How we handle your data at Yaz

This Privacy Policy explains how the Yaz app (operated by Yaz Experiences) collects, uses, stores, and protects your personal data, with special emphasis on facial data.

Yaz is an iOS app built to enrich the traveler's experience during Yaz Experiences expeditions. The audience is restricted: people who know Yaz and plan to travel with us, or clients who have already joined (and continue joining) our expeditions. Inside the app, the traveler can:

• Follow their journey: see the itinerary, timing, meeting points, and information about the contracted expedition.
• Find their photos in expedition galleries: the Yaz team photographs every moment of the trip and publishes the images in the app's galleries. With optional facial recognition, the traveler automatically finds the photos in which they appear — no need to sift through hundreds of images.
• Post and share memories in the Tribe: an internal expedition feed where the traveler shares their own photos, comments, and messages with the group.
• Earn badges in the passport: a gamification system that awards badges for every completed expedition and for special milestones (first trips, iconic destinations, group achievements). The passport is a visual record of the traveler's journeys with Yaz.
• Chat with the Tribe: messages and audio exchanges between travelers on the same expedition.

Yaz does not sell products and does not process payments. Expeditions are booked through Yaz Experiences' official channels, outside the app.

We comply with Brazil's General Data Protection Law (LGPD — Law 13.709/2018), specifically articles 7 sections V (contract performance) and IX (legitimate interest), and the EU General Data Protection Regulation (GDPR) where applicable.

We only collect what's necessary for the app to work:

This section directly answers what the App Store and LGPD require us to be transparent about regarding biometric data. Read carefully.

3.1. What facial data do we collect?

A single selfie, captured by you when you opt in to the "Photos with my face" feature in Settings or onboarding. Facial registration is fully optional — you can use every other Yaz feature without registering your face.

3.2. How do we process the selfie?

When you upload the selfie, it travels under TLS 1.2+ (encrypted in transit). Processing is performed by the integrated and secure system of PhotoShared, a Yaz partner specialized in facial recognition that meets every security requirement applicable to this kind of processing. The result is an encrypted mathematical representation of your face.

The original image is discarded immediately after extraction and never written to disk. Once PhotoShared has extracted it, the encrypted mathematical representation is returned and stored in Yaz's database, linked to your user record — that's what allows future searches to be matched to your face. This representation is not a photo: it's not possible to reconstruct your selfie from it.

3.3. What do we use this representation for?

One purpose only: to let you find your own photos in Yaz expedition galleries. When the expedition team publishes event photos, mathematical representations are generated for the people in those photos and compared so that the images you appear in surface under the "Photos with my face" button.

We do not use it for anything else: no identification outside the app, no model training on your data, no advertising profiles, no sale to any third party.

3.4. Do we share facial data with third parties?

No. Your face's mathematical representation is stored exclusively on Yaz's own servers, encrypted. To run the comparison, Yaz uses a secure direct API with PhotoShared — our partner only compares mathematical representations to find matches; it does not store your facial data nor use it for any other purpose. No advertiser or analytics service has access.

3.5. Where and how is it stored?

Your face's mathematical representation is stored in Yaz's database, linked to your user record, on Yaz's own servers. It is encrypted at rest with AES-256 and in transit with TLS 1.2+. PhotoShared does not retain any copy: after extracting the representation, it is delivered to Yaz and discarded on the partner's side.

3.6. How long do we retain it?

The mathematical representation stays as long as your facial registration is active. You can delete it at any time, two ways:

• Settings > Privacy & Security > Facial Recognition > Remove my face — deletes only the facial registration, keeps your account.
• Settings > Privacy & Security > Delete my account — deletes the facial registration along with all other data on your account.

In both cases, removal is immediate and irreversible. We do not keep specific backups of the facial registration after deletion.

Yaz only asks for access to your phone's camera and photo library when it makes sense for what you are trying to do:

• Camera: used so you can take the selfie for facial registration and to send photos during the expedition. Your registration selfie is never kept as an image — only the encrypted mathematical representation used for comparison.
• Photo Library: used so you can pick an existing selfie for facial registration and to save memories from your experiences.

You can revoke these permissions any time at iOS Settings > Yaz.

Our storage is minimal and auditable:

• Yaz servers: hold your profile data, posts, messages, expedition records, and your face's encrypted mathematical representation. Database with AES-256 encryption at rest.
• Media storage: photos, audio, and chat attachments live in dedicated storage, accessible only via links with opaque (non-enumerable) keys.
• PhotoShared (facial-recognition partner): receives only already-encrypted mathematical representations to perform the comparison and return the match. Does not store your data.
• Apple notification service: only to deliver pushes to your iPhone. Receives only the notification payload, no sensitive personal data.

All traffic between the app, our servers, and partners uses TLS 1.2 or higher.

We do not share your personal data with third parties for commercial purposes. The only partners that touch your data are those strictly required to operate the app:

• Database and authentication provider (storing your account data)
• Media storage provider (uploaded photos and files)
• PhotoShared — partner company that only compares mathematical representations of faces for the facial recognition feature
• Apple Push Notification Service (notification delivery)

Your facial data is stored on Yaz servers. PhotoShared is engaged only at the moment of comparison and does not retain that data.

You can, at any time:

• Access your data — inside the app, in Settings.
• Correct outdated or inaccurate data.
• Delete your account and all data — directly at Settings > Privacy & Security > Delete my account. Removal completes within 24h.
• Request portability of your data — via the email below.
• Revoke consent for facial registration without affecting the rest of your account.

We keep your data while your account is active. After deletion, all personal data (including your face's mathematical representation) is removed within 24 hours.

Exception: we retain a 12-month audit log containing only a one-way hash (SHA-256 with a secret pepper) of the email of deleted accounts, solely for abuse prevention (e.g., repeated account creation to game promotions). The hash cannot be reversed to identify the original email.

This public site uses essential cookies only. We do not use marketing, analytics, or advertising tracking cookies. The iOS app does not use cookies — it uses session tokens.

Yaz is not directed at children under 13. If you are a guardian and believe a child created an account, email contato@yazexperience.com.br and we will remove it immediately.

For any question, rights request, or privacy-related communication, contact our DPO:

Email: contato@yazexperience.com.br

We respond within 15 business days.

We will announce any material change to this policy at least 30 days in advance, both in the app and on this page. Current version is v1.0, effective from May 1, 2026.