Laffy AI - Funny Video Maker

PRIVACY POLICY

PRIVACY POLICY 

This Privacy Policy outlines how TPC INVEST PTE. LTD ("we," "us," or "our") collect, use, and disclose your personal information when you use any of our mobile applications available on the Apple App Store (collectively, the "Apps") and related services. It also explains your privacy rights and the legal protections afforded to you. We are committed to safeguarding the personal information of our users and their contacts.

By using any of our Apps or services, you consent to the collection, use, sharing, and processing of your personal information as described in this policy. We use your personal data to enhance and deliver our services effectively.

1. PERSONAL INFORMATION COLLECTED 

Types of Data Collected: 

1. Personal Information User Provide 

Our Service automatically gathers data when you interact with it, enabling us to better understand your needs and enhance your experience.

• User-Provided Images (may include face data): We collect and temporarily process photos or videos that you voluntarily select and upload through the app in order to generate AI content and provide related app functionality. Such uploaded files may contain your face or the faces of other individuals. We process these files solely to deliver the feature you request. We do not collect or store biometric identifiers, and we do not create, extract, or retain face templates. We do not use uploaded face images or any face data derived from them to identify you or any other person. Please see “Data Retention and Deletion” below for the retention timeline applicable to uploaded images and any face data they may contain.

• User Text (Voice Input): We collect and store on server the text that you submit through the app (up to 500 characters) in connection with the voice generation feature. This information is processed as an input prompt solely for the purpose of generating the requested voice output and providing the relevant app functionality.

2. Information Collected Automatically

• Firebase Messaging (FCM): We automatically collect and process your device’s APNs token for the purpose of enabling and delivering push notifications. This token is transmitted directly to Firebase and is not sent to or stored on our own servers.

• Firebase Crashlytics: We collect crash reports, diagnostic information, and non-fatal error data for the purpose of monitoring app stability, identifying technical issues, and improving the performance and reliability of the app. This information is used solely for internal analytics, troubleshooting, and service improvement purposes.

• IDFA (ATT): Subject to your permission under the ATT framework, we may collect, store on server, process your IDFA and share it with third-party attribution and analytics partners, including Adjust and Facebook, for the purpose of measuring advertising performance, attributing app installs and user actions.

• Wi-Fi & Network: We automatically access and process information regarding your device’s network connectivity status (including online/offline status) solely for the purpose of supporting the proper operation and functionality of the app. Such information is processed locally on your device and is not transmitted to our servers.

• Local Generation History: We store generation history locally on your device through SwiftData, including generation status, related URLs, and timestamps, for the purpose of enabling in-app history and content management features. Such information is stored locally and is not transmitted to our servers.

• User Preferences: We store certain user preference and app usage information locally on your device through UserDefaults, including onboarding status, session count, and first launch date, for the purpose of supporting app configuration, improving user experience, and enabling app functionality.

3. Data Obtained from Third Parties

• Firebase Analytics: We obtain analytics data from Firebase Analytics regarding user interactions, screen views, and in-app events for the purpose of measuring usage, analyzing user engagement, and improving app functionality and performance.

• Firebase Remote Config: We obtain configuration data from Firebase Remote Config to dynamically manage certain app settings and features, including onboarding flows and use case configurations. This information is for the purpose of supporting app functionality and improving user experience.

• Adjust SDK: We obtain and store attribution and analytics data through the Adjust SDK for the purpose of tracking attribution, measuring marketing campaign performance, monitoring revenue events, and supporting deferred deep linking functionality. The IDFA will only be used following your consent under Apple’s App Tracking Transparency framework.

• Facebook SDK (FBSDKCoreKit): We obtain and store data through the Facebook SDK (FBSDKCoreKit) for the purpose of automatically logging certain app events, processing advertiser identifiers where permitted, and supporting deep link functionality.

We do not collect any personal data directly from you without your explicit consent or from publicly available sources. All third-party data is processed in accordance with applicable privacy laws and is used solely to enhance our services.

2. YOUR CONSENT AND USAGE PERSONAL INFORMATION

1. Granting Consent:

By registering or creating a profile on our platform, you explicitly agree to our processing of your personal data as detailed in this Privacy Policy.

2. How We Utilize Your Information:

We use the personal information collected to:

• Enhance Service Delivery: Provide and maintain the quality of our services.

• Personalize Experience: Tailor content and advertisements to better match your interests and improve your overall service experience.

• Manage Your Account: Support the management of your service usage, enabling access to various functionalities as a registered user.

• Communicate: Contact you with updates, security alerts, and promotional messages through email or other forms of communication. 

• Security and Fraud Prevention: To detect, prevent, and address fraud, security risks, and other malicious or illegal activity.

• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests.

• Enforcing Terms: To enforce our Terms of Use and other policies.

3. Analytical Use and Compliance:

We analyze anonymized or aggregated data to enhance our services and ensure compliance with legal requirements, aiding in the prevention of fraud and illegal activities.

4. Advertisements and Analytics:

Third-party analytics may be used to understand service usage patterns and improve service delivery. These analytics are derived from data collected through cookies and similar technologies, which do not contain personally identifiable information.

