This Privacy Policy (hereinafter referred to as “This Policy”) aims to clarify the relevant rules for the Flick Software (hereinafter referred to as “This Software”) operators (hereinafter referred to as “Operators”) to collect, use, store, share, and protect users‘ personal data, in accordance with the International General Data Protection Principles (including but not limited to the GDPR, CCPA related principles), to protect users‘ personal data security and legitimate interests. Users should carefully read and fully understand all the terms of this Policy before downloading, installing, or using any feature of this Software, and once users begin using this Software, they are considered to have accepted all content of this Policy and are voluntarily subject to this Policy. If users do not agree to any terms of this Policy, they should immediately stop downloading, installing, and using this Software.
1. Definition and scope
1.1 Core Definitions
1.1.1 Personal Data: Means any information related to an identified or identifiable natural person, including but not limited to account information, device information, usage records, etc., in accordance with the international data protection relevant regulations’ definition of personal data.
1.1.2 Operator: Means the entity responsible for the development, operation and maintenance of this Software, taking full responsibility for the collection and processing of personal data.
1.1.3 Users: Means natural persons who download, install and use this Software, voluntarily accept the constraints of this Policy, and enjoy the relevant rights stipulated in this Policy.
1.2 Applicability Scope
1.2.1 This Policy applies to all processing activities by the operator for the collection, use, storage, and sharing of the user‘s personal data during the user‘s use of all functions of this Software (including but not limited to the Movie, Music, News, AI Chat, and other detailed sections).
1.2.2 This Policy does not apply to third-party links, third-party services and third-party applications. The third-party processing of users‘ personal data is solely the responsibility of the third-party and is independent of the operator.
2. Scope and manner of personal data collection
2.1 Scope of Collection
2.1.1 Required Personal Data: To ensure the proper operation of this Software, the Operator collects only the necessary personal data of the user, including account registration information (e.g., email), device basic information (e.g., device model, operating system version).
2.1.2 Non-essential Personal Data: Information that users can voluntarily provide when using specific features of this Software, including but not limited to browsing preferences, AI chat records, users can refuse to provide at any time without affecting the use of the underlying functionality of the Software.
2.2 Methods of Collection
2.2.1 Active Collection: Personal data that users voluntarily fill in and submit when registering and using certain features, such as email information when registering an account.
2.2.2 Automatic Collection: This Software automatically collects user device information and usage records (such as browsing history, feature usage duration) during user use to optimize the service experience, following the “minimum necessary” principle.
2.2.3 Third-party collection: Operators do not actively collect user personal data through third-party channels. If users log in to this Software through a third-party account, the relevant data is provided by the third party. Operators obtain only the necessary information and follow the third-party data authorization rules.
3. Purposes and Rules for Use of Personal Data
3.1 Usage Purposes
3.1.1 Ensure that the Software works properly: Used for account verification, device adaptation, troubleshooting, ensuring the stable availability of each functional module of this Software.
3.1.2 Optimize the service experience: Based on user usage history, optimize the software interface, feature layout, and push content that meets user preferences (non-forced push, user-opt-out).
3.1.3 Fulfillment of Service Commitments: Used to respond to user inquiries, handle user complaints, ensure user access rights, and improve service efficiency.
3.2 Usage Rules
3.2.1 Operators will only process the user‘s personal data within the scope of the purposes of use stipulated in this Policy, and may not make arbitrary use beyond the scope stipulated.
3.2.2 Without the explicit consent of the user, the operator may not use personal data for other purposes not stipulated in this Policy, such as commercial promotion, advertising delivery, etc.
3.2.3 Operators will take reasonable measures to ensure the accuracy, completeness, and timely update or deletion of invalid data.
4. Storage and security of personal data
4.1 Storage Rules
4.1.1 Location of storage: User personal data is stored on international compliance servers that meet international compliance requirements for data storage.
