StudioWeb

# SenseAR Effects SDK Privacy Policy

Update date【2022年03月11日】

Effective date【2021年03月11日】

SenseAR Effects is an image processing software development kit provided by Beijing Mianbaitang Intelligent Technology Co., Ltd. and its affiliates (hereinafter referred to as "Mianbaitang" or "we") to developers (hereinafter referred to as "We"). called "SenseAR EffectsImage Processing SDK**"). After developers integrate the SenseAR Effect Image Processing SDK** in their mobile applications, they can use the SenseAR Effects Image Processing SDK** to provide end users of their mobile applications (hereinafter referred to as "End Users") ) when providing image processing and face beautification, entrust the SenseAR Effects SDK to process the developer's mobile application-related data information, which may include the personal information of the developer's mobile application end users (hereinafter referred to as "end users"). We understand the importance of personal information and will do our best to protect the personal information of end users. We will abide by the requirements of national laws and regulations, and abide by the principles of consistent rights and responsibilities, clear purpose, choice and consent, least enough, enough openness and transparency, ensuring security, and subject participation. In order to protect the personal information of end users, the "SenseAR Effects Image Processing SDK Privacy Policy" (hereinafter referred to as "this policy") is specially formulated。

Special Note:

**If the developer integrates and uses the face security capture SDK service in its mobile application, the developer should undertake to: **

(1) Comply with all applicable laws, policies and regulations related to the collection and use of personal information of end users, and protect the security of personal information of end users;

(2) Notify end users in a prominent position of the product or in other ways that can reach end users (including but not limited to: providing a link where end users can browse this privacy policy in a prominent place in the product privacy policy), using SenseAR in the product Effects image processing SDK services, and the collection, use and protection rules of SenseAR Effects image processing SDK for end-users necessary personal information (namely this Privacy Policy), and obtain end-users for SenseAR Effects image processing SDK to collect and use related personal information The full, legal, and ongoing license consent for the use of the SenseAR Effects Image Processing SDK.

(3) Provide end-users with an easy-to-operate mechanism for accessing, correcting, and deleting their personal information, revoking or changing their authorization consent, and canceling their personal accounts, and other end-user rights realization mechanisms.

  • We hope that the products of developers who use the SenseAR Effects image processing SDK service will collect and use the personal information of end users in a legal and compliant manner. We will conduct technical testing and behavior audits on such partners or service providers from time to time. And require it to follow a cooperative legal agreement to ensure that it collects and uses data in accordance with laws, regulations, and contracts to the greatest extent possible, but we do not understand and cannot control any developers and how their products use end users' personal information, so nor responsible for its actions.

  • Before using the SenseAR Effects image processing SDK services, developers should obtain the authorization and consent of the end user for image capture in accordance with applicable laws, regulations and regulatory requirements, otherwise please do not use the SenseAR Effects image processing SDK. The image processing SDK service only collects, stores and uses relevant data in accordance with the laws and regulations of the People's Republic of China. The developer should only use the SenseAR Effects image processing SDK in the mainland of the People's Republic of China (excluding Hong Kong, Macao and Taiwan). Other countries and regions outside the scope use the SenseAR Effects image processing SDK, resulting in any form of appeal, appeal and complaint, etc., the developer shall be fully responsible and properly resolved, and shall compensate us for all the resulting loss.

  • This Policy does not apply to those services provided by third parties that apply third party privacy policies that are displayed on, linked to, or repackaged from our Services. Although third parties display, link to, or repackage our Services, we do not understand or control their actions and are therefore not responsible for their actions. Developers and end users are advised to access or use their services with caution before reviewing and accepting their privacy policies.

  • The service content of the SenseAR Effects image processing SDK obtained by the end user is selected by the developer according to their product needs, which may vary due to the different developer products used by the end user. Personal information that the SenseAR Effects image processing SDK may obtain Depends on the specific type/version of the developer's product used by the end user and the functionality used by the end user. If some of the developer's products do not cover certain service content or do not provide specific functions, the content of this policy involving the above services/functions and related personal information will not apply. [z1]

**Developers and end users are requested to read this policy carefully, and use the SenseAR Effects image processing SDK service after confirming full understanding and agreement. **At the same time, we recommend that end users carefully read the developer's product-related privacy policy, and use the developer's product after confirming that they fully understand and agree with how they collect and use the end user's personal information.

This Privacy Policy will help developers and end users to understand the following: (If end users have any questions, comments or suggestions, end users can contact us through the contact information in Section X of this policy)

I. Scope of application of this policy

II. How we collect and use personal information of end users

III. We store personal information of end users

IV. We share, transfer and publicly disclose personal information of end users

V. How we protect the personal information of end users

VI. Rights of end users

VII. Protection of Personal Information of Minors

VIII. Changes and Amendments to this Policy

IX. How to contact us

X. Effectiveness of this Policy

# I. Scope of application of this policy

This policy applies to developers and end users who use the SenseAR Effects image processing SDK services.

It should be noted that this policy does not apply to services provided by other third parties.

