CamFolo Logo
CamFolo
Download on App Store

Privacy Policy

Last modified date: February 26th, 2025

Your privacy is important to us. LightFrame Labs Inc. is committed to protecting the privacy of our users ("Users" or "You"). This Privacy Policy ("this Policy") is intended to explain our practices in collecting, storing, using, managing, and protecting your user information (including your personal information) as a controller and/or business under applicable data protection laws during your use of the Camfolo application (including all its features) (our "Services").

Please note that the scope of this Policy is limited to user information (including your personal information) collected or received by Camfolo when you use the Services. In this Policy, "personal information" means any information or combination of information that can be used to identify, contact, or locate an individual in relation to the information collected. For purposes of this Policy, the term "Affiliate" means directly or indirectly controlling, controlled, or associated with LightFrame Labs Inc., any entity that is jointly controlled. For purposes of the foregoing, "Control" means ownership, directly or indirectly, of more than 50% of the published voting securities or equity or other comparable equity stake or ownership interest in such entity.

By using our services, you agree to this policy and our collection, use, processing, retention, disclosure, and sharing of your user information (including your personal information) in accordance with this policy. If you do not agree to any terms of this policy or any subsequent changes to this policy, please do not use our services.

Please note that you must provide certain categories of data (as specified at the time of collection). If you do not provide any or sufficient data marked as required, we may not be able to complete the registration process or provide our services to you. Please also note that unless we define terms in this policy, all capital terms used in this policy have the same meaning as in our Terms of Service. Therefore, please ensure that you have read and understand our Terms of Service.

If you have any questions regarding this Policy or any privacy related matters, please contact our Data Protection Officer by e-mail at [email protected] (please indicate "Camfolo" in the subject line of the e-mail) or by registered mail to LightFrame Labs Inc, 522 W RIVERSIDE AVE STE N, Spokane, WA 99201 United States (Attn: Camfolo Legal Department). Please note that for all other queries, feedback, suggestions and/or complaints not related to privacy or intellectual property infringement (including but not limited to any unsubscriptions, payment disputes, refund requests and technical support from Camfolo), you should contact us by e-mail at [email protected]. If your email is sent to the wrong email address with the wrong subject, it may cause delays or failure to properly process your request.

Information We Collect

In order to provide and improve our services, we will collect and process your personal information and user information in accordance with this policy. If you do not provide this information, we may not be able to provide you with our products or services. You should ensure that all personal information and user information submitted to us is complete, accurate, true, and correct. If you fail to provide this information, it may cause us to be unable to provide you with all or part of the services.

Account Information

When you use our services, we may recommend that you register for an account to fully utilize our services and all their features. When you create an account, we will collect the following information, which can be used to identify you or provide you with our services:

  • Required fields: Phone number, Device ID
  • Optional: Name, username, gender, date of birth, location.

Anyone can access our services, but some services require a subscription fee, such as access to our premium content and advertising privileges ("Subscription Services"). If you choose to make a purchase on our subscription services, we will collect certain personally identifiable information, such as your device ID. Third-party app stores or payment processors may receive, access, or use your financial information and billing address to process transactions and renewals. If you purchase content or sign up for subscription services through third-party app stores or payment processors, you should refer to the terms of that third party to understand how it maintains and uses personal financial information for all purchases. For the avoidance of doubt, we do not collect any of your financial information.

Mobile Device Information

When you use our services on a mobile device, we collect information about your device, including its International Mobile Equipment Identity ("IMEI"), unique Device ID ("UDID") or Android ID, Universal Unique Device Identifier ("GUUID"), IDFA ("IDFA"), vendor identifier ("IDFV"), IC card identifier ("ICCID"), Media Access Control ("MAC") address, Google Advertising ID ("GAID"), Fire IDFA ("FAI"), Open Anonymous Device Identifier (OAID), the type of device you are using, the version of the operating system, the list of mobile applications installed on your device, and the resolution. We will use this information for statistical and/or analytical reasons, including but not limited to improving our technical features, server load balancing, analyzing technical data related to your mobile device in order to optimize our services and graphics adaptation.

As described in the "Location Information" section below, we may collect your location information from your mobile device if you choose to share it with us. If you subsequently wish to stop sharing your location information, you can stop sharing it at any time by editing the relevant settings on your mobile device.

Mobile Analytics

We use mobile analytics software to better understand and improve the functionality of our services. Such software may record information such as how often you use the application, events that occur within the application, aggregated usage, performance data, and the download location of the application.

Network Information

When you use our service, we will collect the network information you use, including the operator name, network type, etc., to understand the operator and network distribution used by our users. In addition, we will also collect information such as the WiFi network name, WiFi network location, and WiFi connection duration to understand the environment in which you like to use our service.

Location Information

If you choose to share with us, we may collect location-based information from your mobile device.

  • Required: Network information, IP address, and system time zone
  • Optional: Country code, latitude and longitude, network location, system country.

This information will help us understand user distribution and usage scenarios, and enable us to provide users with the correct version of the application, reproduce the geographic location where you took photos or recorded videos, or publish real-time geographic locations, and improve our services. Location data will not be obtained or used to identify you personally unless we have your consent. Except as otherwise provided in this policy, we will not share this location information with any third parties. If you no longer want us to collect or use such information, you can turn off your internet access or GPS, or disable our access to your network, GPS, and device information. Please note that we may still continue to receive some location information, such as your network information, IP address, and system time zone, as a result of your use of our services.

Log Information

When you use some of our services, including generating and browsing certain content, we automatically collect certain relevant log information stored in Camfolo ("Log Information"). Log information may include (i) details of when and how often you use our services, and (ii) device statistics, including critical operating paths, errors, crashes, language, and time zones. This log information is used to improve our services and is not used to individually identify our users.

Image Information

By choosing to use the cloud editing function of our services, you understand and agree that in order to provide you with such services and continuously optimize them, we must upload your photos to our servers for processing, and then return the processed photos to you. We will also receive EXIF data about your photos (EXIF data may include GPS coordinates of the location where the photos were taken and processed, device type, ISO, and information about front and rear cameras and creation time, depending on the device manufacturer), in order to further optimize our services, such as providing photo effects that better match your device.

Voice Messages

By enabling the microphone on Camfolo, you agree that we may collect your voice data (i.e., audio clips or recordings of your voice) for video editing. We will not use your voice information for advertising purposes. You can turn off Camfolo's access to the microphone on your device at any time by using the operating system settings on your device or by muting the microphone on your device.

