Last updated: 12 June 2026
Welcome to the Riley Cillian Group Privacy Policy. Whether you're ready to put yourself out there and start connecting or just looking for a new friend, we believe every connection should start with respect and equality... especially when it comes to your personal information.
When we talk about Riley Cillian Group, we refer to our brand (also known simply as "Tumile", "we", "us", or "our" in this policy) operated by Clash Arts (HK) Limited. This Policy explains how we process your personal information. It applies any time you're using the Tumile mobile application or desktop version ("App"), and to your use of our "Sites", which includes our websites like tumilechat.com, microsites, and other digital products and services, like our competitions or surveys. We also suggest you read our Terms of Service.
Have any questions about this Policy? Just Contact Us and we'll be happy to help.
We will need to change this Policy from time to time, but the most current version (at https://privacy.tumile.me/LiveChat_privacy.html) controls how we use your information. Be sure to regularly check for updates, but we will let you know by email or notice of any material or significant changes.
We are responsible for taking care of all the personal information we collect and you share with us. According to the General Data Protection Regulation ("GDPR") of 27 April 2016 and other applicable personal data laws, Clash Arts (HK) Limited is the data "controller" for all personal information collected and processed through our App and Sites. For users in the European Union, our EU affiliate Riley Cillian Ireland Limited acts as our EU point of contact and postal address for data-protection and Digital Services Act matters.
The type of information collected or shared depends on the specific situation and what exactly you are doing.
You will not be able to change your date of birth and, if you give Tumile access to your location in your device settings, your location is automatically updated based on the location of your device. Others using the App might be able to see some of your Registration Information when they view your profile page, such as your name, and username.
When you download the App and create a Tumile account, we collect certain information about you to help enhance the App and verify the people using it. This can include:
Name
Username
Gender identity
Location
Email address
Date, time and location of account set up
Photographs
Mobile number
Login information from your accounts with Google, Apple, X (Twitter) Facebook as may be the case if you provide permission for us to do so.
After you register, you can change this information at any time through your account except account set up time and date. You are responsible for making sure your account details are kept up to date, particularly if your phone number changes.
We want to help simplify and enhance your connecting. One way we do this is by making it possible for you to use your other accounts such as via Google, X (Twitter), Facebook and Apple.
Apple ID: If you choose to register or sign in with your Apple ID, you give Apple permission to share with us:
You can choose to use your personal email, or Apple will create and use a random email address so your personal email can stay private.
We will then use the personal information we receive from Apple to form your Tumile account. If you remove the Tumile app from your settings or Apple ID, we will no longer have updated access to this information.
If you want to disconnect any linked accounts from Tumile, just visit your settings in the relevant app and follow the instructions to remove the Tumile App access permissions.
Please note that if you unlink an account, this does not automatically delete the information that was already added to your Tumile account. If you'd like this information removed, you must also delete it within your Tumile account.
We want to ensure the safety and security of everyone on our App and Sites, and give people the best possible user experience. To do this, we require every person using our App and Sites to verify some of their information. For example we use https://www.yoti.com/ ("Yoti") as part of the age verification process at account set up and during your use of the Tumile service.
We may also ask for your phone number and, in some cases, ask that you carry out a photo verification or ID verification. This allows us to make sure the people on Tumile are actually people, that are of age (over 18), avoid fake accounts that can be used for malicious activities and cybercrime, and prevent fraud -- all of which can threaten the Tumile network and spoil things for everyone.
The Yoti age related scan can include the use of facial recognition technology to compare the submitted photo(s) to your profile photo, or a live scan, which helps us make sure you are who you say you are, but you also have the option to request a manual review if you do not want facial recognition technology to be used. If our automated age-verification check returns a result you do not agree with, you can ask for a human reviewer to look at your case before any account action is taken.
Biometric information collected for age and identity verification is used only for the verification purposes described in this section. We do not use biometric information to make content-moderation decisions, to rank or recommend profiles, or for any DSA notice-and-action review.
We do keep the scans to verify you in the future and for our records. We will only keep the scans as long as we need them for these purposes, but never longer than 3 years after your last interaction with us. Once we no longer need the scans or the 3 years have passed, we will take reasonable business steps to permanently and securely delete the scans from our systems.
