Privacy Policy of GlamGirls

Effective Date: March 23, 2026

Welcome to GlamGirls (the "App"), developed by Dingzhou Piwei Technology Co., Ltd. (hereinafter referred to as "we" or "us"). This Privacy Policy is designed to clearly and transparently explain how we collect, use, store, share, and protect the personal data you generate or provide when using the App, define your rights as a data subject, and outline the measures we take to ensure data security. Please carefully read and fully understand the entire content of this Privacy Policy before using the App, including but not limited to the scope of data collection, purposes of use, sharing methods, and the ways to exercise your rights. By checking "I agree to the Privacy Policy and User Terms" and clicking the "Continue Using" button, you confirm that you have fully understood and voluntarily agreed to all the terms and conditions of this Policy, and agree to our processing of your personal data in accordance with this Policy. If you do not agree to any term of this Privacy Policy, please do not use the App.

This App is intended solely for users aged 18 and above. We explicitly prohibit minors under the age of 18 from using the App. If you confirm that you are under 18 years old, please do not register or use any functions of the App; if you are the guardian of a minor and find that your ward is using the App without authorization, please notify us immediately, and we will take measures to delete the relevant data and terminate their usage rights.

I. Data Controller and Data Protection Officer (DPO)

1. Data Controller: The data controller of the personal data in this App is Dingzhou Piwei Technology Co., Ltd. Both the company's registered address and actual business address are Room 1305, Anyuan Building, No. 172 Xingding West Road, Xiguan North Street Community, Western Urban Area, Dingzhou City, Hebei Province, China. As the data controller, we have the right to collect, use, store, process and otherwise handle your personal data in accordance with the law, and assume corresponding legal responsibilities.

2. Data Protection Officer (DPO): To ensure the effective implementation of this Privacy Policy and protect your personal data rights and interests, we have specially appointed a Data Protection Officer (DPO) who is responsible for supervising the compliance of personal data processing activities, receiving and handling your complaints, inquiries, and requests for exercising rights related to personal data, and coordinating the handling of data security-related matters. You can contact the Data Protection Officer in the following way:

Email Address: marjorytremoiller@gmail.com

Contact Time: Working days from 9:00 AM to 6:00 PM (Beijing Time), excluding legal holidays. We will provide an initial response within 7 working days after receiving your request, inquiry, or complaint. For complex issues, we will inform you of the progress and expected completion time to ensure that your appeal is properly addressed.

II. Legal Basis

We process your personal data in strict compliance with applicable personal data protection laws and regulations worldwide and in various regions, ensuring that all data processing activities are legal, compliant, and transparent. The specific legal bases are as follows:

1. European Union General Data Protection Regulation (GDPR): Applicable to users and data processing activities within the European Union. We strictly follow the relevant provisions of GDPR regarding data subjects' rights, data processing principles, and data security protection to ensure that data processing activities comply with EU regulatory requirements;

2. California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) of the United States: Applicable to resident users in California, USA, which clearly protect the core rights of California users such as data access, deletion, and refusal of data sale. We process the personal data of California users in strict accordance with the requirements of these regulations;

3. Virginia Consumer Data Protection Act (VCDPA): Applicable to resident users in Virginia, USA, which regulates the collection, use, sharing of personal data and the exercise of users' rights. We will strictly comply with all the requirements of this regulation;

4. Lei Geral de Proteção de Dados (LGPD) of Brazil: Applicable to users and data processing activities within Brazil, which clarifies the obligations of data controllers and the rights of data subjects. We will protect the personal data rights and interests of Brazilian users in accordance with the requirements of this regulation;

5. Federal Data Protection Law (FADP) of the United Arab Emirates: Applicable to users and data processing activities within the United Arab Emirates, which regulates the rules for the protection and processing of personal data. We will strictly follow the relevant provisions of this regulation;

6. Other applicable regional data protection laws and regulations: Including but not limited to laws, regulations, rules, and normative documents related to personal data protection issued by other countries or regions. We will adjust our data processing methods in accordance with the regulatory requirements of the region where the user is located to ensure compliance.