Metadata

Metadata refers to technical data related to user content. Simply put, metadata is data that describes data. For example, metadata can describe the analysis results of facial features, gender, age, race, and other elements contained in photos, which are generated and marked by computer algorithms and artificial intelligence. When you use our service, we use photo metadata to provide you with certain functions, including precise "facial recognition", "keypoint recognition", "region segmentation", "content tagging" and other custom functions based on these basic functions. We may use your photo metadata to provide you with more appropriate filters and better photo effects when our application processes your photos; we may also use metadata to provide you with more contextual products or services.

Cookies

We use "cookies" to store and retrieve user usage information in order to provide customized services to each user from time to time. Cookies are small amounts of information that servers use to operate applications/websites, send to user devices, and store on user device hard drives. You can refuse to install cookies. The collected information may include information about your Internet Protocol (IP) address, browser type, Internet service provider (ISP), referring and Exit Pages, your operating system, date and timestamp, and clickstream data.

  • The purpose of using cookies: Cookies are used to identify the types of services and websites visited by users, popular search terms, secure access status, etc., and provide optimized information for each user.
  • Installation, operation and refusal of cookies: Users can refuse the installation of cookies by sending an e-mail to [email protected] (please indicate "Camfolo" in the subject of the e-mail).
  • If a user refuses to store cookies, he or she may encounter difficulties in using the customized service.

Advertising Related Information

We and our third-party service providers may include advertisements in our services, and with your consent, we may collect and use your information, such as your advertising ID, geolocation, and IP Address, in order to deliver and track these ads. If your device does not have an advertising ID, we may use other persistent identifiers. We may also access your app list and collect the app package names of apps installed on your device. We use the above information to help us better count, track, and serve ads based on suitability, language, geolocation, and other details. If you wish to opt out of interest-based advertising, you can do so by sending an email to [email protected] (please indicate "Camfolo" in the subject line of the email). Please note that you will continue to receive generic advertising after you opt out of interest-based advertising.

Information Collected by Third-Party Services

The services we provide to you may include application programming interfaces (APIs) or Software Development Kits (SDKs) from our service providers, which may include tracking tools from such service providers. These third parties may use cookies, APIs, and SDKs on our services and collect and analyze user information. In addition, certain third-party SDKs may allow advertisers to collect information in order to provide more relevant content to you. Third parties may access your information, such as your Device ID, region (defined as a location where a specific language is used), location information, and IP address, in accordance with their respective Privacy Policies. If you would like to know more about these third parties, you may send an email to [email protected] (please indicate "Camfolo" in the subject line of the email).

Information You Voluntarily Provide to Us

When you contact us (including but not limited to our customer support team and data protection officer), we collect data that you provide to us, such as your contact details (such as email address and/or phone number).

Other Information

We may also collect other information unrelated to your identity. For example, we may collect your operating system type and version number information to better understand system upgrades; we may collect your system language information for language adaptation; we may collect your application list to understand user preferences. If we choose to collect such information, we will do so to improve the services we provide to you. In addition, our services may utilize Apple's ARKit calculation results on facial depth mapping information to achieve better facial image processing effects.

How We Use Information

In addition to the purposes listed above, we also collect and use your user information and/or personal information for the following purposes:

  1. Services. Provide, process, maintain, improve and develop the services we provide to you, including customer support and other services provided through our products.
  2. Statistical analysis. To improve our products and services, develop and analyze Statistical Data on the use of our products and services.
  3. Create an account. When you create an account using our services, the personal information we collect will be used by us to create your account and profile.
  4. Provide location-based services. When you use our services, we or third-party service providers may use your location information to provide you with advertisements, the correct version of our services, and help you have a good User Experience.
  5. Improving User Experience. Certain optional features (such as User Experience programs) allow us to analyze data about the use of our products and services and improve the User Experience.
  6. Provide TTpush. We may use device information to provide TTpush to evaluate the effectiveness of advertising and the success of software updates, or to provide notice of new product releases.
  7. Verify your identity. Using SMS to verify your identity when logging in to your account helps prevent unauthorized login to your account.
  8. Collecting your feedback. Your feedback is valuable in helping us improve our services. We may collect your email address to contact you and keep records.
  9. Other purposes. We will collect, store, maintain, and use information about you for the purposes set out in "Information We Collect" and to operate our business, pursue our legitimate interests (such as research (including market research), network and information security, and fraud prevention), and fulfill our legal obligations.

Information Sharing and Disclosure

We may share your information with third parties who provide services on our behalf to assist us in conducting business activities. These services may include:

  • To provide you with advertising.
  • Payment processing;
  • Providing Client Server;
  • Fulfill subscription services.
  • Conduct research and analysis; and
  • Providing Cloud Services Infrastructure.

We will not share or disclose all or part of your personal information to third parties (other than our service providers) except for the following purposes:

  1. Protecting the safety of others or their property;
  2. Preventing or addressing fraud;
  3. Safeguard our legitimate rights and interests.
  4. Take action based on the purposes described in the "Information We Collect" or "How We Use Information" sections.
  5. Comply with laws, regulations, rules, or requests from government agencies, judicial authorities, law enforcement agencies, or private groups, which are generally aimed at maintaining cyber security and the rights, property, and safety of us, our users, and third parties; and/or
  6. Evaluating or completing transactions in which we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets or other event that may sell or transfer your information.

The Basis for Using Your Information

We only collect and process personal information where we have a lawful basis, and we generally rely on one of the following four legal bases:

  • Agree (has obtained your consent);
  • Contract (processing necessary to fulfill the contract signed with you, such as operating the website or providing any services you request);
  • Legitimate interests (for example, we need to use your information to provide and improve our services, including protecting your account and providing customer support). We only use our legitimate interests as a legitimate basis for our processing (unless we obtain your consent or are otherwise required or permitted by law); and
  • Legal obligations (to comply with laws, regulations, rules, or requirements of government departments, judicial authorities, or law enforcement agencies).

If you have any questions about our lawful basis for processing your personal information, please contact us at [email protected] (please indicate "Camfolo" in the subject line of the email).

Third-Party Websites and Services

Our Services may contain links to other websites and services. Additionally, other websites and services may reference or link to our Services. These other domains and websites are not under our control and we do not endorse or make any representations about third-party websites or services. We encourage users to read the Privacy Policy of each website and service they interact with. Access to these other websites or services is at your own risk.

