This product is provided by Neyonika Phular, Data Protection Officer(DPO) can be reached at support@simeng.org. We attach great importance to protecting the privacy of our users (or "you"), and we are committed to respecting and protecting the personal information we collect.
The data controller is Neyonika Phular
HITPAW has appointed an EU representative in accordance with the Regulation No. 2016/679 on the protection of natural persons with regard to the processing of Personal Data (the “GDPR”). You can contact the designated EU representative of HITPAW by reaching support@simeng.org.
This Privacy Policy explains how we collect, use, store, share and otherwise process your personal information when you use our products. This Privacy Policy will help you understand the followings:
Ⅰ. How we collect and handle your information, and what information we collect from you
Ⅱ. How we store ,protect and transmit your information
Ⅲ. How we share, transfer and disclose your personal information
Ⅳ. How you shall manage your personal information
Ⅴ. How we handle the personal information of minors and children
Ⅵ. Permissions of users in different regions for their personal information
Ⅶ. How the Policy will be updated
Ⅷ.AI Data Processing and Third-Party Services
Ⅸ. How to contact us
Ⅰ. How we collect and handle your information, and what information we collect from you
1. The personal information we may need to collect and use about you regarding your use of our product includes the following two circumstances:
a. In order to provide you with the basic features of our product, we may need your permission to collect and use the necessary information. In the event that you refuse to provide the corresponding information, you will not be able to have proper access to or use our product.
b. In order to provide you with additional features of our product, you may have the option of accepting or refusing to provide us with certain information about yourself, and the type and scope of personal information collected for the basic features and additional features may differ. If you refuse to provide us with such information, you will not be able to use the additional features or reach the desired results, but this will not prevent you from using the basic features.
2. The specific scenarios in which we collect and use your information for functional purposes:
a.Using our products
When you use our products/services, depending on the different types of products, we may request different permissions and collect different data. In general, if you use our products, we will collect your basic information and device information. We may use this collected information to match corresponding features, modify the appearance or functionality of the product, or develop new features based on the analysis of this data.This information is collected anonymously, and we cannot identify you through this information.
We collect information about your use of the product and how you use it, including but not limited to startup data, feature usage, interface clicks, login information, operation log information, access dates and times, duration of product usage, file sizes and formats you work with, crash data, and installation data. Additionally, during installation, we collect installation information such as device type, device hardware model, device operating system, version used, and product serial number, etc.
Please understand that when you switch the software product to run in the background, due to device models and system reasons, the information collection activities related to the product features you previously used may not stop immediately, resulting in brief background information collection activities.
We process Product Usage Data and Product Installation Data so that we can facilitate, evaluate, and verify your use of our products and services. We will also use the Product Usage Data for our own internal statistical and analytical purposes, and to evaluate and enhance users' experience of the Products by identifying customer preferences and analyzing crash data. If you want to cancel the aforementioned purpose, you can contact us through customer service or online forms on our websites.
a.1. What face data does the app collect?
Our app may temporarily process user-submitted photos or videos that contain a person's face in order to provide AI-powered enhancement, restoration, animation, or transformation features.
The app may detect and process general facial features such as:
Face presence and face location within the image/video
Facial landmarks (e.g. eyes, nose, mouth position)
Head orientation and expression cues
Image quality attributes necessary for enhancement (blur, lighting, resolution)
The app does not collect or store biometric identifiers, face templates, facial recognition data, or data used to uniquely identify a person.
a.2. Provide a complete and clear explanation of all planned uses of the collected face data.
Face-related data is used solely to provide the core functionality requested by the user, including:
AI photo enhancement
Face restoration in old/blurry photos
AI video generation or animation effects
Portrait beautification or retouching
Face alignment for accurate visual processing
Improving output quality (lighting, clarity, sharpness)
Face data is processed only after the user uploads media and initiates a feature.
The app does not use face data for:
Identity verification
Facial recognition
Advertising targeting
User profiling
Analytics unrelated to requested processing
a.3. Will the face data be shared with any third parties? Where will this information be stored?
Face data is not sold or shared with advertisers.
If third-party cloud processing providers are used, media may be securely transmitted to trusted infrastructure partners solely for processing requested AI features.
Examples may include:
Cloud hosting providers
GPU compute providers
Secure storage/CDN providers
All vendors are contractually required to process data only on our behalf and maintain confidentiality and security.
Data is stored on secure encrypted servers located in compliant cloud infrastructure regions.
a.4. How long will face data be retained?
Uploaded photos/videos and related temporary face-processing data are retained only as long as necessary to complete the requested service.