5. Cookies:

Cookies are utilized to understand user interactions and store preferences related to your service use. You can manage these settings to adjust your privacy preferences.

6. Your Privacy Rights:

You have the right to opt out of receiving promotional communications and can manage, access, or modify your personal data, except where retained for legitimate business or legal reasons.

7. Policy Updates:

This Privacy Policy is subject to updates, which will be reflected in the revised document available on our platform. We encourage you to review this policy periodically. Continued engagement with our services after such updates constitutes your acceptance of the terms.

By using our services, you confirm that you understand and agree to the terms set out in this Privacy Policy, ensuring a secure and transparent user experience. 

3. SHARING AND DISCLOSURE OF PERSONAL INFORMATION 

We do not share your data with other companies, organizations and individuals unless one of the following circumstances applies:

1. Sharing with your Consent:

• We do not share your personal information with third parties without your explicit consent. Where consent is required for sharing specific data, we will seek this consent separately.

2. Legal Compliance and Protection of Rights:

We may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to:

• Comply with a legal obligation, subpoena, court order, or other valid legal process.

• Protect and defend our rights or property.

• Prevent or investigate possible wrongdoing in connection with the Service.   

• Protect the personal safety of users of the Service or the public.   

• Protect against legal liability.

3. Service Providers and Partners:

Face data and uploaded images are not shared with third-party AI providers, advertising networks, data brokers, or analytics platforms. Cloud hosting services (such as Amazon Web Services – AWS) act solely as infrastructure providers and process data under our control and contractual safeguards. We may share only the minimum personal information necessary with third parties to provide, improve, promote, and protect our services. These include:

• Service Providers: We may share Personal Data with third-party vendors, consultants, and other service providers who perform services on our behalf (e.g., cloud hosting, data storage, payment processing (e.g., Apple App Store In-App Purchase, Google Play Billing), customer support, analytics (e.g., Google Analytics, Firebase Analytics), marketing, and advertising (e.g., Google AdMob, Apple Search Ads). These service providers are contractually obligated to protect your data, and are granted access only to the information necessary to perform their functions. They are prohibited from using your personal information for other purposes. 

• Business Partners: We may share limited data such as: Contact details and demographic information, … with our business partners with whom we collaborate to provide you the best services or promotional offers. This is only done with your explicit consent and is strictly controlled under confidentiality agreements, ensuring compliance with privacy laws and limiting use to the agreed purposes.

For clarity, we do not sell, share, or disclose uploaded images, face data, or any related derivatives to third parties for their own marketing, advertising, or analytics purposes.

4. Business Transfers:

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your Personal Data may be shared or transferred as part of such a transaction, subject to standard confidentiality arrangements.

5. Public Interactions:

If you engage in activities on public areas of our services, your information can be seen by others and may be read, collected, or used by them. You are advised to exercise caution when deciding to disclose your personal information in these areas.

6. Cookies:

We use cookies to understand and save your preferences for future visits and compile aggregate data about site traffic and site interactions. This helps us offer better site experiences and tools in the future. You may manage your cookie preferences through your browser settings.

4. APP-SPECIFIC PERMISSIONS

The main Permissions used by Laffy AI: Funny Video Maker are described below.

Permission 1: NSCameraUsageDescription
This permission allows the app to access your device’s camera so you can take photos to create and color artwork within the app. Granting this permission enables you to capture images directly in the app as part of its core coloring features. The app only accesses the camera when you choose to use this feature.

Permission 2: NSPhotoLibraryUsageDescription
This permission allows the app to access photos you select from your photo library so you can create and color artwork within the app. The app only accesses the specific photos you choose and does not scan or access your entire photo library. This permission is required to enable the app’s core image selection and coloring features.

Permission 3: NSUserTrackingUsageDescription
This permission allows the app to use your device identifier for advertising and analytics purposes, including delivering more relevant advertisements, measuring campaign performance, and improving the overall user experience. Tracking will only occur if you grant permission through Apple’s App Tracking Transparency framework.

These permissions are essential for the app to function properly and are strictly used in accordance with Google Play's regulations to ensure a secure, efficient, and user-respecting operation. The app prioritizes user rights and privacy, implementing these permissions to enhance user experience without compromising privacy and security.

5. INFORMATION SECURITY AND TRANSFER OF PERSONAL INFORMATION

1. International Data Transfers:

Your personal information may be transferred to and processed in countries outside of your country of residence, including where our servers are located or where our service providers operate. These countries may have data protection laws that are different from those in your jurisdiction.

We take appropriate measures to ensure that your personal information remains protected according to the security standards outlined in this Privacy Policy, regardless of where it is processed. This includes implementing strong contractual arrangements (such as Standard Contractual Clauses) and security measures to protect your data during international transfers.

2. Safeguarding Measures:

We implement strong contractual arrangements and security measures to protect your data when it is transferred internationally. This includes using encryption, secure data transfer protocols, and ensuring that all data handlers comply with our data protection and privacy standards.

All uploaded images and associated facial geometry data are protected through encryption in transit (HTTPS/TLS) and encryption at rest within our secured cloud environment.