Information Security

We implement the following specific measures to protect your information:

  1. Encryption: Using SSL/TLS encryption for all data transmission
  2. Access Control: Strictly limiting employee access to user data
  3. Data Backup: Regular data backup and disaster recovery testing
  4. Security Audit: Regular security assessments and penetration testing
  5. Incident Response: Established data breach response mechanism and notification procedures

Data Breach Notification

In the event of a data breach:

  1. We will notify affected users within 72 hours of discovery
  2. The notification will include the scope of the breach, potential impacts, and remedial measures
  3. We will cooperate with relevant regulatory authorities to investigate the incident
  4. Take necessary measures to prevent similar incidents from recurring

Information Access and Control

We will use all reasonable and appropriate technical means to ensure that you can access, update and correct your personal information or other personal information you provide to us when using our services. Before you access, update, correct or delete such personal information, we may verify your identity to ensure the security of your account.

Data Retention

We will delete your information (including your personal information) immediately after you terminate your account, in accordance with applicable laws, regulations and rules, and to fulfill our business or legal purposes.

Right to Privacy

Under applicable law, you have the right to:

  1. Request confirmation that we are processing your personal information;
  2. Obtain or copy your personal information;
  3. Receive an electronic copy of the personal information you have provided to us, or request that we send that information to another company ("Data Portability Rights");
  4. Object to or restrict our use of your personal information;
  5. Request the correction or modification of inaccurate, untrue, incomplete, or improperly processed personal information;
  6. Withdraw your consent; and
  7. Request the deletion of personal information we hold about you, but the law provides certain specified exceptions.

If you wish to exercise your rights, you may send an email to [email protected] (please indicate "Camfolo" in the subject line of your email) or mail your request to LightFrame Labs Inc, 522 W RIVERSIDE AVE STE N, Spokane, WA 99201 United States (Attn: Camfolo Legal Department). We will process your request in accordance with applicable law within a reasonable time after we receive your email or message and will cease collecting, using and disclosing your personal information, subject to certain exceptions provided by law. To protect your privacy, we will take steps to verify your identity before executing your request. Please note that your use of some of our services may be affected if you withdraw your consent or delete your personal information.

California residents have the right not to be discriminated against by us for exercising their rights under the California Consumer Privacy Act.

Information on Children

We do not knowingly collect or solicit personal information from children under the age of 16 (or any other age under applicable law in your area). If you are under that age, please do not send us your personal information, including but not limited to your name, address, telephone number, or email address. If you believe we may have any information about children under the age of 16 (or any other age under applicable law in your area), you may send an email to [email protected] (please indicate "Camfolo" in the subject line of your email) or send a registered letter to LightFrame Labs Inc, 522 W RIVERSIDE AVE STE N, Spokane, WA 99201 United States (To: Camfolo Legal Department). If we become aware that we have collected personal information from children under the age of 16 (or any other age under applicable law in your area), we will immediately take steps to delete such information and terminate the associated account.

Cross-Border Transfer

Depending on the jurisdiction in which you are a user and subject to the special rules and policies of such jurisdiction as set forth in this Policy, you understand and agree that all information collected through or by us may be transferred, processed, and stored anywhere in the world, including but not limited to Singapore, the People's Republic of China, the Hong Kong Special Administrative Region of the People's Republic of China ("Hong Kong"), Japan, South Korea, the US, the cloud, our servers, servers of our affiliates, or servers of our service providers, to provide our services.

Applicable Law

This policy is formulated, effective, enforced, and interpreted in accordance with the laws of Singapore without regard to its conflict of laws provisions. Any disputes arising under this policy will also be resolved in accordance with the Terms of Service. We do not represent or warrant that this policy complies with the privacy laws of any jurisdiction. Therefore, you should not interpret this policy in accordance with such laws.

Amendments to This Policy

You agree that we may update this policy in accordance with relevant laws and regulations or based on our business decisions, and you agree to be bound by such revisions. Any significant changes to this policy will be posted on Camfolo or notified to you in other ways as required by law.

Privacy Policy Updates

When material changes are made to this policy:

  1. Display update notifications in the App
  2. Send email notifications
  3. Post notices on the official website bulletin board
  4. Provide comparison between old and new versions
  5. Give users reasonable time to consider whether to accept the new policy

For Users in the European Economic Area and the United Kingdom

For cases where we process personal information within the scope of the European General Data Protection Regulation and the United Kingdom General Data Protection Regulation (collectively "GDPR"), you can find relevant details about the processing of your personal information in the GDPR notice below.

For Japanese Users

The Right to Data Disclosure, Correction, Deletion or Suspension of Use

If you are in Japan, as a data principal, you have the right to request disclosure, correction, deletion or suspension of the use of your personal information, and we are obliged to fulfill your request without delay. You can send your request by email to [email protected] (Please indicate "Camfolo" in the subject of the email) or by mail to LightFrame Labs Inc, 522 W RIVERSIDE AVE STE N, Spokane, WA 99201 United States (recipient: Camfolo Legal Department).

For Korean Users

International Data Transmission

We only process users' personal information within the scope specified in "How We Use Information" and will not provide users' personal information to third parties in principle. However, with your consent, in order to provide you with the services described in "Information Sharing and Disclosure," we may collect, transmit, store, and process your personal information from other places.

  • Transfer of personal information: Please refer to the "Information we collect" section above this policy.
  • Transfer date and method: Transfer when submitting storage and processing.
  • Countries to which personal information is transferred: US and Singapore.
  • Retention of personal information: Please refer to the "Data Retention" section above this policy.

In addition, we may transfer your personal information to third parties located outside of Korea:

Name of personal information providerPurpose of use of personal informationDetails of the personal data collectedRetention and use period of personal information
Stripe Payment Europe, Limited [Link](https://stripe.com/privacy)Subscription payment serviceEmail address, bank account infoThe period specified in the Privacy Policy of the relevant third-party recipient
AppLovin (Singapore) Pte Ltd [Link](https://www.applovin.com/terms)Advertising servicesApproximate location, email address, purchase history, application interaction, other actions
AppsFlyer Limited [Link](https://www.appsflyer.com/legal/privacy-policy/)Attribution serviceApproximate location, email address, purchase history, application interaction, other actions
Firebase [Link](https://firebase.google.com/support/privacy)Improve our service by analyzing the problems encountered by usersuser_id, origin_order_id, subscription token, idfa, idfv, g_uuid, ip address, mac_addr, imei, advertising_id, attribution fields
Adjust GmbH [Link](https://www.adjust.com/terms/general-terms-and-conditions)Attribution serviceIDFA, IDFV, GAID, Android ID, FAI, IMEI, OAID, attribution fields
Google Asia Pacific Pte Ltd [Link](http://policies.google.com/privacy)Subscription paid services and advertising servicesRequest user uid
Apple Inc [Link](http://developer.apple.com/app-store/app-privacy-details/)
Meta Platforms Inc [Link](https://www.facebook.com/policy.php/)
Mintegral International Limited [Link](https://www.mintegral.com/en/privacy)Advertising servicesLocation information, device/ad ID, device information, application information, interaction information, others
ADLOGIC Technology Pte Ltd [Link](https://www.mintegral.com/en/privacy)
Vungle Corporation [Link](https://vungle.com/privacy/)Device information, interaction information, ad placement/browsing/clicking information, device ID

Whenever we share information outside of your place of residence, we ensure that the transfer complies with your local laws so that your personal information is adequately protected. If you do not wish to transfer your personal information outside of Korea, we will not be able to provide you with our products or services.

