Zoombo Privacy Policy

Zoombo Technology Limited ("we," "us," or "our"), a company incorporated in Hong Kong, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use the Zoombo app ("app") or interact with us. By using the app, you agree to the practices described in this policy. If you do not agree, please do not use the app.

1. Scope of This Policy

This Privacy Policy applies to all users of the Zoombo app, including those who download, access, or use the app on any device. It covers personal data we collect directly from you, automatically through your use of the app, or from third parties. This policy does not apply to data processed by third-party services or websites linked from the app, such as app stores (e.g., Apple App Store, Google Play) or third-party advertisers.

2. Data We Collect and How We Use It

We collect and use certain data to provide, maintain, and improve the Zoombo app. This section outlines the categories of data we collect, how we use them, and how long we retain them. Some data is necessary to use the app; if you choose not to provide it, you may not be able to access certain features.

2.1 Categories of Data We Collect

We collect the following types of data when you use the Zoombo app:

• Identity Information: Name, username, or email address (if you create an account or contact us).
• Contact Information: Email address (e.g., when you contact us at contact@zoombo.ai).
• User Content: Images, videos, or other materials you upload for AI processing, including AI-generated content (e.g., enhanced photos, AI-generated videos). This may include face data (information estimating facial features), which may be considered biometric data in some jurisdictions. We use face data only to generate or enhance content as requested and do not use it to identify or authenticate individuals unless you specifically consent.
• Device and Usage Information: Internet traffic data (e.g., IP address, network activity), device identifiers (e.g., IDFA, Android ID), device name, device type, operating system version, device language, region, and in-app usage data (e.g., features used, time spent in the app, crash reports).
• Marketing and Analytics Data: Identifiers for advertisers (e.g., IDFA, if you grant permission) and for vendors/developers (e.g., IDFV), used for analytics or personalized ads (if applicable).
• Transaction Information: Order details, subscription status, and in-app purchase history (e.g., via Apple App Store or Google Play).
• Communications: Content of your messages when you contact us (e.g., support requests).

2.2 How We Use Your Data

We use the data above for the following purposes:

2.2.1 Service Delivery

• To enable core app functionalities, such as generating or editing AI content (e.g., videos, images). This requires access to your device's photo library or camera, which you must expressly allow via a permission pop-up.
• To process User Content, including face data, for AI generation or enhancement. We will obtain your consent for processing face data where required by applicable law.

2.2.2 Customer Support

• To respond to your inquiries, provide support, and send administrative or technical updates.

2.2.3 Service Improvement and Analytics

• To analyze app usage, conduct statistical research, and improve features (e.g., fixing bugs, optimizing AI models). This may include anonymized data for product development.

2.2.4 Troubleshooting

• To ensure app quality by detecting, preventing, and fixing bugs, crashes, or misuse.

2.2.5 Personalization

• To create a user profile for a tailored experience, such as suggesting features or content based on your usage.

2.3 Retention of Data

• User Content (Uploaded and AI-Generated): The Zoombo app does not use cloud processing, so uploaded images, videos, and AI-generated content are not stored on our servers. Any temporary data used during AI processing (e.g., for generation or enhancement) is deleted immediately after the process is complete. Content stored locally on your device will be lost if you uninstall the app, as noted in Section 5.5 of our Terms of Service.
• Face Data: Face data processed for AI generation or enhancement is deleted immediately after the process is complete.
• Other Data: Identity information, contact information, device and usage information, marketing and analytics data, transaction information, and communications are retained for up to 3 years from your most recent interaction with the app or the expiration of your subscription, whichever is later. If you access the app after your subscription expires, the retention period restarts from that interaction. After this period, the data is deleted or anonymized unless legal obligations require longer retention.
• Troubleshooting Data: Device and usage information used for troubleshooting (e.g., crash logs) is retained for up to 1 year from your most recent interaction with the app or subscription expiration, then deleted or anonymized.

3. Data Sharing and Disclosure

We do not sell, trade, or claim ownership of your User Content or personal data. As stated in Section 2, the Zoombo app does not use cloud processing, so we do not store User Content (e.g., uploaded images, videos, or AI-generated content) on our servers. Any temporary data used during AI processing is deleted immediately after the process is complete. Additionally, our employees are bound by strict confidentiality agreements that prohibit them from sharing your data. However, in certain extraordinary circumstances, we may share limited data as described below.