If you decide to purchase any of our services, we will process your payment information and securely keep it for audit/tax purposes and to prevent fraud. We use a number of payment providers to help secure payments are made promptly and effectively.
To prevent fraudulent payments from being processed, we use automated decisions and our systems check payment information and transactions for behaviour that might violate our Terms of Service. We may automatically block any transaction that is likely to be fraudulent and meets the relevant criteria suggesting a violation. If a transaction is blocked, the relevant person will be notified that their transaction cannot be processed and can contact us to contest the decision.
You can always turn off geolocation if you ever change your mind about giving Tumile access to your location by:
iPhone — go to settings > security and privacy > location services > Tumile
Android — go to settings > location > Tumile > permissions > location
If you give Tumile access to your location in your device settings, we will collect information about your location when you use your mobile device. We do this to personalise your App experience and make it easier for you to make connections and interact with others.
This can include information about WiFi access points and your longitude/latitude, and we can save your device's coordinates to offer certain features to you.
For example, by enabling your general location information to appear to people seeing your profile and show you the profiles of people who are near you.
When you use the App, we can collect information about your device for the purposes described in this Policy. This can include your device's unique identifier, brand and model, and operating system, as well as log and usage data as well as user Agent, browser type and screen resolution. You can also choose to give our App access to your device's address book, which will only be used when you want to add someone to your contacts.
We collect data about your profile photos that allows us to promote them in a way that is favourable to you.
You might come across some links while using our App or Sites. If you use them, we can keep track of how you interact with links, including to third-party services that we are not responsible for, by monitoring redirecting clicks or other methods. This can include your data whilst playing games on Tumile and help us create a leaderboard or simply being able to provide you with access to games within the Tumile app or to an external provider.
We review the content of messages sent in the App to identify topics, sentiments, and trends across our Users and monitor for abuse of our Terms of Service in order to maintain the security and integrity of our services. Where a message is reported to us through our Digital Services Act notice-and-action process, or is flagged by our automated detection tools as potentially illegal or in breach of our Community Guidelines, the message and the surrounding context may be reviewed by a trained human moderator before any action is taken against a user. In cases of suspected child sexual abuse material, content and associated account information may also be disclosed to law enforcement authorities and to specialist child-safety hotlines in accordance with applicable law and Article 18 of the Digital Services Act. The specific authorities and hotlines we report to are listed in our DSA Disclosures help-centre pages.
If you contact our Customer Support team via our contact page or through the App, we can track your IP address and will receive your email address and the information you share with us to help resolve your request.
We keep records of our communications with you for 6 years after your account is deleted, including any complaints from you about other people using the App or Sites.
When you use our App or visit our Sites, we can collect personal data from you automatically by using cookies or similar technologies.
Some cookies are necessary for the App and Sites to function and cannot be switched off, but you do have choices for others. Check out our Cookie Policy to learn more about cookies, how we use them, and your options for these technologies.
What's a cookie?
A cookie is a small file placed on your device or internet browser that allows us to recognise and remember your preferences. Cookies generally help us better personalise and improve your experience on our App and Sites.
How do we use your information?
Our main goal: give you an enjoyable Tumile experience as you connect.
We don't currently do any direct marketing, but if we do in the future we will seek your consent in advance. We may send to you a reminder email if your account is dormant for a while, but you can opt out of any follow up emails by unsubscribing.
To achieve our goal of giving you an enjoyable connection experience, we use your personal information to:
This allows us to understand how close you are to others and show you profiles of people.
We want to ensure the safety and security of everyone on our App and Sites, and give people the best possible user experience. To do this, we require every person using our App and Sites to verify their accounts.
We want to help you find the best possible connections, so we developed matching algorithms to predict your compatibility with others and show you people we think are a good match for you.
To predict your compatibility with others and recommend profiles, our matching algorithms use:
To be clear
If you post anything that is inconsistent with our Terms of Service, we can restrict your account access or terminate it altogether.
Safety on our App and Sites is very important to us, so we take steps to make sure every person follows our Terms of Service while connecting. We use a combination of automated systems and a team of moderators to monitor and review accounts and messages for content that suggests a violation of our Terms of Service. This process involves some personal information, such as photos and any other information uploaded to a profile or shared in messages.