In addition, we may receive your personal information from the following third parties:

Name of Personal Information ProviderPurpose of Use of Personal InformationDetails of the Personal Data CollectedRetention and Use Period of Personal Information
AppLovin (Singapore) Pte Ltd LinkAdvertising servicesApproximate location, email address, purchase history, application interaction, other actionsDuration of Privacy Policy of Relevant Third Party Platforms
Google Asia Pacific Pte Ltd LinkSubscription payment serviceIDFA, IP user's UID, locationDuration of Privacy Policy of Relevant Third Party Platforms
Apple Inc LinkIDFA, GAID, Android ID, IP user's UID, location
Meta Platforms Inc LinkIDFA, GAID, Android ID, IP user's UID, location
Adjust GmbH LinkAttribution serviceApproximate location, email address, purchase history, application interaction, other actions
Firebase LinkImprove our service by analyzing the problems encountered by usersuser_id, origin_order_id, subscription token, idfa, idfv, g_uuid, ip address, mac_addr, imei, advertising_id, attribution fields

Data Retention

We will delete your information (including your personal information) immediately after you terminate our account in accordance with applicable laws, regulations, and requirements and the fulfillment of our business or legitimate purposes. We will destroy your personal information in accordance with the following procedures and methods:

  1. Destruction procedure: We select the personal information to be destroyed and destroy it with the approval of our Data Protection Officer.
  2. Method of destruction: We will destroy electronically stored and archived personal information in a deletable manner and, where possible, in a way that makes the records irrecoverable.

Department Responsible for Personal Information Protection and Complaint Handling

Email: [email protected] (Please indicate "Camfolo" in the subject line of your email)

For US Users

You agree that Camfolo and its affiliates may use facial recognition technology to collect biometric information from photos or images you provide. Camfolo and its affiliated companies may use such information to verify your identity, provide and improve the Services, and for our internal research purposes. If your biometric information is subject to the Illinois Biometric Information Privacy Act, we will delete your biometric information within three years of your last interaction with the Services.

Under applicable law, you may be entitled to:

  • Confirm whether we are processing your personal information;
  • Obtain or copy your personal information and accompanying details;
  • Receive an electronic copy of the personal information you provide to us, or request that we send that information to another company, i.e., data portability rights;
  • Correct your personal information;
  • Request an opt-out from certain processing activities, including (where applicable) if we process your personal information for "targeted advertising" (as defined in the Privacy Act), if we "sell" your personal information (as defined in the Privacy Act), or if we conduct profiling to further a decision that has a legal or similar material impact on you;
  • Request deletion of personal information we hold about you; and
  • Appeal against our decision to refuse to process your request.

If you wish to exercise any of the rights granted to you by applicable privacy laws, please contact our Data Protection Officer by e-mail at [email protected] (please indicate "Camfolo" in the subject line of your e-mail) or contact our Data Protection Officer by registered mail at LightFrame Labs Inc, 522 W RIVERSIDE AVE STE N, Spokane, WA 99201 United States (Attn: Camfolo Legal Department). We will process such requests in accordance with applicable law.

If you are a Virginia resident and would like to appeal a decision we have made on your request, you can let us know and provide us with information to support your appeal.

The following paragraphs apply only to our processing of your personal information in accordance with the California Consumer Privacy Act (as amended from time to time) ("CCPA").

CCPA gives California residents the right to know what categories of personal information we collect and whether we have disclosed this personal information for commercial purposes (such as to service providers) in the past twelve months. California residents can find this information below:

Categories of personal information collectedCategories of third parties to whom personal information is disclosed for commercial purposes
IdentifierService provider Camfolo and its affiliates
Categories of personal information listed under California Customer Records statute (California Civil Code ยง 1798.80 (e))Service provider Camfolo and its affiliates
Classification features protected by California or federal lawService provider Camfolo and its affiliates
Business informationService provider Camfolo and its affiliates
Biometric informationService provider Camfolo and its affiliates
Internet or other electronic network activitiesService provider Camfolo and its affiliates
Geographic location dataService provider Camfolo and its affiliates
Sensory dataService provider Camfolo and its affiliates
Professional or employment-related informationNot applicable
Non-public educational information (under the Family Educational Rights and Privacy Act (20 USC Sec. 1232g, 34 CFR Part 99))Not applicable
Inferences drawn from other personal information to create personal information about consumersService provider Camfolo and its affiliates
Disclosing personal information about consumers Social Security, driver's license, state ID or passport numbersNot applicable
Personal information that reveals the consumer's account login name, financial account, debit or credit card number, and any required security or access codes, passwords, or credentials that allow access to the accountService provider Camfolo and its affiliates
Revealing consumers' precise geographic location personal informationService provider Camfolo and its affiliates
Disclosing personal information about a consumer's racial or ethnic origin, religious or philosophical beliefs, or union membershipService provider Camfolo and its affiliates
Personal information, unless Figma is the intended recipient of the communication, will disclose the contents of the consumer's mail, email and text messagesNot applicable
Revealing personal information about consumers genetic dataNot applicable
Biometric information processed to uniquely identify consumersNot applicable
Collecting and analyzing personal information about consumer healthNot applicable
Collect and analyze personal information about a consumer's sex life or sexual orientationNot applicable

The source categories of personal information we collect and the business and commercial purposes for which we use and disclose personal information are listed in "Information We Collect", "How We Use Information", and "Information Sharing and Disclosure" above. We will retain personal information for the time period specified in "Data Retention" above.

In the past twelve months, we have not "sold" any personal information (as defined by the CCPA), nor have we actually learned of any "sale" of juvenile personal information under the age of 16.

In the past twelve months, we have not "shared" any personal information for "cross-context behavioral advertising" (as defined in the CCPA), nor have we actually learned of any "sharing" of personal information of minors under the age of 16 for "cross-context behavioral advertising".

