Privacy Policy

1. Information We Collect & Explicit Consent Account Data: When you log in (via Google or Email), we collect your name, email address, and profile picture. Geolocation Data (Just-in-Time Notice): Vaya relies on location data to function. Before we access your device’s GPS, you will see an in-app prompt. We only collect your precise location (latitude and longitude) to match you with travelers departing from the same area. You can deny this permission or withdraw it at any time in your device settings, though the core discovery feature will not work without it. Usage Data: We collect information regarding your travel plans (Departure/Arrival times), who you chat with, and profile interactions. 2. How We Use Your Information To enable the core "Traveler Discovery" and matching features. To facilitate real-time chat between users via our secure NestJS backend. To ensure community safety and investigate reported grievances. 3. Data Sharing With Other Users: Your profile details, photos, and approximate travel plans are visible to other Vaya users only if their travel itinerary matches yours. Service Providers: We host your data securely on Supabase (PostgreSQL) and process authentication via Google. We do not and will not sell your personal data to third-party advertisers. 4. User Rights, Retention & Deletion Under the Digital Personal Data Protection Act (DPDPA), you have the right to access, correct, and erase your data. We store your data only as long as your account is active. You may delete your account at any time via Settings > Delete Account. This action is irreversible and will permanently remove your photos, location history, chat data, and profile from our active PostgreSQL database. 5. Security We implement industry-standard security measures, including SSL/TLS encryption, to protect your data in transit and at rest.