Typical retention:
Temporary processing cache: automatically deleted within 24 hours
Generated outputs: Valid for 7 days
Failed/unfinished tasks: automatically deleted shortly after processing
We do not retain face data longer than necessary.
a.5. Where in the privacy policy is the app's collection, use, disclosure, sharing, and retention of face data explained? Identify the specific sections in the privacy policy where this information is located.
This information is described in our Privacy Policy under the following sections:
Information We Collect
Please see Chapter Ⅰ
How We Use Your Information
Please see Chapter 二
Sharing of Information
Please see ChapterⅣ
Data Retention
Please see Chapter Ⅳ
Security Measures
Please see Chapter Ⅰ .8
Biometric / Face Data Statement
Please see Chapter Ⅰ .8
a.6. Quote the specific text from the privacy policy concerning face data.
You can add the following exact wording into your Privacy Policy and submit to Apple:
Face Data and Biometric Information
Our app may process photos or videos uploaded by users that contain human faces in order to provide AI-powered editing, enhancement, restoration, animation, or transformation features.
We may temporarily analyze general facial characteristics such as facial position, landmarks, orientation, and expression cues solely for generating requested outputs.
We do not collect, create, store, or use biometric identifiers, face recognition templates, or any data used to uniquely identify an individual.
Face-related data is never sold or shared with advertisers.
Uploaded media is retained only for as long as necessary to complete the requested service and is automatically deleted according to our retention schedule.
If third-party service providers assist with processing, they do so solely on our behalf under confidentiality and data protection obligations.
b. Logging in
When you visit or use our products,You can either create an account or log in with your Apple ID or Google ID to access all the features of the product. When you create an account, you will need to provide your email address.We use Account Data to help you to create an account (WSID) and keep a record of your product license (that is, authenticating and periodically verifying your licensing rights in the product for anti-piracy purposes) and to enable the provision of maintenance or support services to you.
c. Customer service and dispute handling
When you contact us or submit a request for resolution of an ongoing sale, after-sales, or dispute, we may require you to provide the necessary personal information to verify your identity in order to ensure the security of both your account and our system. In order to easily reach you, help you with the problems in a timely manner, or to keep records of the solutions and results of such problems. We may archive your records of your communications, correspondence/calls and related content (including account information, address, email address, other contact information and other information you provide to prove the relevant facts) with us. We may also use other information about you to provide customer service and to improve the quality of said service, including information you provide when you contact customer service and information you send to us in response to a survey.
d.Transaction and payment
When you make payment transactions for our products, App Store/Google Play collects various payment information from you. The specific information collected is ultimately determined by App Store/Google Play's policies. We ultimately receive the following from App Store/Google Play: your country/region, the type of product you purchased, the amount paid in your local currency, and the order number.
We shall use the transaction and payment information to determine your subscription eligibility, grant you access rights, and such information will be recorded in our internal financial records. We do not collect or process data regarding your payment instruments, such as credit card numbers, bank account numbers, or PayPal account details. This information is collected, processed, and stored exclusively by our qualified payment processors.
e.Using Product Features
We leverage artificial intelligence (hereinafter referred to as “AI”) model technology to provide services including, but not limited to, video and image enhancement, restoration, optimization, as well as text-to-video, image-to-video, and digital human generation services (collectively referred to as “AI Services”). We adhere to the principle of data minimization and collect and process only the data necessary to provide AI generation and processing services. All data processing activities are based on your voluntary actions and express instructions, and will not be used for model training, algorithm optimization, or any purposes unrelated to the services you have requested.
To provide you with higher-quality service and processing results, we analyze, process, and generate the text, images, audio, video, and related instructions that you voluntarily upload, input, or select (collectively referred to as “User Content”), and deliver the corresponding generated results to you.
For certain features (e.g., “Digital Human”), we may need to analyze materials containing facial information. Please rest assured that we do not extract, store, or create any form of facial recognition templates or feature databases. To generate the requested effects, we may upload the relevant materials to our secure cloud server for processing. We do not share your facial materials or recognition features with any third parties. Such processing is strictly limited to achieving the functionality and effects you requested, and will not be used for identity verification or authentication purposes. Our processing employs encrypted transmission and secure computing measures to protect your data, and we implement access control, least-privilege design, and logging to prevent unauthorized access, disclosure, alteration, or data loss.
We retain User Content and the final generated results only for the purposes of service generation and short-term review. Unless you choose to save them separately, the system will automatically delete all related data and cached records seven (7) days after processing. This retention period is solely to allow you to review your history or download results. After seven (7) days, all relevant data will be permanently deleted and will not be stored or backed up in any form.
