Cut Cut Privacy Policy

Last updated: 19 Apr 2019

1. Overview

Cut Cut (hereinafter referred to as “this Product”) is a photography product developed, operated and managed by Qilin Hesheng Network Technology Co., Ltd. (hereinafter referred to as “APUS”, “we”, “us” or “our”). We fully respect and protect users’ personal privacy. While providing you with quality services, we will collect, use, disclose, store and protect your personal data in accordance with this Privacy Policy (hereinafter referred to as “Policy”).``

We will explain how we process your personal data in this Policy and how you may access and control your personal data.

Please completely read and fully understand this Policy before using this Product. If you have any questions about this Policy, or have any complaints or suggestions, please contact us via the methods as described in this Policy. This policy will help you understand the followings:

How We Collect and Use Your Personal Data
How We Use Cookie and Similar Technologies
How We Share, Transfer and Disclose Your Personal Data
Process Your Personal Data Using Third Party Services
How We Protect Your Personal Data
How You Access and Control Your Personal Data
How We Process the Minor’s Data
How Your Personal Data Is Transferred Globally
Contact Us
Update of Privacy Policy

2. How We Collect and Use Your Personal Data

We may collect your personal data as follows while we are providing services. These data is critical for us to realize various functions of this Product. We will use these data to help us develop and improve our products to provide better services. We will use your personal data in strict compliance with the purposes set forth in this Policy. We will inform you in advance and obtain your consent before we use these data for any other purposes than set forth in this Policy or we use the personal data collected for specific purposes for other purposes.

2.1. Category and purpose of your personal data we collect

This product is a full range of photography, editing, photo community photography products, so we need to use your camera authorization to take photos, while you need to get your photo image parameters for image editing and classification display, in addition to We also provide a wide range of services, these services are as follows

2.1.1. Pre-activation service

In order to strictly comply with the laws and policies of the relevant countries or regions, we need to use pre-activation services to know your country or region. During pre-activation, we will send your IP address, country code (MCC), mobile phone language, system version and other information to our server. This information is only used to know your country or region, thus providing you with agreements and services that comply with that country or region. This information will be deleted within a short period of time after knowing your country or region, and will not be permanently saved.

2.1.2. Photo Capture

As a photography product, we will receive the EXIF data about your photos. EXIF data may contain GPS coordinates where photos were taken and processed, equipment type, ISO and information about front and rear cameras and creation time, depending on the equipment manufacturer: Use of camera data requires that you consent to the use of camera rights, and camera data cannot usually be used to identify specific individuals and will be used to improve the camera service

2.1.3. Photo View

For easy viewing of all photos, as well as managing photos, we provide an album function for you. The application will use your picture (album) name, picture (album) type, and picture (album) size in viewing pictures and album information. , Picture (album) creation time, pictures (album) storage directory and other information. Reading and displaying picture information requires you to agree with the app’s use of storage permissions. All photo data will be processed locally and will not be uploaded.

2.1.4. Picture enhancement

The product also provides picture effect enhancement services. These services include: picture parameter modification and editing, picture synthesis, filter function, puzzle function, beauty makeup function, art filter function and a series of features related to picture enhancement. When using these functions, the application uses the meta-data of the image, and the meta-data refer to the technical data related to the user’s content. For example, the rough features of the characters contained in the photo and other content contained in the photo. When you usingthe service, we will use photo meta-data to provide you with certain functions, including precise “face recognition”, “keypoint recognition”, “zone division”, “face attribute labels” and other based on these functions Custom function basic functions. Meta-data usually cannot be used to identify a specific individual and it will be used to improve services

2.1.5. Watermark

The product provides a geographic watermark and system time watermarking function to personalize your watermark function. The time watermark will display the current time watermark according to the time of the mobile terminal. The system time is the system software information. The specific person cannot be identified through the system time and the system time is limited to the use of the time watermark.

