Privacy Policy
Last Modified: 19 March 2026
Your privacy is important to us.
Starii Innovation Pte. Ltd. and its affiliates (“we”, “us” or “our”) are dedicated to protecting the privacy of our users (“users” or “you”). This Privacy Policy (this “Policy”) is meant to explain our practices regarding how we collect, store, use, manage and protect your user information (including your personal information) as a controller and/or business under applicable data protection laws during your use of Pixtodot including all its features (our “Services”). For the purpose of this Policy, the term “affiliates” shall mean any entity which directly or indirectly controls, is controlled by, or is under common control with Starii Innovation Pte. Ltd. For the purpose of the foregoing, “control” shall mean (i) the direct or indirect ownership of more than 50 per cent of the outstanding voting securities or capital stock of such entity or other comparable equity or ownership interest, or (ii) the control of management decisions and economic interests of the entity by way of contractual arrangements.
Please note that the scope of this Policy is limited solely to your user information (including your personal information) collected or received by us when you are using our Services. In this Policy, “personal information” refers to any information or combination of information that can be used to identify, contact or locate an individual to whom the collected information pertains.
IF YOU ARE A USER LOCATED OUTSIDE THE EU/UK, BY USING OUR SERVICES, YOU ARE AGREEING TO THIS POLICY AND THE COLLECTION, USE, PROCESSING, RETENTION, DISCLOSURE AND SHARING OF YOUR USER INFORMATION, INCLUDING YOUR PERSONAL INFORMATION, IN THE MANNER PROVIDED IN THIS POLICY, TO THE EXTENT PERMITTED UNDER APPLICABLE LAWS. IF YOU DO NOT AGREE WITH ANY OF THE TERMS OF THIS POLICY OR ANY SUBSEQUENT CHANGES TO THIS POLICY, PLEASE DO NOT USE OUR SERVICES.
Please note that it is mandatory for you to provide certain categories of data (as specified at the time of collection) when using our Services. In the event that you do not provide any or sufficient data marked as mandatory, we may not be able to complete the registration process or provide you with our Services. Also, please note that, unless we define a term in this Policy, all capitalized terms used in this Policy have the same meanings as in our Terms of Service. So, please make sure that you have read and understand our Terms of Service.
If you have any questions regarding this Policy or any privacy-related matters, please contact our Data Protection Officer via email at compliance@starii.com (please quote “Pixtodot” in your email title) or via registered mail at 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619 (attention: Legal Department, Starii). Please note that for all other enquiries, feedback, suggestions and/or complaints not related to privacy or intellectual property infringement (including but not limited to any cancellation of subscription, payment disputes, refund requests and technical support of Pixtodot), you should contact us via email at support@pixtodot.com. If your email is sent to an incorrect email address, relating to an incorrect subject matter, it may lead to a potential delay or failure in processing your requests properly.
THE INFORMATION WE COLLECT
In order to provide and improve our Services, we will collect and process your personal information and user information in accordance with this Policy. If you do not provide this information, we may be unable to provide you with our products or Services. You should ensure that all personal information and user information submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with all or some of our Services.
Account Information
When you use our Services, we might recommend you sign up for an account with us to take full advantage of our Services and all their features. When you create an account, we will collect the following information that can be used to identify you or provide our Services to you:
- Mandatory: email address, device ID
- Optional: username, profile picture, and location.
Anyone can access our Services, but there are certain services that require a subscription fee, such as accessing to our premium content and enjoying advertisement privileges (“Subscription Service”). If you choose to make a purchase on our Subscription Service, we will collect certain personally identifiable information, such as your device ID. A third-party app store and/or payment processor may receive, access or use your financial information and billing address for the purpose of processing transactions and renewals. If you purchase content or sign up for Subscription Services through a third-party app store and/or payment processor, you should refer to that third party’s terms for information on how it maintains and uses personal financial information for all purchases. For the avoidance of doubt, we will not collect any financial information from you.
Device Information
When you use our Services on your device, we may collect information about your device, including Android ID, Universally Unique Identifier (“UUID”), User ID (“UID”), Identifier for Advertising (“IDFA”) and Identifier for Vendor (“IDFV”), Open Anonymous Device Identifier (“OAID”), Google Advertising ID (GAID), International Mobile Subscriber Identity (IMSI), Integrated Circuit Card Identifier (ICCID), Mobile Equipment Identifier (MEID), the type of device you use, operating system version, and resolution, which will be used by us for statistical and/or analytical reasons, including without limitation to improve our technical functionality, server load-balancing, analysis of technical data relating to your device so as to optimize our Services and graphics adaptation.