III. Personal Data We Collect and Collection Methods

This App does not require registration or login. You can use the core functions of the App such as chatting and consulting without providing personal identification information such as name, ID number, phone number, or email address. We only collect data that you actively provide, obtain through app permission authorization, and automatically generate when you use the App. All data collection is for the purpose of realizing the App's functions and improving the user experience, and we do not collect any data unrelated to the App's functions. The details are as follows:

3.1 Personal Data You Actively Provide

Such data is the information you voluntarily and actively provide to us when using specific functions of the App, mainly including:

1. Customized Information: Avatar, nickname, and other information you independently set on the "My Page" of the App. Among them, the avatar can be selected from your device's album or taken and uploaded via the camera, and the nickname can be freely set by you (shall not contain illegal, irregular, infringing, or other inappropriate content). Such information is only used to personally display your user account, facilitating you to identify your own chat records and customized settings, and will not be used for any other purposes or associated with your other personal information.

2. Feedback-Related Data: Feedback content and screenshots or photos you upload on the "Feedback" page of the App. When you encounter problems such as app freezes, crashes, or functional abnormalities, or have functional suggestions or consultation needs, you can submit relevant content through the feedback function, and optionally upload screenshots (take on-site problem pictures via the camera or select app interface screenshots from the album) to assist in explaining the problem. Such data is only used for us to troubleshoot app problems, understand user needs, optimize app functions, and improve service quality, and will not be used for other commercial purposes.

3. Chat Data: All chat records between you and the 10 AI beauty characters in the App, including text messages and voice content you send (if you choose to use the voice call function). Such data is used to realize the AI dialogue interaction function, allowing AI characters to generate responses consistent with their character settings based on your input; at the same time, it is used to save your chat history for you to view past conversations at any time; in addition, we will analyze the anonymized chat data to optimize the accuracy, relevance, and diversity of AI responses, and improve the overall chat experience (anonymized data cannot identify your personal identity).

3.2 Personal Data Obtained Through App Permissions

During the operation of the App, we will request to obtain certain permissions of your device according to functional needs. All permission requests will clearly inform you of the purpose of the permission. We will only collect relevant data under the corresponding permission after you actively click "Allow" to authorize; no relevant information will be collected without authorization. The specific permissions and data collection instructions are as follows:

1. Camera Permission: Only used for the "Feedback" function module of the App. When you submit feedback and need to upload on-site screenshots or photos to assist in explaining the problem, you can authorize the App to access the camera to take and upload relevant images. We will not automatically start the camera to take photos, will not store camera content that you have not actively uploaded, and will not use the camera permission for any purpose other than the feedback function. You can turn off this permission in the device settings at any time after authorization.

2. Album (Photo) Permission: Only used for the "Feedback" function module of the App. When you submit feedback and need to upload existing app interface screenshots or relevant photos from your device, you can authorize the App to access the album to select and upload the required images. We only access the images you actively select, will not read, access, or store other images in your album, and will not collect any irrelevant information in the album. You can turn off this permission in the device settings at any time after authorization.

3. Microphone Permission: Only used for the "Voice Call" function of the App. When you choose to have a voice conversation with an AI character, you can authorize the App to access the microphone to record your voice content and send it to the AI character to realize the voice interaction function. We will not automatically start the microphone to record, will not store audio data unrelated to voice calls, and the voice content is only used to generate AI voice responses and save voice chat records. You can turn off this permission in the device settings at any time after authorization; after turning it off, you will not be able to use the voice call function, but it will not affect the text chat function.

4. External Storage Permission: Used to store relevant data generated when you use the App, including your chat records, customized avatars, and images uploaded during feedback. Such data is only stored locally on your device, managed using an SQLite database, and will not be uploaded to any of our servers. You can manually delete the relevant stored data through the in-app functions or device settings. After uninstalling the App, all relevant data stored locally will be automatically deleted.

5. App Information Reading Permission: Used to read the installation information (such as installation time, version number), operation status (such as whether it is running in the background, whether there is an abnormality), and device adaptation information of the App on your device. Such data is only used for us to troubleshoot app problems, optimize app performance, and fix adaptation issues to ensure that the App can run normally on your device, and will not collect any information about other apps on your device.

6. Advertising Identifier (ADID): Used to display personalized advertisements (if you do not refuse). The advertising identifier is a string of anonymous identifiers generated by the device system, which does not contain your personal identification information. We analyze your usage habits (such as commonly used AI characters, chat topics) through this identifier to help advertisers push ad content more relevant to your interests, improve ad display effects, and support the free operation of the App. You can turn off the advertising identifier in the device settings (the path is usually: Device Settings - Privacy - Ads - Turn off Advertising Identifier). After turning it off, we will not be able to obtain this identifier and will display non-personalized advertisements, which will not affect the use of the core functions of the App.