When you use certain features, we may request access to specific device permissions as necessary to provide the corresponding functionality. For example:
Photos/Media Access: To import or save your videos, images, and other media files when using editing or upload features;
Camera Access: To record videos;
Microphone Access: To record audio or enable voice recognition, voice interaction, or related features;
Storage Access: To read and save edited videos, draft files, and downloaded materials;
Notification Access: To deliver service updates and activity notifications.
We will request permissions only to the extent necessary to provide the relevant functionality and will obtain your express consent before accessing them. You have the right to choose whether to grant permission. If you refuse to grant a permission, certain features may not function properly, but this will not affect your ability to use other core features of the product. You may manage or revoke permissions at any time through your device settings. Once revoked, we will no longer access or use the corresponding information.
f.Other contents
You may provide feedback or reviews about our products on the software store's comment section or other public platforms. We will use the comment data to improve our products. We may use the comments (with your relevant information) you post for marketing purpose to provide the consumers and potential consumers with our product information, and for others to better understand and use our products.
During your usage of our product, we may show you ads for Hitpaw products and services that we think may interest you. If you want to cancel the aforementioned purpose, you can contact us through customer service or online forms on our websites.
From time to time, we may contact our customers directly by mail, email, or telephone to inform you about upgrades, new products, promotions, or special offers that you told us you were interested in receiving. If you want to cancel the aforementioned purpose, you can contact us through customer service or online forms on our websites.
During your usage of our product, you may provide us with your information through data collection forms or other means. We will use the provided information in accordance with the agreed-upon terms, following legal and regulatory requirements. We will not use the information for any other purpose.
3. On one hand, we need the access to the aforementioned permissions and information of you to provide you with specific services. Also, we need them for internal statistics and analysis, to analyze your use of our websites and products and understand how they are used. By doing such, we are expected to improve our products and services, as well as the user experience. If you declined to such access or disagree to our collecting of such information, you will not be able to use such features, and we will give responses to your requests and needs in a timely manner. You will not be able to use the specific service, but it will not affect your regular use of our other services.
Ⅱ. How we store, protect and transfer your information
We will determine different retention periods according to the type of information, the purpose for which we use the information, and the period required to fulfill the purposes described in the Policy, unless a longer keeping time is required or permitted by applicable law.
We take reasonable measures to help protect your information from loss, theft, misuse, unauthorized access, disclosure, alteration or destruction. And please help us keep your account and personal information safe by using sophisticated passwords. Please be aware that the systems and communication networks you use to access our product may be subject to security issues in other steps beyond our control. Please understand that in the Internet industry, due to the limitations and rapid development of technology and the possible existence of malicious attacks, even if we do our best to strengthen security measures, it is not always possible to guarantee 100% security of information.
Given the global reach of our business and to provide you with continuous services on a global scale, we may transfer the data we collect about you to secure servers or data centers located outside the country/region where the data was initially collected (including the United States, European Economic Area (EEA), or Japan) for storage and/or processing. When we transfer your data to countries/regions outside the country where the data was initially collected, we will protect the data in accordance with the explanations provided in this privacy policy and comply with applicable legal requirements to ensure adequate data protection.
III. How we share, transfer and disclose your personal information
In order to ensure the implementation of our product-related features and the safe and stable performance of our apps, and because some features of our products cannot be executed by us alone, we may share or entrust some of your personal information with third parties such as our partners in order to ensure the smooth implementation of our product features. You agree that we may share your personal information with affiliates that support our features, and with third parties that we integrate or access, for the purpose of providing the services to you. The support provided by these third parties includes providing us with data analysis, data storage, payment processing. Our affiliates of our features are not authorized to use your personal information for purposes other than those set forth in this Privacy Policy and the purposes set forth herein. They shall obtain your authorized consent separately if they wish to change the purposes for which personal information is processed.
You agree that, in the event of merging, separating, acquiring or liquidating, your personal information may be transferred as part of such transaction. And we will ensure the confidentiality of such information at the time of transfer, and ensure that you will be informed of the name and contact information of the recipient. And we will require the new recipient of your personal information to remain subject to this personal information protection policy, or we will require the recipient to ask for your authorized consent again. If we rely on your consent to process your Personal Data, you have the right to withdraw your consent at any time.
We may disclose all of your information for subsequent reasons: in response to a subpoena, court order, legal process, law enforcement request, legal claim, or government investigation, to protect and defend the rights, interests, and safety of the platform, our affiliates, users, or the public.
Ⅳ. How you shall manage your personal information
You have the right to access, correct, and delete the information we collect about you. If you are unable to do so, or have any questions about Personal Information we have collected and/or shared about you, or would like to withdraw your consent for our processing (i.e. entirely delete your account), please contact us at: support@simeng.org.