We only use and disclose sensitive data for the following purposes:

  • Provide services.
  • Prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, and/or confidentiality of stored or transmitted personal information.
  • Resist malicious, deceptive, fraudulent, or illegal behavior against us and prosecute those responsible for such behavior.
  • Ensure the personal safety of natural persons.
  • Verify or maintain the quality or safety of our products, services, or equipment, and improve, upgrade or enhance our services or equipment.
  • For the purpose of not inferring personal characteristics.

California residents have the right not to be discriminated against by us for exercising their rights under the CCPA.

To protect your privacy, we will take steps to reasonably verify your identity before executing a request submitted under the CCPA. These steps may involve asking you to provide sufficient information for us to reasonably verify that you are the person or authorized representative collecting personal information. Examples of our verification process may include asking you to provide an email address or phone number associated with you and providing a verification code sent to your email address or phone number.

Only you or a person authorized by law to act on your behalf may make a verifiable consumer request related to your personal information. To authorize an agent, please provide a written authorization signed by you and your designated agent, and contact us using the information in "Privacy" above for further instructions.

We do not "sell" personal information or "share" personal information for "cross-context behavioral advertising", so we do not respond to opt-out preference signals.

If you are a resident of Nevada, we will not "sell" your personal information.

For Users in Brazil

Legal Basis for Processing Data

If you are in Brazil, the legal basis on which we may rely to process your personal information is:

  • Agree (has obtained your consent);
  • Contract (processing necessary to fulfill the contract signed with you, such as operating the website or providing any services you request);
  • Legal obligations (to comply with laws, regulations, rules, or requirements of government departments, judicial authorities, or law enforcement agencies); and
  • To prevent fraud and protect credit.

If you have any questions about our lawful basis for processing your personal information, please contact us through [email protected] (please indicate "Camfolo" in the subject line of the email).

The Right to Data Disclosure, Correction, Deletion or Suspension of Use, Portability and Withdrawal of Consent

If you are in Brazil, as a data principal, you have the right to request the disclosure, correction, deletion, suspension of use or carrying of your personal data, as well as to withdraw your consent and be informed of the possible negative consequences of such withdrawal, as well as the public and private entities with which we share your personal data. We are obliged to comply with your request without delay. You can send your request by e-mail to [email protected] (Please indicate "Camfolo" in the subject line of the e-mail) or by post to LightFrame Labs Inc. (addressee: Camfolo Legal Department).

Sensitive Data

If you are in Brazil, you understand and agree that in order to be able to provide you with our services, we may collect sensitive personal information such as the facial features of the person in the photograph, gender, age, ethnicity, and other elements contained in the photograph.

Representative

If you are in Brazil, you can contact our Data Protection Officer by e-mail at [email protected] (please indicate "Camfolo" in the subject of your e-mail), or by post to LightFrame Labs Inc. (Attn: Camfolo Legal Department).

International Data Transmission

In order to provide you with our services, we may collect your personal information from, transfer it to, store, and process it elsewhere.

  • Transfer of personal information: Please refer to the "Information we collect" section above this policy.
  • Transfer date and method: Transfer when submitting storage and processing.
  • Countries to which personal information is transferred: US and Singapore.
  • Retention of personal information: Please refer to the "Data Retention" section above this policy.

Whenever we share information outside of your place of residence, we ensure that the transfer complies with your local laws so that your personal information is adequately protected.

Data Retention

We will retain your information (including your personal information) for as long as is necessary to provide you with the Services and within the limits set forth in the Brazil Civil Core Law, the LGPD, the Brazil Internet Civil Rights Framework, and the Brazil Consumer Protection Law, in accordance with applicable laws, regulations, and requirements and to fulfill our business or legal purposes.

When your personal information is no longer needed, we will immediately destroy your personal information. When we destroy your personal information, we will take commercially reasonable and technically feasible measures to ensure that the personal information is permanently deleted.

Choice of Law

If you reside in Brazil, this policy will be enforced and interpreted in accordance with Brazilian law.

GDPR Notification

In the process of providing services, we will process personal data.

If GDPR applies to our processing of your personal data, we only process personal data in accordance with GDPR. In our above (general) Privacy Policy, you can find information about when GDPR applies to our processing of personal data. This GDPR notice supplements the above (general) Privacy Policy and contains detailed information about our processing of your personal data in accordance with GDPR.

  1. I. Information on the Controller

    • LightFrame Labs Inc.
      522 W RIVERSIDE AVE STE N
      Spokane
      WA 99201 United States
    • Identity and contact details of the controller's representatives
      LightFrame Labs Inc.
      522 W RIVERSIDE AVE STE N
      Spokane
      WA 99201 United States
      [email protected]

