Privacy Policy

1. Information we collect

1.1 Account information

We collect account information such as your name, email address, login provider and profile details you choose to save.

1.2 Content and listing information

We collect content you submit, including merchant verifications, second-hand listings, job posts, square posts, comments, reports, messages and contact details that you provide for a listing.

1.3 Technical and security information

We may collect request logs, device or browser details, security events and usage signals needed to keep the service reliable and prevent abuse.

2. Google and Facebook sign-in data

2.1 Google sign-in

If you choose to sign in with Google, DiliGo requests the minimum Google OAuth scopes needed for authentication: email and profile. We use this data to create your account, identify your session, show your account identity inside the app and connect your actions to content you submit.

2.2 Facebook sign-in

If you choose to sign in with Facebook, DiliGo requests the Facebook Login permissions needed for authentication: email and public profile. We use this data for the same account, session and content attribution purposes described above.

2.3 Restricted uses

• We do not use Google or Facebook user data for advertising or unrelated analytics.
• We do not use Google or Facebook user data for credit decisions, resale or data brokerage.
• We do not sell Google, Facebook or user account data.

3. How we use data

• Operate account login, sessions and profile display.
• Publish, organize, translate and moderate local content.
• Support merchant verifications, contact requests and message flows.
• Prevent abuse, spam, scraping and unsafe activity.
• Improve service reliability and comply with legal obligations.

Public posts and merchant information may be visible to other users and search engines. Private contact details are shared only through the contact flows shown in the product.

4. Cookies and local storage

We use cookies and local storage to keep users signed in, remember language preferences, preserve login redirects, protect security and operate core product features. We do not use Google sign-in data to build advertising profiles.

5. Storage and service providers

Account, content and media data may be processed by trusted service providers that help us host the website, store records, process authentication, deliver media, monitor reliability and operate the service. These providers process data only as needed to provide services to DiliGo.

Service providers may be located outside Timor-Leste. When data is processed outside Timor-Leste, we use service providers for operational purposes such as hosting, authentication, storage, security and reliability, and we limit access to what is needed for those purposes.

6. Data sharing

• Public content you submit may be visible to users, search engines and public visitors.
• Private contact details are shared only through product flows shown to you.
• Public merchant, job, marketplace and community information may remain visible when it is not personal account data or when it is needed for platform integrity.
• We may disclose limited information when required to protect users, prevent abuse or comply with law.
• We do not sell personal data or third-party sign-in data.

7. User choices and deletion

You can choose not to use Google or Facebook sign-in and may use another enabled login method. You may update profile details from your account area.

For access, correction or deletion requests, contact diligo.tl@gmail.com. Some records may be retained where needed for security, fraud prevention, dispute handling, legal obligations, backups or legitimate service operation.

You can also review our Data Deletion Instructions.

8. Timor-Leste operation

DiliGo is operated for local discovery in Dili, Timor-Leste. We aim to respect Timor-Leste privacy principles, including user access to personal data and limits on processing sensitive personal information without consent.

Please do not post national ID numbers, private addresses, health details, religious or political information, ethnic origin, union membership or other sensitive personal information unless you have a lawful reason and permission to share it.

If you submit business, job or listing information about another person or organization, you are responsible for making sure you have permission or another lawful basis to publish it.

9. Children

DiliGo is not intended for children under the age required to consent to online services in their location. If you believe a child has provided personal data without appropriate consent, contact us so we can review the request.

10. Security and updates

We use reasonable technical and organizational measures to protect user data. If we materially change how Google or Facebook user data is accessed, used, stored or shared, we will update this policy and request consent where required.

11. Contact

For privacy questions, account requests or data concerns, contact diligo.tl@gmail.com.

12. Related terms

Use of DiliGo is also governed by our Terms of Service.