Access to such data is restricted through access control and monitoring mechanisms.

3. Face Data Handling and Protection

Face data is processed either locally on your device or within our secure cloud infrastructure for the sole purpose of generating the requested AI-based result.

Uploaded images and associated facial geometry data are stored temporarily in our secure environment for processing and are automatically deleted within 24 hours after the result is delivered.

Face data is encrypted in transit and at rest and is not shared with any third-party AI providers, advertising networks, or data brokers.

We do not retain facial data beyond this limited processing period.

4. Data Security Practices:

To protect your personal information from unauthorized access, loss, or misuse, we employ a variety of security technologies and procedures. These include encryption, firewalls, and access controls that restrict who can access your data and how it is used. Our security measures are designed to provide a level of protection that matches or exceeds industry standards.

5. Handling Data Risks:

While we endeavor to secure your data, the transmission of information over the internet can never be guaranteed to be completely secure. We encourage you to take precautions to protect your personal information when using digital services, including monitoring your account settings and access privileges.

6. Data Security

We implement appropriate technical and organizational security measures designed to protect the security of any personal information we process, including encrypting data at rest and in transit, access controls, and secure development practices. However, please note that no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

7. Data Retention And Deletion

We retain your Personal Data only for as long as necessary for the purposes stated in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

• Account Information: We generally retain your account information for as long as your account remains active.

• User-Provided Images / Face Data Retention: Uploaded images or videos that may contain faces are retained only as long as necessary to complete the requested processing and are automatically deleted within 24 hours after processing is completed. Processing typically completes within approximately 10 minutes. The limited temporary retention window exists solely to verify successful processing, investigate failures, and respond to customer support inquiries related to a recent generation request. We do not permanently retain, archive, or re-use uploaded face images or any face data derived from them. Such content is not used to train AI/ML models or for any secondary purpose.

• User-Generated Content and Usage Data: We retain user-generated content and usage data for as long as necessary to provide the services you use or for legitimate business purposes, unless you request earlier deletion.

• Other Data: Other types of data are retained for periods necessary to fulfill the purposes for which they were collected.

When your account is deleted or upon receiving a valid data deletion request, we will securely delete or anonymize your Personal Data according to our internal procedures and applicable law, subject to any legal obligations or legitimate business needs (e.g., fraud prevention, dispute resolution) requiring us to retain certain information. Please note that residual copies may take some time to be fully removed from backup systems.

8. Correcting and Updating Your Information:

You have the right to request access to, correction of, or deletion of your personal information. If your personal data changes, or if you no longer wish to use our service, you may correct, update, or remove the information by making a direct request to us.

6. ACCESSING AND UPDATING PERSONAL INFORMATION 

1. Your Rights to Access and Control Personal Data:

You have the right to access, review, and manage your personal data stored by us. Under applicable laws, you can request information about the data we hold on you, as well as request updates, corrections, or deletions of any inaccuracies.

2. How to Manage Your Information:

You can exercise your data protection rights through several options:

Update and Correct: Directly modify your personal details via your account settings.

Privacy Controls: Adjust settings to manage the use of your data, including opting out of targeted advertising and managing communication preferences.

3. Limitations on Access:

In certain circumstances, as permitted or required by law, your ability to access or control your personal data may be limited. The scope of access may also vary by the specific services and products you utilize.

4. Processing Requests:

We endeavor to promptly fulfill requests to access or modify personal information. You can initiate these requests through the contact options available on our platform.

5. Additional Support:

If certain personal data cannot be accessed or controlled via our standard tools or if you have specific inquiries regarding your data rights, please reach out to us directly for assistance.

6. Transparency and Accountability:

We regularly review and report on the requests we receive to access or control personal data, ensuring transparency and accountability in our data handling practices.

7. MINORS 

1. Data Collection and Consent:

Our Service is not intended for use by children under the age of 13 (or a higher age threshold if required by applicable law in your jurisdiction). We do not knowingly collect personally identifiable information from children under this age without verifiable parental consent. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take steps to remove that information from our servers promptly. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us.

2. Parental Rights:

Parents or guardians have the right to review, manage, and delete their child’s information. We provide tools and support to facilitate these actions.

3. Revoking Consent:

At any time, parents or guardians can revoke their consent and request the deletion of their child’s information from our systems.

4. Reporting Issues:

For issues regarding the protection of minors’ data, please contact us immediately.

8. CHANGES TO THIS PRIVACY POLICY 

We may revise our Privacy Policy from time to time to reflect changes in our practices or service offerings. When updates are made, we will notify you by sending an email and/or displaying a prominent notice on our service. Additionally, we will update the 'Last updated' date at the top of the Privacy Policy, which can be viewed on this page.

For significant changes, we may also send a push notification directly through the service.

We encourage you to review our Privacy Policy periodically to stay informed of how we are protecting the personal information we collect. Continued use of the service after any updates signifies your agreement to the revised policy.

9. CONTACT 

If you have any questions about our Privacy Policy or wish to make a request regarding certain personal information, you are encouraged to contact us. The contact information is:

TPC INVEST PTE. LTD.

laffyai.support@gmail.com