Objection: Object to processing based on legitimate interests;
Withdraw Consent: Withdraw previously given consent at any time;
Lodge Complaint: File a complaint with your local data protection authority.

9.3. California (CCPA) Users

If you are a California resident, you have the right to:

Know what personal information we collect, use, and disclose;
Delete your personal information (subject to certain exceptions);
Non-Discrimination for exercising your privacy rights;
Opt-Out of Sale — We do not sell personal information.

To exercise any of these rights, contact us at amazeappofficial@gmail.com. We will respond within 30 days (or as required by applicable law).

10. Children's Privacy

10.1. Amaze Social is not intended for children under the age of 18. We do not knowingly collect personal information from anyone under 18 years of age.

10.2. We enforce a minimum age requirement of 18 during account registration through date of birth verification.

10.3. If we become aware that we have collected personal information from a child under 18, we will take immediate steps to delete such information and terminate the associated account.

10.4. If you believe a child under 18 is using the App, please contact us immediately at amazeappofficial@gmail.com.

11. International Data Transfers

11.1. Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from your country.

11.2. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses approved by relevant authorities;
Compliance with applicable cross-border data transfer frameworks;
Contractual obligations with service providers to protect your data.

12. Cookies and Tracking

12.1. The Amaze Social mobile application does not use browser cookies.

12.2. We use the following tracking technologies:

Firebase Analytics: To understand app usage and improve the user experience;
Firebase Crashlytics: To detect and fix app crashes;
Push Notification Tokens (FCM): To deliver targeted notifications.

12.3. You can opt out of analytics tracking by disabling analytics in your device settings or by contacting us.

13. Third-Party Links

The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party service before providing your information.

14. Push Notifications

14.1. We send push notifications for:

Incoming calls — To alert you when another user is calling;
Missed calls — To inform you of calls you didn't answer;
New messages — To notify you of new chat messages;
Promotional content — To inform you of offers and updates (subject to your preferences);
Account updates — Withdrawal approvals, verification status changes, system announcements.

14.2. You can manage notification preferences through your device settings. Disabling notifications may affect your ability to receive incoming calls and messages in real-time.

15. Changes to This Privacy Policy

15.1. We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

15.2. If we make material changes, we will notify you through:

An in-app notification;
An update to the "Last Updated" date at the top of this policy;
Email notification (for significant changes).

15.3. Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.

16. App Store Specific Disclosures

16.1. Apple App Store (iOS)

In compliance with Apple's App Tracking Transparency framework:

We request your permission before tracking your activity across other companies' apps and websites;
You can change your tracking preferences at any time in your iOS Settings > Privacy > Tracking.

App Privacy Nutrition Labels:

Data Used to Track You: None
Data Linked to You: Contact Info, Identifiers, Usage Data, Financial Info
Data Not Linked to You: Diagnostics

16.2. Google Play Store (Android)

In compliance with Google Play's Data Safety section:

Data collected: Name, email, phone number, location, financial info, chat messages, call logs, device info
Data shared: Purchase data with Apple/Google (In-App Purchases); call data with Agora; analytics with Firebase
Security: Data encrypted in transit; you can request data deletion
Data deletion: Available via in-app account deletion

17. Contact Us

For privacy-related inquiries, you may contact us:

Dibolky — Privacy Team

Email: amazeappofficial@gmail.com
Website: https://amazeapp.in
In-App: Help & Support > Create Ticket
Subject Line: "Privacy Inquiry"

We will acknowledge your request within 48 hours and provide a substantive response within 30 days.