3.3 Automatically Collected Non-Personal Identification Data

When you use the App, we will automatically collect some non-personal identification data. Such data cannot identify your personal identity and is only used for app optimization, function improvement, and service quality enhancement. The details are as follows:

1. Device Information: Including but not limited to your device model, operating system version, device resolution, screen size, processor model, memory size, network type (Wi-Fi/mobile network, such as 4G, 5G), network operator, and unique device identifier (non-personal identification identifier). Such data is used to analyze device adaptation, optimize the operation effect of the App on different devices, and fix device-specific fault problems.

2. Usage Behavior Data: Including but not limited to the AI characters you select, the number of chats with each AI character, the duration of each chat, the number and type of feedback submitted, the opening time and closing time of the App, page browsing records, and function usage frequency (such as whether you often use the voice call function, whether you often customize your avatar). Such data is used to analyze user usage habits, optimize the response content of AI characters, app interface layout, and function settings, and improve the overall user experience.

3. Error Logs: When the App has problems such as crashes, freezes, flashbacks, or functional abnormalities, the system will automatically collect error logs, including error codes, error occurrence time, device information, and operation behavior at that time. Such data is only used for us to troubleshoot the cause of faults, fix app vulnerabilities, and optimize app stability, will not contain any information that can identify your personal identity, and will only be collected when the App has abnormalities.

IV. Purposes of Data Collection

We collect your personal data and non-personal identification data based on the principles of legality, legitimacy, and necessity, only for the purpose of realizing the core functions of the App, improving the user experience, ensuring the normal operation of the App, and complying with relevant laws and regulations. We do not use it for any purpose unrelated to the App's functions. The specific purposes are as follows:

1. Realizing Core Functions: Providing you with core services such as AI character chat, voice call, chat history saving, and feedback submission. For example, collecting your chat data to realize AI dialogue interaction, collecting data related to camera and album permissions to realize the feedback function, and collecting data related to external storage permissions to save chat records and customized information, ensuring that all core functions of the App can be used normally.

2. Optimizing User Experience: Continuously optimizing the accuracy, relevance, and diversity of AI responses according to your chat habits, feedback content, and usage behavior data, making the responses of AI characters more in line with your needs; improving the app interface layout, operation process, and function settings to solve the inconvenience you encounter during use; fixing app faults and improving app running speed to provide you with a smoother and more convenient user experience.

3. Handling User Feedback: Timely troubleshooting app problems, responding to your inquiries and demands, and providing you with solutions based on the feedback content and relevant screenshots and voices you submit; summarizing common problems reflected by users and optimizing app functions in a targeted manner to improve service quality.

4. Displaying Advertisements: If you do not refuse, using the advertising identifier to display personalized advertisements to support the free operation of the App. We only display ad content related to beauty and skincare, and will not display illegal, irregular, vulgar, or irrelevant ad content. You can turn off the advertising identifier in the device settings at any time to stop receiving personalized advertisements.

5. Compliance Requirements: Complying with applicable laws and regulations, regulatory requirements, responding to legal matters such as lawsuits, arbitrations, and law enforcement investigations, and protecting the legitimate rights and interests of us and users. For example, providing relevant data for investigation and evidence collection in accordance with the legitimate requirements of law enforcement agencies; retaining necessary data for compliance audits in accordance with the provisions of laws and regulations.

V. Data Storage and Protection

5.1 Data Storage Methods and Duration

We strictly follow the principles of "minimum storage and shortest duration" to store your personal data and non-personal identification data, ensuring the security and compliance of data storage. The specific storage methods and duration are as follows:

1. Storage Methods:

(1) Local Storage: Your personal data such as chat records, customized avatars, and feedback-uploaded images are all stored locally on your device, encrypted and stored using an SQLite database, and will not be uploaded to any of our servers. Only you can access and manage such data through the App.

(2) Server Storage: Only error logs and non-personal identification data such as app usage behavior data will be uploaded to our dedicated servers for app optimization, fault troubleshooting, and function improvement. The servers adopt encrypted storage and transmission technologies to ensure the security of data during transmission and storage, and the servers are only accessible to our authorized personnel.

2. Storage Duration:

(1) Locally Stored Data: You can manually delete single or all chat records through the "Chat History" function in the App, and delete customized avatars and other information through the "My Page"; if you do not manually delete them, such data will be stored locally on your device until you uninstall the App or reset the device. After uninstallation or reset, all relevant data stored locally will be automatically and permanently deleted.