  2. II. Information on the Processing of Personal Data

    • Detailed information on the personal data processed.
Categories of Personal Data ProcessedPersonal Data Contained in CategoriesData SourcesData Principal Obligation to Provide DataRetention Period
Protocol DataProtocol data, which is the data generated when using the service to provide content from our application server. The data generated during use is defined by the network protocol that transfers information between your end point device and the application server. This includes IP address, type and version of mobile operating system used, accessed content, previously accessed content, access date and time.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. Data principal is not obligated to provide data. If data is not provided, we will not be able to provide the application content you requested.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Registration DataName, username, gender, date of birth, mobile phone number, location.Service UsersProviding information marked as required during the registration process is a necessary condition for signing the contract. The data principal is not obligated to provide data. If you do not provide required information, you will not be able to fully utilize the service.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Subscription DataInformation about current and/or past subscriptions.Service UsersProviding information marked as required during the registration process is a necessary condition for signing a subscription contract. Providing other data is not a legal or contractual requirement, nor is it a necessary condition for signing a contract.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Mobile Device DataInformation about your mobile device, including its International Mobile Equipment Identity (IMEI), Unique Device ID (UDID) or Android ID, Universal Unique Device Identifier (GUUID), User ID (UID), IDFA (IDFA) and Supplier Identifier (IDFV), Open Anonymous Device Identifier (OAID), Integrated Circuit Card Identifier (ICCID), Media Access Control (MAC) address, Google Advertising ID (GAID), the type of device you are using, operating system version, list of mobile applications installed on the device, and resolution.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. Data principal is not obligated to provide data. If data is not provided, we will not be able to provide the application content you requested.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Mobile Analytics DataInformation obtained to better understand and improve the functionality of our services. This information includes the frequency of your use of the application, events that occur within the application, summary usage, performance data, and download location of the application.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary condition for signing a contract. The data principal is not obligated to provide data.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Network DataOperator name and network type, the name of the WiFi network you are connected to, the location of the WiFi network, and the duration of your WiFi connection.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary condition for signing a contract. The data principal is not obligated to provide data.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Location DataThe country code, latitude and longitude, network location, IP Address, and system country and system time zone recorded by your device.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary condition for signing a contract. The data principal is not obligated to provide data.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Log DataLog information may include (i) details of when and how often you use our services, and (ii) device statistics, including critical operating paths, errors, crashes, language, and time zones.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary condition for signing a contract. The data principal is not obligated to provide data.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Image DataData principal photos/videos; EXIF data stored in image files (EXIF data may include GPS coordinates for taking and processing photos, device type, ISO, and information about front and rear cameras and creation time, depending on the device manufacturer).Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. The data principal is not obligated to provide data. If data is not provided, you will not be able to fully utilize the service.The maximum storage period for data in server log files is 21 days.
Voice DataThe voice of the data principal.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. The data principal is not obligated to provide data. If data is not provided, you will not be able to fully utilize the service.The maximum storage period for data in server log files is 21 days.
MetadataInformation describing the analysis results of the elements contained in the photo, such as facial features, gender, age, etc.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. The data principal is not obligated to provide data. If data is not provided, you will not be able to fully utilize the service.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Facial Recognition DataData principal facial feature information (including but not limited to facial images, facial markers).Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. The data principal is not obligated to provide data. If data is not provided, you will not be able to fully utilize the service.When the content recommendation is completed or the application is closed, the facial mapping information will be discarded.
Cookie DataData principal Internet Protocol (IP) address, browser type, Internet Service Provider (ISP), Referencing and Exit Pages, operating system, date and timestamp, clickstream data. If such personal data is stored in cookies, you can find more detailed information in Part III below.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. The data principal is not obligated to provide data. If data is not provided, you will not be able to fully utilize the service.The data you provide will be stored in your account during its existence until you delete it yourself. You can delete your account at any time. The data will be deleted when the user logs out of their account. When the token expires (after 30 days), the cookie will be replaced.
Advertising DataAdvertising ID (including IMEI, Android ID, OAID, IMSI, ICCID, GAID, MEID, mac addr, IDFV, IDFA), geographic location, and IP Address.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary requirement for signing a contract. Data principal is not obligated to provide data. If you do not provide this data, we will not be able to provide interest-based advertising to you.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Third-party Tracking DataDevice ID symbol, region (defined as the location where a specific language is used), location information, IP address. If such personal data is stored in cookies, you can find more detailed information in Part III below.Service UsersProviding data is not a legal or contractual requirement, nor is it a necessary condition for signing a contract. The data principal is not obligated to provide data.As long as your account exists, the data you provide will be stored in your account until you delete it yourself. You can delete your account at any time.
Purpose of processing personal dataCategories of personal data processedAutomated decision-makingLegal basis and legitimate interests under applicable circumstancesRecipient
Provide servicesProtocol data, registration data, subscription data, network data, location data, image data, voice data metadata, facial recognition dataNo automated decision-making will occur.For processing activities related to application users: GDPR Article 6 (1) (b) (fulfilling the contract of the data principal as a party or taking measures at the request of the data principal before signing the contract). For processing of location data: GDPR Article 6 (1) (a) (consent). For processing activities related to data principals different from those of the device owner: GDPR Article 6 (1) (f) (pursuing legitimate interests in the balance of interests): Our legitimate interest is to provide our services.Other subsidiaries of Camfolo Apple Inc., Google LLC, Meta Platform, Inc., AppLovin (Singapore) Pte. Ltd., Tencent Holdings Limited, Microsoft Corporation, Zendesk, Inc., Stripe, Inc., AppsFlyer Ltd., Adjust GmbH
Statistical Analysis (Developing and Analyzing Statistical Data on the Use of Our Products and Services to Improve Our Products and Services)Protocol Data, Mobile Device Data, Mobile Analytics Data, Network Data, Location Data, Log Data, Cookie DataNo automated decision-making will occur.Article 6 (1) (a) GDPR (consent)Other subsidiaries of Camfolo Apple Inc., Google LLC, Meta Platform, Inc., AppLovin (Singapore) Pte. Ltd., Tencent Holdings Limited, AppsFlyer Ltd., Adjust GmbH
Create an accountAgreement data, registration data, subscription data, location dataNo automated decision-making will occur.Article 6 (1) (f) of the GDPR (pursuing legitimate interests in the balance of interests): Our legitimate interest is to provide our application content requested by users.Other Camfolo affiliates, Apple Inc., Google LLC
Provide location-based services (to provide users with advertisements, the correct version of our services, and help users have a good User Experience)Protocol data, location dataNo automated decision-making will occur.Article 6 (1) (a) GDPR (consent)Other subsidiaries of Camfolo Apple Inc., Google LLC, AppLovin (Singapore) Pte. Ltd., AppsFlyer Ltd., Adjust GmbH
Improving User Experience (optional features such as User Experience programs that allow us to analyze data about the use of our products and services and improve User Experience)Protocol data, mobile device data, mobile analytics data, network data, location data, log data, image data, metadata, Cookie data, third-party tracking dataNo automated decision-making will occur.Article 6 (1) (a) GDPR (consent)Other subsidiaries of Camfolo Apple Inc., Google LLC, Meta Platform, Inc., AppLovin (Singapore) Pte. Ltd., Tencent Holdings Limited, AppsFlyer Ltd., Adjust GmbH
Provide TTpush (used to evaluate advertising effectiveness and software update success rate, or provide notification of new product releases).Protocol data, mobile device data, advertising dataNo automated decision-making will occur.Article 6 (1) (a) GDPR (consent)Other subsidiaries of Camfolo Apple Inc., Google LLC, AppLovin (Singapore) Pte. Ltd., AppsFlyer Ltd., Adjust GmbH
Verify user identityAgreement data, registration dataNo automated decision-making will occur.Article 6 (1) (f) of the GDPR (pursuing legitimate interests on balance of interests): In this case, our legitimate interest is to verify your identity in order to be able to provide you with services.Other Camfolo affiliates, Apple Inc., Google LLC
Collect user feedback (to help us improve our services)Agreement data, registration dataNo automated decision-making will occur.Article 6 (1) (a) GDPR (consent)Other subsidiaries of Camfolo Apple Inc., Google LLC, Meta Platform, Inc., AppLovin (Singapore) Pte. Ltd., Tencent Holdings Limited, Zendesk, Inc., AppsFlyer Ltd., Adjust GmbH
Comply with any applicable rules, laws and regulations, codes of conduct or guidelines or assist relevant authorities in law enforcement and investigationsAgreement data, registration data, subscription dataNo automated decision-making will occur.Article 6 (1) (c) of the GDPR (necessary to comply with the legal obligations of the controller)Public authorities, other Camfolo affiliates
Maintain the safe and stable operation of the service, such as identifying or handling any faults in the serviceProtocol data, network data, log dataNo automated decision-making will occur.Article 6 (1) (f) of the GDPR (pursuing legitimate interests in the balance of interests): Our legitimate interest is to ensure the secure and stable operation of the IT infrastructure used to provide services.Other Camfolo affiliates
Protect your account, network, operation, and system security, prevent phishing, website fraud, and Trojan virusesProtocol data, network data, log dataNo automated decision-making will occur.Article 6 (1) (f) of the GDPR (pursuing legitimate interests on balancing interests): Our legitimate interest is to ensure the security of the IT infrastructure used to provide our website, in particular for detecting, eliminating, and conclusively recording events (such as DDoS attacks).Other Camfolo affiliates
Processing requests (Client Server)Agreement data, registration data, subscription dataNo automated decision-making will occur.If your request involves a contract to which you are a party or pre-performance measures: Article 6 (1) (b) GDPR (performance of a contract to which the data principal is a party or taking measures at the request of the data principal before entering into a contract). Otherwise: Article 6 (1) (f) GDPR (pursuit of a legitimate interest in balancing interests): In this case, our legitimate interest is to process your request.Other Camfolo affiliates
  • Details about recipients of personal data and transfers of personal data to third countries and/or international organizations.
RecipientRole of the RecipientTransfers to Third Countries and/or International OrganizationsSufficiency Decisions or Appropriate Safeguards for Transfers to Third States and/or International Organizations
Cloudflare Inc.ProcessorUnited States of AmericaThe European Commission has recognized the EU-U.S. Data Privacy Framework (DPF) as providing an adequate level of data protection. Cloudflare, Inc. participates in and complies with the EU-U.S. DPF. Transfers are therefore covered by an adequacy decision under Article 45 of the GDPR. For further details, refer to Cloudflare's Data Processing Agreement (DPA). A copy can be requested via Cloudflare's legal documentation.
Apple IncProcessorUSThe European Union Commission has no adequacy decision against the US. We have signed so-called standard data protection clauses with the recipient in accordance with Article 46 (2) (c) GDPR, thus protecting your data. You can obtain a copy of this agreement from the above contact address.
Google LLCProcessorUSThe European Union Commission has no adequacy decision against the US. We have signed so-called standard data protection clauses with the recipient in accordance with Article 46 (2) (c) GDPR, thus protecting your data. You can obtain a copy of this agreement from the above contact address.
Meta Platform CorporationProcessorUSThe European Union Commission has no adequacy decision against the US. We have signed so-called standard data protection clauses with the recipient in accordance with Article 46 (2) (c) GDPR, thus protecting your data. You can obtain a copy of this agreement from the above contact address.
AppLovin (Singapore) Pte LtdProcessorSingaporeThe European Union Commission has not made an adequacy decision for Singapore. We have signed so-called standard data protection clauses with the recipient in accordance with Article 46 (2) (c) of the GDPR to protect your data. You can obtain a copy of this agreement from the above contact address.
Stripe IncProcessorUSThe European Union Commission has no adequacy decision against the US. We have signed so-called standard data protection clauses with the recipient in accordance with Article 46 (2) (c) GDPR, thus protecting your data. You can obtain a copy of this agreement from the above contact address.
AppsFlyer LimitedProcessorSingaporeThe European Union Commission has not made an adequacy decision for Singapore. We have signed so-called standard data protection clauses with the recipient in accordance with Article 46 (2) (c) of the GDPR to protect your data. You can obtain a copy of this agreement from the above contact address.
Adjustment coProcessorUS, European UnionThe European Union Commission has not made sufficient decisions regarding the US and the European Union. We have signed so-called standard data protection clauses with the recipient in accordance with Article 46 (2) (c) of the GDPR, thus protecting your data. You can obtain a copy of this agreement from the above contact address.
  1. III. Information on the Use of Cookies or Similar Technologies
    • The following section currently only involves cookies. If similar technologies (browser fingerprinting, local storage, session storage, etc.) are used, this section must be adjusted accordingly.
      We use cookies when providing services. For this purpose, we use the processing and storage functions of your device and/or device browser, and collect information from the memory of your device and/or device browser.
    • You will find more detailed information about this content in the following text.

