Privacy Policy

Dayo, I.T. Services
Effective Date: April 26, 2026
Last Updated: April 26, 2026
Jurisdiction: Republic of the Philippines
Version: 2.0 (Comprehensive)

011. Executive Summary & Overview

Dayo, I.T. Services ("we," "us," or "our") operates a sports networking platform that enables users to connect, organize matches, and participate in sports communities. This Privacy Policy provides a comprehensive explanation of how we collect, process, store, and protect personal data in connection with the Service. We are committed to limiting data collection strictly to what is necessary, implementing appropriate technical and organizational safeguards, and ensuring transparency in all processing activities. We do not sell personal data to third parties, and users retain full control over their information, including rights to access, correction, deletion, and portability, in accordance with applicable Philippine laws.

Key Points

We collect data only to provide and improve the Service
Your data is encrypted in transit and at rest
We do NOT sell your data
You can access, delete, and export your data anytime
We comply with the Data Privacy Act of 2012
Users under 13 are not allowed

Your Rights Summary

Right	Description	Timeline
Access	Request a copy of your data	10 business days
Delete	Remove all your data	24–48 hours
Correct	Edit inaccurate information	Immediate
Export	Download your data	10 business days

022. Introduction & Scope

This Privacy Policy governs the collection, use, processing, storage, and disclosure of personal data by Dayo, I.T. Services ("Dayo," "we," "us," or "our") in connection with all products, services, and platforms that we operate. It applies to all users who access or use the Service, regardless of geographic location, and establishes the scope, limitations, and responsibilities associated with the handling of personal data.

2.1 What This Policy Covers

This Privacy Policy applies to all data processing activities conducted by Dayo across its platforms, services, and user interactions. It defines the environments in which data is collected, the categories of users whose data may be processed, and the geographic scope under which this Policy applies.

2.1.1 Platforms Covered

This Policy applies to all platforms operated by Dayo, including the Dayo mobile application available on iOS and Android devices, any current or future Dayo websites, web dashboards, and administrative portals. It also covers all features and services provided within the platform, including push notifications, in-app alerts, email communications, and customer support interactions.

2.1.2 Users Covered

This Policy applies to all individuals who interact with the Service, including registered users aged 13 and above, account holders, administrators, moderators, and users accessing limited or guest features. It also applies to users accessing the Service from any jurisdiction where Dayo is available.

2.1.3 Geographic Scope

The primary jurisdiction governing this Privacy Policy is the Republic of the Philippines, where Dayo is headquartered. However, this Policy applies globally to all users regardless of their physical location, nationality, or residence, and may be supplemented by additional legal requirements depending on the user’s jurisdiction.

2.2 What This Policy Does NOT Cover

This Privacy Policy does not apply to third-party services, platforms, or entities that operate independently from Dayo. While the Service may integrate with external tools or services, those third parties are governed by their own privacy policies and data handling practices.

2.2.1 Third-Party Platforms

This includes services provided by third-party platforms such as Google (including Google Play Store, Google Sign-In, and Firebase), Facebook (including Facebook Login and SDK integrations), and Supabase (including database, authentication, and storage services). Dayo does not control or assume responsibility for how these providers process personal data.

2.2.2 External Links and Content

This Policy does not apply to external websites or services that may be accessed through links within the Dayo platform. Additionally, content generated by other users, including posts, comments, and messages, is not governed by this Policy in terms of how other users may interact with or interpret such content.

2.2.3 Third-Party Applications

Applications that integrate with Dayo and third-party operate independently and are responsible for their own compliance with data protection laws.

Users are responsible for reviewing the privacy policies of any third-party services they interact with.

2.3 Your Responsibility

By accessing or using the Service, you agree to comply with all applicable laws and to take responsibility for maintaining the security and accuracy of your account information. Your continued use of the Service constitutes acceptance of this Privacy Policy.

2.3.1 Accuracy of Information

You are responsible for providing accurate, complete, and up-to-date information when creating and maintaining your account.

2.3.2 Account Security

You are responsible for maintaining the confidentiality of your login credentials and for all activities that occur under your account.

2.3.3 Reporting Obligations

You must immediately report any unauthorized access, suspected breaches, or security incidents related to your account.

2.3.4 Legal Compliance

You agree to comply with all applicable local, national, and international laws when using the Service.

2.3.5 Acceptance of Policy

If you do not agree with any part of this Privacy Policy, you must immediately discontinue use of the Service.

2.4 Contact Information

Dayo provides official channels for submitting privacy-related inquiries, requests, and complaints. All communications will be handled in accordance with applicable laws and internal procedures.

2.4.1 Primary Contact

Email: dayo.ph.it.services@gmail.com
Subject Line: [Privacy Request Type]

2.4.2 Mailing Address

Butuan City, Agusan Del Norte, Philippines

2.4.3 Response Timeline

Requests will be acknowledged within 48 hours, investigated within 5–10 business days, and resolved within 30 days, unless an extension is required.

033. Our Commitment to Privacy

Dayo, I.T. Services is committed to protecting the privacy, confidentiality, and integrity of personal data entrusted to us by our users. We recognize that personal data is sensitive and that its misuse can result in harm, including unauthorized access, identity risks, or loss of trust. For this reason, we implement a privacy-by-design and privacy-by-default approach, meaning that data protection considerations are embedded into the design, development, and operation of all systems and features within the Service. Our commitment extends beyond minimum legal requirements and includes continuous improvement of our practices, transparency in our operations, and accountability in how personal data is handled across the organization.

3.1 Privacy Principles

The following principles guide all data processing activities conducted by Dayo. These principles are applied consistently across all features, systems, and interactions involving personal data, and are designed to ensure that data processing remains lawful, fair, secure, and proportionate to the intended purpose.

3.1.1 Transparency

Dayo is committed to maintaining transparency in all data processing activities. We provide clear, accessible, and understandable information regarding what personal data is collected, the purposes for which it is collected, how it is used, and under what circumstances it may be shared. This includes providing disclosures within this Privacy Policy, in-app notices, and contextual explanations where appropriate. Our goal is to ensure that users are never unaware of how their data is being handled and can make informed decisions when using the Service.

3.1.2 User Control

Dayo ensures that users retain meaningful control over their personal data at all times. Users are provided with tools and features that allow them to access, review, update, correct, delete, and export their data in a structured format. In addition, users may choose to opt out of certain non-essential processing activities, such as optional analytics or personalization features, where applicable. These controls are designed to empower users and ensure that they remain the primary decision-makers regarding how their personal information is used within the Service.

3.1.3 Data Minimization

Dayo limits the collection and processing of personal data to only what is necessary to provide and improve the Service. We avoid collecting excessive, irrelevant, or unrelated information that does not directly contribute to the functionality of the platform. Furthermore, we implement retention policies to ensure that personal data is not stored longer than required. When data is no longer needed, it is securely deleted or anonymized in a manner that prevents identification of individual users.

3.1.4 Security

Dayo implements appropriate technical and organizational safeguards to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These safeguards include encryption of data in transit and at rest, secure authentication mechanisms, role-based access controls, system monitoring, and periodic vulnerability assessments. While no system can be guaranteed to be completely secure, we continuously evaluate and enhance our security measures to address evolving threats and maintain a high level of protection for user data.