(2) Server-Stored Data: Error logs and non-personal identification data such as app usage behavior data will be stored for 6 months after you uninstall the App, and will be automatically and permanently deleted after the expiration; if it is necessary to extend the storage duration due to applicable laws and regulations, compliance audits, fault troubleshooting, etc., we will notify you 7 working days in advance through app pop-ups, emails, etc. The extended storage duration will not exceed the maximum period specified by laws and regulations, and we will continue to take security protection measures during the extension period.

(3) Special Cases: If the feedback content you submit involves major app faults or security issues, we may retain the relevant feedback data and screenshots for 3 months after the problem is completely resolved, and then automatically delete them. Such data is only used for fault repair and not for other purposes.

5.2 Data Protection Measures

We attach great importance to the security of your personal data and take various security measures in technology, management, and physics to comprehensively ensure that your personal data is not leaked, lost, tampered with, abused, or illegally accessed. The specific measures are as follows:

1. Technical Measures:

(1) Data Encryption: Personal data stored locally is encrypted and protected using AES-256 encryption technology to ensure that data cannot be illegally read or tampered with locally on the device; data stored on servers adopts HTTPS encrypted transmission protocol to ensure that data is not stolen or intercepted during transmission; data stored on servers adopts encrypted storage technology to prevent illegal access to data.

(2) Security Detection and Vulnerability Repair: Regularly conduct security detection on the App, using professional security detection tools to identify potential security vulnerabilities; establish an emergency vulnerability repair mechanism, and promptly organize technical personnel to repair vulnerabilities after discovery to ensure the safe and stable operation of the App.

(3) Access Control: Implement strict access control over server data. Only authorized personnel can access relevant data. Authorized personnel need to authenticate their identities through account passwords, two-factor authentication, etc., and each authorized personnel only has the minimum access rights related to their job responsibilities to prevent illegal access to data.

2. Management Measures:

(1) System Construction: Establish strict data security management systems, data processing specifications, and confidentiality systems, clarify the operation procedures and responsibility division of each link such as data collection, use, storage, and deletion, and ensure that data processing activities are compliant.

(2) Personnel Training: Regularly conduct training on personal data protection for internal employees and authorized personnel, including data protection laws and regulations, data security operation specifications, and confidentiality obligations, to improve the data security awareness and compliance awareness of relevant personnel, and clearly prohibit the disclosure and abuse of user data.

(3) Security Audit: Regularly conduct data security audits, conduct comprehensive inspections on data processing activities, access records, and the implementation of security measures, and promptly identify and rectify existing problems to ensure the effective implementation of data security protection measures.

3. Physical Measures: Implement strict physical security protection measures for the computer room where the storage servers are located, including 24-hour video monitoring, access control management, personnel entry and exit registration, fire prevention, anti-theft, and natural disaster prevention, to prevent illegal intrusion or damage to the servers.

4. Risk Response: If a security incident such as personal data leakage, loss, tampering, or abuse occurs, we will immediately activate the emergency response mechanism, take remedial measures (such as suspending relevant data processing activities, repairing security vulnerabilities, deleting leaked data, etc.), reduce security risks, and notify you and relevant regulatory authorities within the time limit specified by applicable laws and regulations, and cooperate with the investigation and handling of regulatory authorities.

VI. Data Sharing and Sale

6.1 Data Sharing

We strictly follow the principle of "minimum sharing and legal authorization" and promise not to share your personal identification data with any third party unless it complies with the following legal or agreed situations, and we will take necessary security measures before sharing to ensure data security:

1. Obtaining Your Explicit Consent: After you explicitly authorize, consent in writing, or confirm by clicking "Allow", we will share relevant personal data with the third party designated by you in accordance with your requirements, and the scope of sharing is limited to the content you authorize.

2. Service Providers: We may entrust third-party service providers (such as server hosting providers, advertising service providers, technical support service providers, etc.) to provide us with technical support, server hosting, advertising delivery, fault troubleshooting, and other services. These third-party service providers can only access relevant data within the scope of providing services for us, and must strictly comply with this Privacy Policy and relevant laws and regulations, sign data processing agreements, clarify their data processing obligations and confidentiality responsibilities, and shall not use the data for any purpose other than the service or disclose the data to any other third party. We will supervise and manage the service quality and data security of third-party service providers to ensure that they perform relevant obligations.