We use automated tools — including hash-matching, classifiers and pattern-detection — to detect potentially illegal content or content that breaches our Community Guidelines at scale. Where an automated tool flags possible illegal or violating content, a trained human moderator reviews the case and decides whether to take action. We do not rely solely on automated means to take decisions that affect a user's account or content.
If we restrict your content, suspend your account or otherwise take action against you, you have the rights set out in Article 9A of our Terms of Service and described in our DSA Disclosures help-centre pages. These include the right to receive a clear statement of reasons explaining our decision, the right to lodge an internal complaint free of charge for at least six months from our decision, the right to refer the dispute to a certified out-of-court dispute settlement body, and the right to pursue judicial remedies.
The European Union's Digital Services Act gives users and reporters a set of rights when content is moderated on our App. To deliver those rights, we process a limited amount of personal information that is described in this section. This sits alongside the broader privacy protections set out in the rest of this Policy.
If you submit a notice that content on Tumile is illegal, we process the contents of your notice, the URL or location of the reported content, your name and email address (so that we can confirm receipt and tell you the outcome), and any supporting information you choose to provide. If your notice concerns suspected child sexual abuse material, you can submit it anonymously and we will not require you to identify yourself.
When we remove or restrict your content, reduce its visibility, or suspend or close your account, we issue you a statement of reasons explaining the decision. A copy of every statement of reasons we issue is submitted to the European Commission's DSA Transparency Database. Before submission, we remove personal information from the statement so that it cannot be used to identify you. The remaining record — covering the type and duration of the action, the content concerned, whether automated means were used, and the legal or contractual basis — is published on the Commission's public database.
If you lodge an internal complaint about one of our moderation decisions, we process your account identifier, the contents of your complaint and any supporting information, in order to review the case. If you then refer the dispute to a certified out-of-court dispute settlement body, we will share with the body the case file (including the content at issue, our original decision and statement of reasons, and our correspondence with you) so that the body can rule on the dispute. Decisions affecting your account or content are reviewed by qualified members of our staff — not by automated tools alone.
Where a Digital Services Coordinator has awarded an organisation "trusted flagger" status, we process the trusted flagger's identifier and certification details and prioritise the notices they submit. Where any individual or entity repeatedly submits manifestly unfounded notices or complaints, or any user repeatedly provides manifestly illegal content, we may track that pattern ("strike counts" and prior-warning records) so that we can apply the misuse provisions in our Terms of Service. Those records are kept for the purposes of running the Article 23 process and demonstrating our compliance with it.
We keep records of notices, statements of reasons, internal complaints and out-of-court dispute files for six (6) years from the date of the relevant decision or, where there is no decision (for example a notice on which we did not act), from the date of the notice. This aligns with the retention period that already applies to our customer-support communications and ensures we can demonstrate compliance with the Digital Services Act on request.
Decisions that have a meaningful effect on you — such as removing your content, restricting your account, or rejecting a notice you have submitted — are taken by, or on review by, a trained human moderator. Automated tools are used to detect potentially violating content at scale and to support our moderators, but they do not make the final decision on actions against a user on their own. This is in addition to the more general rights described under "Rights related to automated decision-making" below.
If the legal basis is consent, you can withdraw your consent at any time. If the legal basis is legitimate interests, you have a right to object to how we use that information. How? Just contact us or follow the instructions provided in the relevant sections of this Policy.
According to European Union ("EU") and United Kingdom ("UK") data protection laws, processing personal information must always have a specific lawful basis -- meaning there must always be a legal reason, which is defined by the GDPR and other relevant laws. Here you will find the legal basis for all of the personal information we collect, use, and process.
What about the CCPA categories?
You will see some of the CCPA's specific categories of personal information mentioned under the section for Californian residents. You can find more information about these categories here.
