ToldYa updates this policy as the product, legal obligations, and safety systems evolve.
How ToldYa handles personal information, social content, safety reports, and account data.
Data, safety, subscriptions, and public posting, explained simply.
This policy covers public pages, accounts, social posting, reports, moderation records, and subscriptions.
Public activity and safety events can remain relevant even after visible product states change.
ToldYa expects privacy, safety, and legal requests to be handled through dedicated support and compliance channels as the service matures.
This helps reduce fraud, unauthorized account access, and harmful disclosure of records tied to another person, account, or investigation.
Search, linking, quoting, indexing, reposting, and social sharing can extend the life and visibility of public content.
Scan first. Read deeper.
Public product. Clear privacy boundaries.
Public visibility can travel further than one feed moment.
Safety history can still matter after a post changes.
Requests should stay reviewable and proportionate.
Start with the highlights, then use the contents rail for specifics.
Short summary first. Full detail below.
ToldYa is responsible for the data practices described here unless a different provider controls a specific service.
That can include infrastructure vendors, payment processors, app stores, embedded providers, or linked third-party services that operate their own privacy rules.
Public content can move further than a single in-app surface.
Quotes, reposts, screenshots, links, embeddings, search references, and outside discussion may continue even after a visible product state changes.
Users may have rights to request access, correction, deletion, restriction, portability, or to complain where local law allows.
Some requests can still be limited by billing, abuse review, moderation continuity, legal compliance, fraud prevention, and security obligations.
Visible product states can change faster than the records around them.
Posts, quotes, reports, appeals, enforcement notes, fraud checks, and legal holds may continue to exist in internal records even when a public surface looks reduced, hidden, deleted, or restricted.
Public content stays distinct from private account handling.
ToldYa is built around public social objects, but account, billing, safety, and support records still need their own clear privacy boundaries.
Safety records can outlast visible product states.
Reports, moderation, fraud review, abuse investigations, and legal holds may require retention even when a post or account changes on the surface.
Requests should be handled through real workflows.
Access, deletion, correction, and disclosure decisions should be reviewed through dedicated support, privacy, safety, and legal channels as ToldYa grows.
1. What this policy covers
This policy applies to ToldYa public web pages, account registration, profile features, social posting, comments, quotes, reposts, saved content, trust and safety operations, customer support, subscription handling, and related business systems used to run the service.
It also applies to information about people who submit reports, appeal moderation decisions, contact ToldYa, or appear in trust and safety records because of activity on the platform.
2. Information we collect
ToldYa may collect account and profile details such as email address, username, display name, biography text, profile image, login and session metadata, device information, IP-related network signals, and settings needed to run the service.
We may also collect content and interaction data users choose to create or trigger through the platform, including posts, predictions, opinions, replies, quote-posts, reposts, saved items, report submissions, appeal requests, feedback, links, media, and related timestamps and engagement records.
ToldYa may also derive inferences, risk indicators, trust signals, and moderation context from account activity, interaction patterns, device and session behavior, abuse reports, and safety workflows when needed to operate, secure, rank, or moderate the service.
For paid features, ToldYa may also process subscription status, billing metadata, transaction references, refund records, and fraud-prevention signals. ToldYa may receive payment details through payment processors rather than storing full card details directly.
For safety and operations, ToldYa may collect moderation history, enforcement outcomes, internal review notes, abuse indicators, suspicious activity logs, and records needed to investigate reports, protect the service, and document safety decisions.
3. How information reaches us
Information may come directly from users when they create accounts, complete profiles, post content, submit reports, subscribe, contact support, or adjust settings. Information may also come from use of the service itself, including device, session, interaction, and log-level events generated while the platform is running.
ToldYa may also receive information from service providers and business partners that support hosting, payments, analytics, abuse prevention, customer support, or legal and security operations. We may also receive information from other users when they mention, report, quote, reply to, or otherwise interact with a person or a post on the platform.
5. Sensitive information and public caution
ToldYa is not designed to encourage users to post sensitive personal information. People should avoid publishing private contact details, government identifiers, financial details, precise location information, health details, or other highly sensitive information unless they clearly understand the public and lasting nature of doing so.
If sensitive information appears in reports, moderation records, safety reviews, or disputes, ToldYa may need to process or retain some of that information to investigate harm, resolve abuse issues, comply with law, or preserve security and enforcement records.
6. Why we process information
ToldYa processes information for several reasons, including providing the service requested by users, securing accounts, fulfilling subscriptions, enforcing platform rules, communicating about product operations, and supporting legitimate business, legal, trust and safety, and fraud-prevention needs.
