Last updated: April 24, 2025

Welcome to SparkRizz (the “Platform”), which is provided by Quyun Technology Singapore Pte.Ltd. or one of its affiliates (“SparkRizz”, “we” or “us”).with its registered address at 3 FRASER STREET #04-23A DUO TOWER SINGAPORE(189352) .

We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, share, and otherwise process the personal information of users, and other individuals in connection with our Platform. If you do not agree with this policy, you should not use the Platform.


I. What information do we collect and use
When offering you our products or services, we may also gather and analyze certain statistics, such as application visits, app downloads, and product sales volume, to gain insights into how our products and services are utilized. In this context, the aforementioned statistics are classified as non-personal data. We will endeavor to keep your personal data separate from non-personal data and use them independently. However, any personal data that gets mixed with non-personal data will continue to be treated as personal data.

Our collection and use of your personal data will be strictly limited to the purposes outlined in this Statement and the Product Privacy Notice. Here are some examples of the personal data we may collect:

(1) Personal data that you provide to us
You need to register an ID of this application to enjoy certain functions or services. When you register an ID of this application or log in to your ID, we may ask you to provide relevant personal data.

(2) Information that we collect when you use services
When you use our products and services, we will collect your device information and how you and your device interact with our products and services. Such information includes:

a. Device and app information, such as the device name, device identifier, device activation time, hardware model, operating system version, app version, software identifier, and device and app settings (such as region, language, time zone, and font size).
b. Mobile network information, such as the public land mobile network (PLMN) provider ID, geographical location (cell ID of the area where the device is located), and Internet protocol (IP) address.
c. Log information. When you use our services or view content provided by us, we will automatically collect and log some information, such as the time of access, access count, IP address, and event information (such as errors, crashes, restarts, and updates).

(3) Information from third-party sources
When permitted by local laws, we may also obtain other information about you, your device, or service usage from public or legitimate commercial sources. For example, we obtain your information from the third party when you log in to our application through a third-party social media account, or when your contact information is uploaded by others who use our communication services.

How We Use Your Personal Data
We use your personal data only on a legal basis. According to applicable local laws, we may use your personal data for the following purposes under one of the legal bases: your consent; necessary to perform/enter into a contract between you and us; necessary to protect the legitimate interests of you or others; necessary to fulfil legal obligations; and necessary to protect the legitimate interests of enterprises:

(1) Register and activate our products or services that you have purchased;
(2) Register your ID of this application so that you can enjoy a wider range of functions;
(3) Deliver, activate, or verify the products and services you have requested, or perform changes and provide technical support and after-sales services for such offerings at your request;
(4) Notify you of operating system updates and installations;
(5) Provide individualized user experience and content;
(6) After obtaining your consent or receiving your request, send you information about products and services you might be interested in, invite you to our market surveys, or send marketing information to you;
(7) Carry out internal audit, data analysis, and research; analyse business operation efficiency and measure market shares; and improve our products and services;
(8) Troubleshoot problems after you send error details to us;
(9) Synchronise and store the data you have uploaded or downloaded, as well as the data needed for upload and download operations;
(10) Improve our loss prevention and anti-fraud programs;
(11) Comply with applicable local laws/regulations,or comply with legal government requirements.

Data Security and Transfer
We handle all personal and sensitive user data securely, including:

- Using modern encryption technologies (such as HTTPS) for data transmission
- Implementing runtime permissions for accessing Android permission-controlled data
- Never selling personal and sensitive user data to third parties

"Selling" means exchanging or transferring personal and sensitive user data to third parties for monetary compensation. User-initiated data transfers (e.g., when a user uses an app feature to transfer files to a third party) are not considered selling.


II. How We Use Cookies and Similar Technologies
We may use cookies, pixel tags, web beacons, and other local storage technologies on its applications, online services, emails, and advertisements. The information collected through cookies and similar technologies is regarded as non-personal data. However, if local laws treat IP addresses or similar identifiers as personal data, we will also treat them as personal data. In some cases, we mix the non-personal data collected by using these technologies with the personal data we hold. For the purposes of this Statement, we will regard the mixed data as personal data.