3. Compliance Requirements: To comply with applicable laws and regulations, regulatory requirements, respond to legal matters such as lawsuits, arbitrations, and investigation and evidence collection, summons, freezing, etc. by law enforcement agencies (such as courts, procuratorates, public security organs, etc.), it is necessary to provide the required data to relevant agencies. Such data provision is only for fulfilling legal obligations, and will be provided in strict accordance with the requirements of law enforcement agencies, not exceeding the necessary scope.

4. Corporate Merger, Acquisition, or Bankruptcy: If we undergo major changes such as corporate merger, acquisition, asset transfer, division, or bankruptcy, your personal data may be transferred to the relevant transferee as part of the company's assets. The transferee will continue to comply with the provisions of this Privacy Policy and perform data protection obligations; if the transferee needs to change the data processing method, it will notify you 7 working days in advance through app pop-ups, emails, etc., and can only change the data processing method after obtaining your explicit consent.

5. Other Legal Situations: In accordance with the provisions of laws and regulations, share relevant data within a reasonable and necessary scope to protect the legitimate rights and interests of us and users and maintain public interests (such as preventing fraud, combating illegal crimes, etc.).

6.2 Data Sale

We explicitly promise not to actively sell, rent, or lend any of your personal data, nor disclose your personal data to any third party in any form to obtain economic benefits.

You have the right to choose not to allow your personal data to be "sold" (the definition of "sale" here strictly complies with the provisions of relevant regional regulations such as CCPA, CPRA, and VCDPA, that is, disclosing personal data to third parties in exchange for something of value, including but not limited to money, services, etc.).

If you wish to opt out of the sharing or sale of your personal data (including but not limited to stopping the sharing of your personal data with third parties and refusing any form of data sale), you can submit a request by sending an email to marjorytremoiller@gmail.com. The email should indicate "Opt out of data sharing/sale" and provide your device-related information (such as device model, app installation time, customized nickname, etc.) to allow us to verify your identity and ensure the authenticity of the request. We will complete the processing within 7 working days after receiving your request, stop the relevant data sharing or sale activities, and feedback the processing result to you. If you have any objection to the processing result, you can further appeal to our DPO.

VII. User's Rights

In accordance with applicable laws and regulations (GDPR, CCPA, CPRA, VCDPA, LGPD, FADP, etc.), as a data subject, you have various rights related to your personal data. We will fully cooperate with you to exercise these rights and provide you with convenient channels to exercise your rights. The specific rights are as follows:

7.1 General Rights

1. Right of Access: You have the right to request us to provide a copy of your personal data, and to understand the details such as the scope of your personal data collected, the purpose of use, the storage method, the sharing situation, and the storage duration. We will provide you with relevant content in a clear and easy-to-understand form without charging any unreasonable fees.

2. Right of Correction: If you find that your personal data is incorrect, incomplete, or inaccurate (such as incorrect customized nickname, wrong avatar information, etc.), you have the right to request us to correct or supplement the relevant data. We will promptly correct it after verification to ensure that your personal data is accurate.

3. Right to Erasure (Right to be Forgotten): You have the right to request us to delete your personal data, including but not limited to chat records, customized avatars, feedback content, etc. (except as required by laws and regulations, such as data that needs to be retained for compliance purposes). You can also manually delete locally stored data such as chat records and customized avatars through in-app functions. Data deleted manually cannot be recovered.

4. Right to Restrict Processing: You have the right to request us to restrict the processing of your personal data. For example, when you believe that your personal data is incorrect and you are applying for correction; when you believe that our personal data processing behavior is illegal and you do not want to delete the data, you can request us to suspend the processing of the relevant data. Before your request is processed, we will suspend the processing of the relevant data (except for compliance requirements).

5. Right to Data Portability: You have the right to request us to provide your personal data in a structured, machine-readable format (such as CSV, JSON, etc.), or directly transmit it to another data controller designated by you if technically feasible, to facilitate you to transfer your personal data between different apps. We will provide relevant services free of charge.

6. Right to Withdraw Consent: You have the right to withdraw your consent to data processing at any time, including but not limited to withdrawing the authorization of camera, microphone, album, and other permissions, and withdrawing consent to data sharing and personalized advertisements. After withdrawing consent, we will no longer collect and use the relevant data, but it will not affect the legality of data processing activities completed before the withdrawal of consent, nor will it affect data processing based on other legal bases (such as compliance requirements).

