Privacy Policy

Last Updated: March 24, 2026

1. Introduction

This Privacy Policy explains how HypeCut ("we", "us", or "our") collects, uses, stores, and discloses personal data when you download, install, access, or use the HypeCut mobile application (the "App") and related services (collectively, the "Service").

This Privacy Policy should be read together with our Terms of Service. If you do not agree with the practices described in this Privacy Policy, please do not use the Service.

For purposes of this Privacy Policy, "Personal Data" means any information relating to an identified or identifiable natural person, as defined under applicable data protection laws.

2. Personal Data We Collect

We may collect Personal Data from you in the following ways:

• Directly from you when you provide it to us;

• Automatically when you use the Service;

• From third parties such as service providers, analytics partners, or vendors acting on our behalf.

The types of Personal Data we collect depend on how you use the Service and which features you choose to access.

Depending on applicable law, we may also collect limited account, payment, usage, device, and third-party login information as further described below.

3. Personal Data You Provide Directly

When you use the Service, you may provide the following categories of Personal Data:

• Uploaded images and videos. If you choose to upload photos or videos, we process those files solely to provide the features you request.

• Gender selection. When using certain image or video generation features, you may be asked to select a gender preference (Female, Male, or Other). This information is used only to tailor generated outputs according to your selection and is not used for identification or profiling purposes.

• Communications. If you contact us, we may collect your name, email address, and the content of your communications in order to respond to your inquiries and provide support.

• Account information. If you create an account, we may collect your email address and generate an internal unique user identifier for account management purposes.

• Payment and subscription information. If you purchase a subscription or paid feature, we may collect limited transaction related information such as subscription type, payment status, transaction identifiers, and related URLs. Payment processing is handled entirely by Google via the Google Play Store, and we do not receive your full payment card number.

• Other information you voluntarily provide. This includes information you choose to submit when interacting with the Service.

4. Image Data and Facial Information

4.1 Processing of Image Data

The Service processes images and other visual inputs you upload (including content that may contain faces) to generate AI-based visual outputs. This may involve automated analysis of visual features, such as face detection, solely for the purpose of producing the requested output. Any facial information extracted during processing is anonymized and used only for the technical operation of generating your requested content.

4.2 Facial Information and Biometric Considerations

Our product is an AI video generator app that helps you create videos using templates. You may choose to upload or generate content that includes faces (for example, photos containing a person).

We do not use facial information to identify or authenticate you, and we do not use it for surveillance, identity verification, or tracking.

What we do (and why): In order to generate video effects and keep a character's appearance consistent across frames/scenes, we may perform limited technical analysis on the content you provide (for example, detecting a face). Any such processing is used solely to produce the requested output (e.g., animating a static photo or maintaining on-screen consistency in a generated video) and is not used to build or maintain biometric identifiers/templates for identifying you.

What we do not do:

• We do not use facial information for identity verification, authentication, or surveillance.

• We do not retain identifiable facial biometric templates or use facial data in any way that could identify you personally.

4.3 Retention of Image and Facial Data

We process image and facial information temporarily to provide the requested output. We do not store any facial-analysis data. Your uploaded images will be deleted after the requested output is generated.

4.4 Restrictions on Use and Prohibited Data

We do not sell, rent or share your uploaded images, facial data, or any derived facial-analysis data.

We do not use uploaded images or facial data to train machine learning models without your explicit consent.

4.5 Content Safety and Reporting

We use automated measures to help detect and prevent the generation or display of content that may violate our Terms of Service (including any content rules incorporated into it), including objectionable content. The template and generated-result pages also include a visible Report button that allows users to report objectionable content.

If our systems determine that a generation request or result violates our Terms of Service (including any content rules incorporated into it), we may show an in-app notice, withhold the display of the result, and refund the Gems (tokens) used for that generation.

5. Personal Data Collected Automatically

When you use the Service, we may automatically collect certain information, subject to applicable consent requirements. For clarity, this information falls into the following categories:

5.1 Usage and Technical Data

• Device and technical information, such as IP address, device identifiers, operating system, language, and network information;

• App usage information, including feature usage, frequency, interaction data, and timestamps;

• App version and Google Play Store region.

5.2 Subscription and Transaction Metadata

• Subscription status and limited transaction-related metadata (excluding full payment card details).