We may develop specific service or product privacy policies, statements, notices, etc. (hereinafter referred to as "specific policies") for specific online or offline services or products. In the case of other specific policies that have special provisions, these specific policies shall prevail; for those not covered by these specific policies, this policy shall prevail.

# II. How we collect and use personal information from end users

We follow the principles of legality, legitimacy, necessity and good faith to collect and use the personal information of end users. Specifically, we process the personal information of end users for the purpose of providing corresponding business functions and services for end users.

When the end user uses the developer's product, we will collect and use the personal information necessary to provide related services in the following ways; if the end user does not use this function, we will not collect the corresponding information.

Personal Information Involved in Using the SenseAR Effects Image Processing SDK Service

In order to ensure the normal operation of software and services, as well as to protect the information security of end users, we will collect the device id of end users, which is the basic information we must collect to provide services and ensure the normal operation of products. It is mainly used to encrypt activation codes. , to prevent the activation code from being used by multiple machines.

# III. How we store personal information of end users

  1. Shelf life

We will save the personal information of end users for the necessary period of time required to provide services, but laws and regulations have other provisions on the storage period, and end users agree to keep the personal information for a longer period to ensure the safety and quality of services, achieve the purpose of dispute resolution, technical In the event that the above-mentioned storage period is difficult to achieve, we will extend the storage period in accordance with the law, in accordance with the contract or within a reasonable range after the expiration of the aforementioned storage period. After the retention period has expired, we will delete or anonymize the end user's personal information as required by applicable law.

Note: Anonymization processing refers to the process of technical processing of personal information, so that the subject of personal information cannot be identified or associated, and the processed information cannot be recovered.

  1. Save the area

Personal information we collect and generate in the People's Republic of China will be stored in the People's Republic of China.

If we stop providing related services, we will promptly stop the collection of personal information of end users, and will notify you of the cessation of operations in the form of announcements. At the same time, delete or anonymize the personal information we store.

  1. Safety measures

(1) We will collect, use, store and transmit end-user information in accordance with mature security standards and specifications in the industry, and inform end-users of the purpose and scope of the use of relevant information through the privacy policy.

(2) We will take appropriate industry-standard security measures and technical means to store and protect end-users' personal information to prevent end-users' information loss, unauthorized access, public disclosure, use, Modified, damaged, lost or leaked. We take all reasonably practicable steps to protect the personal information of end users.

(3) We remind end users to note that when interacting with other end users through social software, emails, text messages, etc. embedded in the developer's products, we cannot ensure that the transmission of information by third-party software is completely encrypted and that the end user's personal Information security.

# IV. How do we share, transfer and publicly disclose personal information of end users

(1) SHARE

We do not share personal information of end users with any companies, organizations and individuals, except in the following cases:

  1. With the express consent of the end user, we will share the personal information of the end user with other parties.

  2. We may share the personal information of end users externally in accordance with laws and regulations, the need for litigation and dispute resolution, or as required by administrative and judicial authorities in accordance with the law.

  3. To the extent permitted by laws and regulations, in order to protect us, our affiliates or partners, end users or other end users or the public interest, property or safety from harm to us, it is necessary to share the end user's personal information.

  4. **Shared with our affiliates. We may share personal information of end users with our affiliates in order to facilitate our provision of services to end users. However, we will only share necessary personal information, and the use of personal information of end users by affiliates is subject to this policy, or an affiliate policy that has been authorized and agreed by the end user and provides substantially the same level of protection to the personal information of this policy as this policy. constraints. We and our affiliated companies will strictly abide by the personal information and data security protection systems and policies of Mianbaitang Technology. **

(2) TRANSFER

We will not transfer personal information of end users to any other company, organization or individual, except in the following cases:

  1. Obtain the explicit consent or authorization of the end user in advance;

  2. Provided in accordance with applicable laws and regulations, requirements of legal procedures, mandatory administrative or judicial requirements;

  3. Provided in accordance with relevant agreements signed with end users (including electronic agreements signed online and corresponding platform rules) or other legal documents;

  4. **As our business develops, we and our affiliates may enter into mergers, acquisitions, asset transfers or other similar transactions. If the relevant transaction involves the transfer of end users' personal information, we will require companies, organizations and individuals that newly hold end users' personal information to continue to be bound by this policy, otherwise we will require the companies, organizations and individuals to re-obtain the end users' personal information. Authorized consent. **

(3) Public disclosure

We will only publicly disclose personal information of end users in the following circumstances:

  1. After obtaining the explicit consent of the end user;

  2. Disclosure based on law: We may publicly disclose the personal information of end users when required by law, legal process, litigation or government authorities.

# V. How we protect the personal information of end users

  1. We attach great importance to the security of end users' personal information, and have taken industry-standard security measures to protect the personal information provided by end users to prevent unauthorized access, public disclosure, use, modification, damage or loss of data. We will take all reasonably practicable steps to protect the personal information of end users.

    1. Mianbaitang Technology has set up a special person in charge of personal information protection, who is responsible for handling various matters that may involve the personal information of end users in related products and services of Mianbaitang Technology, as well as planning and formulating company policies and reviewing the end users of each product. Use the agreement, supervise the working principle and information processing mechanism of each product, etc.