As stated below in the “Location Information” section, we may collect your location-based information from your device if you choose to share it with us. If you subsequently wish to stop sharing Location Information, you may do so at any time by editing the relevant setting on your device.
Analytics
We use analytics software to allow us to better understand and improve the functionality of our Services. Such software may record information such as how often you use the application/website, the events that occur within the application/website, aggregated usage, performance data, and where the application/website was accessed from.
Network Information
When you use our Services, we may collect information about the network you use, including the name of the operator and the type of network, so as to understand the distribution of operators and networks used by our users. In addition, we may collect information such as the name of the WiFi network to which you connect, the location of the WiFi network, and the duration of your WiFi connection to understand the environment under which you prefer to use our Services.
Coarse Location Information
We may collect your location-based information from your device if you choose to share it with us.
- Mandatory: IP address, and system time zone
- Optional: country code, and system country.
This information will help us understand user distribution and usage scenarios and allow us to provide users with the correct version of our application/website, and improve our Services. Unless we obtain your consent, location data WILL NOT BE ACQUIRED or USED to identify you individually. Except as otherwise provided in this Policy, we will not share this Location Information with any third parties. If you no longer wish to allow us to collect or use such information, you may turn off your Internet access, or disable our access to information about your network, and device. Please note that we may still continue to receive some Location Information, such as your IP address and system time zone, as a result of you using our Services.
Log Information
When you use some of our Services, including generating and browsing certain content, we will automatically collect certain relevant log information stored in our Services (“Log Information”). Log Information may include (i) details on when and how often you use our Services, (ii) device statistics, including critical operation paths, errors, crashes, language and time zone. This Log Information is used to improve our Services and is NOT USED to identify our users individually.
Image/Video Information
By choosing to use the cloud editing feature of our Services, you understand and agree that we must upload your photos/videos to our server for processing before returning processed photos/videos to you for the purposes of providing such service to you and continuous optimization and that we will also receive the EXIF data about your photos (EXIF data may contain GPS coordinates where photos were taken and processed, equipment type, ISO and information about the front and rear cameras and creation time, depending on the equipment manufacturer) for the purpose of further optimizing our Services, such as providing a better match of photo effects to your equipment. By enabling the camera and/or allowing access to photos/videos on your device by us, you agree that we may access, collect and/or use your photos/videos for editing.
Voice Information
By enabling the microphone, you agree that we may collect your voice data (i.e. audio clips or recordings of your voice) for video editing. We will not use your voice information for advertising purposes. You can turn off our access to your microphone on your device at any time using the operating system settings on the device or by muting the microphone on your devices.
Metadata
Metadata refers to technical data associated with user content. Put simply, metadata is data that describes data. For example, metadata can describe the analysis results of facial features, gender, age of the characters in photos and other elements contained in photos, which are generated and tagged by the computer algorithm and artificial intelligence. When you use our Services, we will use photo metadata to provide you with certain features including “Facial Recognition”, “Key-Points Recognition”, “Region Segmentation”, “Content Tags” and other custom features based on a combination of these basic features. We may use your photo metadata to provide you with more suitable filters and better photo effect when our application/website processes your photos; we may also make use of the metadata to serve up a more contextually relevant products or services to you.
Facial Feature Information
In order to provide certain Services, apart from utilizing metadata as mentioned above, we may collect your facial feature information (including but not limited to facial images) and use face recognition technology to recognize faces in photos and camera experiences. We may detect and use facial marks to provide face recognition contents and facial manipulation features. Our Services may utilize calculation results of certain AR technologies in relation to depth of facial mapping information, which may require to use your facial recognition features in order to ensure the face image processing effect and perform feature analysis using the algorithm. The information we collect will not be used for identifying a specific person, and is used to provide the mentioned features only. When the content recommendation is finished or upon the closing of the application/website, the facial mapping information is discarded. This information is not shared with any third parties.
We will neither use the results for other purposes, nor capture any data in the file nor upload data to the server for recording purposes.