Payment processing is handled entirely by Google via the Google Play Store. We do not receive or store your full payment information.

5.3 Advertising and Attribution Identifiers

• Advertising and attribution identifiers, such as Identifier for Vendors (IDFV), UUIDs, or similar device-level identifiers, where permitted by your device settings and applicable law.

5.4 Log and Diagnostic Data

• Log data such as timestamps, crash reports, error diagnostics, and performance data, collected to maintain, secure, and improve the Service.

5.5 Device Permissions

Depending on the features you choose to use and your device settings, the App may request access to the following device permissions. These permissions are used solely to enable specific functionalities you explicitly engage with.

• Camera. Allows you to capture photos or videos directly within the App for use with the Service.

• Notifications. Allows us to send you service-related notices, reminders, and subscription updates.

• Internet Access. Required for the App to communicate with our servers and deliver core functionality.

• Network State. Allows the App to detect your network connectivity status to optimize performance and inform you of connection issues.

• Advertising ID. Used for attribution and advertising measurement purposes, where permitted by your device settings and applicable law.

Some permissions are also required to support background services used by third-party components integrated into the App, such as push notification delivery, install attribution, and in-app purchase functionality via Google Play. These operate solely to support the corresponding features described in this Privacy Policy.

You can manage or revoke permissions at any time through your device settings. If you choose not to grant certain permissions, some features of the Service may not be available.

6. How We Use Personal Data

6.1 Purposes of Processing

We process Personal Data for the following purposes, subject to applicable law:

• To provide and operate the Service and its features;

• To process user requests and generate requested outputs;

• To provide customer support and respond to inquiries;

• To monitor usage, analyze performance, and improve the Service;

• To ensure security, prevent fraud, and prevent abuse;

• To comply with legal obligations and enforce our Terms of Service;

• For any other purpose disclosed at the time of collection or with your consent.

6.2 Legal Bases for Processing

Where required by applicable law, we rely on one or more of the following legal bases to process Personal Data:

• Performance of a contract, where processing is necessary to provide the Service;

• Your consent, where you have been asked to provide it;

• Our legitimate interests, where those interests are not overridden by your rights and freedoms;

• Compliance with legal obligations.

7. Disclosure of Personal Data

We disclose Personal Data only where it is lawful, necessary, and proportionate for the purposes described in this Privacy Policy. For clarity, disclosures may occur in the following circumstances:

7.1 Service Providers and Business Partners

We may share Personal Data with third-party service providers and business partners who assist us in operating, maintaining, and improving the Service. These providers process Personal Data on our behalf and only for the purposes specified by us, subject to contractual confidentiality and security obligations. Such providers may include, for example:

• analytics and measurement providers;

• attribution and advertising measurement providers;

• cloud hosting and infrastructure providers;

• authentication and identity management services;

• app stability and crash reporting services;

• customer support and communication service providers.

7.2 Legal and Regulatory Disclosures

We may disclose Personal Data if we believe in good faith that such disclosure is necessary to:

• comply with applicable laws, regulations, legal processes, or lawful requests from public authorities;

• enforce our Terms of Service, policies, or agreements;

• detect, prevent, or address security, fraud, or technical issues;

• protect the rights, property, or safety of users, ourselves, or others, as required or permitted by law.

7.3 Business Transfers

If we are involved in a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets, Personal Data may be transferred as part of that transaction. Where required by applicable law, we will take reasonable measures to notify you and ensure appropriate protections are in place.

8. Cookies, SDKs, and Tracking Technologies

We and our partners may use cookies, SDKs, and similar technologies to collect information about how you use the Service. These technologies help us provide functionality, analyze usage, and support advertising and measurement activities.

Types of technologies may include functional technologies (required for core features), measurement and analytics technologies, and marketing or attribution technologies where permitted by law.

You can manage tracking preferences through your device settings. Please note that disabling certain technologies may limit functionality of the Service.

Do Not Track. Some browsers or devices offer a “Do Not Track” signal. Because there is no uniform standard for interpreting these signals, we do not currently respond to them.

9. Data Security

9.1 Data Security Measures

We implement reasonable technical and organizational measures to protect Personal Data against unauthorized access, loss, misuse, or alteration. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9.2 Data Retention

We retain Personal Data only for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of data and purpose of processing.

If you delete your account or request deletion of Personal Data, we will delete or anonymize such data unless retention is required by law.