| Why we use your information | What information we use | Where we get the information | Our legal basis |
|---|---|---|---|
| To provide you with the Tumile social networking service and App. | Name; Email address; Date of birth; Location; App activity; Nicknames; Age verification. | You provide us with your name, email address, and date of birth, name or nicknames; age verification. We get location and app activity data from the device you use to access the service. | Contractual Necessity. |
| To facilitate networking opportunities on the App. | Optional information that you choose to share in your profile, through profile verification, or by adding badges, which may include information about your interests, photos, and other similar details you choose to share. | You choose to provide us with this optional information. | Contractual necessity; our legitimate interests in facilitating or assisting in the making of networking opportunities on the App; your consent for special-category / sensitive personal information. |
| To verify your identity, prevent fraud, and ensure the safety and security of everyone using the App and Sites. | Phone number; if requested or permitted, photo provided for profile verification; if requested or permitted, photo of Government ID and selfie for ID verification; for users based in countries where age verification is legally required: photo of Government ID, geolocation and device information. | You provide us with your phone number and photos. We get geolocation and device information from the device you use to access the service. | Our legitimate interests in making sure accounts are not set up fraudulently and to protect people using our App or Sites. |
| To take payments for premium services (does not apply if you make payments via the Apple App Store). | Payment card details. | You provide us with this information. | Contractual necessity. |
| To send you marketing information about our events, offers, and services or reminder emails about your account. | Name; Email address; Mobile phone number. | You provide us with this information. | Consent; our legitimate interests in promoting our business and products, while following all laws that apply to our marketing activities. |
| To carry out research and analysis to help us improve the App, and test new technologies and processes meant to enhance and improve the App and Sites. | Log and usage data, including IP address, browser type, referring domain, pages accessed, mobile carrier; search terms, images, and video; registration information; profile information. | We get log and usage information from the device you use to access the service. You provide us with the other information. | Our legitimate interests in analysing how people access and use our services, and testing new technologies so that we can further develop the App, implement security measures, and improve the service. |
| To respond to correspondence and requests submitted to us, including social-media queries. | Email address; social media name; phone number; IP address; the information you send to us to help resolve your query. | You provide us with your email address, social media name, and phone number when you contact us. We get your IP address from the device you use to contact us. | Our legitimate interests in responding to requests and queries, and making sure we provide good service and troubleshoot problems. |
| To enable a profile-sharing functionality. | Name and photo; time and location of a date. | When using the profile-sharing functionality with your trusted contact, you provide the time and location of the date and share the matched user's name and profile photo. | Our legitimate interests in preventing unauthorised behaviour, and maintaining the safety of our users and services. |
| To investigate and block people for reported infringements of our Terms of Service. | Name; registration information; profile information; message content; photographs; usage and device data, including IP address and IP session information. | You provide us with your registration information, profile information, messages, and photographs. We get the other information from the device you use to access the service. | Our legitimate interests in preventing unauthorised behaviour, and maintaining the safety and integrity of our App and Sites. |
| To improve your experience on the App. | Profile photo data, such as whether the first profile photo is scrolled on or not, and whether a vote is a yes or a no. | We get this information from how people interact with the App and profile photos of other users. | Our legitimate interest in improving the experience of our users. |
| To allow people using the App to create and enhance their profile, and log into the App via third-party accounts. | Linked Social Media Information from Facebook and other third-party accounts. | We get this information from Facebook or the providers of any other accounts you use to log in or connect with your account. | Our legitimate interests in facilitating access to our App and Sites. |
| To block payment transactions as part of our anti-fraud procedures. | Name; IP address; email address; mobile number; cardholder name; payments received; type of payment; user ID; user country. | You provide us with your name, email address, mobile number, and card details. We get your IP address from the device you use to contact us. We get your payment information from your interactions with our App and Sites. | Our legitimate interests in preventing fraudulent transactions and maintaining the security of our App and Sites. |
| To contact you to run research surveys, get feedback, and find out if you want to take part in marketing campaigns. | Email address; mobile phone number. | You provide us with this information. | Our legitimate interests in carrying out research so we can further develop the App and improve our service. |
| To allow video and audio call functions, and the sending of images and video. | Video and audio call usage data; images; video. | We get this information from the device you use to access the service. | Our legitimate interests in providing these functionalities as part of the App and Sites. |
| To handle reports of illegal content submitted to us under our Digital Services Act notice-and-action mechanism. | Notice contents; the URL or location of the reported content; your name and email address (except where your notice concerns suspected child sexual abuse material, in which case you may submit anonymously). | You provide us with this information when you submit a notice. | Legal obligation (Article 16 of the Digital Services Act); our legitimate interests in maintaining the safety and integrity of our App and Sites. |
| To issue statements of reasons when we take action against your content or account, and to submit those statements to the European Commission's DSA Transparency Database (with personal information removed). | Account identifier; the content concerned and its location; the type and duration of the action taken; whether automated means were used; the legal or contractual basis for the action. | We generate this information from the moderation decision itself. | Legal obligation (Article 17 of the Digital Services Act). |
| To operate our internal complaint-handling system, and to engage with certified out-of-court dispute settlement bodies where users refer disputes to them. | Your account identifier; your complaint and supporting information; correspondence with the dispute settlement body; our original decision and statement of reasons. | You provide us with this information when you lodge a complaint or refer a dispute. The dispute settlement body provides us with the dispute file. | Legal obligation (Articles 20 and 21 of the Digital Services Act). |
| To handle priority reports submitted by trusted flaggers certified by a Digital Services Coordinator, and to track repeat misuse of our services and reporting systems under Article 23 of the Digital Services Act. | Identifier and certification details of the trusted flagger; content reported; strike counts and prior-warning records for users and reporters. | Trusted flaggers and our own systems provide this information. | Legal obligation (Articles 22 and 23 of the Digital Services Act); our legitimate interests in preventing misuse of our reporting and complaint systems. |
Tumile is specifically designed to make it easier for you to connect and interact, which involves making certain information about you available to others on the App.
