PoPP Privacy Policy

Introduction

The PoPP team (hereinafter referred to as "we," "our," or "PoPP") recognizes the importance of personal information to you and is committed to ensuring its security. We have adopted technical, managerial, and physical safeguards, including internal data protection policies, access control measures based on the need-to-know principle, and facility access controls to prevent unauthorized access, modification, disclosure, or destruction of the personal data we hold. However, as with all data transmitted over the internet, electronic communications may not be completely secure. Despite our best efforts, due to technical limitations and potential malicious threats, we cannot guarantee absolute or permanent security. Therefore, we strongly encourage you to take proactive steps to protect your information, including but not limited to using strong passwords, changing them regularly, and not disclosing your account credentials or other login-related information. We also advise against transmitting sensitive or confidential information to us via unsecured channels.

To ensure you can properly receive push notifications from this application, when the application is closed or running in the background, we will wake up the application to auto-start by sending system broadcasts. This behavior is necessary for implementing the push notification function, and the frequency of such starts will be controlled within a reasonable range. Regarding associated starts, the application will only jump to relevant content when you explicitly click to open content-based push notifications; without your consent, we will not perform any associated start operations. We are committed to maximizing the protection of your privacy and user experience while ensuring the normal operation of functions.

This Privacy Policy explains how PoPP collects, uses, and stores your personal information and outlines the rights you have. Key points include:

1. A detailed explanation of the types of personal information we collect, the purpose for collection, and the applicable use cases.
2. With your consent, we may collect sensitive personal information when necessary—for example, your voice and video data during calls, or precise location information during location sharing.
3. We do not share or transfer your personal information to third parties outside PoPP without your explicit consent, except as required by law or to protect user rights and PoPP ecosystem security.
4. We do not actively collect your personal information from third parties. If such collection is required, we will confirm the legal source of the information and obtain your explicit consent where necessary.
5. You may access, correct, copy, delete your personal information, withdraw consent, deactivate your account, and report privacy concerns through the channels described herein.
6. To collect your information and provide or optimize services, we may request access to certain permissions, such as location, camera, microphone, and photos. These permissions are not enabled by default and require your express consent. You may manage these permissions in your system settings.

1. Information We Collect and Use

In the course of providing PoPP services, we collect and use information you voluntarily provide or that is generated during your use of the service:

1.1 Account Registration

When you register for PoPP, we collect your nickname, avatar, gender, and phone number. This information is necessary to complete registration and ensure the functionality and security of your PoPP account. Collection of your phone number is also required for real-name authentication per relevant legal and regulatory requirements. Without this information, you may not be able to use our services.

1.2 Optional Profile Information

You may choose to provide a personal signature, location, date of birth, and other optional information. These details are uploaded and stored on our servers to enable cross-device access. You may update or delete this information at any time.

1.3 Device and Log Information

To ensure proper service operation and account security, we collect your device model, operating system, unique device identifiers (such as Android ID/OAID for Android or IDFA for iOS), login IP address, PoPP version number, network access method/type/status (e.g., SSID/BSSID), network quality, device sensors (e.g., accelerometer), operational logs, and service logs (e.g., search records, service failures, referral URLs, etc.). We may also collect information on installed applications, running processes, or cached data to prevent malware or security threats.

1.4 Audio/Video & Media Features

When using features such as voice/video calls or sending media messages, we may request access to your microphone, camera, gallery, and storage. We collect voice data, images, videos, and scan information strictly for feature functionality.

1.5 Group Chats

When you use group chat features, we store information such as group names, announcements, member nicknames, group settings, notes, and background images on our servers. Your nickname and avatar may be visible to group members.

1.6 Chat History

We do not collect or store your chat history on our servers. Chat records are saved on your local device. You may back up, delete, or transfer them at your discretion.

1.7 Social (Moments) Features

When using the Moments feature, we collect and display your shared content (text, images, videos, location, comments, likes, and cover photos) based on your visibility settings. To enable location features, we collect GPS, WiFi, CellID, and Bluetooth information. You may delete your content at any time. Unless mandated by law or with your explicit consent, we will not share or use this data beyond the Moments feature.

1.8 Favorites

When you use the "Favorites" feature, saved content is encrypted and stored on our servers for cross-device access. You may delete your saved content at any time. We do not share or use this data for purposes beyond the Favorites feature.

1.9 Third-Party Services

PoPP does not obtain personal data generated from third-party services you may access within the app. However, if you have explicitly authorized a third party to access your location, they may obtain it via PoPP APIs. Denying this permission only restricts third-party features and does not affect core PoPP functionality.

1.10 Customer Support

When contacting customer support, we may request personal information to verify your identity and ensure account security. With your consent, support agents may access relevant data within your authorization scope. We store your contact information, communication records, and other necessary data for service and audit purposes.

