Effective date: 3.28, 2021
Welcome to Photo Art. ("we," "us" or "our"). We aim to create new ways for people to express their emotions through the camera.
This Privacy Policy describes:
· The types of information we may collect or that all users or others may provide while downloading, installing, registering with, accessing, or using ("Users", "you" or "your") our mobile application Photo Art ("Photo Art" or "application").
· Our practices for collecting, using, maintaining, protecting, and disclosing that information.
This Privacy Policy applies only to information we collect in Photo Art and via email, text, and other electronic communications sent through or in connection with Photo Art.
We undertake to build Photo Art and any of its features in such a way that it respects your privacy and are committed to protecting it through our compliance with this Privacy Policy. This Privacy Policy allows you not only to understand what we do with your Personal Data (as defined below), but also to manage your Personal Data effectively.
By downloading, installing, registering with, accessing or using ("Using") Photo Art, you agree to this Privacy Policy. If you do not agree to this Privacy Policy, do not Use Photo Art.
By Using Photo Art you understand and agree that we are providing a platform for you to stylize the User Content (as defined below). If you have any questions about this Privacy Policy or Photo Art, please contact us (for contact information, please, see How to Contact Us Section).
This Privacy Policy DOES NOT apply to information that:
· We collect offline or on any other Company apps or websites, including websites you may access through Photo Art.
· You provide to or is collected by any third party (including our Affiliates, as defined below), including through any other application or content (including advertising) that may link to or be accessible through Photo Art.
Our websites and other apps, and these other third parties may have their own privacy policies, which we encourage you to read before providing information on or through them.
Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. This Privacy Policy may change from time to time.
We collect several types of information from and about you ("Collected Information"), including information:
· By which you may be personally identified, such as email address, or any other identifier by which you may be contacted online or offline.
· That is about you but individually does not identify you.
· About your internet connection, the equipment you use to Use Photo Art and your Usage details.
We collect this information:
· Directly from you when you provide it to us.
· Automatically when you Use Photo Art. Information collected automatically may include Usage details, internet protocol ("IP") addresses, and information collected through cookies and other tracking technologies.
· From third parties, for example, our business partners.
To the extent information is:
(i) associated with an identified or identifiable natural person and
(ii) protected as personal data under applicable data protection laws, such information is referred to in this Privacy Policy as "Personal Data".
Please bear in mind that provisions of Section 5 do not apply to your pseudonymized Personal Data.
When you Use Photo Art, we may ask you to provide information, including your Personal Data:
· Information that you provide by filling in forms in Photo Art. This includes information provided at the time of Using Photo Art, subscribing for services through Photo Art, and requesting further services through Photo Art. We may also ask you for information when you report a problem with Photo Art.
· Records and copies of your correspondence (including email addresses), if you contact us.
· Details of your in-app subscriptions in Photo Art.
When you Use Photo Art, we may use automatic data collection technologies to collect certain Collected Information about your equipment, browsing actions, and patterns, including:
· Usage details. Details of your Use of Photo Art, including traffic data, logs, location data and other communication data and resources you use through Photo Art.
· Device information. Information about your mobile device and internet connection, including your IP address, the device’s unique device identifier, operating system, browser type and mobile network information.
· Stored information and files. Photo Art also may access metadata and other information associated with other files stored on your device. This may include, for example, photographs, audio and video clips.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). If you do not want us to collect this information, do not download Photo Art or delete it from your device.
The information we collect automatically under this Privacy Policy may include your Personal Data, we may maintain it or associate it with your Personal Data we collect in other ways or receive from third parties. It helps us to improve Photo Art and to deliver a better and more personalized service, including by enabling us to:
· Estimate our audience size and Usage patterns.
· Store information about your preferences, allowing us to customize Photo Art according to your individual interests.
If the information covered by this Section 3 is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, we may use it for any business purpose.
The technologies we use for automatic data collection may include:
Third-party analytics. We use third-party analytics tools, such as Google Analytics, Facebook Analytics, Google Firebase, to help us measure traffic and Usage trends for Photo Art. These tools collect information sent by your device or Photo Art, including the web pages you visit, add-ons, and other information that assists us in improving Photo Art. We collect and use this analytics information with analytics information from other Users so that it cannot reasonably be used to identify any particular individual User.
Our products are based on Alibaba cloud's online service. When you use our AI filter, we will upload the image to Ali cloud. After online drawing, we will return the image with the effect applied. In this process, we promise not to store your uploaded images, and we will delete your uploaded images immediately after you use our service.