We will act on the User’s requests and provide information free of charge, except where the requests are manifestly unfounded or excessive (in particular because of their repetitive nature) in which case we may charge a reasonable fee (taking into account the administrative costs of providing the information or communication, or taking the action requested), or refuse to act on the request.
Ⅴ. How we handle the personal information of minors
If you are a minor, you shall use our services with obtaining prior consent of your parent or legal guardian (collectively, "guardian"). We recommend that the guardians of minors shall read this Policy carefully, and we also recommend minors to obtain guardians’ prior consent and guidance before submitting personal information in your use of our services. If you are the legal guardian of a minor, please ensure that the minor in your custody is using our products or services with your authorized consent. If you have questions about the personal information of a minor in your custody, please contact us through the means set forth in this Privacy Policy.
We are not directed to children under the age of 13 and we do not knowingly collect Personal Information from children under the age of 13. If we learn that we have collected Personal Information of a child under the age 13, we will take reasonable steps to delete such information from our files as soon as is practicable, unless we have a legal obligation to retain it. Please contact us if you believe we have any information from or about a child under the age of 13: support@simeng.org.
Ⅵ. Permissions of users in different regions for their personal information
The GDPR,Law Concerning Protection of Personal Data of Japan and other applicable data protection laws provide certain rights for data subjects. Broadly speaking you have, or may have, the right (as more fully provided in applicable data protection laws):
The right to be informed:The User has the right to be provided with clear, transparent and easily understandable information about how Hitpaw collects and uses personal data and its rights. This is the reason why Hitpaw is providing the User with the information in this privacy policy.
The right of access:The User has the right to obtain access to its Personal Data (if Hitpaw is processing it), and other certain information (similar to that provided in this privacy policy).
The right to rectification :The User is entitled to have its personal data corrected if it’s inaccurate or incomplete.
The right to erasure:This ‘the right to be forgotten’ enables the User to request the deletion or removal of its personal data where there’s no compelling reason for Hitpaw to keep using it.
The right to withdraw consent:The User has the right to withdraw a previously provided consent to processing of your personal information.
The right to object to processing :The User has the right to object, on grounds relating to its particular situation, at any time, to the processing of its personal data.
The right to restrict processing:Under certain circumstances, the User has the rights to ‘block’ or suppress further use of its personal data.
The right to data portability:to receive its Personal Data provided to Hitpaw in a structured, commonly used and machine readable format and has the right to transmit those data to another controller.
The right to lodge a complaint:to complain about our processing of your personal information to a local supervisory authority.
It is important to be aware that these rights may not be absolute. For example, if you withdraw your consent to our processing of your personal information, we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.
In the event of a data leak, we will inform the regulatory authorities and users of the leaked information in a timely manner,If you have any questions about the matters covered by this policy, please contact our Data Protection Officer at support@simeng.org.
Exercise the above rights ,you can send an email to customer service email: support@simeng.org, or fill out our request form here.
Rights regarding personal information for California residents
Pursuant to the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), California residents receive certain rights with respect to their personal information, as described below. These rights are not absolute and are subject to certain exceptions more fully set forth in the CCPA.California residents have the right not to receive discriminatory treatment from us for the exercise of the privacy rights conferred by the CCPA. California residents have the right to obtain access to its Personal Data (if Hitpaw is processing it), and other certain information (similar to that provided in this privacy policy)
California residents have the right request that businesses stop selling or sharing your personal information (“opt-out”), including via a user-enabled global privacy control. Businesses cannot sell or share your personal information after they receive your opt-out request unless you later authorize them to do so again.
Each California resident has the right to request, subject to certain exceptions described in the CCPA, that we disclose to that resident:
the categories of personal information we have collected about them,
the categories of sources from which the personal information is collected,
the business or commercial purpose for collecting or selling the personal information,
the categories of third parties with whom we have shared the personal information,
the specific pieces of personal information we have collected about them (collectively, a “Request to Know”),
California residents have the right to restrict our use Sensitive Personal Information collected about you.
In the past twelve months we have collected, and in the future we will continue to collect, the categories of personal information cited in the section entitled “The personal information we collect” above. This includes the following categories of personal information set out in the CCPA: identifiers, personal information described in Section 1798.80 of the California Civil Code, characteristics of protected classifications under California or federal law, Internet or other electronic network activity information, geolocation data, professional or employment-related information and sensitive personal information. We collect and ues this information and from the sources described in the section entitled “How we collect and handle your information, and what information we collect from you” above, and share this information with third parties as described in the section entitled “How we share, transfer and disclose your personal information” above.