3.1.5 Compliance

Dayo operates in compliance with applicable data protection laws and regulations, including the Data Privacy Act of 2012 (Republic Act No. 10173) in the Philippines. We monitor regulatory developments and update our practices as necessary to remain aligned with legal requirements. In addition, we maintain internal documentation of our data processing activities and implement policies designed to ensure that our handling of personal data remains lawful, fair, and accountable.

3.1.6 No Selling or Advertising

Dayo does not sell, rent, or otherwise commercialize personal data to third parties. We do not share personal data with advertisers, and we do not create behavioral or marketing profiles based on user activity within the Service. Personal data is used strictly for the purpose of providing and improving the Service and is not used for targeted advertising or external marketing purposes. This commitment is fundamental to maintaining user trust and ensuring that personal data is not exploited for commercial gain.

3.2 Data Protection Oversight

Dayo maintains internal accountability mechanisms to ensure that privacy principles are consistently applied across all areas of the organization. These mechanisms are designed to monitor compliance, identify potential risks, and ensure that appropriate actions are taken to address any issues related to data protection. While a formal Data Protection Officer may not be required in all cases, Dayo designates a responsible contact point and implements internal processes to oversee privacy-related matters.

3.2.1 Privacy Contact

Users may contact Dayo regarding any privacy-related questions, concerns, or requests through the designated email address. This contact serves as the primary point of communication for all matters related to personal data and privacy rights.

Email: dayo.ph.it.services@gmail.com

3.2.2 Internal Reviews

Dayo conducts periodic reviews of its data protection practices, systems, and policies to ensure that they remain effective and aligned with current legal and operational requirements. These reviews help identify areas for improvement and ensure that privacy protections evolve alongside changes in technology and user needs.

3.2.3 Compliance Monitoring

Dayo performs internal monitoring and assessments to verify adherence to this Privacy Policy and applicable regulations. This includes reviewing data handling procedures, access controls, and system configurations to ensure that personal data is processed in accordance with established standards and best practices.

3.3 Why Privacy Matters

Privacy is a fundamental component of trust within the Dayo platform. As a sports networking service, Dayo enables users to connect, communicate, and share information with others, including personal details and location-based data. Protecting this information is essential to ensuring a safe, respectful, and reliable user experience.

3.3.1 Protection of Personal Information

Safeguarding personal data helps prevent unauthorized access, identity misuse, and other forms of exploitation that may arise from improper handling of sensitive information.

3.3.2 Safe User Interactions

Strong privacy protections enable users to interact with confidence, knowing that their personal information is not being exposed or misused by other parties.

3.3.3 Risk Reduction

Proper data protection practices reduce the likelihood of risks such as harassment, fraud, and unauthorized profiling, contributing to a safer platform environment.

3.3.4 Location Security

Special care is taken to protect sensitive data such as location information used during matches,ensuring that such data is handled securely and only for its intended purpose.

3.3.5 User Control

Maintaining user control over personal data ensures that individuals can manage their own information, make informed decisions, and retain confidence in how their data is used within the Service.

044. Definitions & Terminology

This section defines key terms used throughout this Privacy Policy. These definitions are provided not only to explain legal meaning but also to clarify how each concept is applied within the Dayo platform. This ensures that users fully understand how their data is handled in real operational scenarios inside the Service.

4.1 Key Definitions

4.1.1 Personal Data

"Personal Data" refers to any information that can directly or indirectly identify an individual. Within the Dayo platform, this includes details such as your name, email address, date of birth, profile photo, device identifiers, IP address, and location data when using match or nearby features. This information is collected when you create an account, interact with other users, join matches, or use location-based services. Dayo uses this data to enable core functionalities such as user authentication, profile creation, matchmaking between players, and secure communication within the platform.

4.1.2 Processing

"Processing" refers to any operation performed on Personal Data, whether automated or manual. In the Dayo platform, processing occurs when we collect your registration details, store your profile information in our database, display your profile to other users, send notifications about matches, or update your account settings. Processing also includes securing your data, transmitting it between servers, and deleting it when you request account removal. Every interaction you perform inside the app may involve some form of data processing necessary to operate the Service.

4.1.3 Data Subject

A "Data Subject" refers to the individual whose Personal Data is being processed. In the context of Dayo, you—the user of the application—are the Data Subject. This means that all rights described in this Privacy Policy, such as access, correction, deletion, and portability, belong to you. Your data is processed only for the purposes of providing and improving the Dayo experience, including connecting you with other players, managing your account, and enabling participation in sports-related activities.

4.1.4 Data Controller

The "Data Controller" is the entity responsible for determining why and how Personal Data is processed. In the Dayo platform, Dayo, I.T. Services acts as the Data Controller because we design the features, define data usage rules, and determine the purpose of collecting user information. This includes deciding how profile data is displayed, how matches are organized, how notifications are sent, and how user interactions are stored and secured within the system.

4.1.5 Data Processor

A "Data Processor" refers to third-party service providers that process data on behalf of Dayo under strict contractual instructions. In the Dayo ecosystem, processors include services such as Supabase for database storage and authentication, Google for analytics, maps, and Facebook for login authentication. These providers only process data as necessary to support Dayo’s functionality and are not permitted to use your data for their own independent purposes.

4.1.6 Consent

"Consent" refers to your clear and voluntary agreement to allow Dayo to process your Personal Data for specific purposes. In the Dayo platform, consent is obtained when you register an account, enable location services, or grant permissions for certain features such as notifications or profile visibility. For example, enabling location access allows Dayo to show nearby courts and matches. Consent can be withdrawn at any time through your device settings or in-app privacy controls, although some features may become unavailable if consent is removed.

4.1.7 Legitimate Interest

"Legitimate Interest" refers to situations where Dayo processes data for operational, security, or improvement purposes that are necessary for the functioning of the platform. In practice, this includes preventing fraudulent accounts, detecting abuse or spam behavior, improving app performance, and ensuring secure communication between users. For example, we may analyze usage patterns to detect suspicious activity or crashes to improve system stability, provided that such processing does not override your privacy rights.

4.1.8 Special Categories of Data

"Special Categories of Data" refers to sensitive personal information that requires additional protection. Within Dayo, this may include precise location data used during live matches, optional health or fitness-related information shared in user profiles, or any other sensitive details voluntarily provided by users. This data is only processed when necessary for specific features, such as enabling real-time match coordination or enhancing user experience, and is protected with higher security standards than regular data.

4.1.9 Data Breach

A "Data Breach" refers to any security incident that results in unauthorized access, disclosure, alteration, or loss of Personal Data. In the context of Dayo, this could include unauthorized access to user accounts, database exposure, or system vulnerabilities affecting stored information. If such an event occurs, Dayo will take immediate steps to contain the issue, investigate its cause, and notify affected users and relevant authorities as required by law.

4.1.10 Right to Be Forgotten

The "Right to Be Forgotten" refers to your ability to request the deletion of your Personal Data from the Dayo platform. This applies when you delete your account or request removal of specific information. For example, when you delete your Dayo account, your profile, messages, and associated data are removed or anonymized within a defined retention period, unless we are legally required to retain certain records for compliance purposes.