Cookies
We use “cookies” that store and retrieve information of user’s usage from time to time provide customized Services for each user. Cookies are small amounts of information that the server uses to operate the app/website, sends to the user’s device and are also stored on the hard disk in the user’s device. You may refuse the installation of cookies. Information collected may include information about your Internet Protocol (IP) address, browser type, Internet Service Provider (ISP), referring and exit pages, your operating system, dates and timestamps, and clickstream data.
- Purpose of use of cookies: Cookies are used to provide information optimized for each user by identifying the visit to and use type of each service and website that the user has visited, popular search terms, secure access status, etc.
- Installation, operation and refusal of cookies: A user may refuse the installation of cookies by sending an email to compliance@starii.com (please quote “Pixtodot” in your email title) or click on the pop-up banner at the bottom of the page when you first visit our website.
- If a user refuses to store cookies, he or she may experience difficulties in using customized Services.
Information Collected Through Integration with ChatGPT or Similar Services
When you use ChatGPT or other similar integrated features in our Services, we may collect and process personal information that is included in your text inputs and the generated outputs.
Advertising-Related Information
We and our third-party service providers may include advertisements within our Services, and with your consent, we may collect and use information about you such as your Advertising ID, geographic location and IP address for the purpose of delivering and tracking these advertisements. If your device does not have Advertising ID, we may use other persistent identifiers. We use the above information to help us better count, track and provide advertisements based on suitability, language, geographic location and other details. If you wish to opt out of interest-based advertising, you may opt out by sending email to compliance@starii.com (please quote “Pixtodot” in your email title). Please note you will continue to receive generic ads after you opt out of interest-based advertising.
We may use your personal information, such as your email address or other contact details, to send you marketing communications, promotions, and offers about our products or services. These communications may include newsletters, special offers, or other information that we believe may be of interest to you. You have the right to opt out of receiving marketing emails from us at any time. Each marketing email we send will include a link to unsubscribe or manage your preferences. We are committed to complying with all applicable laws and regulations regarding direct marketing and take your privacy seriously. If you have any questions about how we use your data or would like to exercise your rights, please contact us at compliance@starii.com.
Information Collected by Third Party Services
Our Services provided to you may contain our service provider’s Application Programming Interfaces (APIs) or Software Development Kits (SDKs), which may have tracking tools of such service providers. These third parties may use cookies, APIs and SDKs on our Services and collect and analyze user information. In addition, some third-party SDKs may allow advertisers to collect information in order to provide content that is more relevant to you. Third parties may access your information such as your device identifiers, region (defined as the location where a given language is used), location information and IP address under their respective privacy policies. If you want to know more about such third parties, you may send an email to compliance@starii.com (please quote “Pixtodot” in your email title).
Information that You Proactively Provide to Us
When you contact us (including but not limited to our customer support team and Data Protection Officer), we collect the data you provide to us, for example, your contact details (e.g. email address and/or telephone number).
Other Information
We may also collect other information which is not related to your identity. For example, we may collect information on the type and version number of your operating system to better understand system upgrades, and we may collect information on your system language for the purpose of language adaptation. If we choose to collect such information, we will do so for the purpose of improving our Services provided to you.
HOW WE USE INFORMATION
In addition to the uses listed above, we collect and use your user information and personal information for the following purposes:
- Services. To provide, process, maintain, improve and develop our Services provided to you, including customer support, and other services provided through our products. It includes providing the correct version of our Services based on your coarse location data as well as implementing risk management measures, such as for fraud-prevention, and measures to detect and resolve errors.
- Statistical analysis. To develop and analyze statistics on the use of our products and Services for the purpose of improving our products and our Services.
- To create an account. The personal information that we collect when you use our Services to create an account will be used by us to create your account and profile.
- To provide personalized advertising. Upon your consent, we may allow third-party providers of advertisement networks to collect general information on your use of our service (without disclosing your uploaded content, such as images), linked to unique advertising identifiers (advertising IDs) obtained from your device.
- To verify your identity. Verifying your identity helps prevent unauthorized logins to your account.
- To collect feedback from you. Your feedback is of great value in helping us improve our Services. To keep track of your feedback, we may use the personal information provided by you to contact you and retain the records.
- Other purposes. We will collect, store, maintain and use information about you for purposes under the “The Information We Collect”, and for purposes of complying with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities; maintaining the safe and stable operation of the Services; protecting the security of your account, network, operation, and system, and to prevent phishing, website fraud and Trojan horse viruses; and processing requests.
