Filaw Privacy Policy

1. Information We Collect

We collect information to deliver, improve, and secure the App’s services, and to enhance your personalized experience. The information we gather is categorized into Personal Information (data that identifies or can be reasonably linked to an individual) and Non-Personal Information (data that cannot identify a specific individual, even when combined with other data sources).

1.1 Personal Information

We only collect Personal Information when you voluntarily provide it, or when it is necessary to fulfill the services you request. This may include the following:

• Contact Information: When you contact our customer support team (e.g., to report technical issues, ask questions about App features, or request assistance), we collect your email address (such as the address used to send inquiries to filawtool4567@outlook.com) and any additional identifying details you choose to include (e.g., your name, device model, or a detailed description of your inquiry).
• Account Information (if applicable): If we introduce account-based features in the future (e.g., saving your favorite memes, syncing customization preferences across multiple devices, or accessing premium tools), you may be required to provide a username, email address, and a password (which will be stored in encrypted form using industry-standard algorithms like AES-256) during account registration. We will not collect additional account-related information (e.g., phone number, address) unless you explicitly consent to share it.
• User-Generated Content (UGC) Metadata: When you create and share memes through the App, we collect metadata associated with your UGC, including:
  • Timestamp of meme creation and last edit;
  • Device model used to generate the meme;
  • Name of the third-party platform you share the meme to (e.g., "WhatsApp," "Instagram," "Facebook Messenger");
  • Text descriptions or tags you input to customize the meme (only if such text contains personal identifiers, e.g., a name you include in a text bubble).

1.2 Non-Personal Information

We automatically collect Non-Personal Information when you use the App (via in-app analytics tools and device sensors) to analyze usage patterns, optimize App performance, and tailor features to user preferences. This data includes the following:

• Device Information: Details about the device you use to access the App, such as:
  • Device model (e.g., "iPhone 16 Pro," "Samsung Galaxy S25 Ultra");
  • Operating system (OS) version (e.g., "iOS 19.1," "Android 16");
  • Unique device identifiers (e.g., Apple IDFA, Google AdID—used exclusively for analytics and not for targeted advertising);
  • Screen resolution, battery level, and storage capacity;
  • Mobile network provider (e.g., "AT&T," "Vodafone") and network type (e.g., 5G, Wi-Fi).
• Usage Data: Information about how you interact with the App, including:
  • The number of memes you generate, customize, or share per session;
  • Your preferred preset scenes (e.g., "coffee break chaos," "game night excitement") and mood tags (e.g., "silly," "cozy," "overjoyed");
  • Frequency and duration of use for specific features (e.g., text description input, sticker customization, meme sharing);
  • App session details: session duration, time of day you use the App, and number of sessions per week;
  • Error logs and crash reports (to diagnose and resolve technical issues, such as failed meme generation or sharing errors).
• Location Information (Optional): We may collect approximate location data (e.g., based on your IP address or mobile network) only if you explicitly enable location services for the App. This data is used solely to optimize regional features (e.g., suggesting region-specific meme themes, such as "holiday parades" for users in the U.S. during December) and is never linked to your Personal Information.

2. How We Use Your Information

We use the information we collect for legitimate purposes that align with providing, improving, and securing the App, and in compliance with applicable U.S. data protection laws (e.g., the California Consumer Privacy Act (CCPA), the Children’s Online Privacy Protection Act (COPPA), and the Federal Trade Commission (FTC) Act). Our key uses of your information include:

1. Deliver and Maintain the App: To provide the core functionality of the App, such as:
   • Generating AI-powered moving memes based on your text descriptions, preset scene selections, or mood tags;
   • Enabling customization tools (e.g., adding exaggerated blushing effects, dynamic bouncing/spinning stickers, colorful text bubbles with cute fonts);
   • Facilitating seamless sharing of memes to third-party social media or messaging platforms;
   • Resolving device compatibility issues (e.g., optimizing meme loading times for older OS versions).
2. Improve and Personalize the App:
   • Analyze usage data to identify user trends (e.g., which mood tags or preset scenes are most popular among 18-24 year olds) and enhance App features (e.g., adding new preset scenes like "concert excitement" or new sticker packs based on user demand);
   • Personalize your App experience by suggesting relevant tools or content (e.g., recommending "cozy" mood tags if you frequently use them, or highlighting new text bubble fonts that align with your past customization choices);
   • Optimize the App’s speed, performance, and user interface (e.g., adjusting meme rendering quality based on your network connection strength).
3. Respond to Customer Inquiries: Use your contact information to address your questions, resolve issues, or provide support (e.g., helping you troubleshoot why a meme failed to generate, assisting with sharing errors, or guiding you on how to use advanced customization tools).
4. Ensure Security and Prevent Harm:
   • Detect and prevent fraudulent activity, unauthorized access to the App, or misuse (e.g., blocking users who generate or share harmful, offensive, or illegal meme content—such as content that violates copyright laws or promotes harassment);
   • Protect the safety of our users, the App, and our business (e.g., investigating reports of meme content that violates our User Agreement, or addressing unauthorized attempts to access our servers);
   • Implement security measures to safeguard your information (e.g., using device information to identify and block suspicious login attempts).
5. Comply with Legal Requirements: Disclose your information if required by law (e.g., in response to a subpoena, court order, or legitimate request from a government agency) or to enforce our User Agreement and resolve disputes (e.g., providing information to address claims of copyright infringement related to UGC).
6. Develop Future Features: Use aggregated Non-Personal Information to plan and develop new App features (e.g., meme collaboration tools for group chats, cloud storage for saved memes, or AI-powered meme caption suggestions) that meet user needs and enhance the social entertainment experience.