1. Cookies
A cookie is a text file created by a web server and stored on a computer or mobile device. The content of a cookie can only be retrieved or read by the server that created the cookie. Cookies are unique to the browser or mobile application you are using. They usually contain identifiers, site names, numbers, and characters.
Cookies are sometimes stored on computers or mobile devices to improve user experience, including:

(1) Necessary cookies:
- Login and verification. When you use your ID to log in to this application, cookies can help you navigate from page to page, without having to re-log in on each page.
- Storage of your preferences and settings. applications can use cookies to save personal settings, such as the language, font size and other browsing preferences on your computers.
(2) Analysis cookies: Statistical analysis. With cookies, we can collect information about your use of our applications, including recording a single visit (using a session cookie) or multiple visits (using a persistent cookie).
(3) Advertisement cookies: Interest-based advertisement. With cookies, we can collect information about your online activities, discover your interests, and deliver highly relevant advertisements to you.

You can manage or delete cookies based on your own preferences. You can clear all cookies stored on your computer, and most web browsers provide the option to block cookies. For details about how to change the browser settings, contact the browser provider.

If you clear cookies, you will need to change your settings every time you visit our applications. Please note that some of our services may require the use of cookies. In this case, disabling cookies may affect all or part of the services provided.

2. Other Local Storage
We and our third-party partners may use other local storage technologies, such as local shared object (also known as "flash cookies") and HTML5 local storage, in certain products and services. Similar to cookies, these technologies store information on your device and can record some information about your activities and preferences. However, these technologies may use different media from cookies. Therefore, you may not be able to control them using standard browser tools and settings.

3. Do Not Track
Many web browsers provide the Do Not Track feature that can send Do Not Track requests to applications. Major Internet standardisation organisations have not established policies to specify how applications should deal with these requests.

Currently, we do not allow you to change the cookie processing ways based on the Do Not Track settings or other similar features you have selected.


III. How We Entrusting, Share, Transfer, and Disclose Your Personal Data
4. Entrusting
On occasion, we may delegate the processing of your personal data to other companies. For instance, we might engage third-party companies to handle hotline support, send emails, or provide technical assistance. These companies are permitted to use your personal data solely for the purpose of delivering services on our behalf.

We will enter into a strict entrusting agreement or personal data processing terms with the entrusted party. The entrusted party is obligated to process related personal data in accordance with this Statement and our instructions, and take relevant confidentiality and security measures to ensure personal data security.

5. Sharing
Sharing refers to the process in which we provide personal data to other personal data processors, and both parties can independently determine the data processing purposes and methods. We will not share your personal data with external parties, except in the following cases:

(1) Sharing with your consent: After obtaining your consent, we will share your authorised personal data with third parties designated by you.
(2) Sharing under statutory circumstances: We may share your personal data in accordance with laws/regulations, litigation resolution requirements, or legal requirements of administrative and judicial authorities.
(3) Sharing with our affiliates: Your data may be shared with our affiliates. We will share your data with our affiliates only for specific, definite, and legitimate purposes. We will only share data necessary for providing services. For example, in order to avoid repeated registration of IDs, we need to verify the global uniqueness of the account to be registered.
(4) Sharing with business partners: To ensure the quality of services provided to you, we may share your order, account, device, and location information with our third-party partners. However, we will only share your personal data for legitimate, appropriate, necessary, specific, and definite purposes.

We will perform security assessment on the sharing behaviour and personal data receivers, and sign a data protection agreement or strict non-disclosure agreement with them, requiring them to abide by this Statement and take appropriate confidentiality and security measures when processing your personal data.

6. Transfer
If personal data transfer is involved due to merger & acquisition, division, dissolution, or bankruptcy, we will send prior notifications to you to specify the receivers' names and contact information, and require them to abide by this Statement when processing your personal data. The receiver who attempts to change the original processing purpose or method shall obtain your consent again.

7. For Legal Reasons
We will disclose your personal data only in the following cases:

(1) comply with legal obligation, process or request;
(2)enforce our Terms of Service and other agreements, policies, and standards, including investigation of any potential violation thereof;
(3) detect, prevent or otherwise address security, fraud or technical issues;
(4)protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).