INFORMATION SHARING AND DISCLOSURE
We may share your information with third parties who provide services on our behalf to help with our business activities. These services may include:
- Fulfilling orders and delivering packages;
- Providing you with advertising;
- Payment processing;
- Providing customer services;
- Fulfilling subscription services;
- Conducting research and analysis; and
- Providing cloud computing infrastructure.
We will not share with or disclose to third parties (other than our service providers) your personal information in whole or in part except for the purposes of:
- protecting the security of others or their property;
- preventing or dealing with fraud;
- safeguarding our legitimate rights and interests;
- taking action in line with our purposes as described in the “The Information We Collect” or the “How We Use Information” sections;
- complying with laws, rules and regulations or requests by government departments, judicial authorities, law enforcement, or private parties, which are typically designed to uphold Internet security and the rights, property and safety of us, our users and third parties; and/or
- evaluating or completing a transaction where we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or other event where your information may be sold or transferred.
BASES FOR USING YOUR INFORMATION
We will only collect and process personal information where we have lawful bases and we typically rely on one of the following four legal bases:
- Consent (where you have given consent);
- Contract (where processing is necessary for the performance of a contract with you, for example, to operate the site or deliver any services you have requested);
- Legitimate interests (for example we need to use your information to provide and improve our Services, including protecting your account, providing customer support). We rely on our legitimate interests as our lawful basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law); and
- Legal obligations (to comply with the laws, rules and regulations or requests by government departments, judicial authorities or law enforcement).
If you have questions about the lawful bases on how we process your personal information, please contact us at compliance@starii.com (please quote “Pixtodot” in your email title).
THIRD PARTY WEBSITES AND SERVICES
Our Services may contain links to other websites and services. In addition, other websites and services may reference or link to our Services. These other domains and websites are not controlled by us, and we do not endorse or make any representations about third party websites or services. We encourage our users to read the privacy policies of each and every website and service with which they interact. Visiting these other websites or services is at your own risk.
INFORMATION SECURITY
We will take reasonable measures to prevent the loss, improper use of, unauthorized access to or disclosure of information. For example, some of our Services will use encryption techniques (such as SSL) to protect your personal information. However, you understand and accept that (in the Internet industry) even though we take reasonable security measures, we cannot always guarantee that your information is 100% secure. You understand and accept that we cannot ensure or warrant the security of any information you provide to us. We do not accept liability for unintentional disclosure. Further, you understand and accept that the system and communication network used by you to access our Services may fail due to factors beyond our control.
INFORMATION ACCESS AND CONTROL
We will take all reasonable and appropriate technical measures to ensure that you can access, update and correct your personal information or other personal information provided to us by you when using our Services. Before you access, update, correct or remove such personal information, we may verify your identity in order to protect the security of your account.
DATA RETENTION
Subject to applicable laws, rules and regulations and the fulfillment of our business or legal purposes, we will delete your information (including your personal information) promptly upon your termination of your account with us.
PRIVACY RIGHTS
In accordance with applicable law, you may have the right to: (i) request confirmation of whether we are processing your personal information; (ii) obtain access to or a copy of your personal information; (iii) receive an electronic copy of personal information that you have provided to us, or ask us to send that information to another company (“right to data portability”); (iv) object to or restrict our uses of your personal information; (v) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed personal information; (vi) withdraw your consent; and (vii) request erasure of personal information held about you by us, subject to certain exceptions prescribed by law.
If you wish to exercise your rights, you may send an email to compliance@starii.com (please quote “Pixtodot” in your email title) or mail your request to 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619 (attention: Legal Department, Starii). We will process your request in line with applicable laws within a reasonable period of time after receiving your email or mail, and will cease collecting, using and disclosing your personal information thereafter, subject to certain exceptions prescribed by law. To protect your privacy, we will take steps to verify your identity before fulfilling your request. Please note that if you withdraw your consent or delete your personal information, your use of some of our Services may be affected.
California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the California Consumer Privacy Act.
INFORMATION ABOUT CHILDREN
We will not knowingly collect or request personal information from children under 16 (or any other age stipulated by law applicable to your region). If you are under 16, please do not send your personal information to us, including but not limited to your name, address, phone number or email address. If you believe we may have any information about children under 16 (or any other age stipulated by law as children applicable to your region), you may send an email to compliance@starii.com (please quote “Pixtodot” in your email title) or send a registered mail to 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619 (attention: Legal Department, Starii). If we learn that we have collected personal information from children under 16 (or any other age stipulated by law applicable to your region), we will promptly take steps to delete such information and terminate the associated account.