3.1 With Service Providers

We may share limited data with third-party vendors who assist us in operating the app, such as analytics providers or IT service providers (e.g., hosting services). Since we do not store User Content, this sharing is limited to data like device and usage information or account details (e.g., email address, subscription status). These vendors are bound by contractual obligations to protect your data and act only on our instructions.

3.2 Extraordinary Circumstances: Compliance with Legal Obligations

We may share your data to comply with legal obligations, including requests from public authorities, or to demonstrate compliance with such obligations (e.g., in response to a legal request).

Categories of Data

We may share any data required by law or as instructed by public authorities. Since we do not store User Content, this would be limited to data such as identity information, contact information, device and usage information, transaction information, or communications.

Retention

Data shared for this purpose is retained for a maximum of 5 years from your most recent interaction with the app or the expiration of your subscription, whichever is later. If you access the app after your subscription expires, the retention period restarts from that interaction. Specific legal obligations may require different retention periods, in which case those periods will apply. After the retention period, the data is deleted or anonymized.

3.3 Extraordinary Circumstances: Defense and Corporate Transactions

We may share your data to establish, exercise, or defend our rights, the rights of our employees, or to carry out corporate transactions or operations, such as mergers, acquisitions, reorganizations, sales of assets, bankruptcy, or related due diligence.

Categories of Data

We may share any data necessary to ensure the proper execution of these activities. Since we do not store User Content, this would be limited to data such as identity information, contact information, device and usage information, transaction information, or communications.

Retention

Data shared for this purpose is retained for a maximum of 10 years from your most recent interaction with the app or the expiration of your subscription, whichever is later. If you access the app after your subscription expires, the retention period restarts from that interaction. Specific legal obligations may require different retention periods, in which case those periods will apply. After the retention period, the data is deleted or anonymized.

4. Your Rights

You can always retain control of your personal data. Depending on your location, you may have certain rights in relation to your data that you can exercise at any time and without charge, subject to any limitations or exceptions under applicable privacy laws. These include the following:

• Access: You can request access to or a copy of the personal data we hold about you.
• Rectification: You can request that we update or correct any inaccurate or incomplete personal data.
• Erasure: You can request that we delete your personal data (e.g., by deleting your account). Note that since we do not store User Content (e.g., uploaded images, videos, or AI-generated content) on our servers, as explained in Section 2, we may not have such data to delete.
• Restriction: You can request that we restrict the processing of your personal data in certain circumstances.
• Consent Withdrawal: Where we rely on your consent to process your data (e.g., for processing face data), you can withdraw your consent at any time. This will not affect the processing carried out before your withdrawal, but we will stop processing your data for that purpose thereafter.

You also have the right to lodge a complaint with a data protection authority or other relevant regulator in your jurisdiction if you believe we have violated applicable privacy laws and have not addressed your concerns.

To exercise your rights, please contact us at contact@zoombo.ai with your request. We may take reasonable steps to verify your identity before responding, such as confirming details that match the information we have on file (e.g., your email address). If you submit a request as an authorized agent, we may ask for proof of your authorization or contact the individual to confirm the request, in accordance with applicable laws.

Please note that since we do not store User Content on our servers, as detailed in Section 2, some requests (e.g., access or deletion of User Content) may not apply to such data. Additionally, if you have not created an account or are not authenticated, we may not be able to identify your data to fulfill certain requests.

We will not discriminate against you for exercising your privacy rights.

5. Children's Privacy

The Zoombo app is not intended for users under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have received personal data from a child under the age of 16, please contact us at contact@zoombo.ai with details of your concern. If we learn that a user is under the age of 16, we will take reasonable steps to delete any processed data and close the associated account. Since the Zoombo app does not use cloud processing, as noted in Section 2, any User Content (e.g., uploaded images, videos, or AI-generated content) is not stored on our servers and would already be deleted immediately after processing.

6. Additional Information for Users in Certain Jurisdictions

In some jurisdictions, privacy laws grant residents additional rights or require specific disclosures. This section provides information for users in California, the European Union (EU), Illinois, and other regions with special requirements.