Device identifiers. When you use a mobile device like a tablet or phone to Use Photo Art, we may access, collect, monitor, store on your device, and/or remotely store one or more "device identifiers". Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may identify data stored in connection with the device hardware, operating system or other software, or data sent to the device by us. A device identifier may deliver information to us or to a third party partner about how you browse and Use Photo Art and may help us or others provide reports or personalized content and ads. Some features of Photo Art may not function properly if use or availability of device identifiers is impaired or disabled. Among others we may collect the following device identifiers:
· User device ID.
· Platform (iOS/Android).
· Device OS version.
· App version.
· First request time.
· Language.
· Region/Country.
· Timezone.
· Model.
· App version.
· Push token (optional).
Metadata. Metadata is usually technical data that is associated with the User Content. For example, metadata can describe how, when and by whom some User Content was collected and how that content is formatted. You can add or may have metadata added to your User Content including a hashtag (e.g., to mark keywords when you share a photo) or other data.
In addition to some of the specific uses of information we describe in this Privacy Policy, we use the Collected Information, including any Personal Data:
· To present to you and others Photo Art and its contents and any other information, products or services that you request from us.
· To automatically update Photo Art on your device.
· To carry out our obligations and enforce our rights arising from any contracts entered into between you and us.
· To notify you about changes to Photo Art or any products or services we offer or provide through Photo Art, including by sending you technical notices, notices about your account/subscription, including expiration and renewal notices, updates, security alerts and support and administrative messages.
· To diagnose or fix technology problems.
· To link or combine with information we get from others or (and) from you to help understand your needs and provide you with better services (to use in training of neural networks, artificial intelligence, as well as for any other automated decision-making processing).
· To monitor metrics such as total number of the Users, traffic, and demographic patterns (including via third party services as specified in Section 6).
· To provide, improve, test, and monitor the effectiveness of Photo Art.
· To develop and test new products and features.
· In any other way we may describe, when you provide or when we collect your information or when is indicated in this Privacy Policy.
· To fulfill any other purpose for which you provide it.
· For any other purpose with your consent.
We will not process your Personal Data in a way that is incompatible with the purposes for which it has been collected or authorized by you in accordance with this Section 4 or collect any Personal Data that is not required for the mentioned purposes ("purpose limitation principle").
For any new purpose of processing we will ask for your separate consent. To the extent necessary for those purposes, we take all reasonable steps to ensure that your Personal Data is reliable for its intended use, accurate, complete and current. We also undertake to collect only such amount and types of your Personal Data that are strictly required for the purposes mentioned in this Section 4 ("data minimization principle").
Access, modification, correction and erasure. You can request to access, modify, correct, update and erase your Personal Data, that you have provided to us and that we have about you in your Photo Art account settings or by contacting us (for contact information, please, see How to Contact Us Section). We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
EEA residents. Individuals residing in the European Economic Area ("EEA") have certain statutory rights in relation to their Personal Data, such as introduced by the General Data Protection Regulation ("GDPR"). You can exercise them by contacting us (for contact information, please, see How to Contact Us Section).
· Access to your Personal Data and data portability. You have a right to request information about whether we have any Personal Data about you, to access your Personal Data (including in a structured and portable form) that you have provided to us, when Using Photo Art, and that we have about you. You can do this by Using the application settings or by contacting us.
· Rectification of your Personal Data and restriction of processing. You are responsible for ensuring the accuracy of your Personal Data that you provide to us. Inaccurate information may affect your experience when Using Photo Art features and our ability to contact you as described in this Privacy Policy. If you believe that your Personal Data is inaccurate, you have a right to contact us and ask us to correct such Personal Data. You shall also have the right to demand restriction of processing of your Personal Data, if you contest the accuracy of your Personal Data which inaccuracy is verified by us.
· Erasure of your Personal Data. If you believe that your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or in cases where you have withdrawn your consent or object to the processing of your Personal Data, or where the processing of your Personal Data does not otherwise comply with the GDPR, you have the right to contact us and ask us to erase such Personal Data. Please be aware that erasing some Personal Data may affect your ability to Use Photo Art.
· Right to object processing of your Personal Data. You can object to and stop us from processing your Personal Data by Using a special feature in the application settings or by contacting us. Please be aware that our inability to process some Personal Data may affect your ability to Use Photo Art.
· Notification requirements. We commit to notify you promptly and your data protection authority within the timeframe specified in applicable law (72 hours) about any Personal Data breaches in relation to you.
