StyleMe Privacy Policy

Effective Date: March 13, 2026

Developer and Operator: Baoding Zhaoshang Electronic Technology Co., Ltd. (hereinafter referred to as "we", "our company")

Contact Address: Room 202, Unit 1, Building 4, Jinye Community, Hongxing Road Street, Lianchi District, Baoding, Hebei, 071000

Official Contact Email: mabelwilson196@gmail.com

Data Protection Officer (DPO): Data Protection Compliance Department of Baoding Zhaoshang Electronic Technology Co., Ltd.

Data Protection Officer Contact Email: mabelwilson196@gmail.com

Welcome to StyleMe – AI Outfit Transformation Tool (hereinafter referred to as "this App"). This App is an AI outfit transformation image-to-image community application based on the Android system, independently developed and operated by Baoding Zhaoshang Electronic Technology Co., Ltd. This Privacy Policy is formulated in accordance with the Google Play Store Listing Guidelines and major global data protection laws and regulations, aiming to fully and transparently inform you of our operating principles regarding the collection, use, storage, sharing and protection of personal data, as well as your core rights in data processing activities and the way to exercise such rights.

This App is only available to adult users aged 18 and above. We will not actively collect any personal data of minors, and have taken technical measures to prevent minors from accessing and using this App. This App has no registration or login functions. After you check and agree to this Privacy Policy and the User Service Terms, you can access and use all functions of this App. Please carefully read and fully understand all terms of this Policy before using this App; if you do not agree to any content of this Policy, please do not download, install or use this App.

1. Core Definitions

1.1 Personal Data

Refers to any information relating to an identified or identifiable natural person, including but not limited to your device information, usage behavior records, images uploaded through this App, audio recording content and other relevant content, and such information has not been anonymized.

1.2 Data Controller

Refers to the legal entity that determines the purposes and methods of personal data processing. The data controller of personal data under this Policy is Baoding Zhaoshang Electronic Technology Co., Ltd. Our company is fully responsible for the personal data processing activities of this App and bears relevant legal liabilities.

1.3 Data Protection Officer (DPO)

Refers to a dedicated person responsible for supervising the compliance of our company's data processing activities and responding to user requests related to data. The Data Protection Officer of this App and contact information are detailed on the homepage of this Policy. All requests related to user data can be submitted to the Data Protection Officer.

1.4 Data Sale/Sharing

• Data Sale: Refers to the act of disclosing personal data to a third party in exchange for commercial consideration in accordance with applicable laws;

• Data Sharing: Refers to the act of disclosing personal data to a third party beyond the purposes agreed in this Policy (excluding necessary data transmission required to realize the core functions of this App).

1.5 Applicable Laws

Including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Brazil's General Data Protection Law (LGPD), United Arab Emirates Federal Data Protection Law (FADP) and other major global data protection laws and regulations, as well as the data protection related rules of the Google Play Store.

2. Detailed Information of the Data Controller and Data Protection Officer (DPO)

2.1 Data Controller

• Name: Baoding Zhaoshang Electronic Technology Co., Ltd.

• Registered Address: Room 202, Unit 1, Building 4, Jinye Community, Hongxing Road Street, Lianchi District, Baoding, Hebei, 071000

• Official Contact Email: mabelwilson196@gmail.com

• Business Contact Method: Only receive user requests through the above official email, no other offline external contact channels.

2.2 Data Protection Officer (DPO)

• Department: Data Protection Compliance Department of Baoding Zhaoshang Electronic Technology Co., Ltd.

• Core Responsibilities: Supervise the compliance of personal data processing activities of this App, receive and handle user requests for exercising personal data rights, cooperate with regulatory authorities' investigations and inspections, and formulate and update internal data protection systems.

• Dedicated Contact Email: mabelwilson196@gmail.com

• Response Timeframe: Send a receipt within 1 working day after receiving the user's request, and complete the processing and feedback the result within 15 working days.

3. Scope and Methods of Information Collection

We strictly follow the three principles of legality, legitimacy and necessity, and only collect personal data necessary for realizing the functions of this App, without collecting any additional irrelevant information. All collection behaviors involving device permissions require your explicit authorization. The specific scope and methods of collection are as follows:

3.1 Personal Data Voluntarily Provided by You

Such data is generated based on your active operations. You can independently decide whether to provide it, the content and form of the provision, and have the right to modify or delete the relevant data at any time.