    2. We carried out the classification of information security level protection, established a security management system covering the host, data, application, management and other levels, established the Information Security Management Committee and the Information Security Executive Committee, and established the System Platform Department for product security management. The functional departments of the work have clarified the responsibilities, division of labor and skill requirements of various departments and positions in the safety management organization, and have formulated clear management norms for personnel recruitment and resignation. [2]

    3. We will encrypt the transmission and storage of identifiable personal sensitive information, and the encryption strength meets the security requirements to ensure the confidentiality of the data. Our application system provides functions such as identity authentication, end-user identification uniqueness check, role-based access control, etc., and sets the maximum number of concurrent session connections, which can detect and alarm when the system service level drops to a pre-specified minimum value. We deploy an access control mechanism on the server side, adopt the principle of least sufficient authorization for staff who may have access to the personal information of end users, and regularly check the list of access personnel and access records. Our server operating system and database system passwords have complex requirements. We use the SSH security protocol for remote management, strictly limit the access rights of the default accounts, and modify the default passwords. The audit records are comprehensive and cover all end users. [3]

    4. The server systems where we store personal information of end users are all security-hardened operating systems. We will perform account auditing and monitoring of server operations. If we find a server operating system with security problems announced externally, we will upgrade the server security as soon as possible to ensure the security of all server systems and applications.

    5. We regularly hold trainings on laws and regulations related to personal information protection for staff to strengthen the staff's awareness of end-user privacy protection.

    6. We have formulated a contingency plan for cyber security incidents and allocated sufficient resources to ensure the implementation of the contingency plan. We conduct training and emergency drills on emergency plans every year. If our physical, technical or management protection measures are unfortunately damaged, we will launch emergency plans in a timely manner to prevent the expansion of security incidents, report to the competent national authorities in accordance with the requirements of laws and regulations, and promptly adopt reasonable and effective means such as push notifications and announcements to inform The end user informs the basic situation of the security incident, the possible impact, the measures that have been taken or the measures to be taken, etc.

# VI . Rights of end users

During the end user's use of the SenseAR Effects image processing SDK service, the end user can access and manage the end user's personal information in the following ways:

(1) Deletion of personal information of end users

The end user may request us to delete the personal information of the end user in the following situations:

  1. We have illegally collected personal information of end users without seeking the consent of end users.

  2. Our handling of personal information of end users violates legal and regulatory requirements.

  3. We use and process personal information of end users in violation of our agreement with end users.

  4. End users no longer use our products or services.

  5. We discontinue service to end users.

If the deletion of other information is also involved, the end user can contact us through the methods provided in Section 10 of this policy to request the deletion of the end user's personal information, and we will reply within 15 working days. When we delete the personal information of end users from the server, we may not delete the corresponding data from the backup system immediately, but will delete the information when the backup is updated.

# VII. How we handle children’s personal information

Our products and services are primarily for adults. Children under the age of 14 may not use our products or services without the consent of a parent or guardian.

For the collection of children's personal information with parental consent, we will only use or publicly disclose this information as permitted by law, expressly consented by a parent or guardian, or necessary to protect the child.

If we discover that we have collected personal information from a child without first obtaining verifiable parental consent, we will try to delete the relevant data as soon as possible.

# VIII. Changes and Amendments to this Policy

Our personal information protection policy is subject to change. We will not limit the rights of end users under this policy without the express consent of end users.

We will provide prominent notices of material changes to this policy. End users can also browse the developer products to view the latest policies at any time.

Material changes referred to in this policy include, but are not limited to:

  1. Significant changes to our service model. Such as the purpose of processing personal information, the type of processing personal information, the way of using personal information, etc.;

  2. Significant changes in our control, etc. Such as changes in owners caused by mergers and acquisitions, etc.;

  3. The main object of personal information sharing, transfer or public disclosure has changed;

  4. The rights of end users to participate in the processing of personal information and their exercise methods have undergone major changes;

  5. When our responsible department responsible for handling personal information security, contact information and complaint channels change;

  6. When the personal information security impact assessment report indicates that there is a high risk.

The end user's continued use of our products and services after such changes and revisions will be deemed the end user's agreement to the changes and revisions to this policy.

# IX. How to contact us

Beijing Mianbaitang Intelligent Technology Co., Ltd. is the operator of the SenseAR Effects image processing SDK service and the controller of the end user's personal information. Its registered address is 0503, Floor 05, No. 10, Haidian North Second Street, Haidian District, Beijing. If developers and end users have any questions, comments, suggestions or complaints about our policies and the handling of end users' personal information, please contact us at SenseARApp.Support@softsugar.com.

In general, we will respond to requests from developers and end users within 15 working days. Please understand that due to material review, business verification, operational procedures and other reasons, the processing time for your request may be longer than the above time limit.

# X. Effectiveness of this Policy

The update date of this policy version is March 11, 2022.

SenseMARS Effects Service Agreementfects