· Notice about automated decision-making. We use automated decision-making tools (e.g. neural networks) that process your Personal Data in order to provide you better services through Photo Art (for example, improvement of filters application).
· Data protection authorities. Subject to the GDPR, you also have the right to (i) restrict our use of your Personal Data and (ii) lodge a complaint with your local data protection authority about any of our activities that you deem are not compliant with the GDPR.
Please keep in mind that in case of a vague access, erasure, objection request or any other request in exercise of the mentioned rights we may engage you in a dialogue so that to better understand the motivation for the request and to locate responsive information. In case this is impossible, we reserve the right to refuse granting your request.
Following the provisions of the GDPR we might also ask you to prove your identity (for example, by requesting an ID or other proof) in order for you to invoke the mentioned rights. This is made to ensure that no right of third parties are violated by your request, and the mentioned rights are exercised by an actual Personal Data subject or an authorized person.
Please note that we will grant your request within 30 days after receiving it, but it may take up to 90 days in some cases, for example, for full erasure of your Personal Data stored in our backup systems - this is due to the size and complexity of the systems we use to store data.
Your California privacy rights. If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Data.
California’s "Shine the Light" law (Civil Code Section § 1798.83) permits users of Photo Art that are California residents to request certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. To make such a request, please contact us (for contact information, please, see How to Contact Us Section).
We may disclose aggregated information about our Users, and information that does not identify any individual, without restriction. We may remove parts of data that can identify you and share anonymized data with any parties. We may also combine your Collected Information (including your Personal Data) with other information in a way that it is no longer associated with you and share that aggregated information.
We will not rent or sell your Personal Data to third parties outside the company (or the group of companies of which we are a part) without your consent, except for the parties with whom we may share your information in accordance with this Privacy Policy.
Parties with whom we may share your Personal Data. We may share your Personal Data and User Content (including but not limited to, information from cookies, log files, device identifiers and Usage data) with businesses that are legally part of the same group of companies that we are part of, including our subsidiaries, or that become part of that group ("Affiliates"). Affiliates may use this information to help provide, understand, and improve Photo Art (including by providing analytics) and Affiliates’ own services (including by providing you with better and more relevant experiences). Such Affiliates are bound by the rules of this Privacy Policy.
We also may share your Personal Data as well as information from tools such as device identifiers with third-party organizations such as contractors and service providers that we use to support our business and who are bound by reasonable confidentiality and data protection terms to keep your Personal Data confidential and use it only for the purposes for which we disclose it to them ("Service Providers").
The parties we share your Personal Data with are either EEA-based or compliant with the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks (each of them and collectively "Privacy Shield") that ensure that European data privacy requirements are met. We also utilize standard contractual clauses and other contractual safeguards in order to protect your privacy and ensure that all transfers of your Personal Data are safe and compliant with applicable laws.
Parties with whom you may choose to share your User Content. Any information or content that you voluntarily stylize with Photo Art, such as User Content, becomes available to Photo Art anonymously.
What happens in the event of a change of control. If we sell or otherwise transfer part or the whole of the company or our assets to another organization (e.g., in the course of a transaction like a merger, divestiture, restructuring, reorganization, acquisition, bankruptcy, dissolution, liquidation), your Personal Data, User Content and any other Collected Information may be among the items sold or transferred. You will continue to own your User Content. The buyer or transferee will have to honor the commitments we have made in this Privacy Policy.
Responding to legal requests and preventing harm. We may access, preserve and share your information in response to a legal (like a search warrant, court order or subpoena), government or regulatory request if we have a good faith belief that the law requires us to do so. This may include responding to legal, government or regulatory requests from jurisdictions outside of the United States where we have a good faith belief that the response is required by law in that jurisdiction, affects the Users in that jurisdiction, and is consistent with internationally recognized standards. We may also access, preserve and share information when we have a good faith belief it is necessary to: detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
We comply with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the EEA and Switzerland to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles ("Principles"). If there is any conflict between the terms in this Privacy Policy and the Principles, the Principles shall prevail.
· Complaints and dispute resolution. In compliance with the Principles, we commit to resolve complaints about our collection or use of your Personal Data. EEA and Swiss residents with inquiries or complaints regarding our Privacy Policy should first contact us (for contact information, please, see How to Contact Us Section).
· Arbitration. You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a EU country or Switzerland participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; and (2) contact the U.S. Department of Commerce (either directly or through an European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Principles with respect to the resident. The arbitration option may not be invoked if the individual’s same claimed violation of the Principles (i) has previously been subject to binding arbitration; (ii) was the subject of a final judgment entered in a court action to which the individual was a party; or (iii) was previously settled by the parties.