We recommend not putting sensitive information that could be used for abuse or misuse on your profile for others to see, such as:
Be careful when posting sensitive details about yourself on your profile or by adding certain Tumile badges to your profile, such as your religious denomination, political leanings, sexual preferences, and health information. Although you can voluntarily choose to provide us with this information when you create your profile, sharing these sensitive details is not required. And remember the photographs you post on Tumile can also reveal information about yourself.
When using the Tumile App, you should assume that anything you post or submit on the App may be publicly-viewable and accessible, both by Users and non-users of the App. We want our Users to be mindful about posting information that may eventually be made public.
Some countries might require that people have the option to download a copy of their conversation history. In this case, we have no control over how this information might then be used or shared after we are required to provide it. To obtain a copy please contact customer.service@tumile.me.
Remember to log out of any app or third-party account you use to log in to or access our App when you are done to keep others from accessing your Tumile account.
In order to help you make connections and provide an enjoyable Tumile experience, it might sometimes be necessary to share some personal information with others. But rest assured: we will only ever share your personal information in the limited circumstances described in this Policy.
With this in mind and under these restrictions, you should be aware that some of these trusted third parties might also use the personal information they collect for their own purposes. For example, by aggregating your personal information with other data they hold.
We work with "Service Providers", and a list of those can be found here. We aim to make sure they have adequate data protection and information security measures in place as part of contractual requirements.
| When we share information, with who, and why | What information we share |
|---|---|
| Service Providers. To offer some of our functions and services that are made possible by working with our trusted Service Providers, such as billing (for example, Google Play), authentication, social-media providers (Facebook, Instagram, Spotify), customer support (Zendesk), and IT support. Each Service Provider will only have access to the personal information necessary for the specific service they are providing. | Depending on the service or function, this can include any personal information discussed in this Policy that we have related to you. |
| Moderators. To monitor activity on the App and approve content. | Name; user registration details; profile information; message content; photographs. |
| Payment Processing and Telecommunications Companies. To facilitate payments for our premium services. | Cardholder name; cardholder address; card number; payment amount; transaction date/time. |
| Legal Enforcement and Preventing Harm. To ensure everyone using the App behaves appropriately and follows our Terms of Service. To work with third parties to enforce their intellectual property or other rights. To cooperate with legal requests for information from law enforcement when we are required by law, which can include an investigation into alleged criminal behaviour or to protect a person's vital interests. In addition, where we become aware of information giving rise to a suspicion that a criminal offence involving a threat to the life or safety of a person has taken place, is taking place, or is likely to take place, we will promptly inform the law-enforcement authorities of the relevant Member State, in accordance with Article 18 of the Digital Services Act. We may also share content and associated account information with specialist child-safety hotlines (such as Hotline.ie in Ireland) in cases involving suspected child sexual abuse material. | Depending on the specific request or issue, this can include any personal information discussed in this Policy that we have related to you. |
| Our Business Transfers. To help bring a smooth changeover in the event one of our companies, a RC Group entity, or any of our affiliates goes through a business transition or change of ownership (merger, acquisition, re-organisation, sale of all or part of its assets, insolvency or administration). | Depending on the situation, this can include any personal information discussed in this Policy that we have related to you. |
| Anti-Spam and Anti-Fraud Procedures. To apply our anti-spam and anti-fraud procedures by sharing your personal information with our other RC Group companies, for example to block accounts and suspected fraudulent payment transactions. | Email address; phone number; IP address; IP session information; social network ID; username; user agent string; transaction and payment data. |