Depending on the situation, processing may be based on user consent, performance of a contract, legal obligations, or ToldYa’s legitimate interests in operating, securing, improving, and defending the service and the people who use it.
7. How we use information
ToldYa uses information to provide and improve the service, authenticate users, personalize social experiences, operate product features, process subscriptions, respond to support requests, measure performance, and maintain platform reliability.
We also use information to detect policy violations, investigate abuse, evaluate reports and appeals, moderate content, prevent fraud, protect users and creators, maintain internal audit trails, and meet legal or compliance obligations.
9. De-identified and aggregated information
ToldYa may use de-identified, pseudonymized, or aggregated information for analytics, service planning, performance measurement, trend analysis, safety review, and product improvement. Where information is no longer reasonably linked to an identified person, it may not be treated the same way as directly identifiable personal information.
11. Ranking, recommendations, and safety signals
ToldYa may use interaction data, account signals, content metadata, trust and safety indicators, and product-level engagement patterns to rank feeds, highlight conversations, reduce abuse, detect suspicious activity, or decide where and how content appears inside the service.
These systems may involve automated signals, but ToldYa may also use human review, internal tools, and enforcement workflows when content, accounts, reports, or appeals need closer attention.
12. Reports, appeals, and enforcement records
ToldYa may create and retain records about reports, appeals, safety assessments, moderation outcomes, enforcement actions, case notes, and related internal review materials. These records may involve the reporting party, the affected account, other involved users, linked content, timestamps, and evidence used to assess risk or policy compliance.
Because trust and safety systems depend on continuity, some of these records may remain even if visible content changes, an account is restricted, or a user later requests deletion.
13. Retention
ToldYa keeps information for as long as reasonably necessary to operate the platform, maintain account integrity, honor legal obligations, resolve disputes, process subscriptions, investigate safety issues, and preserve moderation, audit, and fraud-prevention records.
Different categories of information may be retained for different periods depending on account status, content lifecycle, technical needs, legal requirements, safety considerations, and whether records are needed to document enforcement or billing events.
14. Account closure and deletion requests
When users close an account or request deletion, ToldYa may remove or de-identify some information from active product surfaces, but some records may remain for legal compliance, billing, fraud prevention, platform integrity, abuse investigations, moderation history, dispute handling, or security logging.
Copies may also remain for limited periods in backups, caches, abuse systems, or audit records until ordinary deletion cycles, retention limits, or security requirements are satisfied.
15. Security and platform integrity
ToldYa uses administrative, technical, and organizational measures intended to protect information and preserve service integrity. No service can guarantee perfect security, and users should understand that internet-based systems always carry some risk.
We may monitor logs, rate limits, moderation signals, suspicious activity patterns, login anomalies, and abuse indicators to protect the service, users, creators, and subscribers. Security controls may change over time as the platform and threat landscape evolve.
16. International processing
ToldYa may process or store information in countries other than the user’s own country, including through service providers or infrastructure that operate internationally. Data protection rules can differ across jurisdictions, and ToldYa may use contractual, organizational, or technical measures intended to protect information when international processing occurs.
17. Legal requests and required disclosures
ToldYa may preserve, review, or disclose information when required to comply with applicable law, legal process, valid government requests, court orders, or regulatory requirements, or when reasonably necessary to protect the rights, safety, or security of users, the public, or ToldYa.
Where appropriate and legally permitted, ToldYa may object to, narrow, or review requests before responding. ToldYa may also preserve information connected to disputes, threats, safety events, fraud, or investigations while those matters remain active.
18. Business transfers
If ToldYa is involved in a merger, acquisition, financing, restructuring, bankruptcy, asset sale, or similar transaction, information covered by this policy may be reviewed, transferred, or disclosed as part of evaluating or completing that transaction, subject to applicable law and reasonable confidentiality expectations.
19. Third-party links, embeds, and app stores
ToldYa may link to, embed, or depend on third-party services, websites, payment tools, sign-in providers, analytics tools, or app distribution platforms. Those services may have their own privacy practices, terms, and retention rules, and ToldYa does not control every external system a user may touch through or around the product.
Where ToldYa is distributed through app stores or similar platforms, additional platform terms, billing rules, or privacy disclosures may apply to store-level interactions.
20. Children and age-restricted use
ToldYa is not intended for children below the minimum age required by applicable law or the platform’s own rules. If we learn that an account was created in violation of age-related requirements, we may suspend or remove that account and associated data as appropriate.
21. Controls and choices
Users may be able to control parts of their profile, visible content, communications, saved items, device settings, and some account preferences from within the product or through browser and device settings. Product controls may expand as ToldYa matures.
Removing public content from a visible surface does not always mean every copy disappears immediately from caches, moderation records, audit logs, abuse systems, legal holds, or safety review tools.