Data security. We use reasonable and appropriate information security safeguards to help keep the Collected Information (including your Personal Data) secure and to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to or through Photo Art or an absolute guarantee that such information may not be accessed, disclosed, altered, or destroyed. Any transmission of your Personal Data is at your own risk. We are not responsible for circumvention of security measures contained in Photo Art. Please understand that there is no ideal technology or measure to maintain 100% security. Among others, we utilize the following information security measures:
· Pseudominization of certain categories of your Personal Data.
· Encryption of your Personal Data in transit and in rest.
· All information you provide to us is stored on our secure servers behind firewalls.
· Systematic vulnerability scanning and penetration testing.
· Organizational and legal measures. For example, our employees have different levels of access to your Personal Data and only those in charge of data management get access to your Personal Data and only for limited purposes required for the operation of Photo Art. We impose strict liability on our employees for any disclosures, unauthorized accesses, alterations, destructions and misuses of your Personal Data.
· Conducting periodical data protection impact assessments in order to ensure that Photo Art fully adheres to the principles of "privacy by design", "privacy by default" and others. We also commit to undertake privacy audit in case of Photo Art’s merger or takeover.
Data retention. We will retain your Personal Data as long as your account is active or needed to provide you services through Photo Art, and only for as long as it serves purposes of processing identified in Section 4. At any time, you can remove your Personal Data Using in-app features or instruct us to remove it by contacting us (for contact information, please, see How to Contact Us Section).
All information that you provide to us through Photo Art is automatically uploaded to our servers and is stored there in duplicate to the information stored on your device. If you remove data from your User account, you will no longer see it in Photo Art, but some backups of the data may remain in our archive servers for a reasonable period of time due to technical reasons.
Third-party (onward) transfers and Privacy Shield compliance. In the context of an onward transfer, we have responsibility for the processing of your Personal Data we receive under the Privacy Shield or generally from the EEA and Swiss residents and subsequent transfer to a third party acting as an agent on our behalf. We remain liable under the Principles and GDPR, if our agent processes such Personal Data in a manner inconsistent with the Principles and GDPR, unless we prove that we are not responsible for the event giving rise to the damage. For any onward transfer we commit to execute a formal agreement with any receiving party or processor acting on our behalf.
If we receive Personal Data subject to our certification under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if both (i) the agent processes the Personal Data in a manner inconsistent with the Privacy Shield and (ii) we are responsible for the event giving rise to the damage.
Contacting you. You agree that we may send you Photo Art-related emails (e.g., changes/updates to features of Photo Art, technical and security notices, updates to this Privacy Policy). Note that you may not opt out of Photo Art-related e-mails, unless applicable laws provide differently for particular types of Users.
General age limitation. Photo Art is not intended for or directed at children under 13, and we do not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to Use Photo Art. If you are under 13, do not Use or provide any information in Photo Art or through any of its features, or provide any information about yourself to us, including your name, address, telephone number or email address. In the event that we learn that we have collected or received any Personal Data from a child under 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe we might have any information from or about a child under 13, please contact us (for contact information, please, see How to Contact Us Section).
Age limitation for EEA residents. Due to requirements of the GDPR you shall be at least 16 years old in order to Use Photo Art. To the extent prohibited by applicable law, we do not allow Use of Photo Art by the EEA residents younger than 16 years old. If you are aware of anyone younger than 16 Using Photo Art, please contact us (for contact information, please, see How to Contact Us Section) and we will take required steps to delete information provided by such persons.
We are not responsible for the practices employed by any websites or services linked to or from Photo Art, including the information or content contained within them. Where we have a link to a website or service, linked to or from Photo Art, you should read the privacy policy stated on that website or service.
If you have any questions about this Privacy Policy or Photo Art, please contact us via email at hotsummer4270@gmail.com.
Data Protection Officer. If you are a resident of the EEA or Switzerland and you wish to exercise your rights under Section 5, or you have any questions about this Privacy Policy or our privacy practices, you can contact our Data Protection Officer via email at hotsummer4270@gmail.com.
The Company may modify or update this Privacy Policy from time to time, so please review it periodically. The date this Privacy Policy was last revised is identified at the top of the page. Your continued Use of Photo Art after we make changes to this Privacy Policy is deemed to be acceptance by you of those changes, so please check the policy periodically for updates. In some cases, we may require you to expressly accept our new privacy policy in order to continue Using Photo Art (for example, if we expand types of Personal Data collected from you or introduce new purposes of collection and processing).