6.1 Additional Information for Users in California

If you are a resident of California, the California Consumer Privacy Act (CCPA) and other state laws may apply to you. Below are additional disclosures and rights specific to California residents:

Data Collection and Sources

We collect personal data from the following sources:

• Directly from you: For example, your email address or username when you create an account or contact us.
• Automatically from the app: For example, device and usage information (e.g., IP address, device identifiers) when you use the app.
• From third parties: For example, from app stores (e.g., Apple App Store, Google Play) when you download the app or make in-app purchases.

Categories of Personal Data Collected

In the past 12 months, we have collected the following categories of personal data:

• Identifiers (e.g., email address, username, device identifiers like IDFA or Android ID).
• Internet or other electronic network activity information (e.g., IP address, in-app usage data, crash reports).
• Commercial information (e.g., subscription status, in-app purchase history).
• Approximate geolocation information (e.g., the country or region you are in, derived from your IP address).
• Audio and visual information (e.g., images or videos you upload for AI processing, including AI-generated content).
• Inferences (e.g., insights about your app usage to personalize your experience).

For more details, see Section 2 ("Data We Collect and How We Use It"). We collect this data for the purposes listed in Section 2.2, such as providing the app's services, customer support, analytics, troubleshooting, and personalization.

Data Disclosure

In the past 12 months, we have disclosed the following categories of personal data for business purposes (e.g., to service providers like analytics or IT providers):

• Identifiers.
• Internet or other electronic network activity information.
• Commercial information.
• Approximate geolocation information.
• Inferences.

We do not sell or share your personal data for targeted advertising purposes, as defined under California law. We also do not knowingly collect, sell, or share personal data about users under the age of 16.

Sensitive Personal Data

We do not collect data considered "sensitive" under California law (e.g., precise geolocation, health data, or biometric data used for identification), except in certain extraordinary circumstances (e.g., for legal compliance, as described in Section 3). In such cases, we do not use or disclose sensitive data to make inferences about your characteristics.

Retention

We retain personal data as described in Section 2.3. Notably, User Content (e.g., uploaded images, videos, AI-generated content) and face data are deleted immediately after processing, as we do not use cloud storage.

Your Rights

California residents have the following rights, in addition to those listed in Section 4:

• Right to Opt-Out of Sales or Sharing: We do not sell or share your data for targeted advertising, so this right does not apply.
• Right to Limit Use of Sensitive Data: We do not use sensitive data for purposes beyond what is necessary to provide the app's services.

To exercise your rights (e.g., access, rectification, erasure), please see Section 4 ("Your Rights").

6.2 Additional Information for Users in Illinois

If you are a resident of Illinois, the Illinois Biometric Information Privacy Act (BIPA) may apply to you. Below are additional disclosures specific to Illinois residents:

Face Data

As described in Section 2, we collect and process face data (information estimating facial features) to generate or enhance AI content. Face data may be considered biometric data under Illinois law. We do not use face data to identify or authenticate individuals, nor do we use it to improve our AI features or train algorithms beyond the specific task you request. We do not store face data on our servers, as it is deleted immediately after processing (see Section 2.3). We will never sell, lease, or trade face data to third parties.

Your Rights

To exercise your rights (e.g., access, erasure), please see Section 4 ("Your Rights").

6.3 Additional Information for Users in the European Union (EU)

If you are a resident of the EU, the General Data Protection Regulation (GDPR) may apply to you. Below are additional disclosures and rights specific to EU residents:

Data Collection and Use

We collect and use personal data as described in Section 2. This includes face data, which may be considered special category data under GDPR. We only process face data with your explicit consent (e.g., when you upload images for AI processing) and delete it immediately after processing, as noted in Section 2.3.

Your Rights

EU residents have the following rights, in addition to those listed in Section 4:

• Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format.
• Objection: You can object to the processing of your personal data in certain circumstances (e.g., for analytics or personalization).

To exercise your rights, please see Section 4 ("Your Rights"). You can also lodge a complaint with your local data protection authority if you believe we have violated GDPR.

7. International Data Transfers

Zoombo Technology Limited is a company incorporated in Hong Kong. When you use the Zoombo app, your personal data may be transferred outside your jurisdiction (e.g., to Hong Kong) for processing, such as to support the app's operations, analytics, or troubleshooting. We ensure that any such transfers comply with applicable laws and are conducted with appropriate safeguards to protect your data, such as contractual agreements with our service providers. If you would like to know more about the safeguards in place for the transfer of your data, please contact us at contact@zoombo.ai.

