Amaro Than Logo

Amaro Than

Privacy Policy

Last updated: June 27, 2025
Your privacy is our promise.

Who We Are

At Amaro Than, we are more than just developers — we are part of the Roma community ourselves. Founded by Ardit Berisha, Driton Berisha, Elvis Avdiu, and Rand, Amaro Than was born out of a shared vision: to give Roma people a digital space that truly represents us — our voice, our stories, and our future.

We noticed that no social platform had ever truly embraced our culture, our language, or our struggles. So, we decided to build our own. Our name, "Amaro Than", means "Our Place" — and that’s exactly what this app is meant to be: a safe, inclusive, and powerful platform made by Roma, for Roma, and open to everyone who believes in equality, respect, and dignity.

What We Collect

We collect and store information to provide personalized service, maintain account security, and improve your experience on our platform.

  • Personal user information including:
    • Full name, Username, Mobile phone number, Email address
    • Date of birth, Gender, Bio or profile description
    • Profile picture or avatar, Access keys for authentication
    • Email verification status, Two-factor authentication secret and enabled status
  • User preferences: language, theme, interests, explore-page filters (nudity-protection and cross-posting) used to tailor recommendations.
  • Technical Data: IP Address, Approximate Location, Device & Browser Info, Cookies, Local Storage, User Agent.
  • User-generated content: Videos, text posts, photos, comments, replies, likes, and reactions.
  • Security Data: 2FA encrypted backup codes, block lists, and session durations.
  • Social Graph: Community memberships, group messages, followers, and users you follow.
  • AI Data: Interaction history (watch duration, search history, likes) used by AINARA for personalization.

Database Structures (used by social features & AINARA):

ainaraalgorithm, backup_codes, blocked_users, comments, communities, community_members, community_messages, community_message_seen, followers, likes, mentions, messages, notifications, posts, post_features, reactions, sends, uploads, users, user_actions, user_activityLogin, user_badges, user_blocks, user_mutes, user_preferences.

amalipe+ (dating service) structures:

blocked_users, matches, media, messages, mylikes, notifications, password_resets, policy, recovery, swipedating, swipemodelstore, typing_status, userdating, users, usersmedia, user_policy.

Note: reposts are not collected and are not part of the data we retain or use.

Marketing & Promotion

  • No Automatic Photo Use: We will not use your uploaded photos for any marketing materials or trailers without your explicit, separate consent.
  • No Third-Party Sharing: Your photos are yours alone. We never share or sell your images to advertisers or external services.
  • Certified Promoter Program: You can volunteer via "Promoter Settings". If selected, you'll receive a formal invitation and guidelines.
  • Control: You can withdraw promoter consent at any time; we will immediately stop using your content.

How We Use Your Data

  • Personalize Experience: Analyzing activity (watch duration, search history) and preferences to serve relevant content via AINARA.
  • Secure Your Account: Using session cookies, 2FA (bcrypt-hashed), and login logging (IP, device) to detect unauthorized access.
  • Facilitate Community: Storing user content (messages, posts, mentions) and social graphs (followers, blocks) for interaction.
  • Service Reliability: Using cookies and local storage to optimize performance and diagnose issues.
  • Train AI (AINARA): Using opt-in uploads and public posts to refine cultural/language understanding in secure, GDPR-compliant environments.
  • Legal Transparency: Verifying age (16+) and honoring GDPR rights (access, deletion, portability).

Cookies & Local Storage

  • Essential Persistence: site_lang cookie and localStorage keep your language, theme, and login status active.
  • Real-Time Alerts: Short-lived "push" cookies authenticate notification sessions.
  • Performance: Lightweight, anonymous metrics help us optimize speed without personal tracking.
  • Security: Secure, HttpOnly cookies prevent CSRF and XSS attacks.

We do not use cookies for advertising or third-party tracking. All cookies are essential to platform functionality.

Your GDPR Rights

  • Right of Access: Request a copy of all personal data we hold about you.
  • Right to Rectification: Ask us to correct inaccurate or incomplete information.
  • Right to Erasure: Permanent deletion of your account (subject to a deletion grace period).
  • Right to Portability: Receive your data in a machine-readable format (CSV, JSON).
  • Right to Object: Halt processing for direct marketing or non-essential analytics.
  • Withdraw Consent: Revoke consent for AI training or optional features at any time.