4.1.11 Data Portability

"Data Portability" refers to your right to receive a copy of your Personal Data in a structured and commonly used format. In the Dayo platform, this means you can request an export of your profile information, activity history, and related data so you can transfer it to another service or keep a personal backup. This feature ensures that you maintain control over your information and are not locked into the platform.

055. What Personal Data We Collect (Comprehensive)

This section provides a complete and legally binding disclosure of the categories of personal data collected by Dayo, I.T. Services (“Dayo,” “we,” “us,” or “our”) in connection with the use of the Service. It explains in detail the types of data collected, the purpose of collection, the conditions under which data is generated, and how such data is processed, stored, and protected. By using the Service, you acknowledge and agree that all categories of data described below may be collected and processed in accordance with this Privacy Policy and applicable laws.

5.1 Data You Provide During Registration

When you create an account with Dayo, you sign in using Google Authentication (Google Sign-In). This means your primary authentication is handled securely by Google, and we do not directly manage or store your raw login credentials. We only receive limited profile information from Google that is necessary to create and maintain your Dayo account.

The information collected during registration is used to establish your identity within the platform, secure your account, prevent fraud, enforce age restrictions, and enable access to core features. This data forms the foundation of your user profile and is used strictly for authentication, account management, and service delivery purposes.

Authentication Information (via Google Sign-In)

Data Point	Required?	Source	Example	Purpose
Google Email Address	Yes	Google Account	john.doe@gmail.com	Account identification, login, notifications, and recovery
Google Account ID	Yes	Google Authentication	113456789012345678901	Secure user identity linking and session management
Display Name	Yes	Google Profile	John Doe	Profile display and user identification within the app
Profile Photo	Optional	Google Profile	Profile image URL	Personalization and user profile representation

Authentication is handled through Google’s secure OAuth system. Dayo does not store your Google password. Instead, authentication tokens provided by Google are used to verify your identity securely.

Additional User-Provided Information

Data Point	Required?	Format	Purpose	Retention
Date of Birth	Yes	Date	Age verification and compliance with minimum age requirement (13+)	While account is active + legal retention period
Phone Number	Optional	+63 Format	Account recovery and security verification	While active + 30 days after deletion
Location	Optional	City / GPS (if enabled)	Match discovery and nearby event participation	While active (user-controlled)

Contact information is strictly used for account security, recovery, and core platform functionality. It is never sold, never shared with advertisers, and never used for unsolicited marketing. Data obtained via Google Sign-In remains subject to Google’s own privacy controls, and users may manage or revoke permissions through their Google account settings.

5.2 Data You Provide During Profile Setup

After registration, users may voluntarily provide additional profile information to enhance their visibility, improve matchmaking accuracy, and personalize their experience within the platform. This information is publicly visible depending on user-selected privacy settings and is intended to help users connect with others who share similar interests, skills, or locations. Users retain full control over what profile data is displayed and may update or remove it at any time.

Profile Information

Data Point	Required?	Limit	Visibility	Example
Profile Photo	Optional	5MB max	Public	Profile image
Bio	Optional	500 chars	Public	“Basketball enthusiast”
Gender	Optional	Selection	Public	Male / Female
City/Region	Optional	Text	Public (if enabled)	Butuan City

Profile data is designed to be user-controlled. While some fields improve matchmaking and discovery features, users may choose to limit visibility through privacy settings. Any removed or updated profile information is immediately reflected in the user interface, while backup retention may persist temporarily for system recovery purposes.

5.3 Data Collected During Account Activity

As you actively use the Service, we automatically generate and collect operational data necessary for the functioning of core features such as matches, clubs, messaging, and user interactions. This data is essential for enabling real-time functionality, maintaining system integrity, preventing fraud, and improving user experience. Activity data is generated automatically based on your interactions with the platform.

5.4 Support & Communication Data

When users contact customer support, we collect communication data necessary to investigate issues, provide assistance, and improve service quality. This includes messages, attachments, timestamps, and device diagnostics relevant to the reported issue. All support data is retained for a limited period to ensure proper resolution and auditability.

Support communications are treated as confidential and are only accessible to authorized personnel. They are not used for marketing purposes and are not shared with third parties except when required by law.

5.5 Automatically Collected Data

The Service automatically collects technical and usage data to ensure stability, performance optimization, security monitoring, and feature improvement. This includes device information, session data, and analytics related to how users interact with the platform.

This data does not directly identify users on its own but may be linked with account identifiers to improve system functionality and prevent abuse.

5.6 Data from Third-Party Services

When users choose to sign in using third-party services such as Google, we receive limited profile information necessary to create and authenticate your Dayo account. We do not access private data from these services beyond what is explicitly authorized by the user during login.

This integration ensures convenience while maintaining strict separation between third-party platforms and Dayo’s internal data systems. Each third-party provider operates under its own privacy policy, which users are encouraged to review independently.

066. Why We Collect Your Data (Legal Basis)

This section explains the legal grounds under which Dayo, I.T. Services (“Dayo,” “we,” “us,” or “our”) processes personal data. It is designed to comply with applicable data protection laws, including the Data Privacy Act of 2012 (Republic of the Philippines), as well as internationally recognized privacy frameworks such as the General Data Protection Regulation (GDPR) principles of lawful processing, fairness, and transparency. Each category of data processing described below is strictly limited to lawful purposes and is necessary for operating, securing, and improving the Service.

6.1 Legal Grounds for Data Processing

We process personal data only when there is a valid legal basis to do so. Depending on the context, data processing may be required to fulfill our contractual obligations to you, comply with legal requirements, protect legitimate business interests, or based on your explicit consent. Each legal basis is applied carefully to ensure that your rights and freedoms are respected and that data collection is always proportionate to the intended purpose.

1. Performance of Contract (Necessary for Service Delivery)

Certain personal data is strictly required for us to provide the core functionalities of the Dayo platform. Without this data, we would not be able to create accounts, facilitate matches, or enable communication between users. This processing is directly tied to your agreement with Dayo when you accept our Terms of Service and use the platform.

Important: Dayo uses Google Authentication (Google Sign-In) for account login. We do not store or manage your Google password. Instead, we receive authentication tokens and basic profile information from Google necessary to identify and maintain your account.

Data	Service Purpose	Necessity
Google Account Email & Google ID	Account creation, login authentication, and user identification	Required to create and access account
Google Profile Name	User identity display within the platform	Required for account setup and user interaction
Date of Birth	Age verification and enforcement of minimum age requirement (13+)	Required for legal compliance
Sports Preferences	Matchmaking and player matching system	Required for core platform functionality
Match Data	Creating, managing, and tracking matches and events	Required for organizing sports activities
Location (During Match)	Real-time match coordination and nearby activity matching	Required for in-person gameplay coordination
Messages	User-to-user communication within the app	Required for messaging feature functionality

This legal basis ensures that the platform can function as intended. Without this category of processing, it would not be possible to provide the essential services that define the Dayo experience, including matchmaking, communication, and activity coordination.