• Creation Material Data: Static images (including portraits, outfit styles, scenes, etc.) taken by the camera or selected and uploaded from the album when you use the core functions of this App. We only collect the image data you actively select and upload, which is used as the basic material processing for AI outfit transformation image-to-image generation.

• Feedback Data: Audio data recorded by selecting the microphone recording function when you submit usage problems and function suggestions through the feedback page of this App, or text feedback content actively filled in; the microphone recording function is non-mandatory, and you can independently choose to submit feedback in text or voice form.

• Work Release Data: AI-generated outfit transformation images, work captions, tags and other content that you choose to publish to the community of this App. You can independently decide whether to publish the work, and have the right to delete the published community content at any time.

3.2 Automatically Collected Personal Data

Such data is automatically collected by the App's background system when you start and use this App, and is only used to ensure the normal operation of the App and optimize the product experience. All data is de-identified and will not be associated with your personal identity.

• Basic Device Information: Device model, Android system version, App version number, unique device identifiers (such as Android ID, Advertising ID AAID, etc., only used for device adaptation and function debugging), network type (Wi-Fi/mobile network), network IP address (only used to judge the network environment, not for geographical location positioning).

• Usage Behavior Data: Your function usage records in this App, including AI image-to-image template selection, material usage, image editing operations, community work browsing, like/comment/share behaviors, search keywords, etc. This data is only used for personalized recommendations and function optimization.

• Permission Usage Status Data: The authorization status of various permissions of this App on your device (such as the on/off status of permissions such as camera, album, microphone, external storage, etc.). This data is only stored locally on your device and our secure server, and is used to ensure the normal call of functions and compliance management.

3.3 Explanation of Data Collection Methods

• Voluntary Provision: Generated based on your active operations, including uploading images, recording feedback audio, publishing community works, conducting community interactions, etc. You can stop providing such data at any time without affecting the use of the core functions of this App.

• Automatic Collection: Automatically obtained by the background system during the operation of this App's functions, without you performing additional manual operations. The collection process is completely transparent, will not be collected silently in the background, and will not affect your normal use experience.

• Permission Dependence: All information collection involving device permissions will initiate a permission request through a pop-up window when you use the corresponding function for the first time, and relevant permissions will only be obtained after your explicit consent; you can modify the permission authorization status through the device system settings at any time, and closing non-essential permissions will not affect the normal use of other functions.

3.4 Detailed Explanation of Device Permissions Collected by This App

We list all the device permissions required by this App one by one, clarify the collection method, core usage scenario, collection purpose and data processing method of each permission, ensure that the collection and use of permissions fully comply with the principles of legality, necessity and transparency, and fully protect your right to know and right to choose.

3.4.1 Camera Permission

• Collection Method: When you use the AI image-to-image function for the first time, the App will initiate a request through a pop-up window, and you can independently choose to agree/refuse.

• Core Usage Scenario: Only on the AI image-to-image material upload page, used for you to take real-time static images as outfit transformation creation materials.

• Collection Purpose: Support the core creation function of this App, facilitate you to quickly obtain shooting materials, and generate personalized outfit transformation images.

• Data Processing Method: Only collect the image data you actively take and confirm to upload, and do not store additional original images; the transmission process adopts end-to-end encryption technology, and the data is stored on a secure server that meets global data protection standards; you can delete the uploaded image data at any time, and after deletion, all relevant data including backups will be completely cleared within 7 working days.

3.4.2 Album Permission

• Collection Method: When you use the AI image-to-image function for the first time, the App will initiate a request through a pop-up window, and you can independently choose to agree/refuse.

• Core Usage Scenario: Only on the AI image-to-image material upload page, used for you to select the static images already taken from the device album as outfit transformation creation materials.

• Collection Purpose: Improve the convenience of creation, allow you to use existing materials without re-shooting, and adapt to diverse creation needs.

• Data Processing Method: Only read and obtain the image files you actively select and upload, and will not scan or access other unselected images in the album; the transmission and storage of all data adopt encryption technology, and the unuploaded album images are always independently controlled by you.

3.4.3 Microphone Permission

• Collection Method: When you use the feedback function for the first time, the App will initiate a request through a pop-up window, and you can independently choose to agree/refuse.

• Core Usage Scenario: Only on the App feedback page, used for you to record voice feedback and submit usage problems or function suggestions.

• Collection Purpose: Process your feedback requests more accurately, improve the efficiency of feedback processing, and optimize the product use experience.

