Your privacy matters. This Privacy Policy explains what information we collect about you when you use Mixoo, how we use it, and your rights over your data.
1Information We Collect
We collect information you provide directly to us, information we collect automatically when you use the App, and information from third parties.
1.1 Information You Provide
Account Information: Name, username, email address, phone number, date of birth, profile photo, and password (or OAuth token via Google/Apple Sign-In).
Profile Content: Bio, hobbies, location (city/country), social links, and any other information you add to your profile.
User Content: Posts, images, videos, live stream audio/video, chat messages, comments, reactions, and virtual gifts you send or receive.
Payment Information: When you purchase Diamonds or premium features, payment data is processed by the payment provider (e.g., Apple App Store, Google Play). We receive confirmation of the transaction but do not store raw card numbers.
Communications: Messages you send to our support team at support@mixoo.app.
1.2 Information We Collect Automatically
Device Information: Device model, operating system version, unique device identifiers, and mobile network information.
Usage Data: Pages and features you access, actions you take (likes, reactions, gifts sent), session duration, and in-app navigation patterns.
Log Data: IP address, browser/app type, timestamps, and error logs.
Location: Approximate location derived from your IP address. We do not collect precise GPS location unless you explicitly enable it for location-tagged posts.
Push Notification Tokens: Device tokens required to send you push notifications via Firebase Cloud Messaging (FCM).
1.3 Information from Third Parties
Social Sign-In: When you sign in with Google or Apple, we receive your name, email, and profile picture as permitted by those platforms.
Analytics Partners: Aggregated, anonymized usage statistics to improve the App.
2How We Use Your Information
We use the information we collect to:
Purpose
Legal Basis
Create and manage your account
Contract performance
Provide, maintain, and improve the App
Legitimate interest
Process in-app purchases and payouts
Contract performance
Enable live rooms, calls, and messaging
Contract performance
Personalize your experience and content feed
Legitimate interest
Send transactional and promotional notifications
Consent / Legitimate interest
Detect fraud, abuse, and safety violations
Legal obligation / Legitimate interest
Comply with applicable laws
Legal obligation
We do not use your personal data to build advertising profiles for third-party ad networks.
3Sharing & Disclosure
We do not sell your personal information. We may share your data in the following circumstances:
With Other Users: Your public profile, posts, live streams, and interactions are visible to other users. One-on-one chat messages are end-to-end stored in your private Firebase Firestore space.
Service Providers: We use trusted third-party services — including Firebase (Google), Agora (real-time audio/video), and payment processors — that process data on our behalf under strict data protection agreements.
Legal Compliance: We may disclose data if required by law, court order, or governmental authority, or to protect the safety and rights of our users.
Business Transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred. We will notify you before this occurs.
4Data Retention
We retain your personal data for as long as your account is active or as needed to provide services. If you delete your account:
Profile data is deleted within 30 days.
Chat messages stored in Firebase Firestore are deleted upon account deletion.
Transaction records may be retained for up to 7 years for legal and tax compliance.
Aggregated, anonymized analytics data may be retained indefinitely.
5Security
We implement industry-standard security measures including:
HTTPS / TLS encryption for all data in transit.
Firebase Security Rules controlling Firestore data access.
Encrypted storage for authentication tokens on device (Flutter Secure Storage).
No method of electronic storage or transmission is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. Please report any suspected security vulnerabilities to support@mixoo.app.
6Children's Privacy
Mixoo is not intended for children under 13. We do not knowingly collect personal information from children under 13 years of age.
If we become aware that we have inadvertently collected personal information from a child under 13 without verified parental consent, we will take immediate steps to delete that data. If you believe we have information about a child under 13, please contact us at support@mixoo.app.
For users between 13 and 18, parental consent is required for in-app purchases in jurisdictions where applicable.
7Your Rights
Depending on your jurisdiction, you may have the following rights:
Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data ("right to be forgotten").
Portability: Request your data in a structured, machine-readable format.
Objection: Object to processing based on legitimate interests.
Withdrawal of Consent: Withdraw consent for optional processing (e.g., marketing notifications) at any time in Settings.
To exercise any of these rights, contact us at support@mixoo.app. We will respond within 30 days. Note that we may need to verify your identity before fulfilling certain requests.
8Push Notifications
We use Firebase Cloud Messaging (FCM) to send push notifications about app activity, new messages, gift notifications, and promotional offers. You can manage push notification preferences in your device's system settings or within the App's notification settings at any time.
9Third-Party Services
The App integrates with the following third-party services, each governed by its own privacy policy:
Firebase (Google): Authentication, Firestore database, Cloud Messaging, and Storage. Google Privacy Policy
Google Sign-In / Apple Sign-In: OAuth-based authentication.
Apple App Store / Google Play: In-app purchase processing.
10International Data Transfers
Your data may be processed and stored on servers located outside your country of residence. By using Mixoo, you consent to the transfer of your information to countries that may have different data protection laws than your country. We take steps to ensure adequate safeguards are in place for such transfers in accordance with applicable law.
11Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via in-app notification or email. Your continued use of the App after any changes take effect constitutes your acceptance of the updated Policy.
The date at the top of this page indicates when this Policy was last updated.
12Contact Us
For any privacy-related questions, requests, or concerns, please contact our Privacy Team: