Movyya

MOVYYA LLC

PRIVACY POLICY

movyya.com

Effective Date: To be set on plaVorm launch (December 1, 2026)

1.  Introduction and Scope of this Privacy Policy

This Privacy Policy explains how Movyya LLC (“Movyya”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects personal data when individuals access or use the Movyya platform, including the website at movyya.com, our systems, tools, and any related applications or services made available from time to time (collectively, the “Platform”).

This Privacy Policy applies to:

  • visitors to the Platform;
  • registered users, including Guests and Hosts;
  • individuals who communicate with Movyya; and
  • any other persons whose personal data is processed in connection with the operation of the
    This Privacy Policy forms part of, and should be read together with, the Platform Terms of Use and all other applicable platform policies. Capitalised terms not defined in this Privacy Policy have the meanings given to them in the Platform Terms of Use.

If you do not agree with this Privacy Policy, you should not access or use the Platform.

2.  Who We Are, Data Controller Identification

For the purposes of applicable data protection laws, Movyya LLC acts as a data controller in respect of personal data processed through the Platform.

Movyya LLC is a limited liability company registered in the State of Wyoming, United States of America (Entity Number 2026-001958849), with its registered office at 312 W 2nd St, Unit #A9656, Casper, Wyoming 82601, USA.

Movyya operates as a hospitality platform launching across the Caribbean (with initial operations in Suriname, Guyana, Curacao, Aruba, Barbados, and Saint Lucia), with operational and technical activities conducted across multiple jurisdictions, including the Netherlands and other locations where service providers or cloud infrastructure are used.

Depending on the context, Movyya may also act as a joint controller or engage third-party data processors, including payment service providers, verification partners, analytics providers, and cloud hosting services.

Contact details for privacy-related inquiries are provided in Section 22 of this Privacy Policy.

3.  Applicability of Laws and Regulatory Framework

Movyya is committed to processing personal data in compliance with applicable data protection and privacy laws, including but not limited to:

  • the General Data Protection Regulation (EU) 2016/679 (GDPR), applicable to individuals located in the European Union and the European Economic Area;
  • applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the CPRA, and similar state-level privacy regimes where applicable;
  • applicable data protection principles under the laws of Suriname, Guyana, Curacao, Aruba, Barbados, and Saint Lucia in respect of users located in those countries; and
  • any other mandatory data protection or privacy laws that apply based on a user’s

Where local laws impose additional or different requirements, Movyya will comply with such mandatory provisions to the extent applicable.

4.  Definitions and Interpretation

For the purposes of this Privacy Policy:

  • “Personal Data” means any information relating to an identified or identifiable natural
  • “Processing” means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.
  • “Controller” means the entity that determines the purposes and means of
  • “Processor” means an entity that processes Personal Data on behalf of a
  • “Sensitive Personal Data” includes information such as government-issued identification, financial data, or other data subject to heightened protection under applicable law.

Headings are for convenience only and do not affect interpretation. References to laws include amendments and replacements.

5.  Categories of Personal Data We Collect

Depending on how you interact with the Platform, Movyya may collect the following categories of Personal Data:

5.1  Account and Profile Information

  • full name, username, and contact details;
  • account credentials and preferences;
  • business or entity information where applicable;
  • country of residence and

5.2  Booking and Transaction Data

  • booking details, dates, locations, and transaction history;
  • communications between Guests and Hosts conducted through the Platform;
  • dispute, complaint, and resolution

5.3  Communications

  • messages sent to or received from Movyya;
  • support requests, inquiries, and

5.4  Technical and Usage Data

  • IP address, device identifiers, browser type, operating system;
  • usage logs, access times, and interaction

5.5  Pre-Launch Waitlist Data

  • information submitted via the early-access registration form on com, including name, country, address, email, phone number, and area of interest (Guest or Host).

6.  Identity Verification and Compliance Data

To maintain platform integrity, security, and legal compliance, Movyya may collect and process identity verification and compliance-related data, which may include:

  • copies of government-issued identification documents;
  • business registration or licensing documents;
  • verification results and compliance assessments;
  • records related to fraud prevention, security screening, or enforcement

Such data is collected only where necessary for legitimate purposes, including compliance with legal obligations, fraud prevention, and enforcement of platform policies, and is subject to restricted access controls.

7.  Payment and Financial Information

Payments made through the Platform are processed by third-party payment service providers. Movyya does not store full payment card details.

The following data may be processed in connection with payments:

  • payment method identifiers and transaction references;
  • billing details required to complete transactions;
  • records of payment authorisations, chargebacks, or

Payment data is processed in accordance with applicable financial regulations and industry standards, and access to such data is limited to authorised personnel and service providers.

8.  How We Collect Personal Data

Movyya collects Personal Data through the following sources:

8.1  Information You Provide Directly

When you:

  • create or manage an Account;
  • publish Listings or make Bookings;
  • communicate with other Users or with Movyya;
  • submit verification documents, inquiries, or complaints;
  • register for early access on com prior to platform launch.

8.2  Information Collected Automatically

When you access or use the Platform, we may automatically collect technical and usage data through cookies, logs, and similar technologies.

8.3  Information from Third Parties

We may receive Personal Data from:

  • payment service providers;
  • identity verification and compliance partners;
  • analytics, security, and fraud-prevention providers;
  • publicly available sources, where permitted by

9.  Purposes of Processing Personal Data

Movyya processes Personal Data for the following purposes:

  • operating, maintaining, and improving the Platform;
  • facilitating Bookings, payments, and communications;
  • verifying identity, eligibility, and compliance;
  • preventing fraud, abuse, and security incidents;
  • handling disputes, complaints, and investigations;
  • complying with legal and regulatory obligations;
  • communicating with Users, including service-related notices and waitlist updates prior to launch;
  • conducting analytics, audits, and internal reporting;
  • marketing and promotional activities, where permitted

10.  Legal Bases for Processing (GDPR and Equivalent Laws)

Where the GDPR or similar laws apply, Movyya relies on one or more of the following legal bases:

10.1  Contractual Necessity

Processing necessary to perform a contract with you or to take steps at your request prior to entering into a contract.

10.2  Legal Obligation

Processing required to comply with applicable legal or regulatory obligations.

10.3  Legitimate Interests

Processing necessary for legitimate business interests, including security, fraud prevention, platform integrity, and service improvement, provided such interests are not overridden by your rights.

10.4  Consent

Processing based on your consent, where required by law. You may withdraw consent at any time, subject to legal limitations.

11.  Cookies, Tracking Technologies, and Analytics

11.1  Use of Cookies

The Platform uses cookies and similar technologies to enable functionality, enhance user experience, perform analytics, and support marketing activities.

11.2  Types of Cookies

Cookies may include:

  • strictly necessary cookies;
  • performance and analytics cookies;
  • functionality cookies;
  • advertising and targeting

11.3  Cookie Management

Users may manage cookie preferences through browser settings or platform tools, subject to functionality limitations. Further details are provided in the Cookie Policy.

12.  Marketing Communications and User Preferences

12.1  Marketing Communications

Movyya may send marketing communications via email, SMS, push notifications, or messaging platforms (such as WhatsApp) where permitted by law and based on consent or legitimate interests.

12.2  Opt-Out

You may opt out of marketing communications at any time by using unsubscribe mechanisms or adjusting Account settings.

12.3  Service Communications

Transactional and service-related communications (for example, booking confirmations, security notices, waitlist updates) are sent regardless of marketing preferences.

13.  Sharing and Disclosure of Personal Data

Movyya may share Personal Data with:

13.1  Other Users

Limited information may be shared between Guests and Hosts to facilitate Bookings.

13.2  Service Providers

Trusted third-party providers that perform services on our behalf, including payment processing, verification, analytics, hosting, communications (including WhatsApp Business and contact center solutions), and security.