CROSS-BORDER DATA TRANSFERS
Depending on the jurisdiction in which you are a user of, and subject to the special rules and policy of such jurisdiction as stated in this Policy, you understand and agree that all information collected via or by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the Hong Kong Special Administrative Region of the People’s Republic of China (“Hong Kong”), Japan, South Korea, Singapore, the United States, the European Union, in the cloud, on our servers, on the servers of our affiliates, or the servers of our service providers, in order to provide our Services.
GOVERNING LAW
This Policy is established, comes into force, and will be enforced and interpreted under the laws of Hong Kong, without regard to its conflict of law provisions. Any disputes arising hereunder will also be resolved in accordance with the Terms of Service. We do not represent or warrant that this Policy complies with the privacy law of any jurisdiction. Therefore, you should not interpret this Policy in accordance with such law.
AMENDMENTS TO THIS POLICY
You agree that we may update this Policy according to relevant laws and regulations or based on our business decisions, and you agree to be bound by any such revisions hereto. We will post any significant changes to this Policy on Pixtodot or notify you by other means as required by law.
FOR USERS IN THE EUROPEAN ECONOMIC AREA AND THE UNITED KINGDOM
For cases in which we process personal information within the scope of the European General Data Protection Regulation and the UK General Data Protection Regulation (collectively, “GDPR”), you will find the relevant details on the processing of your personal information in the GDPR Notice below.
FOR USERS IN JAPAN
Right to data disclosure, correction, erasure or suspension of use
If you are in Japan, as a data subject, you have the right to request the disclosure, correction, erasure or suspension of use of your personal information, and we are obliged to meet your request without undue delay. You may send your request by email to compliance@starii.com (please quote “Pixtodot” in your email title) or by mail to 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619 (attention: Legal Department, Starii).
FOR USERS IN SOUTH KOREA
International Data Transfers
We process the personal information of users only within the scope specified under HOW WE USE INFORMATION, and in principle, will not provide personal information of users to a third party. However, with your consent, for purposes of providing our Services described under INFORMATION SHARING AND DISCLOSURE to you, we may collect your personal information from, transfer it to, and store and process it elsewhere.
- Personal information transferred: please refer to the section “The Information We Collect” of this Policy above
- Transfer date and method: transferred on submission for storage and processing
- Country to which personal information is transferred: Singapore
- Retention of personal information: please refer to the section “Data Retention” of this Policy above
Also, we may transfer your personal information to the following third parties located outside of South Korea:
| Name | Purpose | Particulars of personal information | Period |
|---|---|---|---|
| Stripe, Inc. | Subscription payment services | IP, User’s UID, country code, language, Email | As stated in the relevant third-party privacy policy |
| Apple Inc. | Subscription payment services, login | IP, User’s UID, country, language | As stated in the relevant third-party privacy policy |
| Google LLC | Subscription payment services, login | GAID, Android ID, IP, User’s UID, country, language | As stated in the relevant third-party privacy policy |
| Meta Platforms, Inc. | Subscription payment services, login | GAID, Android ID, IP, User’s UID, country, language | As stated in the relevant third-party privacy policy |
Whenever we share information outside of where you live, we ensure that the transfer complies with your local law so that your personal information is adequately protected.
You may refuse the above overseas transfer of your personal information by contacting our department in charge of protecting personal information as stated below. If you refuse to the said overseas transfer of your personal information, we will exclude your personal information from those subject to overseas transfer. However, in such case, we may restrict your use of our Services that require overseas transfer of personal information, which may make you unable to use our Services. If you do not wish your personal information to be transferred overseas, you may contact us via email at compliance@starii.com.
Also, we may receive your personal information from the following third parties:
| Name | Purpose | Particulars of personal information | Period |
|---|---|---|---|
| Stripe, Inc. | Subscription payment services | IP, country code, language, Email | Until your termination of your account with us |
| Apple Inc. | Subscription payment services, login | Username, profile picture, email | Until your termination of your account with us |
| Google LLC | Subscription payment services, login | Username, profile picture, email | Until your termination of your account with us |
| Meta Platforms, Inc. | Subscription payment services, login | Username, profile picture, email | Until your termination of your account with us |
Data Retention
Subject to applicable laws, rules and regulations and the fulfillment of our business or legal purposes, we will delete your information (including your personal information) promptly upon your termination of your account with us. We will destroy your personal information according to the following procedures and methods.