2. Legal Obligation (Compliance with Law)

Certain categories of data must be processed and retained to comply with applicable laws and regulatory requirements in the Philippines and other jurisdictions where the Service operates. This includes cybersecurity requirements, and legal enforcement support. Failure to retain such data could result in non-compliance with statutory obligations imposed on digital service providers.

Data	Legal Requirement	Retention Period	Purpose
User Reports	Law enforcement requests	Indefinite	Investigation of illegal or harmful activity
Abuse Records	Platform safety enforcement	Indefinite	Prevent repeat offenders and abuse
Access Logs	Cybersecurity regulations	1 year	Fraud detection and security auditing

These legal obligations ensure that Dayo operates within regulatory frameworks and maintains accountability in security, and safety-related matters. Retention periods are strictly limited to what is required by law or operational necessity.

3. Legitimate Interest (Balanced Processing)

In certain cases, we process personal data based on legitimate interests that are necessary for improving the Service, ensuring security, and maintaining platform integrity. These interests are carefully balanced against your privacy rights to ensure that they do not override your fundamental freedoms. Where possible, we provide opt-out mechanisms to give you control over such processing.

Processing Activity	Our Purpose	User Benefit	User Control
App analytics	Improve performance and usability	Smoother experience	Can opt-out in settings
Crash reporting	Fix technical issues	Fewer bugs and crashes	Can disable diagnostics
Maintain fairness and trust	Better player quality	Optional participation
Security monitoring	Prevent fraud and abuse	Account protection	Reviewable activity logs
Match history	Track performance and activity	Progress visibility	Account deletion available

Legitimate interest processing is always conducted in a way that minimizes privacy impact while ensuring the platform remains secure, reliable, and functional.

4. User Consent (Optional Processing)

Some types of data processing are performed only when you have explicitly given your consent. This consent is obtained through clear affirmative actions such as enabling permissions, checking consent boxes, or selecting preferences within the application. You may withdraw your consent at any time without affecting your ability to use the core features of the Service.

Data Type	Consent Method	Opt-Out Method	Purpose
Analytics data	Registration checkbox	Settings	Usage analysis
Personalization	Registration checkbox	Settings	Improve recommendations
Marketing emails	Email subscription	Email unsubscribe	Promotions and updates
Location access	Device permission	Phone settings	Match coordination
Camera access	Device permission	Phone settings	Profile photos

Consent-based processing ensures that users maintain full autonomy over optional features and can fully control their data preferences at any time.

6.2 Balancing Your Rights

Dayo carefully balances its operational needs with user privacy rights by classifying data into different sensitivity levels. This ensures that highly sensitive data is minimized and protected, while necessary operational data is processed securely and transparently.

High-Privacy Data

High-privacy data includes sensitive or temporary information such as real-time location during matches, encrypted authentication credentials. This data is either deleted after use, encrypted at rest, or never directly accessible to Dayo in raw form.

Medium-Privacy Data

Medium-privacy data includes profile information, match history, and analytics. Users maintain strong control over this category through privacy settings, visibility controls, and opt-out mechanisms.

Low-Privacy (Operational) Data

Low-privacy data includes essential identifiers such as email addresses, names, and match participation records. This data is required for core functionality and cannot be fully disabled without affecting the ability to use the Service.

077. How We Use Your Data (Detailed Processing Activities)

This section explains how Dayo processes your data to operate the Service, provide features, ensure security, and improve user experience. Each processing activity is necessary for specific functions within the platform.

7.1.1 Account Management

We use your personal data to create, maintain, and manage your Dayo account. Authentication is handled through Google Sign-In (OAuth 2.0), which allows you to securely access the Service without creating or storing a traditional password within Dayo.

This processing is required for authentication, login functionality, profile access across devices, and maintaining your account session. Without this processing, the Service cannot function.

We process your data to create and manage accounts, authenticate users via Google, maintain secure login sessions, sync profiles across devices, update account settings, and ensure account integrity.

Data used: Google account identifier, email address (from Google), display name, profile photo (if provided by Google), device information, IP address, login timestamps, and profile data.

Example: When you sign in using Google, we receive a secure authentication token from Google. This token is verified and used to create a session for secure access without storing your Google password.

7.2 Functional Processing (Features required for app functionality)

7.2.1 Location-Based Match Matching

We use location data to help users discover nearby matches and participants in real time.

This includes showing nearby matches, etc.

Data used: GPS coordinates, location accuracy, and distance calculations.

Important: Location data is only used during active matches and is deleted afterward.

7.2.2 Club & Community Management

We process club data to allow users to create and manage sports communities within the platform.

This includes managing club creation, membership, roles, invitations, and announcements.

Data used: Club information, member lists, roles, activity logs, and uploaded media.

7.3 Optional Processing (Only with your consent)

7.3.1 Analytics & App Improvement

With your consent, we analyze how users interact with the app to improve performance, stability, and user experience.

This includes measuring feature usage, tracking performance, identifying crashes, and analyzing general usage trends in aggregated form.

Data used: Screen activity, click behavior, session duration, and crash logs (aggregated).

Note: This data is not used to personally identify users.

7.3.2 Personalized Recommendations

With your consent, we use your preferences and activity to provide personalized match and content recommendations.

This includes suggesting nearby matches, recommending clubs and players, and improving content relevance based on your activity.

Data used: Sports preferences, location, match history, and interaction patterns.

You can disable this feature anytime in your settings.

088. Who We Share Your Data With

This section explains in detail who may receive access to your data within the Dayo platform ecosystem, under what conditions, and for what specific purposes. Data sharing in Dayo is not arbitrary; it is strictly tied to how the platform operates as a sports-based social and matchmaking system. Because Dayo connects real users in real-world games, and clubs, certain information must be shared to make these interactions possible. This includes enabling players to find each other, join matches, communicate in real time. Without controlled and limited data sharing, core features such as matchmaking, live games, messaging, and community building would not function properly. However, all data sharing is intentionally designed to be minimal, purpose-specific, and protected by strict access rules so that only relevant users or trusted service providers can access only the information needed for a specific function.

8.1 Data Shared with All App Users (Public Profile)

Public profile data exists to support the fundamental purpose of Dayo, which is to allow players to discover each other, evaluate skill levels, and join sports activities safely. Since Dayo is a social sports platform, users need visibility into basic identity and performance information such as name, sport interests, and match history. This creates transparency and trust between players who may be joining the same physical game. Without this shared visibility, users would not be able to confidently select teammates or opponents, and the platform would not function as a reliable matchmaking system. However, this visibility is restricted strictly inside the app and is not exposed to search engines or external platforms.

Public Profile Information

Data Element	Visibility	Control	When Updated
Name	Public (inside app)	User-controlled	When profile is edited
Profile Photo	Public (inside app)	User-controlled	When photo is changed
Bio / Description	Public	User-controlled	When edited
Age	Public or hidden	User-controlled	When updated
Sports Interests	Public	User-controlled	When changed
Club Memberships	Public	System-managed	On join/leave
City / Region	Public (optional)	User-controlled	When updated
Match History	Public (optional)	User-controlled	Real-time updates

8.1.1 Who Can Access This Data

This data is shared internally within the Dayo ecosystem to enable player discovery and interaction. It exists so users can evaluate potential teammates or opponents before joining matches, ensuring safety, trust, and competitive balance. It is not exposed publicly on the internet and is only available to authenticated users of the platform.