2.1.6. Online resource download

The store features of the product provide a large number of downloadable landscaping items including stickers, filters, puzzles, posters, picture-in-picture, and beauty makeup resources. When you use the road download, we will analyze the download behavior to analyze the trend of the use of props, the download behavior data can not identify a specific individual and the data only the trend analysis of the use of user props

2.1.7. Cloud service

We provide you with a wealth of features and services through cloud service interfaces, such as news, video, navigation, event, website security detection, and product updates. In order to ensure the operation of cloud services, we need to collect some necessary data, including: application information such as application package name, application version, and application installation time; system information such as country code, system language, and system time zone; screen resolution and other devices Information; network information such as operators.

2.1.8. Service quality measurement

In order to measure the quality of service of a product and thus provide you with better services experience and other new services, we will collect the following information during your use of the service, and the information obtained will only be used for this purpose.

Activation information: application information including application package name, application version, and application installation time; system information such as Android ID, country code, system language, system version, system time zone, and Google service version; screen resolution, mobile phone brand, mobile phone model, etc.; Network card information and other devices information; network types, operators and other network information.

Usage information: application information including application package name, application version, and application installation time; system information such as country code, system language, and system time zone; screen resolution and other device information.

2.1.9. Provide stable services

In order to provide you with a stable service, we will collect the following related information for locating, analyzing ,and improving problems in the event of product. And the information is only used for this purpose.

Crash information: When our product crashes, you can choose whether to upload crash information. Then we will get the uploaded crash information, including application name, application version, application installation time, application signature and other application information; country code, system language, system time zone, memory information and other system information; screen resolution, mobile phone brand, horizontal screens, vertical screens and other information; crash process name, crash time, system non-sensitive log at crash, and crash log of this application.

Feedback: If you have any questions or suggestions about this policy, you can give us feedback through the product’s feedback function. We will get your feedback, including email address, feedback content, mobile phone brand, mobile phone model, system version and other information.

2.1.10. Anti-Fraud and Anti-Cheating

To prevent fraud and cheating, in order to ensure the normal operation of our business that provide you with better services and ecological environment, we need to obtain some necessary data, including: application package name, application version, application installation time, application signature and other applications Information; Android ID, country code, startup time, system time, memory information, system version, power, volume information, Bluetooth information, SIM card status and identification information, storage information and other system information; screen resolution, mobile brand, mobile phone Type, sensor information, camera information, CPU information, GPU information and other device information; location information, headset pluggable information, application installation and use information, screen unlocking information, Wi-Fi list information, network information and other user use information. The information obtained is used only for this purpose and is stored on the server as a pseudonym.

2.1.11. AI cutout

In order to achieve faster and more accurate cutout effect, we provide you with the basic AI cutout function. Using this, you only need a few seconds to complete cutout. To improve the accuracy of AI cutout, we need to get your original cutout data. Please note that this function is not activated by default. You could activate this function by clicking relevant buttons in the setting menu. After you click the button, we thus start to collect the fore-mentioned data.

2.1.12. Feedback

You may provide us with information related to your use of our Services, including copies of your messages, and how to contact you so we can provide you customer support. For example, you may send us an email with information relating to our app performance or other issues.

2.1.13 Subscriptions

This Product enables subscriptions . We do not process payments for subscriptions nor have access to your credit card information.

Payment transactions for subscriptions are completed through the app store via your Google Play account. Any post-purchase processes are controlled by Google stores and are subject to specific terms of such Google stores. Please review Privacy Policy and terms of service of your Google stores.

2.2. Your personal data we obtain from a third party

When we reasonably believe that a third party has the legal right to disclose your data, we will obtain your data from that third party.
We may obtain your personal data types from third parties and their uses as follows:
We can obtain your data from third parties through the application interface, such as your Facebook or Google+ account data (including avatars, user nicknames, age ranges, gender, email, language information). And use it for quick registration of accounts.
We will give you special tips when you initiate the above-mentioned features involving special types of personal data, again telling you about the special types of personal data that may be collected, and obtaining your express consent.
We do not obtain your personal data from any third party except for the third party account login. If certain services may require your personal data from a third party, we will notify you in advance and obtain your consent.