9.3 Account Deletion and Data Control

You can delete your account at any time from the Account page within the Service. When you delete your account, we will delete or anonymize your Personal Data associated with your account, unless we are required or permitted by law to retain certain information (for example, for compliance, dispute resolution, fraud prevention, or security purposes). Please note that account deletion is permanent and irreversible.

Important: Account deletion does not automatically cancel Google Play subscriptions. To avoid future charges, you must manage or cancel subscriptions through the Payments & Subscriptions section in your Google Play Store settings.

Upon account deletion, any unused in-app assets or entitlements associated with your account—such as remaining subscription access time or unused Gems/tokens—will be forfeited and cannot be recovered. We do not provide cash refunds for unused assets after account deletion, except where required by applicable law. Any refund requests for Google Play Store purchases must be directed to Google. Refunds are processed in accordance with the Google Play Refund Policy.

10. Children’s Privacy

The Service is not intended for children under the age required by applicable law (for example, 18). We do not knowingly collect Personal Data from children under 18. If you believe that a child has provided Personal Data to us, please contact us so that we can take appropriate action.

11. Third-Party Services

The Service uses third-party software development kits (SDKs), APIs, and service providers ("Third-Party Services") to help us operate, provide, secure, and improve the Service. These Third-Party Services may process Personal Data on our behalf and only for the purposes described in this Privacy Policy, subject to contractual safeguards and applicable law.

Third-Party Services may include, for example, providers of:

• analytics and measurement services;

• attribution and advertising measurement services;

• cloud hosting and data storage services;

• customer support and communication tools;

• authentication and identity management services;

• app stability and crash reporting services.

We will maintain a list of Third-Party Services used by the Service below, together with links to their respective privacy policies, so that you can review how they process Personal Data.

List of Third-Party Services Used by the Service:

• Google Sign-In – Privacy Policy: https://policies.google.com/privacy

• Google Firebase – Privacy Policy: https://firebase.google.com/support/privacy

• Adjust - Privacy Policy: https://www.adjust.com/terms/privacy-policy/

We are not responsible for the independent privacy practices of Third-Party Services, and we encourage you to review their privacy policies for more information about how they handle Personal Data.

12. GDPR (European Economic Area, United Kingdom, and Switzerland)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and related local data protection laws apply to our processing of your Personal Data.

Legal bases for processing.

We process Personal Data only where we have a valid legal basis to do so, including:

  • Performance of a contract, where processing is necessary to provide the Service you request;

  • Your consent, where you have been asked to provide it;

  • Our legitimate interests, where those interests are not overridden by your rights and freedoms;

  • Compliance with legal obligations.

Your rights.

Subject to applicable law, you have the following rights with respect to your Personal Data:

  • The right to access your Personal Data;

  • The right to correct or update inaccurate or incomplete Personal Data;

  • The right to request deletion of your Personal Data;

  • The right to restrict or object to certain processing activities;

  • The right to data portability;

  • The right to withdraw consent at any time, where processing is based on consent.

To exercise these rights, please contact us using the information provided in the Contact Information section below. You also have the right to lodge a complaint with your local data protection authority.

13. CCPA and CPRA (California Residents)

If you are a resident of California, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with specific rights regarding your Personal Data.

Categories of Personal Data.

We collect the categories of Personal Data described in this Privacy Policy for the purposes outlined above.

Your rights.

Subject to applicable law, California residents have the right to:

  • Know what Personal Data we collect, use, disclose, and share;

  • Request deletion of Personal Data, subject to legal exceptions;

  • Request correction of inaccurate Personal Data;

  • Opt out of the sale or sharing of Personal Data, where applicable;

  • Not be discriminated against for exercising privacy rights.

Do Not Sell or Share.

Where required by law, you may opt out of the sale or sharing of Personal Data used for targeted or cross context behavioral advertising.

Authorized agents.

California residents may designate an authorized agent to submit requests on their behalf, subject to verification requirements.

Requests to exercise CCPA/CPRA rights may be submitted by contacting us using the information provided below. We may need to verify your identity before processing your request.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If changes materially affect your rights, we will provide notice or obtain consent as required by law. The updated Privacy Policy will be effective as of the date indicated above.

15. Contact Information

If you have questions or concerns about this Privacy Policy or our data practices, you may contact us at:

Email: support@hypecut.ai