We will never use your Personal Information for purposes unrelated to the App (e.g., sending unsolicited marketing emails) without your explicit written consent.

3. How We Share Your Information

We do not sell, rent, or trade your Personal Information to third parties for marketing, advertising, or commercial purposes. We may share your information only in the following limited circumstances:

3.1 Trusted Service Providers

We share information with third-party service providers who assist us in operating the App, delivering services, and improving the user experience. These providers are contractually obligated to:

• Use your information only to perform the specific tasks we assign (e.g., cloud storage providers for temporarily hosting meme files, analytics tools for tracking App usage, or customer support software for managing user inquiries);
• Maintain the confidentiality and security of your information (e.g., implementing encryption and access controls);
• Comply with applicable U.S. data protection laws and this Policy;
• Not share your information with any other third parties without our prior written consent.

Examples of trusted service providers include:

• Cloud computing services (e.g., Amazon Web Services (AWS), Google Cloud Platform) for securely storing Non-Personal Information and UGC metadata;
• Analytics platforms (e.g., Google Analytics, Mixpanel) for analyzing App usage data (configured to avoid collecting Personal Information unless you consent);
• Customer support software (e.g., Zendesk, Freshdesk) for managing communications with users and resolving support inquiries;
• Security service providers (e.g., Cloudflare, Norton) for protecting our servers and your information from cyber threats (e.g., DDoS attacks, malware).

3.2 Third-Party Sharing Platforms

When you choose to share a meme to a third-party social media or messaging platform (e.g., WhatsApp, Instagram, Facebook, TikTok), we share the meme file and associated metadata (e.g., creation timestamp) with that platform. This sharing is initiated by you and is subject to the third party’s own privacy policy. We do not access or store your account credentials, personal data, or content from these external platforms.

3.3 Legal and Safety Disclosures

We may disclose your information if we believe in good faith that such disclosure is necessary to:

• Protect the rights, property, or safety of Filaw, our users, or the public (e.g., disclosing information about a user who generates or shares harmful, illegal, or abusive meme content—such as content that promotes violence or hate speech);
• Comply with applicable laws, regulations, or legal requests (e.g., responding to a court order, subpoena, or investigation by a U.S. government agency like the FTC);
• Prevent or investigate fraud, unauthorized access, or violations of our User Agreement (e.g., sharing information with law enforcement to address cyberattacks or illegal activity related to the App).

3.4 Business Transfers

In the event of a merger, acquisition, sale of assets, or other business transaction involving Filaw (e.g., a sale of the App to another company), your information may be transferred to the acquiring entity. We will notify you of such a transfer via a prominent notice in the App (e.g., a pop-up alert) or via email (if we have your contact information) at least 30 days before the transfer takes effect. We will ensure the acquiring entity complies with this Policy and maintains the same level of protection for your information.

3.5 Aggregated or Anonymized Data

We may share aggregated, anonymized data (e.g., "85% of users generate memes using text descriptions," "‘silly’ is the most popular mood tag among users in the U.S.," "average meme sharing frequency is 7 per week") with third parties (e.g., research firms, business partners, or industry analysts) for purposes such as industry analysis, market research, or demonstrating App usage trends. This data cannot be linked to you individually and does not contain any Personal Information.

4. How We Protect Your Information

We implement reasonable technical, administrative, and physical measures to protect your information from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption: Personal Information (e.g., email addresses, passwords) and sensitive data (e.g., UGC metadata containing personal identifiers) are encrypted:
  • In transit: Using TLS/SSL protocols to secure data transmitted between your device and our servers;
  • At rest: Using industry-standard encryption algorithms (e.g., AES-256) to store data on our servers or those of our cloud service providers.
• Access Controls: Only authorized Filaw employees, contractors, and service providers have access to your information. These individuals are required to:
  • Sign confidentiality agreements;
  • Complete annual privacy and security training;
  • Use unique, strong passwords and multi-factor authentication (MFA) to access sensitive systems.
• Data Minimization: We collect only the information necessary to provide and improve the App, and we do not retain data longer than needed (see Section 5).
• Security Audits and Updates:
  • Conduct regular internal and third-party security audits to identify and address vulnerabilities;
  • Update the App’s security features and server software regularly to protect against emerging threats (e.g., patching software bugs, addressing new malware strains);
  • Monitor our systems for suspicious activity (e.g., unusual login attempts, unauthorized data access) and respond to security incidents promptly.
• User Security Guidance: We provide guidance to help you protect your information (e.g., advising you to use strong device passwords, enable biometric authentication on your device, and avoid sharing App access with others).