7. Right to Complaint: If you believe that our personal data processing behavior violates relevant laws and regulations or this Privacy Policy and damages your legitimate rights and interests, you have the right to complain to the data protection regulatory authority in your region. We will actively cooperate with the investigation and handling of the regulatory authority and promptly rectify relevant problems.

7.2 Additional Rights in Specific Regions

In addition to the above general rights, in accordance with the requirements of laws and regulations in different regions, you also have the following additional rights:

1. European Union (GDPR): You have the right to complain to the European Data Protection Board (EDPB) or the data protection authority of the member state where you are located (such as the Federal Data Protection Office of Germany, the National Commission on Informatics and Liberty of France, etc.); if you are not satisfied with the result of our complaint handling, you can file a lawsuit with the relevant judicial authority and request us to bear corresponding legal responsibilities; you have the right to request us to compensate for the illegal processing of personal data.

2. California, USA (CCPA/CPRA): You have the right to request a copy of your personal data free of charge once a year, and we will not charge any fees; you have the right to request us to delete all your personal data (except as required by laws and regulations); you have the right to refuse data sale at any time, and we will not discriminate against you for exercising relevant rights (such as restricting your use of app functions, increasing service prices, etc.); you have the right to understand the details of the sharing or sale of your personal data by us to third parties, including the name, contact information of the third party, and the purpose of data sharing/sale.

3. Virginia, USA (VCDPA): You have the right to request us to correct and delete your personal data, restrict the processing of your personal data, and refuse data sale or sharing; you have the right to request us to provide records of the processing of your personal data, including the source of data collection, the purpose of use, the sharing situation, etc.; if we violate the provisions of VCDPA, you have the right to request us to bear corresponding compensation responsibilities.

4. Brazil (LGPD): You have the right to request confirmation of whether your personal data is being processed by us, and to obtain records and relevant information about the processing of your personal data; you have the right to request us to correct and delete your personal data, and to object to the processing of your personal data by us (such as believing that the processing purpose is unreasonable); you have the right to complain to the Brazilian Data Protection Authority (ANPD) about our illegal data processing behavior and request us to bear corresponding legal responsibilities.

5. United Arab Emirates (FADP): You have the right to access, correct, and delete your personal data, and restrict the processing of your personal data; you have the right to complain to the UAE Data Protection Authority about our illegal data processing behavior; we must obtain your explicit consent before processing your personal data, and the consent must be voluntary, clear, and specific, and you have the right to withdraw consent at any time.

7.3 Ways to Exercise Rights

You can exercise the above rights in the following ways, and we will provide you with convenient services to ensure that your rights are realized in a timely manner:

1. Email Application: Send an email to marjorytremoiller@gmail.com. The email should indicate the type of right you want to exercise (such as "Access personal data", "Delete personal data", "Correct personal data", etc.), and provide your device-related information (such as device model, app installation time, customized nickname, etc.) to allow us to verify your identity and ensure the authenticity of the request.

2. Processing Time Limit: We will respond within 7 working days after receiving your request. For simple requests (such as correcting a customized nickname), we will complete the processing within 3 working days; for complex requests (such as accessing all personal data, exercising the right to data portability), the processing time may need to be extended, and the extension period will not exceed 30 working days (in line with the requirements of relevant laws and regulations). We will inform you of the reason for the extension and the expected completion time within 7 working days after receiving the request.

3. Appeal Mechanism: If you have any objection to the processing result, you can send an email to the above email address again to appeal. We will have the Data Protection Officer (DPO) be responsible for re-reviewing your request and give the final processing result within 7 working days.

VIII. App Permission Management

You have full control over the various permissions of the App and can turn on or off relevant permissions in your device settings at any time. The specific management methods are as follows:

1. Permission Activation: When the App requests to obtain a certain permission, it will clearly inform you of the purpose of the permission. You can choose "Allow" or "Deny" according to your own needs. We will only collect relevant data under the corresponding permission after you click "Allow".

2. Permission Deactivation: You can find the App in the device settings at any time, enter the permission management page, and turn off any permission such as camera, microphone, album, and external storage. After turning off the permission, the App will no longer be able to collect relevant data under the corresponding permission, and may not be able to provide relevant functions normally (for example, after turning off the camera permission, the feedback page cannot take and upload pictures; after turning off the microphone permission, the voice call function cannot be used), but it will not affect the use of core functions of the App such as text chat and chat history viewing.