| Aggregated Information. To carry out analysis of our industry and demographic profiling by sharing aggregated information with third parties for this purpose. For example, we can share aggregate click statistics, such as how many times a particular link was clicked. | Personal information that does not directly identify you, together with other information, including log data. |
| European Commission — DSA Transparency Database. To comply with Article 17(3) of the Digital Services Act, we submit a copy of every statement of reasons we issue when we take action against content or accounts on Tumile. Personal information is removed before submission so that you cannot be identified from the published record. The database is published by the European Commission at https://transparency.dsa.ec.europa.eu/. | Account identifier (removed before submission); type and duration of the action taken; the content concerned and the relevant content type; whether automated means were used; the legal or contractual basis for the action. |
| Certified out-of-court dispute settlement bodies. Under Article 21 of the Digital Services Act, you can refer disputes about our content and account decisions to any out-of-court dispute settlement body certified by a Digital Services Coordinator in the European Union. Where you do so, we will share the relevant case file with the body so that it can rule on the dispute, and we will engage with the body in good faith. The European Commission publishes the official, EU-wide list of certified bodies at https://digital-strategy.ec.europa.eu/en/policies/dsa-out-court-dispute-settlement. The list of bodies certified by the Irish Digital Services Coordinator, Coimisiún na Meán, is published at https://www.cnam.ie. | Your identity and contact details; the content concerned; our original decision and statement of reasons; your internal-complaint file (if any); our correspondence with you and with the body. |
| Digital Services Coordinators, Member State authorities, and the European Commission. To respond to orders to act against illegal content (Article 9 DSA), orders to provide information (Article 10 DSA), and other lawful requests under the Digital Services Act, and to maintain our authority point of contact (Article 11 DSA). Communications from authorities under the Digital Services Act are handled through dsa@tumile.me. | The information identified in the order or request, which can include any personal information described in this Policy that is necessary for the authority to act. |
With all of this in mind, let's talk about how you can take control of your privacy.
So what are your rights? You generally have the following rights regarding your personal information, depending on the specific circumstances:
Right to be informed: Your right to know what personal information we process and why.
Right to access: Your right to request a copy of the personal information we have about you.
Right to rectify: Your right to correct the personal information we have about you if it's inaccurate.
Right to data portability: Your right to retrieve your personal information from us to easily transfer it to another location.
Right to erase: Your right to have your personal information deleted, except if we have compelling reasons to keep it (like following the law).
Right to restrict or object: Your right to limit or stop how we use your personal information. If processing is restricted, we can still store the information but can't use it further.
Right to complain: Your right to complain to us or your country's data privacy authority if you don't agree with how we handle your data or address your concerns. If you have a concern about how we handle your personal information or a request, we encourage you to first contact us.
Rights related to automated decision-making, including profiling: Your right not to be affected by automatic decisions made without any human involvement, especially if those decisions have significant or legal effects on you. Tumile does not take decisions affecting your account or content solely by automated means. The narrow exception is our automated payment fraud check, described in section 4 above, where transactions identified as likely fraudulent may be blocked automatically; if this happens to you, you will be notified and can contact us to contest the decision. For content-moderation and account decisions taken under the Digital Services Act, we provide additional protections (a written statement of reasons, an internal complaint right, and the right to refer the dispute to a certified out-of-court body) that go beyond the GDPR baseline. These DSA-specific protections are described in our Terms of Service Article 9A and in our DSA Disclosures help-centre pages.
If you live in the UK, you can make a complaint to the Information Commissioner's Office (ICO).
If you live in the EU or European Economic Area ("EEA"), you can get in touch with your local Data Protection Regulator.
If you live outside the UK, EU, or EEA, reach out to your local privacy data protection regulator.