2.3. What permissions do we use to get your data

2.3.1. Take pictures and videos

We use this permission because the Camera app needs this permission to take pictures.

2.3.2. Get your location (GPS and network-based)

When you share photos in Moment, you can add location information.

2.3.3. Read phone status and identity

We use this permission to recommend customized content.

2.3.4. Read, modify or delete the contents of your storage as your instructions

Read, Modify or delete the contents of your SD card as your instructions. We use this permission so that you can save new pictures to your SD card.

2.3.5. Draw over other apps

This permission allows the Camera to display a floating window on other apps so that we can show the screenshot shortcut.

2.3.6. Install shortcuts

This permission is used to install shortcuts on launchers, so users can continue using Cut Cut related function…

2.3.7. Modify system settings

This permission is used to switch or adjust volume and brightness level of the screen for video playing.

2.3.8. Receive FCM notification

This permission allows users to receive FCM notification for subscription services.

2.3.9. Find accounts on the devices

This permission allows APUS to check if users have logged in Google Play and provide relative app installation service for users.

2.3.10. Run at startup

Cut Cut will run at startup to provide users with services.

2.3.11. Prevent Phone from sleeping

The only purpose for using this permission is to prevent the phone from going to sleep when you are playing videos in full screen mode, otherwise we won’t do it .

3. How We Use Cookie and Similar Technologies

Cookie is a small piece of text sent to a browser by a website visited by a user. It helps the browser to record user access information, such as preferred language and other settings. In this way, users will have an easier and more practical experience when they visit the same website the next time. Cookie play a vital role. Without cookie, the user’s experience of Internet will be greatly reduced, and some website features or services may not even work properly. We use cookies to provide you with a complete web browsing service. We do not collect cookie information ourselves. Please note that the websites you visit may use cookie to store your preferences, settings, login status, etc. For example, when you visit a webpage that has a login function for the first time, you need to enter a user name and password to log in. After logging in, the website will record your login status, When you switch different pages under the site, you do not need to re-enter the user name and password, you can directly browse the content of the web page. Websites may use cookie to recommend advertisements. For example, some websites use cookie to record websites that you click on to prevent you from seeing duplicate advertisements. We provide the ability to disable and delete cookies. You can disable or delete cookies.

To make it easier for you to open web pages, we provide web page caching. We allow websites you visit to store some web page data, such as web page pictures and other information. When you visit the site next time, the site will directly read the saved data for display, thereby to open the webpage faster. The cache will expire due to expiration or manual removal. We will not upload any cached content.

4. How We Share, Transfer and Disclose Your Personal Data

We will share with or transfer or disclose your personal data to a third party with your consent or explicit instructions. In addition, to improve the quality of our service, we may also share with or transfer or disclose your personal data to a third party under the following circumstances.

4.1. Subsidiary Products

We may share your personal data with our subsidiary products to provide a more consistent experience and better service. We guarantee that our subsidiary products will treat your personal data in accordance with the purposes and requirements shown in this Policy. We will obtain your prior consent again if our subsidiary products wish to use your personal data for purposes other than those set forth in this Policy.

4.2. Affiliated Company

We may share your personal data with our affiliated companies and will ensure their processing of your personal data is in compliance with the purposes and requirements of this Policy. We will obtain your prior consent again if affiliated companies intend to use your personal data for other purposes than set forth in this Policy.

4.3. Third party service provider

We may engage third party service providers to provide specific services. Third party service providers may collect data when providing services, and we will ensure that they follow our instructions, follow the purposes and requirements set out in this policy to process your personal data, and take appropriate confidentiality and security measures to safeguard data security.

4.3.1. Attribution of installation channel

In order to attribution of installation channel and provide you with better services, we use the services of a third party service provider. The service needs to obtain your information including: application package name, application version, application installation time and other applications Information; Android ID, country code , language, system version and other system information; power, charging type, sensor information, mobile brand, mobile phone Type, network information, CPU information and other device information. The information obtained is only used for this purpose.