13.3  Legal and Regulatory Authorities

Where required by law, court order, or regulatory request, or to protect rights, safety, or integrity.

13.4  Corporate Transactions

In connection with mergers, acquisitions, restructuring, or asset transfers, subject to appropriate safeguards.

14.  International Data Transfers

Movyya operates internationally and may transfer Personal Data to countries outside your jurisdiction, including to the United States and other locations where service providers or infrastructure are based.

Where required by law, Movyya implements appropriate safeguards for international transfers, such as:

  • standard contractual clauses or equivalent mechanisms;
  • data protection agreements with service providers;
  • technical and organisational security

15.  Data Retention and Storage Periods

Movyya retains Personal Data only for as long as necessary to fulfil the purposes for which it was collected, including legal, regulatory, accounting, security, and operational requirements.

Retention periods may vary depending on:

  • the nature of the data;
  • the purpose of processing;
  • applicable legal or regulatory obligations; and
  • the existence of disputes, investigations, or enforcement

Booking records, transaction data, and communications may be retained for extended periods where required to comply with legal obligations or to establish, exercise, or defend legal claims. Where data is no longer required, it is securely deleted or anonymised.

16.  Internal Investigations and Enforcement Processing

Personal Data may be processed in connection with the operation of Movyya’s Internal Investigation Panel (IIP) and related enforcement activities.

Such processing may include:

  • dispute resolution and complaint handling;
  • fraud detection and prevention;
  • compliance reviews and audits;
  • enforcement of platform policies and Terms of Use

Access to data processed for IIP purposes is strictly limited to authorised personnel and is subject to enhanced confidentiality, access control, and audit requirements. Processing under this section is conducted on the basis of legal obligations and legitimate interests in maintaining platform integrity, safety, and compliance.

17.  Data Security Measures

Movyya implements appropriate technical and organisational measures to protect Personal Data against unauthorised access, loss, misuse, alteration, or disclosure.

These measures may include:

  • encryption and secure storage technologies;
  • role-based access controls;
  • monitoring and logging of system activity;
  • regular security assessments and audits

While no system can be guaranteed to be completely secure, Movyya takes reasonable steps to safeguard Personal Data in accordance with applicable laws and industry standards.

18.  Your Rights Under Data Protection Laws

Depending on your location and applicable law, you may have certain rights in relation to your Personal Data, including:

  • the right to access your Personal Data;
  • the right to rectify inaccurate or incomplete data;
  • the right to request deletion of Personal Data;
  • the right to restrict or object to processing;
  • the right to data portability (where applicable);
  • the right to withdraw consent, where processing is based on consent.

Under certain US state laws, you may also have rights to opt out of the sale or sharing of Personal Data, where applicable.

These rights are subject to legal limitations and exceptions.

19.  Exercising Your Rights

You may exercise your data protection rights by contacting Movyya using the details provided in Section 22. To protect security and privacy, Movyya may:

  • require verification of your identity before responding; and
  • decline requests that are manifestly unfounded, excessive, or prohibited by Requests are handled within the timeframes required by applicable law.

20.  Children’s Data

The Platform is not intended for use by individuals under the age of eighteen (18), and Movyya does not knowingly collect Personal Data from children.

If we become aware that Personal Data of a child has been collected without appropriate authorisation, we will take steps to delete such data promptly.

21.  Changes to this Privacy Policy

Movyya may update this Privacy Policy from time to time to reflect changes in law, technology, or platform operations.

Updated versions will be made available on the Platform, and continued use of the Platform after such updates constitutes acceptance of the revised Privacy Policy, to the extent permitted by law.

22.  Contact Information and Complaints

If you have questions, concerns, or requests relating to this Privacy Policy or the processing of your Personal Data, you may contact Movyya as follows:

Email: admin@movyya.com

Mailing address: Movyya LLC, 312 W 2nd St, Unit #A9656, Casper, Wyoming 82601, USA

Where applicable under the GDPR, you also have the right to lodge a complaint with your local supervisory authority if you believe your data protection rights have been infringed.