Privacy Policy

Moryou is a platform for creating personalized digital gifts (interactive pages with text, photos, music references, memories, letters, timelines, quizzes, unlocks and a shareable public link). The service is operated by GHP SOLUTIONS LTDA, registered under CNPJ 62.208.192/0001-83 ("Moryou", "we", "us").

This policy follows the Brazilian General Data Protection Law (LGPD, Law 13.709/2018) and good privacy practices. For privacy questions, contact us at [email protected].

We collect only what is needed to create your gift, process your order and keep the service secure:

• Account data: name, email and a password stored only as a secure hash.
• Session data: a server-side session reference used to keep you signed in.
• Gift and briefing data: the answers you provide to build the gift, the gift title, tone and chosen style.
• Recipient data: the recipient's name and the relationship between you and the recipient, when you provide them.
• Personal content: messages, photos, music or music references, memories and answers used in quizzes and unlocks.
• Order data: chosen plan, order status, amount and currency.
• Payment data: processed by our payment provider (Asaas). We store payment status, charge identifiers, amount, method and the logs needed to confirm the order.
• Technical data: IP address, browser and device information, access logs and date and time of use.

A gift is created by one person for another, so the content may include data about people who are not the account holder, such as the recipient or people mentioned or shown in photos.

• The creator is responsible for having a lawful basis or authorization to share content about other people.
• A person mentioned or shown in a gift may request review or removal of their data by contacting us.

• Photos you upload are used to build and display the gift.
• By uploading, you declare that you have the right to use and share those images.
• If other people appear in the photos, you must have the appropriate authorization.
• We store photos to display the gift. You may request deletion, subject to technical and legal limits.

• To create, generate, store and display your gift.
• To process orders and confirm payments through our provider.
• To operate, secure and improve the service and prevent fraud or abuse.
• To communicate with you about your account, order or support requests.
• To comply with legal obligations.

Under the LGPD, we process data based on: performance of a contract (to deliver the gift you ordered), legitimate interest (to secure and improve the service), legal obligation (such as tax and accounting duties), and consent where required (for example, optional communications or future analytics).

We do not sell personal data. We share data only with service providers that help us run Moryou, under their respective terms:

• Asaas: payment processing. Card data is handled by Asaas; Moryou does not store full card numbers.
• Amazon Web Services (AWS / S3): hosting and storage of files such as photos.
• Artificial intelligence providers (future): to help generate parts of the experience. See section 9.
• Email / transactional providers (future): to send account and order messages.

• Payments are processed by a third-party provider (Asaas).
• Moryou does not store complete card data.
• We may store payment status, charge identifiers, amount, method and the logs needed to operate the order.

• Moryou may use AI providers to help generate text, experiences, scripts, images or other elements.
• Data sent to AI providers will be limited to what is necessary to build your gift.
• You should avoid entering sensitive data in fields that may be processed by AI.
• This policy will be updated as specific AI providers are defined.

• Gifts are published at a public address (moryou.app/g/<link>) and can be opened by anyone who has the link.
• The creator chooses whether and with whom to share the link.
• By default, gift pages are set to noindex so search engines do not list them.
• Noindex reduces discovery but does not guarantee absolute privacy. Avoid content you would not want anyone with the link to see.
• Future options such as password protection, expiration or advanced privacy may become available.

We use technical and organizational measures to protect data, including password hashing, server-side sessions, hashed answers for unlocks and access controls. No method is fully secure, but we work to reduce risk. We never expose password hashes, session tokens, sensitive payment data or unlock answers in public pages.

We keep data while your account and gifts are active and for as long as needed to provide the service and meet legal obligations. You may request deletion of your account, gifts or specific content; we will act on it subject to technical and legal limits. [RETENTION PERIODS TO BE CONFIRMED IN LEGAL REVIEW.]

Under the LGPD you may request confirmation of processing, access, correction, anonymization or deletion, portability, information about sharing, and review of consent. To exercise these rights, contact us at [email protected].

Some providers (such as hosting or AI) may process data outside Brazil. When that happens, we seek providers that offer an adequate level of protection consistent with the LGPD.

Moryou is intended for adults. Accounts must be created by people of legal age. If a gift includes data about children or adolescents, the creator must have the proper authorization from those responsible for them.

We currently use only essential cookies for login, security and language preference. We do not use advertising cookies. See the Cookie Policy for details.

We may update this policy. The effective date at the top shows the current version. Significant changes will be communicated through the service.

Controller: GHP SOLUTIONS LTDA, CNPJ 62.208.192/0001-83. Contact: [email protected]. Address: [ENDEREÇO]. Data protection officer: [ENCARREGADO/DPO, SE APLICÁVEL].