IV. The security of your information
The security of your personal data is important to us. We have adopted standard industry practices to protect your personal data from unauthorised access/disclosure/use/modification, damage, or loss. To this end, we take the following measures:

8. We take all reasonable and feasible measures to ensure that the personal data collected is minimal and relevant to what is necessary in relation to the purposes for which they are processed. We will retain your personal data for no longer than is necessary for the purposes stated in this Statement, unless otherwise extending the retention period is required or permitted by law.
9. We use cryptographic technologies to ensure the confidentiality of data transmission and storage, and implement trusted protection mechanisms to protect data and data storage servers from attacks.
10. We deploy access control mechanisms to permit only authorised access to your personal data. In addition, we limit the number of authorised personnel and implement hierarchical permission management based on service requirements and personnel levels. Access to personal data will be logged and reviewed by authorised personnel on a regular basis.
11. We carefully select business partners and service providers and incorporate personal data protection requirements into commercial contracts, audits, and appraisal activities.
12. We organise security and privacy protection training courses, tests, and publicity activities to raise employees' personal data protection awareness.

We are fully committed to protecting your personal data. Nevertheless, no security measure is perfect, and no product, service, application, data transmission, computer system, or network connection is absolutely secure.

If any personal data security incident occurs, we will notify you, pursuant to local legal requirements, of the basic information about the security incident and its possible impact, measures that we have taken or will take, suggestions about active defence and risk mitigation, and remedial measures. The notification may take the form of an email, text message, push notification, etc. When it is difficult to inform data subjects individually, we will take appropriate and effective measures to release a Security Notice. In addition, we will also report the handling status of personal data security incidents as required by supervisory authorities.


V. How You Can Manage Your Personal Data
13. Personal Data Subjects' Rights, Such as Access, Correction, and Deletion
According to local laws, personal data subjects or their agents can submit requests for exercising data subjects' rights (referred to as "requests") to us.

(1) Requesting methods and channels
Data subjects' requests must be submitted in writing. The requests are equally valid even if the requester does not specify the laws on which the requests are based. In general, verbal requests are not valid unless otherwise permitted by local laws.

Data subjects' requests can be submitted through this application. If a data subject initiates a request via email, online customer service or other channels, we will instruct the data subject to raise an official request through one of the aforementioned channels to facilitate progress communication and result feedback.

(2) Validity of requests
Most laws require data subjects to comply with specific requirements when they initiate requests. This Statement requires data subjects to:

a. Submit requests through dedicated request channels (namely, this application).
b. Provide sufficient information for us to verify their identities (to ensure those who initiate the requests are the data subjects themselves or those authorised by them).
c. Ensure that their requests are specific and feasible.

(3) Request processing period
We will make every effort to respond within a necessary and reasonable time frame upon receiving a request to access personal data.

(4) Request results
After a request is submitted, the following may occur:

a.The request is rejected.
Requests from data subjects may be declined in the following situations, including but not limited to:
(a) Local laws do not grant relevant rights to data subjects;
(b) The identity of the requester cannot be verified;
(c) The request cannot be verified or is out of scope, especially when requests are sent repeatedly;
(d) The requested information is related to the compensation that we will make or receive as a result of an ongoing dispute, and the disclosure of such information is likely to damage our interests;
(e) The retained information is used for statistical and research purposes only, and the publication of statistics and research results does not reveal personal identities;
(f) Other situations stipulated by laws.
If we decline a request from a data subject, we will provide the requester with a formal explanation.

b.The request is accepted.
If none of the situations described in (1) occurs, we will honor the request of the data subject. To increase the likelihood that the request will be accepted, please provide as detailed information as possible when submitting your request, such as the request type, specific content, information about the information holder (such as the account name you use for our products and services), and time frame in which the information was generated or processed (requests within a shorter period of time have a higher likelihood of being accepted).