8. Security

We use industry-standard security measures, such as encryption, to protect your data during transmission and processing. However, no system is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

9. Third-Party Links

The app may include links to third-party websites or services (e.g., app stores, advertisers). We are not responsible for their privacy practices. We encourage you to review their privacy policies before interacting with them.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or a notice in the app. Your continued use of the app after such changes constitutes acceptance of the updated policy.

11. In-app Tracking Technologies

The Zoombo app uses certain technologies to collect information about how you interact with the app, which helps us improve its performance and functionality. These technologies, referred to as "tracking technologies," include tools like software development kits (SDKs) and device identifiers that access or store data on your device. This section explains the types of tracking technologies we use, their purposes, and how you can manage them.

11.1 Types of Tracking Technologies

Tracking technologies can be categorized based on their purpose and who manages them. Here's an overview:

Based on Purpose

• Essential Tracking Technologies: These are required for the app to work properly and deliver the services you request. For example, they may help manage your session or ensure the app functions smoothly. Since they are necessary for the app's core operations, they do not require your consent.
• Analytics Tracking Technologies: These help us understand how users interact with the app by collecting aggregated data, such as the number of users, the features they use, or how often the app crashes. This information allows us to improve the app's design, fix issues, and enhance your experience. Analytics tracking technologies typically require your consent, but they may not need consent if the data is fully anonymized and used only for internal statistical purposes.
• Profiling Tracking Technologies: These track individual user behavior to create profiles for purposes like targeted advertising or personalized content beyond the app's core functionality. Zoombo does not use profiling tracking technologies, as we do not engage in targeted advertising or behavioral profiling.

Based on Publisher

• First-Party Tracking Technologies: These are managed directly by Zoombo Technology Limited and used for our own purposes, such as improving the app's performance.
• Third-Party Tracking Technologies: These are managed by third parties (e.g., Firebase, Apple) to assist us with analytics or technical support. Data collected by third parties may also be used for their own purposes, as outlined in their privacy policies, which we link to below. Third-party tracking technologies typically require your consent unless the data is anonymized and used solely for analytics.

11.2 Tracking Technologies Used by Zoombo

Zoombo uses tracking technologies to support the app's functionality and improve its performance. We do not use any tracking technologies for profiling or targeted advertising.

Technology	Provider	Purpose	Type	Data Collected	Privacy Policy
Firebase Analytics	Google (Firebase)	Analytics	Third-Party	Aggregated usage data (e.g., time spent in the app, features used, approximate location like country), device information (e.g., OS version)	Firebase Privacy Policy
Firebase Crashlytics	Google (Firebase)	Technical (Crash Reporting)	Third-Party	Crash logs, device details (e.g., device model, OS version)	Firebase Privacy Policy
Apple Analytics	Apple	Analytics	Third-Party	Usage data (e.g., app interactions), device identifiers (e.g., IDFA, if you allow tracking)	Apple Privacy Policy

11.3 Managing Tracking Technologies

Zoombo does not use profiling tracking technologies, so there are no settings to manage for such purposes. However, you can control how third-party analytics tracking technologies (Firebase Analytics, Apple Analytics) collect your data:

• Firebase Analytics: You can opt out of data collection by Firebase Analytics by adjusting your device settings. On Android, go to "Settings > Google > Ads" to reset your advertising ID or opt out of personalized ads. On iOS, go to "Settings > Privacy > Tracking" to disable tracking. You can also contact us at contact@zoombo.ai to request that we stop processing your data for analytics purposes. Data collected before your opt-out will still be processed.
• Apple Analytics: On iOS devices, you can manage Apple's analytics by going to "Settings > Privacy > Tracking" and disabling tracking for Zoombo. You can also reset your IDFA in the same menu.

Essential tracking technologies, such as Firebase Crashlytics, are necessary for the app to function and cannot be disabled. However, if you wish to opt out of further processing of your data collected through first-party analytics (if any), you can contact us at contact@zoombo.ai.

For more details on your rights regarding data collected through tracking technologies, please refer to Section 4 ("Your Rights").

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, we're here to help. Please reach out to us at:

Email: contact@zoombo.ai

We will do our best to respond to your inquiries promptly and address any issues you may have.