22. User rights
Depending on where a user lives, they may have rights to access, correct, delete, restrict, object to, or request portability of certain personal information. They may also have rights related to consent withdrawal or complaints to a supervisory authority where applicable.
These rights are not absolute. ToldYa may retain or continue processing some information when necessary for legal compliance, fraud prevention, billing, dispute handling, abuse investigations, platform security, or enforcement of platform rules and safety decisions.
Where local law gives users the right to complain to a regulator or supervisory authority, ToldYa expects users may also use those channels in addition to contacting ToldYa directly.
ToldYa also expects privacy request methods to remain reasonably accessible and not to be designed in ways that create unnecessary friction, confusion, or avoidable barriers for people trying to exercise available rights.
23. Automated processing and human review
ToldYa may use automated tools, scoring systems, detection models, and product-level signals to prioritize moderation review, identify suspicious activity, rank content, or detect abuse. These systems may influence how quickly content is reviewed or how risk is escalated inside trust and safety workflows.
ToldYa may also use human review, internal case handling, and discretionary enforcement judgment where context matters or when platform, legal, or safety decisions require closer examination.
24. Regional privacy supplements
Users in some jurisdictions may have additional privacy rights, complaint channels, or disclosure requirements under local law. ToldYa may provide region-specific notices, workflows, or request handling requirements where needed to comply with those legal obligations.
25. Browser signals and Do Not Track
Browsers and devices may offer privacy settings or signals, including Do Not Track. Because there is not always a single consistent standard for how these signals should be interpreted across services and technologies, ToldYa may not respond to every such signal in the same way unless and until a clear operational standard is adopted.
26. California notice
California residents may have additional rights under California privacy laws, including rights to know, delete, or correct certain personal information and rights related to certain forms of sharing or disclosure. ToldYa should respond in line with applicable law once production support channels and request workflows are formally established.
ToldYa does not promise every requested deletion or change can be completed in full where records must be retained for security, moderation, legal, billing, or fraud-prevention purposes.
27. How to make a privacy request
As ToldYa matures, privacy-related access, correction, deletion, portability, objection, and legal contact requests should be routed through dedicated support or compliance channels. ToldYa may request information needed to verify identity, reduce fraud, or confirm that the requester is authorized to act for the relevant account or person.
Before fulfilling some requests, ToldYa may need to check whether information must be retained for billing, abuse review, moderation history, legal compliance, account security, or platform integrity reasons.
ToldYa may also distinguish between requests made directly by an account holder and requests made through an authorized agent, guardian, or representative. If ToldYa cannot reasonably verify the requester, if a request is manifestly abusive or repetitive, or if fulfilling it would create material security, fraud, or rights-of-others concerns, ToldYa may limit, defer, or decline the request to the extent allowed by applicable law.
Where verification is needed, ToldYa aims to request information that is reasonably related and proportionate to the request rather than collecting more sensitive or unrelated information than is necessary for that workflow.
28. Search, indexing, and public discovery
Because ToldYa is a public social product, some content, profile information, or interaction trails may be accessible through product search, public profile pages, shared links, embeds, reposts, quotes, screenshots, or external indexing and discovery systems. ToldYa cannot control every external copy, mention, or reference created after public content is shared.
Even when a product surface changes, some traces of public activity may persist in search references, moderation records, linked conversations, or third-party sharing contexts.
29. Internal access and data minimization
ToldYa should limit internal access to personal information based on role, operational need, trust and safety responsibilities, billing requirements, support needs, and legal or security review. Access to sensitive records should be limited and auditable wherever practical.
ToldYa also aims to avoid collecting more information than is reasonably necessary for the service, although some records may need to remain detailed enough to support abuse review, moderation continuity, billing integrity, and incident response.
30. Contact and policy updates
ToldYa may update this Privacy Policy when the product, laws, technologies, safety systems, or operational requirements change. Material updates may be reflected through the website, the product, account notices, or related communications. Continued use after an update may mean the revised policy applies to future use.
For product, privacy, or legal questions, ToldYa should maintain clear support and legal contact channels as the service matures and formal request handling processes are established. Unless a specific provider or transaction flow states otherwise, ToldYa is the product operator responsible for the practices described in this notice.
4. Social content and public visibility
ToldYa is a social platform. Content users choose to publish may be visible to other users and may be discoverable through feeds, profile pages, search surfaces, interaction chains, reposts, quote-posts, or other public product features.
Users should not post sensitive personal data, confidential information, unlawful content, or material they do not have the right to publish. Public activity may continue to appear in logs, moderation records, trust and safety tools, investigation materials, screenshots, or other downstream references even when some user-facing surfaces later change.