4.1.2 Storage Period: Operators will only store user personal data for the minimum period required to fulfill the purposes of this Policy agreement. After the period is exceeded, the data will be automatically deleted or anonymized.
4.1.3 Storage method: AES-256 encrypted storage technology is used to encrypt the user‘s personal data to prevent data leakage and tampering.
4.2 Security Protection Measures
4.2.1 Technical Protection: Operators adopt technical measures such as firewalls, data encryption, and access control to establish a comprehensive security protection system to prevent personal data from being leaked, lost, tampered with, and misused.
4.2.2 Management Protection: Operators establish strict internal management systems, limit employees‘ access to personal data, allow only authorized personnel access to users‘ personal data, and conduct regular data protection training for employees.
4.2.3 Emergency Handling: If a security incident such as a personal data leakage or loss occurs, the operator will immediately initiate an emergency plan, take corrective measures, and promptly notify the affected users.
5. Personal Data Sharing and Disclosure
5.1 Sharing Rules
5.1.1 Operators are not permitted to share user personal data with any third party without the explicit written consent of the user.
5.1.2 To ensure the proper operation of the Software, operators may share necessary anonymized data (unable to identify users) with third-party partners providing technical support and server services, and require the third parties to comply with the relevant requirements of this Policy and take responsibility for data protection.
5.2 Disclosure Rules
5.2.1 Operators will only disclose user personal data in accordance with the requirements of relevant international laws and regulations, including but not limited to responding to legitimate requests from judicial and regulatory authorities.
5.2.2 When disclosing user personal data, the operator will take reasonable measures to limit the scope of disclosure, provide only necessary personal data, and protect users‘ legitimate rights and interests.
6. User Data Rights and How to Exercise them
6.1 Core User Rights
6.1.1 Access rights: Users have the right to access their personal data and inquire about the collection, use, storage, and sharing of personal data.
6.1.2 Correction Right: When users discover that personal data is inaccurate or incomplete, they have the right to request the operator to correct and supplement the relevant data.
6.1.3 Right to delete: Users have the right to request the operator to delete their personal data, and the operator will delete it within a reasonable period after receiving the request, unless otherwise required by law and regulations.
6.1.4 Right to withdraw consent: Users have the right to withdraw their consent to the collection, use, and sharing of their personal data, without affecting the legal processing of the data based on previous consent.
6.2 Practice
6.2.1 Users can submit data rights exercise requests through the contact mailbox stipulated in this Policy, providing valid authentication information, which the operator will respond to within a reasonable period of time after receiving the request.
6.2.2 The operator will keep the user‘s authentication information confidential and only use it to process the user’s data rights requests, not for other purposes.
7. Policy Updates and Notifications
7.1 Policy Updates
7.1.1 Operators have the right to modify and improve this Policy in accordance with international data protection regulations updates and business development needs, and the modified Policy will be made public within this Software.
7.1.2 After this Policy is updated, users continue to use this Software as if accepting the modified Policy; if users do not agree to the modified Policy, they should immediately stop using this Software.
7.2 Notification Methods
7.2.1 Notification regarding updates to this Policy, data security events, and user rights. Operators may notify users through pop-ups, emails, and other means within this Software, and users should pay attention promptly.
8. Dispute Resolution and Contact Methods
8.1 Dispute Resolution
8.1.1 The establishment, execution, interpretation, and dispute resolution of this Policy are governed by the international commercial and civil law guidelines.
8.1.2 Any disputes arising from this policy between the parties should first be resolved through friendly negotiation; if negotiation fails, any party has the right to bring a lawsuit to the courts with jurisdiction where the operating party resides.
8.2 Contact Information
8.2.1 Users who have questions, complaints, suggestions, or need to exercise their data rights during the use of this Software may contact the operator via the following email address: tangangruo@outlook.com.
8.2.2 The operator will respond to and process the user’s contact within a reasonable period of time after receiving it, to safeguard the user’s legitimate interests.
This policy is effective from the date users begin using this software, with the final interpretation left to the operator.