While we strive to protect your information, no security system is 100% secure. We cannot guarantee absolute protection against unauthorized access, and you acknowledge that there is a risk of data breach despite our efforts. If we become aware of a breach that affects your Personal Information, we will:

• Notify you via email (if we have your contact information) or a prominent notice in the App within 72 hours of discovering the breach (as required by U.S. state laws like California’s CCPA);
• Notify relevant U.S. government agencies if the breach affects 500 or more users;
• Provide steps you can take to protect yourself (e.g., changing your password, monitoring for suspicious activity).

5. Data Retention

We retain your information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, or resolve disputes. Our retention periods are as follows:

• Personal Information:
  • Contact Information (e.g., email addresses from support inquiries): Retained for 12 months after the resolution of your inquiry, unless we are required by law to retain it longer (e.g., for tax or audit purposes).
  • Account Information (if applicable): Retained for as long as your account is active. If you delete your account, we will delete your account information within 30 days, except for data we are required to retain for legal or administrative purposes (e.g., resolving pending disputes).
  • UGC Metadata with Personal Identifiers: Retained for 7 days after you share or delete the meme, after which the personal identifiers are removed (anonymized) and the remaining metadata is retained as Non-Personal Information.
• Non-Personal Information:
  • Device Information and Usage Data: Retained in aggregated, anonymized form indefinitely to improve the App and develop new features.
  • Error Logs and Crash Reports: Retained for 6 months, after which they are deleted or anonymized.
  • Approximate Location Data (if collected): Retained for 30 days, after which it is deleted.

When we no longer need your information, we securely delete or anonymize it using industry-standard methods (e.g., overwriting data, physical destruction of storage media) to ensure it cannot be linked to you.

6. Your Privacy Rights

Under applicable U.S. data protection laws (e.g., CCPA for California residents), you may have the following rights regarding your information. To exercise these rights, please contact us using the information in Section 10.

• Right to Access: You may request a copy of the Personal Information we hold about you (e.g., your email address, UGC metadata with personal identifiers).
• Right to Correct: You may request to correct inaccurate or incomplete Personal Information we hold about you (e.g., updating your email address in our support records).
• Right to Delete: You may request to delete your Personal Information (e.g., deleting your account, removing your email address from our support records), except when we are required by law to retain it.
• Right to Opt-Out of Sharing: You may opt out of our sharing of your Personal Information with third-party service providers (except for providers necessary to deliver the App’s core services, e.g., cloud storage).
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights (e.g., we will not deny you access to the App or charge you higher fees).

To verify your identity when you submit a request, we may ask you to provide information such as your email address (if you have contacted support) or device model. We will respond to your request within 45 days of receipt (or within 90 days if the request is complex).

7. Children’s Privacy

The App is not intended for use by children under the age of 13. We do not knowingly collect Personal Information from children under 13. If we become aware that we have collected Personal Information from a child under 13 without parental consent, we will delete that information immediately. If you are a parent or guardian and believe your child under 13 has used the App and provided Personal Information, please contact us using the information in Section 10 to request deletion.

8. Third-Party Links and Services

The App may contain links to third-party websites or services (e.g., links to social media platforms for sharing memes). This Policy does not apply to these third parties. We are not responsible for the privacy practices or content of third-party websites or services. We encourage you to review the privacy policies of any third parties you interact with through the App.

9. Changes to This Policy

We may update this Policy from time to time to reflect changes in the App’s features, U.S. data protection laws, or our business practices. When we make material changes to the Policy, we will:

• Post the updated Policy in the App (under a "Privacy Policy" section);
• Send a notification to your email address (if you have provided one);
• Display a prominent pop-up alert in the App when you next launch it.

Material changes will take effect 14 days after the date of notification. Your continued use of the App after the effective date of the updated Policy constitutes your acceptance of the changes. We encourage you to review the Policy regularly to stay informed about how we protect your information.

10. Contact Us

11. Legal Jurisdiction

This Policy is governed by and construed in accordance with the laws of the United States of America, without regard to its conflict of laws principles. Any disputes arising out of or related to this Policy or our privacy practices shall be subject to the exclusive jurisdiction of the federal and state courts located in the United States.