4.3.2. Anti-fraud and Anti-Cheat

In order to prevent fraud and prevent cheating, and to provide you with better services and better ecological environment, we use Digital Union’s services. The service needs to obtain your information including: application package name, application time information, application version number, installation path, application size and other application information; CPU, screen resolution, total memory information and other hardware general information; country code, start-up time, system time and other system information; mobile phone brand, mobile phone model, memory, CPU and other equipment hardware information. The information obtained is only used for this purpose.

4.4 Share of your personal data as required by law

Subject to compliance with this Policy, we may be required to share or disclose your personal data under certain circumstances, such as in accordance with laws and regulations, and compulsory requirements of government orders; to safeguard the legitimate rights and interests of yours, ours, and third parties; and to prevent or deal with fraud, secure or technical problems.
4.5 Change of organization and existing status of our company
For any change of the organization or existing status of our company (such as restructuring, merger or bankruptcy), your personal data may be transferred to the company entity after change or our affiliated company (the “Data Transferee”). The Data Transferee will continue to be bound by this Policy.

5. Process Your Personal Data Using Third Party Services

The Product may contain a hyperlink directing to third party products or services, such as a hyperlink to another website. You may click the hyperlinks in this Product to access third party products or services. Meanwhile, we may also embed third party links in this Product and you may click these links to access or use third party products or services on the interface of this Product. We hereby remind you that when you access or use third party products or services via the above methods whereby your personal data will be obtained by such third party products or services, the privacy policies of such third party products or services will apply to such personal data.

6. How We Store and Protect Your Personal Data

6.1. Security protection of personal data

We are committed to protecting your personal data. We have adopted all possible security technologies and procedures to protect your personal data against unauthorized access, use, revision, damage, destruction or disclosure. These security measures mainly include the following:
a) Your personal data is stored in the computer systems located in a controlled site with security measures such as encryption.
b) Only APUS employees who have the necessity to process relevant data for the purpose of product operation are authorized to access your personal data and such employees are required to comply with strict confidentiality obligations.
c) We are constantly striving to ensure the security of your personal data, and we adopt encryption technologies during data transmission to prevent your information against unauthorized access, use, revision, damage, destruction or disclosure.
d) We are more prudential when we transmit and store special categories of your personal data and adopt encryption technologies and other security measures to ensure data security.
In case of personal data security incident, according to the requirements of relevant laws and regulations, we will promptly inform you via push notification, announcement, etc. the basic situations and possible influence of the security incident, response measures we have taken or will take, suggestions for you regarding self-prevention and risk reduction, remedial measures for you, etc. We will timely deal with system vulnerabilities, cyber-attacks, virus intrusion, and other security risks.

6.2. Personal data storage term

We will store your personal data for the necessary period for data collection and processing purposes. Beyond the above-mentioned period, we will delete or anonymize personal data.
Browsing history, bookmarks, web page data, cookie, downloading file information, and search history are all stored locally and are available throughout the application lifecycle. You can manually clear this data at any time.
The access records, application execution logs, and application debug logs of the cloud service are stored on the server for a short period of time, typically 7 days. If this period expires, we will delete or anonymize the data.
Application usage data is pseudo-persistently stored on the server for data analysis. You can access, edit or delete your data in the manner described in section 7. : How to Access and Control Your Personal Data.
After you cancel your account, we may not be able to delete your personal data immediately due to technical reasons; however, we will delete it during the next system update, and we undertake not to process your personal data during the period between cancellation of your account and the next system update.

7. How You Access and Control Your Personal Data

7.1. Access and revise your personal data

You may access and edit your personal data online through APUS User Information Center.

7.2. Change of your authorization scope

You may select on the page of APUS User Information Center to change your authorization scope for us to process your personal data. Please be minded that since all functions of the Product need certain basic personal data for normal operation, certain functions of the Product may not operate normally when you withdraw your consent to processing of some personal data.
When we receive your withdrawal of consent, we will no longer process your corresponding personal data.