- Procedures for Destruction: We select personal information subject to destruction and destroy them with approval of our data protection officer.
- Method of Destruction: We will destroy personal information stored and filed electronically in a way that can be deleted by using a means that renders the record irrecoverable as far as possible.
Department in Charge of Protecting Personal Information and Handling Complaints
Starii Innovation Pte. Ltd.
Attn: Arthur Law, Head of Legal Department
9 Raffles Place, #26-01, Republic Plaza, Singapore 048619
Email: compliance@starii.com (please quote “Pixtodot” in your email title)
History of the Revision of the Privacy Policy: N/A
FOR USERS IN THE UNITED STATES OF AMERICA
You agree that we may use facial recognition technology to collect biometric information from the photos or images you provide. We may use such information to provide and improve the Service, and for our internal research purposes. If your biometric information is subject to the Illinois Biometric Information Privacy Act, we will delete your biometric information within three years of your last interaction with the Service.
In accordance with applicable law, you may have the right to:
- confirm whether or not we are processing your personal information;
- obtain access to or a copy of your personal information with accompanying details;
- receive an electronic copy of personal information that you have provided to us, or ask us to send that information to another company i.e., right of data portability;
- correct your personal information;
- request to opt-out of certain processing activities including, as applicable, if we process your personal information for “targeted advertising” (as “targeted advertising” is defined by applicable privacy laws), if we “sell” your personal information (as “sell” is defined by applicable privacy laws), or if we engage in profiling in furtherance of certain decisions that produce legal or similarly significant effects concerning you;
- request erasure of personal information held about you by us; and
- appeal our decision to decline to process your request.
If you would like to exercise any of your rights under the applicable privacy laws, please contact our Data Protection Officer via email at compliance@starii.com (please quote “Pixtodot” in your email title) or via registered mail at 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619 (attention: Legal Department, Starii). We will process such requests in accordance with applicable laws.
If you are a Virginia resident and would like to appeal our decision with respect to your request, you may do so by informing us of this and providing us with information supporting your appeal.
The following paragraphs only apply to our processing of your personal information that is subject to the California Consumer Privacy Act (as amended from time to time) (“CCPA”).
The CCPA provides California residents with the right to know what categories of personal information we have collected about them, and whether we disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding twelve months. California residents can find this information below:
| Category of Personal Information Collected | Category of Third Parties to Whom Personal Information is Disclosed for a Business Purpose |
|---|---|
| Identifiers | Service Providers, Our Affiliates |
| Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | Service Providers, Our Affiliates |
| Protected classification characteristics under California or federal law | Service Providers, Our Affiliates |
| Commercial information | Service Providers, Our Affiliates |
| Biometric information | Service Providers, Our Affiliates |
| Internet or other electronic network activity | Service Providers, Our Affiliates |
| Geolocation data | Service Providers, Our Affiliates |
| Sensory data | Service Providers, Our Affiliates |
| Inferences drawn from other personal information to create a profile about a consumer | Service Providers, Our Affiliates |
| Personal information that reveals a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account | Service Providers, Our Affiliates |
The categories of sources from which we collect Personal Information and our business and commercial purposes for using and disclosing Personal Information are set forth in “The Information We Collect”, “How We Use Information”, and “Information Sharing and Disclosure” above, respectively. We will retain personal information in accordance with the time periods set forth in “Data Retention” above.
In the preceding twelve months, we have not “sold” any personal information (as defined by the CCPA), nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age.
In the preceding twelve months, we have not “shared” any personal information for “cross-context behavioral advertising” (as such terms are defined in the CCPA), nor do we have actual knowledge of any “sharing” of personal information of minors under 16 years of age for “cross-context behavioral advertising”.
We only use and disclose sensitive personal information for the following purposes:
- To provide the Services.
- To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, and/or confidentiality of stored or transmitted personal information.
- To resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for those actions.
- To ensure the physical safety of natural persons.
- To verify or maintain the quality or safety of our products, Services, or devices, and to improve, upgrade, or enhance our Services or devices.
- For purposes that do not infer characteristics about individuals.
California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.
To protect your privacy, we will take steps to reasonably verify your identity before fulfilling requests submitted under the CCPA. These steps may involve asking you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Examples of our verification process may include asking you to provide the email address or phone number we have associated with you and providing a verification code that is sent to your email address or phone number.
