Yoki Privacy Policy
Last Updated: March 31, 2025
At Yoki, your privacy is our top priority. We are deeply committed to protecting your personal information with the highest standards of security and transparency.
This Privacy Policy explains how we collect, use, share, and safeguard your data while respecting your rights. By using Yoki's products and services, you consent to these practices. If you do not agree, please discontinue use.
For questions or requests about your privacy, please contact us using the information provided at the end of this document.
1. Introduction
At Yoki, safeguarding your privacy is our top priority. We have implemented a rigorous framework to protect your personal information, ensuring transparency, security, and compliance with applicable regulations. This Privacy Policy outlines how we handle your data across all Yoki products and services.
Please note that this policy does not extend to third-party services, which are governed by their own privacy practices.
2. Collection and Use of Personal Information
When you interact with Yoki’s products and services, certain personal information may be collected to deliver and enhance your experience. Below, we detail the types of data we gather and how they are utilized.
Scope of Data Collection
The specific data collected depends on the product or service you use. For precise details, refer to the documentation or descriptions provided for each offering.
Cross-Feature Data Utilization
Information obtained from one feature may be applied to improve other aspects of our platform. For instance, data collected to personalize content in one service might also enhance security measures or refine user profiles elsewhere.
Should we need to use your data for purposes beyond those initially disclosed, we will notify you and obtain your explicit consent beforehand.
Continuous Enhancements and Policy Updates
As we evolve our services, we may introduce new functionalities or refine existing ones, which could involve adjustments to data collection or usage practices. Any such changes will be communicated via updates to this policy, in-app notifications, or other appropriate channels.
Your data will only be processed with your consent. If you have questions or concerns, you may contact us at any time for clarification.
Key Aspects of Data Handling
Account Registration
To access Yoki’s services, you must create an account. You are responsible for maintaining the confidentiality of your login credentials and should not share them with others.
Device Identification
We use device-specific identifiers (e.g., device ID) to ensure secure and seamless operation of our software.
Permission-Based Access
Certain features may require access to device functions. These permissions are requested only when necessary and can be revoked via your device settings. Examples include:
• Photo Library & Camera: For uploading images or participating in video calls.
• Microphone & Audio: To enable voice calls or recordings.
• Bluetooth: For improved audio experiences with compatible devices.
• External Storage: To save or manage downloaded files.
• Advertising IDs: For analyzing marketing campaign performance.
Device and Usage Data
We automatically collect technical details (e.g., device model, OS version, IP address) to optimize performance and troubleshoot issues. Diagnostic data, such as crash reports, may also be gathered to improve service reliability.
Third-Party Analytics
To refine our services and marketing strategies, we may share limited data with tools like Appsflyer or Facebook Analytics. These partners are contractually bound to handle your information securely and in compliance with privacy laws.
3. Sharing, Transfer, and Disclosure of Your Personal Information
At Yoki, we are committed to protecting your privacy and ensuring that your personal information is handled securely and responsibly. We do not share your personal information with external parties except in the following circumstances:
3.1 With Your Explicit Consent
We will only share your personal data with third parties if we have obtained your explicit consent. In such cases, you have full control over whether or not your information is shared, and you can withdraw your consent at any time.
3.2 Compliance with Legal Obligations
We may disclose your personal information when required to comply with applicable laws, regulations, or governmental requests. This includes situations where we are obligated to respond to legal proceedings, court orders, or administrative inquiries. In such cases, we will only provide the minimum amount of information necessary to fulfill the legal requirement.
3.3 Data Sharing Practices
We may share your personal information with third parties for legitimate business purposes, such as enhancing service functionality, preventing fraud, or providing customer support. All third-party recipients are bound by strict data protection agreements, ensuring your data is used only for specified purposes, protected with robust security measures, and handled in compliance with applicable privacy laws. If your data is transferred internationally, we implement adequate safeguards, such as Standard Contractual Clauses (SCCs), to ensure compliance. You have the right to object to data sharing or withdraw consent at any time by contacting us. We are committed to transparency and security in all data-sharing practices.
3. Partnerships for Service Enhancement
To deliver a seamless experience, Yoki collaborates with carefully selected partners who assist in critical operational functions. These entities are contractually obligated to process your information solely for Yoki’s designated purposes. Key collaborations include:
• Infrastructure Providers: We engage specialized vendors for cloud hosting, data storage, and server management to maintain platform stability.
• Financial Processors: Certified payment gateways handle transaction processing to ensure secure financial operations.
