PRIVACY POLICY — POPA (EN)

Version: 0002
Effective / Last updated: 18 Feb 2026
App: Popa (“Popa”, “the App”)
Operator/Developer: Venft (Popa Team)
Website: popa.venft.vn
Contact email: venft.contact@gmail.com

1) Purpose of this Policy

This Privacy Policy explains how Popa collects, uses, stores, shares, and protects information when you use the App on Android and iOS. This Policy is intended for use on both Google Play and Apple App Store.

2) Information We Collect

We collect only the information necessary to provide the service. Depending on how you use Popa, we may collect:

2.1. Account Information (when you sign in)

Popa supports sign-in via:

• Google Sign-In (Android)
• Sign in with Apple / Apple ID (iOS)

When you sign in, we may receive information from Google/Apple (subject to your account settings), such as:

• Account identifier (user id/identifier)
• Display name
• Email address (if you allow it)
• Profile picture/avatar (if available/allowed)

2.2. Location Data

Popa may request access to location in order to:

• Recommend events near you
• Personalize content by area

We may process approximate location or precise location depending on the permission you grant and your OS settings. You can deny or disable location permissions; in that case, some location-based recommendations may be limited.

2.3. Content You Provide

Depending on features, we may process:

• Search queries and filters
• Content you enter into the Chatbot (questions, prompts, feedback)
• Profile information you choose to provide (if applicable)

2.4. Technical & Diagnostic Data

To operate and secure the service, Popa and our backend systems may collect technical data such as:

• Basic device information (model/OS), app version
• IP address, access timestamps, network information
• Request/connection identifiers (e.g., request id) for troubleshooting

2.5. On-Device Storage

Popa may store locally on your device:

• Session tokens (e.g., JWT) to keep you signed in
• Cached data to improve performance (e.g., recently viewed feed/events)
• User preferences/settings

3) How We Use Information

We use information to:

1. Provide and maintain the service (sign-in, feed, event details, profile)
2. Personalize your experience (location/preferences, within system capability)
3. Operate the Chatbot and respond to your requests (including processing via third‑party AI services where you have provided consent)
4. Ensure security and prevent abuse/fraud
5. Improve app quality (debugging, performance optimization)

4) Sharing of Information

We do not sell your personal data.

We may share information only as needed in the following cases:

4.1. Authentication Providers

• Google (Google Sign-In)
• Apple (Sign in with Apple)

These providers process data under their own policies.

4.2. Infrastructure / Service Providers

We may use infrastructure services to host and process data (servers/hosting, databases, operational systems).

4.3. AI Processing for the Chatbot (OpenAI)

When you use the Chatbot feature, our backend may send your chatbot input (your message text) to a third‑party AI service provider to help classify your request and generate an answer. Our current provider is OpenAI (ChatGPT model via the OpenAI API).

What we send: your chatbot message content and minimal context required to fulfill the request (for example, language). We do not intentionally request sensitive personal information in the Chatbot.

Why we send it: (1) to determine whether your question is related to events in Vietnam; (2) to generate a helpful response using our internal event data and/or public web information.

Your control: the App presents an in‑app notice and asks for your consent before enabling Chatbot AI processing. If you do not consent, the Chatbot feature will be limited/unavailable.

4.4. Legal Compliance

We may share information if required by law or a valid request from competent authorities.

5) Your Choices & Controls

You can:

• Disable location permissions in your device settings (Android/iOS)
• Manage Chatbot AI consent in the App (you can review/withdraw your consent; without consent, Chatbot may be unavailable)
• Sign out of your account in the App
• Request access/correction/deletion by contacting: venft.contact@gmail.com

6) Data Retention

We retain data as long as necessary to:

Chatbot messages may be temporarily stored in our backend logs for debugging, security, and quality improvement, and retained only for a limited period consistent with operational needs, unless a longer period is required by law.

• Provide the service
• Comply with legal obligations (if any)
• Resolve disputes and enforce terms

If you request deletion (and where we are not legally required to retain data), we will process it within a reasonable timeframe.

7) Data Security

We apply appropriate technical and organizational measures, including:

• Access control on a need-to-know basis
• Protecting data in transit over network connections
• Minimizing sensitive information in operational logs

No method of transmission/storage is 100% secure. Please protect your device and your Google/Apple account.

8) Children’s Privacy

Popa is intended for adult users and is not designed for children. We do not knowingly collect children’s data. If you believe a child has provided personal data to Popa, please contact venft.contact@gmail.com.

9) International Data Transfers (if applicable)

Data may be processed/stored on infrastructure located in different countries depending on service providers. We apply appropriate safeguards as required.

10) Changes to this Policy

We may update this Policy from time to time. If changes are significant, we will publish the updated version on our website or within the App. The “Last updated” date will be revised accordingly.

11) Contact Us

For privacy questions or requests, contact:

• Email: venft.contact@gmail.com
• Website: popa.venft.vn

This document is provided for informational purposes and does not replace legal advice.