3. Permission Change Notification: If the App needs to add a new permission request due to function update, it will clearly inform you of the purpose of the new permission when the App is first started after the update. You can choose to allow or deny it, and we will not obtain the new permission without your consent.

IX. Update and Notification of Privacy Policy

1. Policy Update: We may modify and update this Privacy Policy according to changes in applicable laws and regulations, updates to the App's functions, adjustments to data processing methods, etc. The updated Privacy Policy will more comprehensively and compliantly protect your personal data rights and interests, and will not reduce our responsibilities or damage your legitimate rights and interests.

2. Notification Methods:

(1) General Update: If the update of the Privacy Policy does not involve your core rights (such as only optimizing the expression, supplementing details, etc.), the updated Privacy Policy will be displayed in a prominent position in the App (such as app pop-up window, privacy policy entry on the settings page) and indicate the effective date, which you can view at any time.

(2) Major Update: If the update of the Privacy Policy involves your core rights (such as expanding the scope of data collection, changing the purpose of use, adjusting the sharing method, etc.), we will notify you 7 working days in advance through app pop-ups, emails, etc., clearly informing you of the updated content, reasons, and impact on you. You can choose to continue using the App (which means you agree to the updated Privacy Policy) or uninstall the App (which means you do not agree to the updated Privacy Policy).

3. Effective Time: The updated Privacy Policy will take effect from the displayed effective date. If you continue to use the App after the effective date, it means you have fully understood and agreed to the updated Privacy Policy; if you do not agree to the updated Privacy Policy, please do not continue to use the App.

4. Historical Versions: You can view the historical versions of this Privacy Policy on the settings page of the App to understand the change records of the policy.

X. Disclaimer

1. Disclaimer for Minors' Use: This App is only for adult users aged 18 and above. If you are under 18 years old and use the App without authorization, all consequences arising therefrom (including but not limited to data leakage, damage to rights and interests, etc.) shall be borne by you and your guardian, and we shall not bear any responsibility; if we find that a minor is using the App, we will immediately delete their relevant data and terminate their usage rights.

2. Data Security Disclaimer: This App has taken reasonable and sufficient security measures to protect your personal data. However, due to the inherent limitations of Internet technology, the security problems of the device itself (such as the device being rooted, infected with viruses, etc.), your improper operation (such as disclosing the device password, randomly sharing the app account, etc.), or force majeure factors (such as natural disasters, network interruptions, hacker attacks, etc.), data leakage, loss, tampering, or abuse may occur. For such unforeseeable and unavoidable risks, we shall not bear any responsibility, but will try our best to assist you in reducing losses.

3. User Behavior Disclaimer: If the feedback content, chat content, customized avatar, and other information you submit through the App involve illegal, irregular, infringing, vulgar, defamatory, or other inappropriate content, all legal responsibilities arising therefrom (including but not limited to administrative penalties, civil compensation, criminal liability, etc.) shall be borne by you. We have the right to delete the relevant content, terminate your usage rights, and reserve the right to report to the relevant authorities.

4. Third-Party Liability Disclaimer: If the behavior of a third-party service provider (such as a server hosting provider, advertising service provider, technical support service provider, etc.) violates relevant laws and regulations, this Privacy Policy, or damages your rights and interests, the third party shall bear full responsibility, and we shall not bear joint and several liability, but will assist you in pursuing the responsibility of the third party and provide necessary support.

5. Non-Personal Data Disclaimer: The non-personal identification data we automatically collect is used for app optimization and service improvement. Such data cannot identify your personal identity. If such data is leaked or abused, it will not directly damage your personal rights and interests, and we shall not bear relevant responsibilities.

XI. Contact Us

If you have any questions, suggestions about this Privacy Policy, or need to exercise your rights related to personal data or complain about data processing-related issues, you can contact us in the following ways, and we will wholeheartedly provide you with help:

Company Name: Dingzhou Piwei Technology Co., Ltd.

Address: Room 1305, Anyuan Building, No. 172 Xingding West Road, Xiguan North Street Community, Western Urban Area, Dingzhou City, Hebei Province, China

Email Address: marjorytremoiller@gmail.com

Contact Time: Working days from 9:00 AM to 6:00 PM (Beijing Time), excluding legal holidays.

We will respond within 7 working days after receiving your message and try our best to solve your problem; for complex issues, we will inform you of the progress to ensure that your appeal is properly addressed.

Last Updated Date: March 23, 2026