• Analytics & Marketing Platforms: Tools like Appsflyer and Facebook Analytics help refine user engagement strategies through anonymized behavioral analysis and campaign performance metrics.
4. Strategic Data Utilization
Your information may be disclosed to external parties when necessary to achieve legitimate business objectives, such as:
• Service Optimization: Technical partners assist in feature development and performance enhancements.
• Security Initiatives: Cybersecurity specialists aid in fraud detection and threat mitigation.
• Customer Support: Outsourced teams provide troubleshooting assistance under strict confidentiality protocols.
5. Data Continuity During Organizational Transitions
In the event of corporate restructuring (e.g., mergers or acquisitions), user data constitutes a transferable asset. Any such transition will:
• Maintain existing privacy protections
• Notify affected users of material changes
• Prohibit secondary uses beyond original service purposes
6. Third-Party Compliance Framework
All external collaborators must adhere to binding agreements that enforce:
• Purpose Limitation: Data usage restricted to predefined service requirements
• Security Mandates: Implementation of encryption, access controls, and breach notification systems
• Regulatory Alignment: Compliance with GDPR, CCPA, and other applicable legislation
7. International Data Governance
For cross-border transfers, particularly outside the EEA, Yoki implements:
• Legal Safeguards: Standard Contractual Clauses (SCCs) or equivalent mechanisms
• Risk Assessments: Evaluation of destination countries’ data protection standards
• Transparency: Clear disclosure of data routing jurisdictions
8. User Sovereignty Over Data Flows
You retain specific rights regarding data sharing, including:
• Opt-Out Privileges: Object to marketing-related disclosures
• Access Channels: Dedicated contact points for managing sharing preferences
• Granular Controls: Selective permission management for analytics integrations
9. Multi-Layered Security Protocols
Yoki’s protection strategy incorporates:
• Preventive Measures: Real-time monitoring, penetration testing, and anomaly detection
• Response Systems: Automated alerts and containment procedures for suspected breaches
• Continuous Improvement: Biannual security audits and staff certification programs
10. Comprehensive Data Stewardship
Users may exercise the following through formal requests:
• Data Audits: Obtain records of processed information
• Rectification: Correct inaccuracies in stored profiles
• Erasure: Delete non-essential data (subject to legal retention periods)
• Portability: Receive machine-readable copies of provided information
Implementation Notes:
• Backup systems may temporarily retain deleted data during archival cycles
• Identity verification required for sensitive requests
• Service-level impacts will be disclosed for major data alterations
This framework reflects Yoki’s commitment to balancing operational requirements with user rights. For inquiries or requests, contact our Data Protection Officer at debendronathmanik@gmail.com. All policies undergo quarterly reviews to align with evolving regulatory standards and technological developments.
11. Legal Basis for Data Processing & Your Rights
A. Legal Grounds for Processing Your Data
Yoki processes personal data in full compliance with global privacy regulations, relying on the following lawful bases:
1. Your Consent
○ We obtain your explicit permission for specific processing activities (e.g., marketing communications, location tracking).
○ You may withdraw consent at any time through your account settings or by contacting us directly.
2. Contractual Necessity
○ Processing required to fulfill our service agreement with you (e.g., account authentication, payment processing, customer support).
3. Legitimate Business Interests
○ Carefully balanced processing that includes:
• Security monitoring and fraud prevention
• Service improvement and product development
• Network and information security measures
4. Legal Compliance
○ Processing mandated by applicable laws (e.g., tax reporting, responding to lawful government requests).
5. Public Interest
○ Limited processing for critical public welfare purposes (e.g., health and safety alerts, product recalls).