8.1.1.1 All logged-in Dayo users can view public profiles inside the app

8.1.1.2 Players searching for matches can view relevant user profiles

8.1.1.3 Club members and organizers can view member profiles for coordination

8.1.1.4 Users interacting directly with your profile can view your information

8.1.1.5 Data is not accessible to non-users or external visitors

8.1.1.6 Data is not indexed by search engines such as Google

8.1.1.7 Data is not shared with advertisers or marketing systems

8.1.2 Privacy Controls

These controls exist to give users full authority over their visibility within the platform. Since Dayo relies on user identity for matchmaking and sports coordination, we allow customization so users can decide how much information they want to share while still maintaining the ability to participate in matches and communities.

8.1.2.1 You can modify visibility settings at any time inside account settings

8.1.2.2 You can hide your match history if you prefer private activity

8.1.2.3 You can disable age display while still using the platform

8.1.2.4 You can remove or update profile photos anytime

8.1.2.5 Changes apply immediately across all platform features

8.1.3 Purpose of Public Profile System

The public profile system exists to support Dayo’s core function as a real-world sports coordination platform. Unlike traditional social media, Dayo focuses on physical activity coordination where trust, skill transparency, and availability matter. By showing key information such as sport preferences, and match history, users can make informed decisions before joining a game. This improves game quality, and helps build consistent sports communities where players can return and recognize each other over time.

8.2 Data Shared During Match Participation

8.2.1 Match Visibility Data

Data	Who Can See It	Duration
Real-time Location	Match participants only	Only during active match
Name & Profile Photo	Match participants only	During match session
Match Chat Messages	Match participants only	Live session only
Reactions / Emojis	Match participants only	Real-time

8.2.2 Purpose of Match Data Sharing

This type of data sharing exists because Dayo matches are real-world events where coordination in real time is necessary. Unlike online-only platforms, users must physically meet in sports venues, so location sharing, identity display, and communication tools are required to ensure safety, coordination, and smooth gameplay. Real-time location helps players find each other at the venue, while chat and reactions allow teams to organize during the match. This data is intentionally temporary and limited only to active participants so that privacy is preserved once the match is completed.

8.2.3 Post-Match Data Handling

8.2.3.1 Location data is deleted immediately after match completion to protect user privacy

8.2.3.2 Match results are stored for history.

8.2.3.3 Participation records remain to build user reputation and statistics

8.2.4 Purpose of Post-Match Storage

Post-match data storage exists to support the long-term functionality of Dayo as a competitive sports network. By keeping records of matches, scores, and the platform can build player reputations, track improvement, and ensure fairness in future matchmaking. This historical data allows users to see performance trends, helps prevent abuse or fake accounts. Without this historical record, the platform would not be able to provide meaningful rankings.

8.3 Data Shared with Club Members

8.3.1 Club Visibility Data

Data	Visibility	Notes
Full Name	Visible to members	Required for identification
City / Region	Partial visibility	General location only
Club Role	Visible	Member / Captain / Co-captain
Join Date	Visible	Membership tracking

8.3.2 Purpose of Club Data Sharing

Club-level data sharing exists to support structured communities inside Dayo where players consistently train, compete, and organize matches together. Unlike public matchmaking, clubs are semi-private environments where trust and repeated interaction are important. Sharing member information allows teams to coordinate effectively, track participation, and maintain accountability within the group. It also helps captains manage members, organize events, and measure club performance over time.

8.3.3 Internal Club Restrictions

8.3.3.1 Private club messages are visible only to members

8.3.3.2 Admin logs are restricted to authorized roles

8.3.3.3 Member management actions are recorded for accountability

8.3.3.4 Club analytics are available only to captains and admins

8.3.3.5 Sensitive operations require elevated permissions

8.4 Data Shared with Third-Party Service Providers

8.4.1 Supabase (Database & Authentication)

Supabase is used as the core infrastructure provider for Dayo. It stores and manages user accounts, authentication sessions, messages, match data, and uploaded media. This service is essential because it allows Dayo to securely scale user data, maintain real-time synchronization, and ensure reliable access across devices. Without this infrastructure, core features like login, messaging, and match creation would not function.

8.4.1.1 Stores user accounts and authentication data

8.4.1.2 Stores profiles, messages, and match data

8.4.1.3 Handles file uploads and storage

8.4.1.4 Provides secure database infrastructure

8.4.1.5 Performs encrypted backups and recovery

8.4.2 Data Shared with Supabase:

8.4.2.1 All necessary user account data (encrypted during transmission and storage)

8.4.2.2 Profile information and preferences required for app functionality

8.4.2.3 Messages and chat history for communication features

8.4.2.4 Match data and participation records for coordination

8.4.2.5 Uploaded images and media files for profiles and matches

8.4.3 Data NOT Accessed by Supabase:

8.4.3.2 External account passwords (Google/Facebook)

8.4.3.3 Sensitive authentication credentials beyond encrypted hashes

8.4.4 Google Services

Google services are used to support authentication, analytics, and notifications. These integrations ensure secure login, and system performance monitoring. Google operates independently from Dayo’s core database and only provides limited, purpose-specific data.

All third-party providers are bound by strict data processing agreements and must comply with applicable data protection laws, ensuring that user data is handled securely and only for the intended purpose of operating the Dayo platform.

099. Data Retention & Deletion Schedules

This section explains how long we keep your data, why we keep it, and what happens when you delete your account. Data retention is necessary to ensure that Dayo can operate safely, comply with legal obligations, maintain platform integrity, and support essential features such as matches, messaging, and user safety systems.

9.1 While Your Account Is Active

While your account remains active (meaning you have not deleted it and have used the platform within the last 2 years), Dayo retains different types of data for different operational purposes. Each type of data supports a core function of the platform such as authentication, messaging, match creation, or safety monitoring.

9.1.1 Profile Information

Your profile data (such as name, bio, sports, and photo) is stored for as long as your account exists because it is essential for identity within the platform. Without this data, other users would not be able to recognize you, join matches with you, or interact with your profile. You can update or delete this information at any time through your settings.

Data Type	Retention	Reason	Access
Profile Information	Indefinite	User identity & profile display	User editable anytime

9.1.2 Authentication & Security Data

Authentication data such as password hashes, login sessions, and device identifiers are required to secure your account. This ensures that only you can access your account and prevents unauthorized access. Passwords are never stored in readable form and are only used for verification during login.

Data Type	Retention	Reason
Password Hash	Indefinite	Login verification & security
Login Logs	1 year	Fraud detection & security audits

9.1.3 Match, Messaging, and Activity Data

Match data, messaging history, and activity logs are retained to enable core platform functionality such as organizing games, tracking participation, and maintaining conversation history. These records also help build user reputation, and match history which are essential to the social and competitive nature of the platform.

