Privacy Policy

1. Who We Are and Our Role

Data Controller:

For the purpose of data protection laws, the data controller is:

SAME JOY TECHNOLOGY PTE. LTD.
A company registered in Singapore.

If you have any questions about this Privacy Policy or our privacy practices, please contact us at: [email protected]

2. Information We Collect

We collect various types of information to provide and improve our Service to you.

3. How We Use Your Information and Our Legal Basis for Processing

We only use your personal data when the law allows us to. Below, we describe the purposes for which we use your data and the legal bases we rely on under the GDPR.

4. User-Generated Content (UGC)

As outlined in our Terms of Service, you grant us a broad license to use your User-Generated Content. From a privacy perspective, this means:

• Processing for Service Delivery:We process your prompts and generated content to provide you with the core functionality of the Service.
• Processing for AI Training:We use your UGC to train, refine, and improve the AI models that power our Service. This is essential for enhancing the quality, safety, and capabilities of the platform.
• Content Moderation:We may process your UGC to detect and prevent prohibited content as outlined in our Terms of Service.
• Your Responsibility:You are solely responsible for any personal data or sensitive information you may choose to include in your UGC. We strongly advise against using real names, personal identifiers, or sensitive personal details in your prompts or generated content.

5. Data Sharing and Third-Party Disclosures

We do not sell your personal data in the traditional sense. However, we may share your information with the following categories of third parties for specific business purposes:

• Payment Processors:To handle payments and subscriptions (e.g., Stripe, PayPal)
• Cloud & Hosting Providers:To store data and run our Service (e.g., AWS, Google Cloud)
• Analytics Providers:To help us understand Service usage (e.g., Google Analytics)
• Customer Support Tools:To manage communications with you
• Security Service Providers:To protect against fraud and abuse
• Technical Service Providers:Our global engineering and support teams who may access data to maintain and develop the Service
• Legal and Regulatory Authorities:When required by law, court order, or to protect legal rights
• Business Transfers:In connection with any merger, sale of company assets, or acquisition

When using features that integrate with third-party services (such as "Sign In with Google" or "Publish to YouTube"), you authorize data sharing according to those services' privacy policies. You can revoke such access at any time through your account settings.

6. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your own, including our primary operational base in Singapore. Our staff and third-party service providers may be located in various jurisdictions around the world, including but not limited to the United States, Europe, and Asia.

When we transfer your personal data internationally, we ensure appropriate safeguards are in place:

• Adequacy Decisions:Transferring to countries deemed to provide adequate data protection
• Standard Contractual Clauses (SCCs):Using EU-approved contracts for data transfers
• Other Safeguards:Technical and organizational measures to protect your data

By using the Service, you consent to the transfer of your data to these countries.

7. Your Data Protection Rights

Depending on your location, you may have the following rights regarding your personal data:

For All Users:

• Right to Access:Request a copy of your personal data
• Right to Rectification:Request correction of inaccurate or incomplete data
• Right to Erasure:Request deletion of your personal data (subject to certain exceptions)
• Right to Restrict Processing:Request suspension of data processing in certain scenarios
• Right to Data Portability:Request data transfer in machine-readable format
• Right to Object:Object to processing based on legitimate interests
• Right to Withdraw Consent:Withdraw consent for consent-based processing

For California Residents (CCPA):

• Right to know what personal information is collected, used, and disclosed
• Right to delete personal information
• Right to opt-out of the "sale" or "sharing" of personal information
• Right to non-discrimination for exercising privacy rights

For EU/UK Residents (GDPR):

• Right to lodge a complaint with your local supervisory authority
• Enhanced rights regarding automated decision-making and profiling

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within the timeframe required by applicable law (typically within 30 days).

8. Data Security and Retention

Security Measures:

We implement appropriate technical and organizational security measures, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Strict access controls and authentication mechanisms
• Regular security assessments and vulnerability testing
• Employee training on data protection
• Incident response procedures

Disclaimer:While we strive to protect your data, no method of transmission over the Internet or electronic storage is 100% secure.

Data Retention:

We retain your personal data only as long as necessary for the purposes described in this policy:

• Account Data:Active account duration plus reasonable period for reactivation
• User-Generated Content:May be retained longer (often anonymized) for AI training
• Payment Data:As required by financial regulations (typically 5-7 years)
• Usage and Log Data:Typically 90-180 days unless needed for security investigations
• Communications:Duration of support case plus reasonable follow-up period

9. Cookies and Similar Technologies

We use cookies and similar tracking technologies to:

• Authenticate users and prevent fraud
• Remember your preferences and settings
• Analyze site traffic and usage patterns
• Improve Service functionality

You can control cookies through your browser settings. Note that disabling certain cookies may limit Service functionality. For more information, please see our Cookie Policy.

10. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to delete that information immediately.

11. Third-Party Services and Links

Our Service may contain links to third-party websites or services not operated by us. We have no control over and assume no responsibility for the privacy practices of such third parties. We encourage you to review their privacy policies before providing any personal information.

12. Geographic Restrictions

As stated in our Terms of Service, the Service is not available to individuals located in:

• The People's Republic of China (including Hong Kong and Macau)
• The Republic of Singapore
• India
• Any jurisdiction where use would be contrary to law

If you are located in these jurisdictions, you should not access or use the Service.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification (for material changes)
• Displaying a prominent notice within the Service

Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: [email protected]

Company:SAME JOY TECHNOLOGY PTE. LTD.

For privacy-specific inquiries or to exercise your data protection rights, please include "Privacy Request" in the subject line of your email.