B. Your Comprehensive Data Rights
As a Yoki user, you enjoy robust rights under global privacy laws:
1. Right to Access
○ Request confirmation of whether we process your data
○ Obtain a copy of your personal information in a commonly used format
2. Right to Correction
○ Update inaccurate or incomplete personal data
○ Supplement missing information through verification processes
3. Right to Deletion
○ Request erasure of your data when:
• It's no longer needed for its original purpose
• You withdraw consent (where applicable)
• Processing violates applicable laws
4. Right to Restriction
○ Temporarily limit processing while:
• Data accuracy is being verified
• Processing legality is being assessed
5. Right to Data Portability
○ Receive your personal data in a structured, machine-readable format
○ Transfer your information between service providers where technically feasible
6. Right to Object
○ Opt out of:
• Direct marketing communications
• Automated decision-making with legal effects
• Certain types of profiling activities
7. Right to Withdraw Consent
○ Revoke previously given permissions at any time
○ Adjust granular privacy preferences through your account
8. Right to Lodge Complaints
○ Submit concerns to our Data Protection Officer
○ File complaints with your local supervisory authority
C. Global Compliance Commitment
Yoki maintains compliance programs tailored to regional requirements:
For European Union/EEA users:
• Full GDPR compliance including Article 17 Right to Erasure
• Dedicated EU request processing channels
For California residents:
• CCPA compliance including opt-out rights for data "sales"
• "Do Not Sell My Personal Information" webform
For Brazilian users:
• LGPD compliance with anonymization options
• Portuguese-language support resources
For Canadian users:
• PIPEDA compliance with transparent access request tracking
• Bilingual (English/French) privacy documentation
For Virginia residents:
• VCDPA compliance including targeted advertising opt-outs
• Cookie preference management tools
Implementation Details:
• Response timelines vary by jurisdiction (typically 30-45 days)
• Identity verification protects against fraudulent requests
• Some rights may be limited by legal obligations or technical constraints
This framework ensures Yoki meets international standards while giving you meaningful control over your data. To exercise your rights, contact us at debendronathmanik@gmail.com or use our automated rights portal. We conduct regular compliance audits to maintain alignment with evolving regulations.
Note: Certain features or services may become unavailable if you exercise specific rights, and we'll notify you of any such impacts in advance.
12. California Privacy Rights (CCPA Compliance)
Your Rights Under CCPA:
1. Right to Know and Access
○ You may request:
▪ The categories of personal information we have collected about you
▪ The specific pieces of personal information we hold
▪ The business purposes for collecting this information
▪ The categories of third parties with whom we share this information
○ This covers data collected in the past 12 months
2. Right to Request Deletion
○ You may ask us to delete personal information we have collected, except when:
▪ We need it to complete transactions or provide services you requested
▪ It's necessary for security, fraud prevention, or legal compliance
▪ We use it only internally in a way that aligns with your expectations
3. Right to Opt-Out of Sale/Sharing
○ You may direct us not to:
▪ "Sell" your personal information (as defined by CCPA)
▪ Share your information for cross-context behavioral advertising
○ This applies to data sharing with:
▪ Advertising networks
▪ Data analytics providers
▪ Social media platforms
4. Right to Non-Discrimination
○ We will not:
▪ Deny you goods or services
▪ Charge different prices or rates
▪ Provide a different level of service quality
○ Simply because you exercised your CCPA rights
How to Exercise These Rights:
1. Primary Method: Email Request
○ Send your request to: debendronathmanik@gmail.com
○ Include in your email:
▪ Your full legal name
▪ California residency verification (e.g., utility bill snippet)
▪ Specific right(s) you're exercising
▪ Any relevant account information (username/registered email)
2. Verification Process
○ We will:
▪ Match provided information with our records
▪ May follow up with authentication questions
▪ Require government ID for sensitive requests
○ This protects against fraudulent requests
3. Authorized Agents
○ You may designate someone to make requests on your behalf
○ They must provide:
▪ Your signed permission
▪ Their own valid government ID
▪ Your verification materials
Our Response Timeline:
• We will acknowledge receipt within 10 business days
• Complete most requests within 45 days (may extend by additional 45 days with notice)
• No fee for standard requests (excessive/repetitive requests may incur fees)
Additional Options:
• For advertising opt-outs, visit:
○ Digital Advertising Alliance (optout.aboutads.info)
○ Our in-app "Privacy Settings" menu
• For general questions about these rights, contact our Privacy Office at the email above
Note: These CCPA rights supplement other rights you may have under California law. Some data (like medical or financial information) may have additional protections under other laws.