1.11 Legal Exceptions to Consent

According to applicable laws and national standards, we may collect and process your personal information without prior consent under the following circumstances:

• To comply with legal obligations or responsibilities;
• To fulfill a contract to which you are a party;
• In response to public health emergencies or to protect life, health, and property in emergencies;
• When the information is publicly disclosed by you or otherwise legally disclosed;
• Other scenarios as permitted by law or regulation.

1.12 Future Feature Updates

As PoPP continues to develop, we may introduce new features. If these require new types of personal information, we will provide updated notices or seek your consent accordingly.

1.13 App Analytics

To improve security and understand app performance, we may collect usage frequency, crash data, overall behavior data, performance metrics, and app source information. This analytical data will not be combined with your personally identifiable information.

1.14 Additional Consent for New Uses

If we intend to use your information beyond the scope originally authorized, we will notify you again and seek your explicit consent before such use.

1.15 Indirect Data Collection

Currently, PoPP does not collect personal information from third parties. If this changes in the future, we will clearly inform you of the data source, type, and usage scope, and seek your explicit consent if required.

2. Data Storage

2.1 Storage Location

Our servers are located in the United States and Singapore. Personal data collected will be stored in these regions, as required by law. If your data is transferred to other countries or regions, we will strictly comply with relevant legal requirements.

2.2 Storage Duration

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by law.

• Phone numbers and emails: These are stored to ensure continued service. They will be deleted upon account deactivation.
• Moments content: Retained for normal functionality. Deleted upon your request.
• Service discontinuation: We will notify you and delete or anonymize your personal data within a reasonable period.

Anonymization means that data can no longer be used to identify you and cannot be restored.

3. Data Security

3.1 Protective Measures

We take reasonable and industry-standard security measures to prevent data loss, misuse, unauthorized access, or disclosure.

3.2 Technology Safeguards

We employ encryption (e.g., SSL), de-identification, and anonymization technologies to protect your personal information.

3.3 Endpoint Security

We enhance the security of the app installed on your device by encrypting data locally, scanning for malicious processes, and analyzing logs (IP address, device ID, behavior patterns) to prevent fraud and account compromise.

3.4 Internal Controls

We maintain a robust data protection framework, restricting access, enforcing confidentiality agreements, and conducting audits.

3.5 Incident Response

In the event of a data breach or security incident, we will activate our emergency plan, mitigate the incident, and comply with reporting and notification obligations.

3.6 Limitations

While we strive to protect your data, no security measures are infallible. We appreciate your understanding and cooperation.

4. Information Sharing

4.1 Advertising and Analytics

We may share limited, non-identifiable data with advertisers or third-party partners for advertising and optimization purposes, subject to strict contractual and technical safeguards.

4.2 No Identifiable Data Without Consent

We do not share personally identifiable data with partners unless you have explicitly authorized us to do so.

4.3 Embedded SDKs

To enable certain independent features, we may integrate third-party SDKs. These are carefully vetted for purpose and security.

4.4 Mergers & Acquisitions

If our business undergoes a merger or acquisition, we will inform you of any transfer of personal data and ensure continued protection consistent with this policy.

5. Your Rights

To enhance your control over personal data, you may access, copy, correct, or delete your information, withdraw consent, or deactivate your account.

You may also submit complaints or inquiries. Please note that interface settings may vary by operating system or app version.

5.1 Accessing & Copying Data

You can access your phone number, email, login credentials, contacts, and groups via the app.

5.2 Deleting Chat History

• Delete one-on-one chats
• Delete group chats
• Delete partial/all conversations
• Delete profile signature (QR codes cannot be deleted)

5.3 Correcting Information

Update your avatar, nickname, signature, gender, location, and birthday in your profile settings.

5.4 Permission Management

Manage system-level permissions in your device's system settings under "App Management."

5.5 Account Deactivation

Once you deactivate your account, your information (e.g., phone number, email) will be retained briefly, then deleted or anonymized. To prevent abuse, you cannot re-register using the same credentials within 30 days.

5.6 Complaints and Reports

Submit through the contact channels listed in Section 9. We will process your feedback promptly.

6. Changes to This Policy

We may revise this Privacy Policy periodically. Significant changes will be communicated via app notifications, pop-ups, or other legally compliant methods when you log in or update the app.

7. Protection of Minors

We value the protection of minors' personal information. If you are a minor, you must obtain written consent from a parent or legal guardian before using PoPP. If you are a guardian with questions about a minor's data, please contact us via the methods provided in Section 9.

8. Other Provisions

For certain features or services, we may provide additional notices about data handling through on-screen text, interfaces, or pop-ups. In case of any conflict with this policy, the supplementary notice will prevail.

9. Contact Us

We have designated a personal information protection team and a Data Protection Officer. If you have any questions, complaints, or suggestions about this policy or our data practices, please contact us via the official PoPP Team account in the app.

We will review your submission and respond within 15 business days.

PoPP Team