(5) Special notes
a. Only legal guardians or legally authorised persons have the right to access the personal data of others.

b. Most laws/regulations specify the circumstances under which an organisation may not provide data to data subjects. These cases include scenarios when providing data may undermine ongoing efforts against terrorism; when the data subject has made repeated requests, or when obtaining and providing such information would consume disproportionate resources.

c. Typically, we will not provide the following information:
(a) Information about others: Requests from data subjects may involve other individuals besides the data subject. We will not provide such information, unless authorised by the relevant individuals.
(b) Repeated requests: If the data subject initiates the same or similar requests related to one data subject for multiple times, and the data has not changed since the last time we provided the data, we will not provide a copy of the data in most cases. Additionally, we have no obligation to provide information that has been publicly available.
(c) Confidential opinions: We are not obligated to provide the requested information if such information is a confidential opinion.
(d) Special documents: We will not disclose any special information in response to requests for accessing personal data. Typically, special information includes any confidential documents (such as attorney/client communication), and information that obtains or expresses a corresponding legal opinion (irrespective of whether it is related to the lawsuit itself or related to information from court proceedings).

Withdrawal of Consent
If allowed by applicable laws, you have the right to withdraw your consent at any time when we process your personal data based on your consent. However, the withdrawal of consent shall not affect the lawfulness and effectiveness of your personal data processing based on your consent before the withdrawal is made, or affect any data processing based on another justification other than your consent.


VI. Information relating to children
We attach great importance to the protection of minors' personal data. We will provide services and protection for minors in strict accordance with national laws/regulations. Parents or other guardians should also take appropriate measures to protect minors, including monitoring their use of products or services.

We treat anyone under the age of 14 (or the age stipulated by local laws) as a child. Children are not allowed to create their own IDs of this application without the consent of their parents or other guardians. We will strictly restrict the entrusted processing, sharing, transfer, and public disclosure of children's personal data in accordance with laws/regulations. If the guardian needs to access, correct, or delete the personal data of the person under guardianship at any time, please contact us according to Chapter 9 "How to Contact Us." If we find that we have collected children's personal data without obtaining the prior consent from authenticated parents or other guardians, we will manage to delete the data as soon as possible.


VII. Our biometric policy
When you use SparkRizz tools and apply effects to, or generate images of, your face, you understand and agree that SparkRizz may use facial geometry or other facial data to produce the image or effect you request. We refer to this as “biometric data.” Our technology uses this biometric data to provide the applicable services to you and to improve SparkRizz. We never use this biometric data to identify any individual person or for authentication purposes.
We only collect, use and store your biometric data in accordance with this Privacy Policy. In addition, we will only disclose your biometric data in accordance with the section above entitled “How We Entrusting, Share, Transfer, and Disclose Your Personal Data” and, where required by applicable law, you consent to such disclosure. We will not sell, lease, trade, or otherwise profit from your biometric data.
We store your biometric data using a reasonable standard of care and in a manner that is the same or exceeds the standards used to protect other confidential and sensitive information we may hold.
We will destroy your biometric data upon the earliest of: (a) the date when our purpose for collecting or obtaining your biometric data has been satisfied, (b) termination of your SparkRizz account, or (c) within 3 years of the date your account becomes inactive. We may, however, retain your biometric data for a longer period of time if required by law or required by valid legal subpoena. We have established the following guidelines for permanently destroying biometric information, subject to the retention period in the prior sentence: as appropriate and applicable, SparkRizz will permanently destroy your biometric information by deleting or otherwise removing such information from our records in line with industry best practices at the time of the destruction or as otherwise directed by applicable law.

VIII. Links to Third-Party applications, Products, and Services
To ensure smooth user experience, this application, our products, and services may contain links to third-party applications, products, and services. Our products and services may also use or provide products or services from third parties. We do not have control over third-party applications, products, and services, but you can choose whether to access these links.

We also have no control over the privacy or data protection policies of third parties, as such third parties are not bound by this Statement. Before submitting personal data to third parties, please read and refer to their privacy or data protection policies.


IX. International data transfer
We are headquartered in Singapore and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.


X. Privacy Policy update
We reserve the right to update this Statement at any time. This Statement may be updated from time to time. For the latest version, please visit our official application. If major changes are made to this Statement, we may notify you through different channels, for example, posting a notice on our application or sending you direct notification.


XI. How to Contact Us
If you have any questions, comments, or suggestions, please contact us via the online customer service or via email to [email protected].
For any compliance or legal-related inquiries, please reach out to us at [email protected]. We’ll be happy to assist you!
Generally, we will answer your questions within the time frame specified by laws/regulations. If you are not satisfied with our reply, especially if you feel that our personal data processing has violated your legal rights and interests, you can submit complaints or report to local privacy protection regulators.