7.3. Rejection of personalized advertising

You may always choose whether to receive promotional emails, messages, calls, and mails from us or third parties. You may also choose to no longer receive personalized advertisements through APUS User Information Center.
We will no longer use your personal data for the above-mentioned commercial promotion purposes when you refuse to receive interest-based advertisements. Non-personalized ads don’t use mobile ad identifiers for ad targeting, they do still use mobile ad identifiers for frequency capping, aggregated ad reporting, and to combat fraud and abuse.

7.4. Delete your personal data

You may submit a request to us to delete your personal data when:
a) Your personal data is no longer necessary for data collection or processing;
b) You have withdrawn your consent to our processing of your personal data ;
c) Your personal data has been processed illegally;
d) We are obligated to delete your personal data in accordance with the laws of EU members.
We may not be able to delete your personal data immediately due to technical reasons. We will delete it during the next system update. We will not process your personal data in any way during the period between your request of deleting your personal data and the next system update.

7.5. Respond to your requests

We may first verify your identity upon receipt of your request, and may request you to provide the necessary information for authentication.
We will respond to your request on the 30th day after we receive your request and communicate with you in an appropriate way. If necessary, we may extend it (by an additional 30-day at most), and will inform you of the reason for the extension of the deadline on the 30th day after receiving your request. If we have reasonable reasons to believe that no measures are needed to respond your request, we will inform you of our decision 30 days from the date of receipt of your request and provide you with appropriate explanation.
We will use best efforts to help you resolve relevant problems. If you are not satisfied with the response you received, you may refer the complaint to the relevant regulatory authority, or file a lawsuit before a competent judicial authority.

9. How We Process the Minor’s Data

This Product is not intended for a minor under 16 years old (or equivalent minimum age set by the laws of EU members). We will only process the information of these minors to the extent permitted by law and with the consent of their guardians.
We will implement relevant technical measures and make our best efforts to verify whether the processing of minors’ information has been approved by their guardians. We will try to delete relevant data as soon as possible if we are aware that we have collected the personal data of a minor without the prior consent of their certified guardians.

10. Contact Us

If you have any questions or suggestions about this policy, or you need to do your data management power to manage your Privacy data, please feel free to contact us: cutcutcut-privacy@outlook.com
If you find any violation of this policy, please feel free to contact our DPO:cutcutcut-dpo@outlook.com

11. Update of Privacy Policy

We reserve the right to revise or modify this Policy. For any update of this Policy, we will send you notice on the interface of this Product to remind you of relevant updates and indicate the updated provisions for your ease of reading. Please do completely read and fully understand the updated Privacy Policy. By continuing to use this Product, you will be deemed to have accepted the updated version of this Policy. We will not reduce your rights under this Policy without your explicit consent.

12. How Your Personal Data Is Transferred Globally

We provide APUS products and services around the world, which means to conduct business globally, your personal data might be transmitted to a jurisdiction or accessed from such jurisdiction outside of the country/region where you use this Product. These jurisdictions include but are not limited to Singapore, United States, and China.

Please note that we only return demographic information to China and we do not include information on individual user identities. At the same time, in order to provide you with better services, our third party partners may transmit your data to other countries. For example, in order to detect robots or cheating, we have purchased a Chinese supplier’s traffic monitoring service. The merchant may return the user information to China in order to assist us in analyzing whether there is cheating in the user.

Personal data protection legislation in such jurisdiction might be different or even absent. Under such circumstance, we will adopt various measures to ensure security of your personal data. For instance, we will ask you for your explicit consent before transmission of your personal data, or implement security measures such as encryption and pseudonymisation during data transmission; when your personal data is transferred to such jurisdictions, we will apply the same protection of your personal data in accordance with the Policy. We will endeavor to protect your personal data with the measures stipulated in Article 46 and Article 47 of the EU General Data Protection Regulation.

The content of this Privacy Policy shall be adjusted according to the local legal or statutory requirements.