If you want to learn more or exercise your rights, just visit our feedback page, email our Data Protection Officer at dpo@tumile.me or contact us. To protect you and everyone on the App and Sites, we might need to ask you for specific information to help us confirm your identity before we answer your request. If your concern relates to a content-moderation or account decision we have taken — for example, a content removal, a visibility restriction, or an account suspension — the right channel is the appeal flow described in our DSA Disclosures help-centre pages, not the data-protection channels above. This makes sure your case is routed to the team that can review the moderation decision and ensures it is logged for our Digital Services Act reporting.
Your particular rights depend on your country and this list does not apply everywhere or include every single possible right that might exist around the world. You should always be aware of the rights you have under the privacy laws that apply in your country.
This section applies if you are based in Brazil. The personal information you provided to us will be stored in Germany, but may be transferred to outside the EU to Hong Kong or China.
If you are a User from Brazil, our legitimacy for the processing of personal data may include the following bases:
If yes, there's a bit more information you need to know. If you see your state listed here, we have some extra information to share with you. Please refer to the Privacy policy additional pages for more information regarding the following US States.
California, Colorado, Connecticut, New Jersey, Oregon, Texas, Utah, Virginia.
We will only keep your personal information as long as necessary for the relevant purpose and legal basis described in the How do we use your information? section, but never longer than allowed by applicable law.
If you delete your account, we make sure it is no longer viewable on the App. Just in case you delete on accident or change your mind, it's possible to restore your account for up to 28 days after deleting. Please contact customer.service@tumile.me to help.
After these 28 days, we start the process of deleting your personal information, unless:
And don't forget:
Profile Verification Information: if you verify your profile, we only keep any biometric scans we receive so that we can verify you in the future and for our record-keeping purposes until we no longer need them for such purposes or for three years after your last interaction with us, whichever occurs first.
Customer Support Contact Information: we keep records of our communications with you for 6 years after your account is deleted.
Even after you remove information from your profile or delete your account, copies of that information may still be viewable or accessible if it was previously shared, copied, or stored with or by others. We cannot control this and we are not legally responsible or liable for this.
If you give third-party apps or websites access to your personal information, their own terms of service or privacy policies control how they handle your personal information.
Our App and Sites are global -- we want you to be able to access Tumile and make connections wherever you happen to be in the world. To make this possible, we operate a global network of servers to provide the App and Sites, and store your personal information. Our network includes servers in the EU, and may also be processed in HK and China.
In any case, we make sure your personal information is adequately protected -- especially when transferred overseas. We make sure that valid, legal mechanisms are in place, such as the EU approved model clauses, and enforce strong contractual standards. If you want more information about the protections we have in place, just email dpo@tumile.me.
Here at Tumile, we pride ourselves on taking all appropriate and reasonable security measures to:
Unfortunately, using a website or the Internet is never 100% secure and even we can't guarantee that unauthorised access, hacking, data loss, or other breaches will never happen. We can't guarantee the security of your personal information while it is being transmitting to us, so any transmission is at your own risk. Our Apps are not permitted for use by anyone under 18 years old.
This being said, here are some tips to help keep your data secure:
Although we want as many people as possible to enjoy our creation, you must be at least 18 years old to use Tumile. We do not knowingly collect any information or market to children, minors, or anyone under 18 years old. If we become aware that someone under 18 has registered a Tumile account and shared personal information with us, we will take steps to terminate that person's registration.
Wherever you live, we care about your privacy. You can make a request for your data either through our app or by contacting our support team.
Please let us know if you have any questions or concerns about this Policy, want to exercise your rights, or have a problem or complaint. We will work hard to address it when you get in touch.
You can reach us by:
Our contact page
Email at customer.service@tumile.me
Contacting our designated Data Protection Officer by: dpo@tumile.me | Riley Cillian Ireland Limited, Floor 3, Block 3, Miesian Plaza, 50-58 Baggot Street Lower, Dublin 2, D02 Y754, Ireland
Email at dpo@tumile.me
For matters under the EU Digital Services Act from Member State authorities, the European Commission or the European Board for Digital Services: dsa@tumile.me
For organisations awarded "trusted flagger" status by a Digital Services Coordinator: trustedflaggers@tumile.me
These two mailboxes are governance and operational contacts for Digital Services Act matters. For data-protection rights (such as access, correction or deletion of your personal information), please continue to use the Data Protection Officer mailbox above.