We do not sell your personal information as defined under the CCPA or share your personal information for cross-contextual behavioral advertising purposes and we do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age. We do not use or disclose sensitive personal information for purposes other than those permitted purposes specifically identified in the CCPA and its implementing regulations.
Right to request deletion of personal information
Each California resident has the right to request the deletion of their personal information that we collect or maintain (a “Request to Delete”), subject to certain exceptions set forth in the CCPA.
Process for verifying requests of California residents
Each California resident has the right to request the correction of any inaccurate personal information that we maintain (a “Request to Correct”), subject to certain exceptions set forth in the CCPA.
To make the aforementioned Request ,you can send an email to customer service email: support@simeng.org, or fill out our request form here.
Process for verifying requests of California residents
In order to protect your privacy and security, prior to completing any Request to Know, Request to Delete or Request to Correct that you may submit, we must verify your identity. We will verify your identity by asking you to provide certain data that we have already collected from you to confirm that they match our records. In certain instances, additional verification steps may be required.
Authorized agents
California residents have the right to designate an authorized agent to make a request under the CCPA on their behalf. Prior to completing a request made by such an authorized agent, we require that you provide your authorized agent with written permission to submit such a request and require that you or your authorized agent provide us with a copy of such written permission. Additionally, we require that you verify your identity pursuant to the procedure described above.
Keeping personal information
Your personal information will be retained in accordance with our Data Privacy Policy.
We retain personal information of different types, or relating to different categories of people, for different periods, taking into account its business purpose. For example, information about individuals who have applied for employment with us will be retained for a shorter period than information about individuals who have actually worked for us.
The periods for which we retain information are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used. We take into account legal and regulatory provisions which require information to be retained for a minimum period. We also consider the limitation periods for taking legal action and good practice in the legal industry.
If you have any questions on the matters covered in this policy, you can send an email to customer service email: support@simeng.org.
Changes to our privacy policy
We regularly review this Privacy Policy and may make changes as our services or privacy practices change, or as required by applicable laws or regulations. Future versions of our Privacy Policy will be available on our website. We encourage you to review this Privacy Policy periodically to be informed of how we use your personal information.
Ⅶ. How the Policy will be updated
We may update this Privacy Policy from time to time. When we update the Privacy Policy, we will notify you by updating the “Last Updated” date at the top of the new Privacy Policy, posting the new Privacy Policy, or providing any other notice required by applicable law. We recommend that you review the Privacy Policy each time you use the product to stay informed of changes to our privacy policy. If you do not agree to the effective changes, you shall stop accessing or using our product on the effective date determined by the changes, and the changes shall have no effect on you. If you continue to access or use our product after the effective date of the changes, you shall be deemed to have agreed to the effective changes.
Ⅷ.AI Data Processing and Third-Party Services
To provide AI-powered features such as image generation, video generation, animation, and content enhancement, we may securely transmit user-submitted content to trusted third-party AI service providers for processing.
These providers are used solely to complete the services requested by the user.
Third-Party AI Providers We Use
1. Kling AI (Kuaishou Technology)
Used for AI video generation and creative content processing.
Privacy Policy:
https://www.klingai.com/privacy-policy
2. Seedance 2.0 / ByteDance AI Services
Used for AI image/video generation and intelligent processing.
Privacy Policy:
https://www.bytedance.com/en/privacy
Data That May Be Processed
When using AI features, the following data may be transmitted securely for processing:
Uploaded photos
Uploaded videos
Text prompts or instructions
Selected styles/templates
Technical metadata required to complete generation requests
We do not sell user personal data.
Purpose of Data Use
Your data is processed only for:
Generating requested AI results
Enhancing output quality
Processing rendering requests
Improving service stability and fraud prevention
User Consent
Before any data is transmitted to third-party AI providers, users are informed within the app and asked for consent.
By continuing to use AI generation features, you authorize such processing.
Data Retention
We retain submitted data only for as long as necessary to:
Complete requested generation tasks
Provide customer support
Meet legal obligations
Expired temporary content may be automatically deleted.
Security Measures
We require our third-party providers to maintain privacy protections equal to or stronger than industry standards.
All transmissions are encrypted where applicable.
Facial Data (If Applicable)
If users upload portrait or face photos:
Facial data is used only to generate requested content.
Facial data is not used for identity recognition.
Facial data is not sold or used for unrelated advertising purposes.
Ⅸ. How to contact us
If you have any questions, inquiries, opinions, suggestions or complaints regarding the Policy or personal information protection, you can reach us by means of:
sending an E-mail to: support@simeng.org