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To authorize an agent, provide written authorization signed by you and your designated agent and contact us using the information in “Privacy Rights” above for additional instructions.
We do not “sell” personal information or “share” personal information for “cross-context behavioral advertising” so we do not respond to opt-out preference signals.
If you are a Nevada resident, we do not “sell” your personal information.
GDPR NOTICE
In context with the provision of the Services we process personal data. If the GDPR applies to our processing of your personal data, we process personal data only in accordance with the GDPR. In our above (general) Privacy Policy, you find information on when the GDPR applies to our processing of your personal data. This GDPR Notice supplements the above (general) Privacy Policy and includes detailed information on our processing of your personal data under the GDPR.
Information on the controller
Identity and contact details of the controller:
Starii Innovation Pte. Ltd.
9 Raffles Place, #26-01, Republic Plaza, Singapore 048619
compliance@starii.com
Identity and contact details of the controller’s representatives:
The European Union:
Rivacy GmbH, Mexikoring 33, 22297 Hamburg
info@rivacy.eu
The United Kingdom:
Rivacy Limited, St James’ Hall, Mill Road, Lancing, West Sussex BN15 0PT, United Kingdom
Contact details of the controller’s data protection officer:
Starii Innovation Pte. Ltd., Legal Department
9 Raffles Place, #26-01, Republic Plaza, Singapore 048619
compliance@starii.com
Recipients and Cross-Border Transfers
To support our global operations, we may transfer your personal data across borders to our affiliates and the following third parties: Stripe, Inc. (United States), Apple Inc. (United States), Google LLC (United States), Meta Platform, Inc. (United States), Alibaba Cloud (Singapore) Private Limited (Singapore), and OpenAI OpCo, LLC (United States).
If your personal data is transferred to jurisdictions located outside of the EEA, the UK, or Switzerland, we will ensure that appropriate safeguards are in place. These may include: (1) there is an adequacy decision of the EU Commission for the country where the recipient is located; (2) we have concluded standard data protection clauses pursuant to Art. 46(2)(c) GDPR with the recipient; (3) in certain situations, we rely on derogations provided for under the applicable law together with measures required under the applicable law to safeguard the security of your data.
Information on the use of cookies
We use cookies in connection with offering our Services. In doing so, we use the processing and storage functions of your device and/or your device’s browser and collect information from the memory of your device and/or your device’s browser. Cookies are small text files with information that can be placed on a user’s device when an app is used or a website is visited.
A distinction can be made between first-party cookies (placed by the operator) and third-party cookies (placed by other controllers). A distinction can also be made between transient (session) cookies and persistent cookies depending on how long they remain active. Users’ consent is required for some cookies depending on their function and purpose of use.
You can manage the use of cookies in your device’s or your browser’s settings. Different browsers have different ways to configure cookie settings. You can find more extensive information on this at http://www.allaboutcookies.org/manage-cookies/. However, some functions of our website may not work properly or at all if you deactivate cookies in general on your device.
Rights of data subjects
As a data subject, you have the following rights with regard to the processing of your personal data:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (“right to be forgotten”) (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object (Art. 21 GDPR)
- Right to withdraw consent (Art. 7(3) GDPR)
You may contact us for the purpose of exercising these rights using the contact information above. You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). The supervisory authorities responsible for us are:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Ludwig-Erhard-Str 22, 20459 Hamburg
Email: mailbox@datenschutz.hamburg.de
Phone: +49 40 42854-4040
Information Commissioner’s Office
Email: dpo@ico.org.uk
Phone: 0303 123 1113
FOR USERS IN BRAZIL
Legal basis for processing data
If you are in Brazil, the legal basis for processing your personal information that we may rely on are:
- consent (where you have given consent);
- contract (where processing is necessary for the performance of a contract with you);
- legal obligations (to comply with the laws, rules and regulations or requests by government departments); and
- to prevent fraud and for the purpose of protecting credit.
Right to data disclosure, correction, erasure or suspension of use, portability and to withdraw consent
If you are in Brazil, as a data subject, you have the right to request the disclosure, correction, erasure, suspension of use or portability of your personal data, as well as the rights to withdraw consent and to be informed about the potential negative consequences of such withdrawal, and to be informed about public and private entities with which we have shared your personal data, and we are obliged to meet your request without undue delay. You may send your request by email to compliance@starii.com (please quote “Pixtodot” in your email title) or by mail to 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619 (attention: Legal Department, Starii).