1. General Information about Cookies
Cookies are small text files containing information that can be placed on a user's device when they use an application or visit a website. When a user uses the same device again or visits a related application or website, the cookie and the information it contains can be retrieved.

A) First-Party and Third-Party Cookies

Type of CookiesDescription
First-Party CookiesCookies placed and accessed by the operator of the application or website as the controller or by processors entrusted by the controller
Third-Party CookiesCookies placed and accessed by controllers other than application or website operators who are not processors employed by application or website operators

B) Temporary and Persistent Cookies

Type of CookieDescription
Temporary Cookies (Session Cookies)Cookies that are automatically deleted when you close the application or browser
Persistent cookiesCookies will still be stored on your device for a period of time after the application or browser is closed

C) Cookies that do not require consent and cookies that require consent

Cookie TypeDescription
Cookies without consentCookies whose sole purpose is to transmit information through electronic communication networks
Cookies necessary for the service providerCookies necessary for the service provider to provide the corresponding service upon explicit request from participants or users ("strictly necessary cookies")
Cookies that require consentCookies for all purposes other than the above

2. Manage the Cookies Used on Our Applications and Websites
A) Granting and withdrawing consent to the use of cookies in the data protection settings of our applications and websites.
If the use of certain cookies requires your consent, we will only use those cookies with your prior consent. You can find information on whether your consent is required for the use of certain cookies in Section III.3 of this Privacy Policy.
You cannot disable absolutely necessary cookies in the data protection settings of our application or website. However, you can usually disable these cookies at any time in the application or browser.

B) Manage cookies using device/browser settings
You can also manage the use of cookies in the settings of your device or browser. Different browsers have different ways of configuring cookie settings. You can find more information on websites such as allaboutcookies.org/manage-cookies/.
However, we would like to point out that if you disable cookies on your device, certain features of our application or website may not function properly, or even not function at all.