Data Type	Retention	Reason
Messages	Indefinite	Communication history
Match History	Indefinite	Stats, and records

9.1.4 Location Data

Location data is only used temporarily during active matches to enable real-time coordination between players. Once the match ends, this data is immediately deleted because continuous tracking is not required for the platform’s operation.

Data Type	Retention	Reason
GPS Location	During match only	Real-time match functionality

9.2 Account Deletion Timeline

When you request account deletion, Dayo follows a structured deletion process to ensure your personal data is removed securely while still complying with legal obligations such as abuse prevention requirements.

9.2.1 Immediate Deletion (Within 24 Hours)

Most personal data is permanently deleted within 24 hours after account deletion is confirmed. This ensures that your presence is immediately removed from the platform and no further user interaction is possible.

Data Type	Status	Explanation
Profile Data	Deleted	Removed from public visibility
Messages	Deleted	Removed from conversation systems
Sessions	Terminated	Logged out from all devices

9.2.2 Gradual Deletion (Up to 30 Days)

Some data may remain temporarily in backups and cache systems to ensure system stability and prevent accidental data loss. These backups are automatically purged within 30 days and are not actively used unless required for disaster recovery.

9.2.3 Permanent Legal Retention

Certain data such as abuse reports must be retained for legal and compliance reasons. These records are de-identified and cannot be linked back to your personal identity after deletion.

Data Type	Retention	Reason
Abuse Reports	Indefinite	Safety & fraud prevention

9.3 Data Retention by Category

Different types of data are retained for different durations depending on their purpose. This ensures that Dayo remains both functional and legally compliant while minimizing unnecessary data storage.

9.3.1 Messaging Data

Messages are stored while your account is active to maintain conversation continuity. After account deletion, messages are removed from your side within 24 hours, although recipients may still retain their copy until their own deletion request.

9.3.2 Analytics & System Logs

Usage analytics and system logs are stored temporarily to improve performance, detect bugs, and maintain system stability. After 1 year, this data is aggregated and anonymized so it can no longer be linked to individual users.

9.4 Special Deletion Scenarios

In certain cases, data may be deleted under special conditions such as legal orders, user requests, or company shutdown. These procedures ensure compliance with laws and user rights while maintaining transparency.

9.4.1 Court-Ordered Deletion

If a valid court order is issued, Dayo will delete specified data within 24 hours and confirm completion to the requesting authority. This ensures compliance with legal systems and judicial decisions.

9.4.2 User Right to Be Forgotten

Users can request complete data deletion under privacy laws. Once verified, all personal data is removed within 30 days, except legally required records such as abuse prevention logs.

9.4.3 Company Shutdown

If Dayo ceases operations, all user data will be securely deleted within 30 to 60 days. Users will be notified in advance and given the option to export their data before deletion.

1010. Your Privacy Rights & How to Exercise Them

This section explains all your legal and platform rights regarding your personal data inside Dayo. These rights exist to give you full control, transparency, and protection over how your information is used. Dayo follows applicable privacy laws such as the Philippine Data Privacy Act of 2012, ensuring you can access, correct, delete, and manage your data at any time.

10.1 Right to Delete Your Data

You have the right to permanently delete your account and personal data. This right ensures you maintain full control over your presence on the platform. Once deletion is completed, your data is removed from active systems and becomes unrecoverable, subject to legal retention requirements.

10.1.1 What Will Be Deleted

When you request deletion, most of your personal data is permanently removed from Dayo systems, including your profile, messages, and activity history. This ensures your identity is no longer visible or usable within the platform.

Profile and personal information
Authentication linkage (Google account association within Dayo)
Messages and conversations
Match history and participation records
Photos and uploaded content
Club memberships and roles
User settings and preferences

10.1.2 What Is Retained (Legal Requirements)

Some data must be retained for legal and compliance reasons. These records are not used for active platform operations and are strictly limited to regulatory, security, and audit purposes.

Abuse and moderation records (retained to prevent fraud and ban evasion)
Legal dispute documentation (if applicable)

10.1.3 How to Delete Your Account

Account deletion can be initiated directly through the app or via email request. Both methods require confirmation to prevent accidental or unauthorized deletion.

Note: Because authentication is handled via Google Sign-In, deleting your Dayo account does not delete your Google account. It only removes Dayo’s stored user data and disassociates your Google identity from the platform.

In-App Steps:
1. Profile
2. Privacy & Security
3. Delete Account

Once confirmed, deletion begins immediately and most data is removed within 24 hours. Backup systems are fully purged within 30 days.

10.2 Right to Correct Your Data

You have the right to update or correct any inaccurate or outdated personal information. This ensures your profile remains accurate, trustworthy, and useful for matchmaking, communication, and identity within the platform.

10.2.1 Profile Corrections

You can directly edit most profile information inside the app. This includes your name, bio, sports preferences, and profile photo. Changes are applied immediately and reflected across the platform.

10.2.2 Correction Requests via Email

Email: dayo.ph.it.services@gmail.com
Subject: "Data Correction Request"

Include:
- Account email
- Incorrect data
- Correct data
- Explanation (optional)

All verified correction requests are processed within 1 business day and confirmed via email.

10.3 Right to Opt-Out of Non-Essential Processing

You may opt out of optional data processing activities that are not required for core platform functionality. This ensures you can still use Dayo while limiting data collection based on your preferences.

10.3.1 Analytics Opt-Out

Analytics helps us improve app performance, but it is optional. When disabled, we stop tracking detailed user behavior while still collecting essential system-level error data for stability.

10.3.2 Personalization Opt-Out

You can disable personalized recommendations to receive a neutral experience instead of algorithm-based suggestions. This does not affect your ability to join matches or use core features.

10.3.3 Permission Controls

You can also disable system permissions such as location, camera, or notifications. Some features like match discovery or real-time tracking may stop working if permissions are disabled.

1111. Local Storage & Tracking Technologies

This section explains how Dayo stores data directly on your device and how we use analytics and tracking technologies to improve app performance, stability, and user experience. Since Dayo is a mobile-only application, storage and tracking systems are designed specifically for Android and iOS environments, using secure, encrypted, and system-managed storage solutions.

11.1 How We Store Data on Your Device

Dayo uses local device storage to improve performance, reduce loading times, and enable offline functionality. This allows the app to work efficiently even with unstable internet connections while ensuring sensitive data is securely encrypted and automatically managed by the operating system.

11.1.1 Android Local Storage System (SharedPreferences & DataStore)

On Android devices, Dayo uses system-provided storage mechanisms such as SharedPreferences and DataStore to store lightweight and essential app data. These systems are designed for fast access, security, and persistence across app sessions.

11.1.1.1 Session Token Storage

Your login session token is stored locally so you remain logged in without needing to re-enter credentials each time. This token is encrypted and used only to authenticate your session with Dayo servers.

11.1.1.2 User Preferences Storage

Your app preferences such as theme settings, language selection, and notification preferences are stored locally so your experience remains consistent every time you open the app.

11.1.1.3 Recent Search History

Recent search queries such as matches, sports, or players are stored locally to improve navigation speed and reduce repetitive input when using the app.

11.1.1.4 Offline Cached Match Data

Some match listings are temporarily stored on your device so you can browse available games even without a stable internet connection.