13. Data Subject Rights by Jurisdiction
A. Brazil (LGPD Compliance)
Under Brazil's General Data Protection Law (Lei Geral de Proteção de Dados), you have:
1. Confirmation & Access Right
• Obtain confirmation of data processing
• Request a copy in easy-to-read format
2. Correction Right
• Update incomplete/outdated information
• Request anonymization of unnecessary data
3. Deletion Right
• Request erasure when:
◦ Data is no longer necessary
◦ Processing violates LGPD
◦ Consent is withdrawn (where applicable)
4. Processing Information Right
• Know specific third-party recipients
• Request processing purpose details
5. Consent Revocation Right
• Withdraw previously given consent
• Adjust preferences via account settings
6. Objection Right
• Challenge processing based on:
◦ Legitimate interests
◦ Automated decisions
7. Portability Right
• Receive structured, commonly used data
• Request direct transfer to another provider
8. ANPD Complaint Right
• File grievances with Brazil's National Data Protection Authority
Exercise LGPD Rights:
Email requests to: debendronathmanik@gmail.com (Portuguese/English)
Include: Full name, CPF (if available), specific request
B. Virginia (VCDPA Compliance)
Under the Virginia Consumer Data Protection Act:
1. Access Right
• Confirm processing
• Obtain personal data copy
2. Correction Right
• Rectify inaccuracies
• Complete partial data
3. Deletion Right
• Remove personal data
• Direct service providers to delete
4. Opt-Out Rights
• Targeted advertising
• Personal data sales
• Profiling with legal effects
5. Portability Right
• Obtain reusable data copy
• Transfer to other services
Exercise VCDPA Rights:
Submit requests via: debendronathmanik@gmail.com
Required: Name, Virginia residency proof
C. European Union (GDPR Compliance)
Under General Data Protection Regulation:
1. Information Right (Articles 13-14)
• Clear processing notices
• Controller identity details
2. Access Right (Article 15)
• Obtain processing confirmation
• Receive full data copy
3. Rectification Right (Article 16)
• Correct inaccurate data
• Complete partial information
4. Erasure Right (Article 17)
• "Right to be forgotten"
• Controller must inform processors
5. Restriction Right (Article 18)
• Limit processing during:
◦ Accuracy disputes
◦ Unlawful processing claims
6. Portability Right (Article 20)
• Structured, machine-readable data
• Direct transmission capability
7. Objection Right (Article 21)
• Stop processing based on:
◦ Legitimate interests
◦ Direct marketing
◦ Automated decisions
8. Supervisory Authority Right (Article 77)
• Lodge complaints with:
◦ Local DPA
◦ EDPB cross-border mechanisms
Exercise GDPR Rights:
EU Representative: debendronathmanik@gmail.com
Required: Valid ID verification
Implementation Notes:
• All requests verified per jurisdiction requirements
• No fees for standard requests
• 30-45 day response windows apply
• Complaint escalation paths provided
• Multilingual support available
14. Our Compliance Commitment
Yoki maintains an ongoing commitment to privacy compliance through:
1. Regulatory Monitoring
○ Continuous tracking of evolving privacy laws
○ Quarterly policy reviews by our legal team
○ Immediate implementation of required changes
2. Implementation Framework
○ Department-specific compliance training
○ Technical controls aligned with legal requirements
○ Regular third-party compliance audits
15. Minors' Data Protection
Our services incorporate strict age protections:
1. Age Verification
○ Account registration requires age confirmation
○ Automated systems flag potential underage users
2. Data Handling
○ Proactive screening for minor-related data
○ Immediate deletion upon identification
○ Parent/guardian notification protocols
3. Preventative Measures
○ Content filtering for age-appropriate material
○ Restricted features for unverified accounts
○ Educational resources about online safety
16. Data Protection Officer (DPO) Details
Yoki's Data Protection Office:
1. Leadership
○ DPO: Ethan Walker
○ Certified privacy professional (CIPP/E, CIPM)
○ Direct reporting to executive management
2. Responsibilities
○ Overseeing GDPR, CCPA, LGPD compliance
○ Conducting Data Protection Impact Assessments
○ Serving as regulatory liaison
3. Accessibility
○ Primary contact: debendronathmanik@gmail.com
○ Multilingual support available
○ Guaranteed 72-hour response window
17. Controller Information
Yoki as Data Controller:
1. Governance
○ Determines all processing purposes
○ Implements appropriate technical measures
○ Maintains processing records
2. Transparency
○ Public-facing processing inventories
○ Clear data flow documentation
○ Regular compliance reporting
3. Contact Protocols
○ Dedicated controller email address
○ Escalation procedures for complex queries
○ Regional representative network
Physical Address:
Bangladesh, Sadi, Mandalerhat-5620, Ulipur, Kurigram
18. Controller Responsibilities
Key controller functions include:
1. Accountability
○ Maintaining Article 30 GDPR records
○ Demonstrating compliance measures
○ Cooperating with supervisory authorities
2. User Support
○ Rights request processing
○ Breach notification management
○ Privacy impact consultation
19. Contact Information
For all privacy matters:
1. Primary Channel
○ Email: debendronathmanik@gmail.com
○ Secure webform available
2. Service Standards
○ 15-day response guarantee
○ Multi-tier case classification
○ Multilingual support staff
3. Request Requirements
○ Sufficient identification details
○ Clear description of concerns
○ Preferred contact method
Policy Acknowledgment
By using Yoki services, you confirm understanding of these provisions and our commitment to responsible data stewardship. We encourage active engagement with our privacy team for any concerns.