3. Cookies Used on Our Applications and Websites

NameFirst-Party/Third PartyPurpose and content of useValidity periodDo I need to agree?
TokenFirst-PartyUser login tokenWhen the user logs out of the account, it will be deleted. When the token expires (30 days), it will be replaced.No
Connection.sidFirst-PartyUser login tokenWhen the user logs out of the account, it will be deleted. When the token expires (30 days), it will be replaced.No
First loginFirst-PartyUser login tokenWhen the user logs out of the account, it will be deleted. When the token expires (30 days), it will be replaced.No
creative styleFirst-PartyProvide servicesWhen the user logs out of the account, it will be deleted. When the token expires (30 days), it will be replaced.No
Image styleFirst-PartyProvide servicesWhen the user logs out of the account, it will be deleted. When the token expires (30 days), it will be replaced.No
GuideVisibleFirst-PartyOptimize User ExperienceWhen the user logs out of the account, it will be deleted. When the token expires (30 days), it will be replaced.No
_gaThird partyData AnalysisWhen the user logs out of the account, it will be deleted. When the token expires (30 days), it will be replaced.No

As a Data Principal, You Have the Following Rights Regarding the Processing of Your Personal Data:

  • Right of access (Article 15 of the GDPR)
  • Right to rectification (Article 16 of the GDPR)
  • Right to deletion ("right to be forgotten") (Article 17 of the GDPR)
  • Right to restrict processing (Article 18 of the GDPR)
  • Right to data portability (Article 20 of the GDPR)
  • Right to object (Article 21 of the GDPR)
  • Right to withdraw consent (Article 7 (3) of the GDPR)

You can use the contact information provided to exercise these rights.
Where applicable, you can find information on the processing of personal data about any specific modes and mechanisms that facilitate the exercise of your rights, particularly your rights to data portability and the right to object.

You also have the right to file a complaint with the supervisory authority (Article 77 of the GDPR).

The following is more detailed information about your personal data processing rights:

  1. Right of access
    As a data principal, you have the right of access and information in accordance with the conditions set out in Art. 15 GDPR.
    This particularly means that you have the right to confirm with us whether we are processing your personal data. If so, you also have the right to access personal data and the information listed in Article 15 (1) of the GDPR. This includes information about the purpose of processing, the categories of personal data being processed, and the recipients or categories of recipients to whom personal data has been or will be disclosed (Article 15 (1) (a), (b), and (c) of the GDPR).

  2. Right of correction
    As a data principal, you have the right to make corrections in accordance with the conditions set out in Article 16 of the GDPR.
    This means in particular that you have the right to request that we correct inaccuracies in your personal data without delay and to supplement incomplete personal data.

  3. Right to be deleted ("right to be forgotten")
    As a data principal, you have the right to delete data in accordance with the conditions set out in Article 17 of the GDPR ("right to be forgotten").
    You have the right to request that we delete your personal data when one of the reasons listed in Article 17 (1) of the GDPR applies, we are obliged to delete your personal data without delay.

  4. Right to restrict processing
    As a data principal, you have the right to restrict processing in accordance with the conditions set out in Article 18 of the GDPR.
    This means that if one of the conditions specified in Article 18 (1) of the GDPR applies, you have the right to obtain processing restrictions from us.

  5. Data portability rights
    As a data principal, you have the right to data portability in accordance with the conditions set out in Article 20 of the GDPR.
    You generally have the right to receive the personal data you provide to us in a structured, commonly used, and machine-readable format and to transfer this data to another controller without hindrance from us.

  6. Right to object
    As a data principal, you have the right to object under the conditions set out in Article 21 of the GDPR.
    You have the right to object at any time to the processing of your personal data.

  7. The right to withdraw consent
    If the processing is based on consent under Article 6 (1) (a) or Article 9 (2) (a) of the GDPR, as the data principal, you have the right to withdraw your consent at any time.

  8. The right to complain to regulatory authorities
    As a data principal, you have the right to lodge a complaint with the supervisory authority under the conditions set out in Article 77 of the GDPR.
    The regulatory agency responsible to us is:
    Hamburg's Data Protection and Freedom of Information Beautification
    Ludwig Erhard Street 22, 20459 Hamburg
    E-mail: [email protected]
    Phone: + 49 40 42854-4040
    Office of the Information Commissioner
    E-mail: [email protected]
    Telephone: 0303 123 1113

V. Information on GDPR Technical Terms Used in This GDPR Notice

The technical terms related to data protection used in this GDPR notice have the meaning of the General Data Protection Regulation.
The full scope of the General Data Protection Regulation can be found in Article 4 of the GDPR.
You will find more detailed information about the most important technical terms of the General Data Protection Regulation used in this GDPR notice below:

  • "Personal Data" means any information relating to an identified or identifiable natural person ("data principal"); an identifiable natural person means a person who can be directly or indirectly identified, in particular by name, identification number, location data, online identifier or one or more specific factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person.
  • "Data principal" means the identified or identifiable natural person to whom the personal data relates.
  • "Processing" means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, construction, storage, adaptation, or alteration, retrieval, access, use, disclosure by transmission, dissemination, or otherwise making available, adaptation or combination, restriction, deletion or destruction.
  • "Analysis" means any form of automated processing of personal data, including the use of personal data to evaluate certain personal aspects related to natural persons, in particular to analyze or predict the work performance, economic status, health status, personal preferences, interests, reliability, behavior, location, or movements of natural persons.
  • "Controller" means a natural or legal person, public authority, body or other body that decides, alone or jointly with others, the purposes and methods of processing personal data; if the purposes and methods of such processing are determined by Union or Member State law, the specific criteria for the controller or its nomination may be prescribed by Union or Member State law.
  • "Processor" means a natural or legal person, public authority, body or other body that processes personal data on behalf of the controller.
  • "Recipient" means the natural or legal person, public authority, institution, or other body to which the personal data are disclosed, whether or not a third party. However, public authorities that may receive personal data within the framework of a specific investigation under Union or Member State law shall not be considered recipients; the processing of these data by these public authorities shall comply with applicable data protection rules depending on the purpose of the processing.
  • "Third parties" means natural persons, legal persons, public authorities, institutions, or bodies other than data principals, controllers, processors, and persons authorized to process personal data under the direct authorization of controllers or processors.
  • "International organization" means an organization and its subsidiary organs governed by public international law, or other organs established by or pursuant to an agreement between two or more States.
  • "Third country" means a country that is not a member of the European Union ("EU") or the European Economic Area ("EEA") or the United Kingdom.