11.1.1.5 Storage Security & Deletion

All sensitive Android-stored data is encrypted using Android KeyStore. This ensures that stored data cannot be accessed by unauthorized applications. Data is automatically deleted when you log out or uninstall the app.

11.1.2 iOS Local Storage System (UserDefaults & Keychain)

On iOS devices, Dayo uses Apple’s secure storage systems such as UserDefaults and Keychain to store application data safely and efficiently.

11.1.2.1 Secure Session Storage (Keychain)

Your authentication token is stored in Apple’s Keychain system, which uses hardware-level encryption to protect sensitive login data from unauthorized access.

11.1.2.2 User Preferences Storage (UserDefaults)

Non-sensitive settings such as theme preferences and notification settings are stored in UserDefaults to maintain a consistent user experience.

11.1.2.3 Cached Match and Search Data

Temporary match listings and search history are cached locally to improve app performance and reduce data usage.

11.1.2.4 Offline Content Storage

Previously loaded content may be stored locally so users can still view matches and profiles without an active internet connection.

11.1.2.5 Storage Deletion Behavior

All locally stored data is removed when the app is deleted or the user logs out, ensuring no personal information remains on the device.

11.2 Third-Party Analytics & Tracking Technologies

Dayo uses Custom Analytics to collect anonymous usage data. This data helps us understand how users interact with the app so we can improve performance, fix bugs, and enhance user experience. This data is aggregated and does not directly identify individual users.

11.2.1 Anonymous Screen Tracking

We track which screens are visited (such as match lists, profiles, and chat screens) to understand which features are most used within the app.

11.2.2 Session Duration Tracking

We measure how long users spend on different screens to understand engagement levels and improve feature design and usability.

11.2.3 Feature Interaction Tracking

We track button clicks and feature usage in aggregated form to determine which features are most valuable to users.

11.2.4 Crash and Error Reporting

Anonymous crash reports are collected to identify bugs, improve stability, and ensure a smoother user experience across all devices.

11.2.5 Device and App Metadata

We collect device type, operating system version, and app version to ensure compatibility and optimize performance across different devices.

11.2.6 Opt-Out Control

You may disable analytics tracking at any time in settings. When disabled, non-essential behavioral tracking stops immediately, while essential crash reporting may still continue to maintain app stability.

11.3 How to Clear Local Storage

You can clear locally stored data at any time through your device settings. This allows you to reset the app, remove cached files, or fully erase stored information if needed.

11.3.1 Android Storage Clearing Process

1. Open Phone Settings
2. Go to Apps
3. Select Dayo
4. Tap Storage
5. Choose:
   - Clear Cache (keeps you logged in)
   - Clear Storage (removes all data and logs you out)

Clearing storage removes all local data including login sessions, preferences, and cached files.

11.3.2 iOS Storage Clearing Process

Option 1: Offload App
- Removes app but keeps data stored

Option 2: Delete App
- Removes app and all local data permanently

Steps:
1. Open iPhone Settings
2. Go to General
3. Tap iPhone Storage
4. Select Dayo
5. Choose Offload or Delete App

Reinstalling the app after deletion will reset it to a fresh state with no previous data stored on the device.

1212. Sensitive Data & Special Categories

This section explains how Dayo handles sensitive categories of personal data, especially location data and health-related information. These types of data require stronger protection because they can directly affect your safety, privacy, and personal security. Dayo applies strict limitations, real-time processing rules, and immediate deletion mechanisms to ensure that sensitive data is only used when absolutely necessary for core features like match participation and is never stored longer than required.

12.1 Location Data (Sensitive)

Location data is treated as highly sensitive because it can reveal where you are in real time and could potentially be misused if not properly protected. In Dayo, location is only used to enable core features such as finding nearby matches, showing player positions during live games, and ensuring fair and accurate match participation. We intentionally limit collection to “while using the app” scenarios to ensure your location is never tracked in the background or stored long-term.

12.1.1 How We Collect Location

Location is only accessed when you explicitly allow it. The system is designed to request permission transparently and only activates GPS tracking during active app usage. If permission is denied, all location-based features are automatically disabled without affecting other core app functions like messaging or profile viewing.

GPS-based location (only if permission is granted)
“While Using App” permission only (no background tracking)
No location collection if permission is denied
No passive or hidden tracking of movement

12.1.2 How Location Is Used During Matches

During matches, location is used strictly to enable real-time coordination between players. This includes showing where participants are on the map, ensuring fair gameplay positioning, and allowing players to join matches within a defined geographic radius. Once the match ends, all real-time location data is immediately removed to protect user privacy.

Before match: permission request is shown to the user
When joining: location shared only with match participants
During match: real-time updates every 60 seconds
Map visibility: only participants can see each other
Radius limit: maximum 10 km from match location
After match: location data is deleted immediately

12.1.3 Example Location Flow

This example shows how location behaves during a live match. The system is designed to balance real-time functionality with strict privacy protection, ensuring that location is only used when necessary and removed immediately after use.

12.1.4 Privacy Protections

Location privacy is a core safety feature of Dayo. The system is designed so that location data is never exposed outside of active matches and is never stored in long-term databases. This ensures that your movement cannot be tracked before or after gameplay, and that even internal systems only process location temporarily in memory during matches.

Only visible during active matches
Only visible to match participants
Not accessible to non-participants or public users
Not stored in long-term databases
Not included in user history or exports
Deleted immediately after match ends

12.1.5 User Control Over Location

Users have full control over location permissions. You can disable location access at any time through in-app settings or your device’s system settings. If disabled, all location-based features such as nearby match discovery and real-time tracking will stop functioning, but other app features remain fully usable.

Settings > Privacy > Location toggle
System-level permission control (Android/iOS)
Option: “While Using App” (recommended)
Option: “Never Allow” (disables location features)

12.2 Health Information

Dayo does not collect, process, or store any medical or health-related data about users. This is an intentional privacy design decision to ensure that participation in sports and social matches remains inclusive, safe, and free from sensitive medical profiling. We do not require health disclosures for any features within the app.

12.2.1 Types of Health Data Not Collected

The platform does not request or store any medical or health-related information under any circumstance. This includes both explicit medical data and inferred health conditions.

No medical conditions or diagnoses
No injury or rehabilitation data
No disability records or medical certificates
No medication or prescription information
No health insurance details
No physical or mental health tracking

12.2.2 Optional User-Shared Information

Users may voluntarily include health-related context in their profile bio, such as physical limitations or preferences for certain types of matches. This information is entirely optional, user-controlled, and treated as normal profile text. It is only used for display purposes and is not validated or interpreted by the system.

Optional bio text (user-controlled)
Visible only to other app users
Can be edited or removed anytime
Not used for automated decisions
Not shared with third parties

12.2.3 How We Handle User-Provided Health Mentions

If a user voluntarily mentions health-related information in their profile, it is treated the same as any other bio content. Dayo does not verify, interpret, or act on this information in any automated way. It exists solely for user communication and transparency between players who choose to share such details.