Contact [email protected] to exercise these rights.

Data Retention

  • Active Accounts: Retained while your account is active to provide services.
  • Deletion Grace Period: When you delete your account, we deactivate it for 30 days. You can recover it within this window.
  • Permanent Erasure: After 30 days, all data is irreversibly erased from our systems and backups.
  • Legal Holds: Temporary data (amalipe+) follows the same policy unless required for legal reasons.

Security Measures

We employ a comprehensive, multi-layered security strategy built entirely in-house:

  • AI Moderation: AINARA (nara-1r) analyzes uploads for real-time detection of abuse.
  • Encryption: Messages use AES-256-CBC; passwords use bcrypt (cost factor ≥12).
  • Vulnerability Management: Isolated clouds, VPCs, hardware firewalls, and routine third-party penetration tests.
  • Zero Dependencies: Every service (push, SDKs, AI) is built in-house to eliminate vendor risk.
  • Compliance: Adherence to GDPR, CCPA, and ISO/IEC 27001 standards.

Infrastructure & Image Security

We use industry-leading infrastructure to ensure platform speed and security:

  • Cloudflare Secure Network: Media is stored and delivered via Cloudflare for high availability and DDoS protection.
  • Proprietary Optimization: Content is optimized by our systems before delivery to reduce data usage.
  • Direct Attack Prevention: Leveraging Cloudflare’s infrastructure ensures raw media endpoints remain protected.

Age & Safety Policies

  • Eligibility: Amaro Than requires users to be 16+. Amalipe+ is 18+ only.
  • Age Verification: Automated checks during sign-up prevent underage registration.
  • Amalipe+ Safeguards: Communication is blocked between users with a significant age difference.
  • Real-Time Protection: AINARA NARA-1R MAX scans images; explicit imagery is immediately deleted and never stored.

Icons & Visual Assets

Our platform uses a combination of custom designs and licensed assets:

  • Flaticon: Icons used under Free or Premium licenses with proper attribution.
  • Custom Adaptations: Internally modified icons remain the property of Amaro Than.
  • Open-Source: Libraries like Feather Icons are used under the MIT License.

Fonts & Typography

We use Google Fonts (licensed under OFL or Apache 2.0). These fonts are freely available for commercial use and are optimized for privacy and performance within our platform.

PHP Packages & Libraries

This project uses several open-source libraries (via Composer), including bacon/bacon-qr-code, guzzlehttp/guzzle, minishlink/web-push, and web-token/jwt-library. All are used in compliance with their respective open-source licenses.

Python Libraries & AI Training

Ainara utilizes open-source Python tools like Flask, SQLAlchemy, PyTorch, and TensorFlow. We also utilize curated datasets, including adaptations of the GPT-3 medium dataset, in accordance with OpenAI's terms.

Proprietary Algorithms & Safeguards

All core systems — including login security, user data management, media compression, AINARA moderation, and the Amalipe recommendation engine — are developed, owned, and maintained exclusively by Amaro Than.

Location & Positioning

Precise location data powers features like Amaro Map and proximity matching. This data is fully opt-in, encrypted with SHA-256, and used purely for context-aware in-app functions. You retain full control via privacy settings.

Intellectual Property

The entire platform — including source code, AI models, brand names (Ainara, Amalipe), and UI/UX design — is the exclusive property of Amaro Than.

  • Prohibited: Reverse-engineering, scraping, or copying source code/assets is strictly forbidden.
  • Enforcement: Violations may result in suspension, civil liability, or criminal prosecution.

Policy Updates

  • Notification: We provide 7-day advance notice for material changes via in-app banners/email.
  • Archive: We maintain a public changelog for all policy versions.
  • Consent: Continued use after the effective date confirms your acceptance of revised terms.

Music & Audio

All notification sounds and music tracks are produced by Altaf Avdi and licensed exclusively to Amaro Than. External extraction or reuse is strictly prohibited and legally actionable.

Contact Us

For privacy inquiries or data requests, reach us at:

Email: [email protected]

Address: Rruga Mbretëresha Teut, Lipjan, Kosovo