Sensitive personal information
If you are in Brazil, you understand and agree that, in order to be able to render our Services to you, we may collect sensitive personal information, such as facial features, gender, age of the characters in photos and other elements contained in photos.
Representative
If you are in Brazil, you can contact our Data Protection Officer via email at compliance@starii.com (please quote “Pixtodot” in your email title) or mail to 9 Raffles Place, #26-01, Republic Plaza, Singapore 048619 (attention: Legal Department, Starii).
International Data Transfers
To provide our Services to you, we may collect your personal information from, transfer it to, and store and process it elsewhere. Whenever we share information outside of where you live, we ensure that the transfer complies with your local law so that your personal information is adequately protected.
Data Retention
Subject to applicable laws, rules and regulations and the fulfillment of our business or legal purposes, we will retain your information (including your personal information) for such period as is required for us to continue to provide you with our Services, as well as during the limitations statutes set forth in the Brazilian Civil Code, LGPD, Brazilian Civil Rights Framework for the Internet, and Brazilian Consumer Protection Code. We will destroy your personal information without delay when your personal information becomes unnecessary. After the termination of Services we may retain your personal information to comply with legal or regulatory obligations, transfer to third parties, provided that the requirements for data processing as provided in LGPD are obeyed, and for our exclusive use, provided the information will be anonymized.
Choice of law
If you are resident in Brazil, this Policy will be enforced and interpreted under the laws of Brazil.
FOR USERS IN VIETNAM
If you are a user in Vietnam, this section will supplement and constitute an integral part of the Policy, and is formulated in accordance with the applicable laws and regulations in Vietnam, including Decree 13/2023/ND-CP on personal data protection (as amended from time to time) and other relevant laws, regulations, regulatory requirements and national standards that govern or otherwise relate to the processing of your personal information during the use of our Services (collectively, the “Vietnam Privacy Regulations”).
The Information We Collect
In this Policy, “personal information” or “personal data” refers to any information in the form of symbols, letters, numbers, images, sounds or the like on an electronic medium that is associated with a particular person or helps to identify a particular person. Personal information includes basic personal data and sensitive personal data. Sensitive personal data that we collect and process include but not limited to location information and facial feature information.
Scope of Processing
The Policy explains how we “process” your personal information. This includes how we may collect, record, analyse, verify, store, correct, disclose, associate, access, retrieve, revoke, encrypt, decrypt, copy, share, transmit, provide, transfer, delete, destroy or undertake such other related actions in respect of your personal information.
Our Legal Bases for Processing Your Personal Information
We will only process your personal information when we have a legal basis to do so. In most cases, we process your personal information after we have obtained your consent for the purposes listed in the Policy. Your personal information may also be processed without your consent in cases prescribed by law, such as emergencies, legal obligations, and compliance with state agency requirements.
Your rights
In accordance with the applicable Vietnam Privacy Regulations, you have the following rights:
- Right to know: You have the right to be informed of the data processing activities in respect of your personal information.
- Right to consent: You have the right to agree (or not agree) to the processing of your personal information.
- Right of access: You have the right to access your personal information in order to view, correct or request correction.
- Right to withdraw consent.
- Right to deletion: You have the right to delete or request the deletion of your personal information.
- Right to restriction of data processing: The restriction will be carried out within 72 hours after your request.
- Right to be provided with data.
- Right to object: We will fulfil your request within 72 hours after receiving such request.
- Right to complain, denounce and initiate lawsuits in accordance with the law.
- Right to claim compensation in accordance with the law.
- Right to self-defence according to the applicable law.
Your obligations
- To protect your own personal information and to request relevant organisations and individuals to protect your personal information;
- To respect and protect the personal information of other data subjects;
- To fully and accurately provide your personal information when you consent to the processing;
- To participate in the distribution of personal information protection skills; and
- To comply with the provisions of the law on the protection of personal information.
Retention duration
We will process your personal information commencing from the time in which you access or use our Services and for a period that is no longer than necessary for the purposes identified in this Policy. Upon expiry of the applicable data retention period or required by law, we will delete your personal information.
Language
This Privacy Policy is prepared and drafted in English, but may be translated into other languages (including but not limited to Vietnamese). Should any conflict arise between the English language version of this Agreement and any translation hereof, the English language version shall be controlling.