Stored as plain profile text only
Displayed to other users if profile is public
No validation or medical interpretation
No sharing with healthcare providers
No use in matchmaking algorithms
No commercial use or analysis

12.2.4 What Dayo Does NOT Do

To ensure fairness and privacy, Dayo strictly avoids using health-related data in any system decision-making. This prevents discrimination, profiling, or exclusion based on health conditions and ensures that all users have equal access to matches and platform features regardless of physical condition.

No medical verification of user claims
No health-based matchmaking restrictions
No sharing with insurers or healthcare providers
No health-based scoring or profiling
No advertising based on health data
No external reporting of health information

1313. Age Verification & Child Safety

This section explains how Dayo handles age verification and child safety to ensure that only eligible users can access the platform and that younger users are protected while using the app. Because Dayo involves real-world sports participation, messaging, and location-based features, age safety is an important part of maintaining a secure and responsible community. Our approach balances legal compliance, user privacy, and practical verification methods while avoiding unnecessary collection of sensitive identity documents.

13.1 Age Verification Process

Dayo uses a self-declared birthdate system during account creation to determine whether a user is eligible to access the platform. This method is designed to be simple, privacy-friendly, and widely accessible, while still enforcing a minimum age requirement of 13 years old. The system automatically calculates age based on the provided birthdate and applies an age gate before account creation is completed.

13.1.1 Step 1: Birthdate Entry

During registration, users are required to enter their date of birth using a calendar interface. This information is used solely to calculate age and determine eligibility for account creation. No external validation is performed at this stage, and the system relies on user-provided information.

User selects month, day, and year of birth
System automatically calculates current age
Age is categorized as 13+ or under 13
Stored as part of account profile data

13.1.2 What We Do NOT Do

To maintain user privacy and reduce unnecessary data collection, Dayo does not require any external identity verification methods during account creation. This ensures that users can join the platform without submitting sensitive documents or connecting external records.

No ID card or government document verification
No parental consent verification system (currently)
No school or institutional record checks
No government database integration
No parental contact or approval requests

13.1.3 Step 2: Age Gate Enforcement

After birthdate submission, the system applies an automatic age check to determine eligibility. Users who meet the minimum age requirement can proceed with account creation, while users below the age threshold are blocked from accessing the platform.

Users aged 13 and above can continue registration
Users under 13 are blocked from creating an account
System displays eligibility message if blocked
No account is created for ineligible users

13.1.4 Age Restriction Message

If a user is under the minimum required age, the system prevents account creation and displays a clear message explaining the restriction. This ensures compliance with child safety regulations while providing transparency about platform rules.

"Dayo is for ages 13 and up. You must be at least 13 years old to use this app."

13.1.5 Why This Approach Is Used

This age verification system is designed to balance usability, privacy, and legal compliance. It allows users to join quickly without collecting sensitive identity documents, while still enforcing a minimum age requirement. This approach aligns with international child privacy standards such as COPPA and is designed to be practical for a mobile-first sports platform like Dayo.

Balances privacy and compliance requirements
Minimizes collection of sensitive personal data
Ensures accessibility for users globally
Designed for mobile-first user onboarding

13.2 Child Safety & Privacy (Ages 13–17)

Users between the ages of 13 and 17 are allowed to use Dayo with full access to core features, including matches, messaging, and clubs. However, their data is treated with enhanced privacy considerations to ensure a safer environment. While no parental consent system is currently required, Dayo applies strict data handling rules to prevent misuse, unauthorized sharing, or commercial exploitation of minor user data.

13.2.1 Current Protections for Teen Users

Teen users have access to the same core features as adult users, but their data is not used for advertising, profiling, or third-party marketing. This ensures that participation in sports and social interaction remains safe and focused on the platform’s core purpose.

Full access to app features (matches, chat, clubs)
No advertising profiling or behavioral marketing
No data sales to advertisers or brokers
No sharing of personal data beyond core service providers
No location tracking outside of active match usage
No requirement for parental consent (current system)

13.2.2 What We Do NOT Do for Child Safety

To ensure strict privacy protection for younger users, Dayo avoids any form of data commercialization or external distribution of sensitive information. This helps prevent exploitation and ensures compliance with child protection standards across jurisdictions.

No selling of user data to advertisers
No creation of marketing or behavioral profiles
No data sharing with data brokers
No external sharing of personal location data
No use of data for targeted advertising
No unauthorized third-party access to messages

13.2.3 Safety Features Available to All Users

Dayo provides built-in safety tools that allow users to control their experience and protect themselves while interacting with others on the platform. These features are especially important for younger users engaging in real-world sports coordination and messaging.

User blocking system for unwanted interactions
Reporting tools for messages and behavior
Ability to make profile private
Option to disable location sharing
Analytics opt-out controls
Privacy settings customization

1414. Security Measures & Data Protection (Implemented)

This section explains the technical and organizational security measures currently implemented by Dayo to protect your personal data. These safeguards are active across all systems, including mobile apps, APIs, and backend infrastructure. Their purpose is to ensure confidentiality, integrity, and availability of user data while preventing unauthorized access, data leaks, and cyberattacks.

14.1 Encryption

All data handled by Dayo is protected using industry-standard encryption methods. This ensures that your personal information remains secure both while it is being transmitted over the internet and while it is stored in our databases. Encryption is a core requirement for protecting user trust, preventing interception attacks, and complying with modern privacy and security standards.

14.1.1 In Transit (HTTPS/TLS)

Data sent between your device and Dayo servers is encrypted using secure transport protocols. This prevents attackers from intercepting or reading sensitive information while it is being transmitted across networks.

14.1.2 At Rest (Database Encryption)

All stored data in Dayo’s backend systems is encrypted using strong encryption standards. This ensures that even if unauthorized access to storage occurs, the data remains unreadable without proper decryption keys.

14.2 Access Controls

Access to user data within Dayo is strictly controlled to prevent unauthorized viewing or misuse. Only authorized personnel can access limited portions of data, and every access is logged and monitored. These controls ensure accountability, traceability, and compliance with privacy standards.

The principle of least privilege ensures that employees only access the minimum amount of data required to perform their specific job functions. This significantly reduces the risk of internal misuse and limits exposure in case of compromised accounts.

14.3 Infrastructure Security

Dayo operates on secure cloud infrastructure designed to resist cyberattacks, downtime, and data loss. Multiple layers of protection are implemented to ensure system reliability and resilience against threats such as hacking attempts, service disruptions, and malicious traffic.

14.4 API Security

All Dayo application programming interfaces (APIs) are protected with multiple layers of security to prevent unauthorized access, injection attacks, and malicious requests. These protections ensure that only valid, authenticated users and systems can interact with Dayo services.

These API protections are essential for ensuring that the Dayo platform remains secure, stable, and resistant to common web-based attacks. They also ensure that user data is only accessible to authorized users and approved system processes.

1515. Contact & Support

If you have any questions, concerns, or requests regarding your privacy, personal data, or account-related issues, you may contact Dayo directly through our official support email at dayo.ph.it.services@gmail.com. Our team is committed to providing timely assistance and ensuring that all inquiries are handled professionally and securely. Whether you need help with account access, data requests, reporting issues, or general support concerns, we aim to respond as quickly as possible and provide clear communication throughout the resolution process.