• Data Processing Method: Only collect the voice data you actively record and submit; after the feedback is processed, it will be automatically anonymized, and the maximum storage period will not exceed 6 months; the transmission process is protected by encryption, and the voice data will not be disclosed to any third party, and only the relevant responsible personnel of our company can view it when processing the feedback.

3.4.4 External Storage Permission

• Collection Method: When you use the image saving/work release function for the first time, the App will initiate a request through a pop-up window, and you can independently choose to agree/refuse.

• Core Usage Scenario: ① After the image is generated, save the work to your local device; ② Cache editing materials during the creation process to ensure the smoothness of operations such as cropping and adding special effects; ③ Store offline cache data of community works to support offline browsing.

• Collection Purpose: Optimize the App use experience, ensure the smooth operation of functions such as creation, saving, and browsing, and meet your needs for viewing and using works locally.

• Data Processing Method: Only store cache data directly related to the functions of this App and generated image files, and will not access or read other irrelevant files in the device's external storage (such as documents, other App data, videos, etc.); you can delete relevant data at any time through the in-App function; after uninstalling the App, all data related to this App in the device's external storage will be automatically and completely cleared without residue.

3.4.5 App Information Reading Permission

• Collection Method: Automatically obtained when the App starts, without you performing additional operations; the acquisition process is transparent and does not affect the device operation.

• Core Usage Scenario: During the background operation of the App, it is used to read the basic information of this App on your device, including version number, installation time, operation status, etc.

• Collection Purpose: Adapt to different device operating environments, ensure the stable operation of the App on your device, accurately troubleshoot technical problems such as crashes and freezes, and optimize App compatibility and operating performance.

• Data Processing Method: Only collect the operation-related information of this App itself, and never read the information of any other third-party Apps on the device; the collected data is only used for technical optimization and fault diagnosis; after real-time analysis, only the anonymized statistical results are retained, and the original data is not stored; the statistical results are only used to improve the product experience and do not involve any personal privacy information.

3.4.6 Advertising Identifier Permission

• Collection Method: Automatically obtained when the App starts (if your device system supports and enables the advertising identifier function), without you performing additional operations; you can turn off the identifier through the device system settings.

• Core Usage Scenario: The advertising-related function module of the App is only used to receive the advertising identifier (such as AAID) generated by the device system.

• Collection Purpose: If the App launches advertising services in the future, it will be used to realize targeted advertising delivery (only push advertising content related to outfit fashion and creative design), improve advertising relevance, assist advertisers in counting advertising effects and ensure the compliance of advertising services.

• Data Processing Method: Only collect the advertising identifier generated by the device system, will not associate it with any personal identity information, and will not combine data collected from other permissions to build user portraits; you can turn off the advertising identifier through the device system settings at any time; after turning off, the App will stop collecting relevant data, and the obtained identifiers will be anonymized within 15 working days, and will not affect the use of the core functions of this App.

3.5 Statement on User's Right to Control Permissions

You have full control over all device permissions of this App, and can adjust the permission status through the device system settings or relevant functions in the App at any time. We will not restrict the use of core functions or take any form of discriminatory measures because you close non-essential permissions. The specific rights are as follows:

1. Permission Modification: You can turn off any granted permission at any time on the device's [Settings > Apps > StyleMe > Permissions] page; turning off the permission will only cause the corresponding function dependent on the permission to be unavailable, and will not affect the operation of other irrelevant functions (for example, turning off the microphone permission will not affect the normal use of functions such as AI image-to-image, work release, and community interaction);

2. Non-Discriminatory Treatment: We will not reduce service quality, push irrelevant advertisements, restrict function use or take any other form of discriminatory operations because you close non-essential permissions;

3. Re-Authorization Rules: If you re-enable the closed permission later, we will use the permission in strict accordance with the scope and method agreed in this Policy, and will not collect any data beyond the agreed purpose;

4. New Permission Notification: If the App needs to add new device permissions in the future due to function iteration, we will clearly inform you through prominent methods such as App pop-up windows and in-site announcements, collect relevant data only after your explicit consent, and update the permission explanation part of this Policy simultaneously to fully protect your right to know.

4. Purpose of Information Collection

All our personal data collection behaviors are carried out around providing you with higher quality, safe and convenient product services, without any irrelevant collection purposes, and the use of all data is strictly limited to the scope of the collection purpose. The specific purposes are as follows:

4.1 Realize Core Functions

• The image data collected based on the camera and album permissions is used as the core material for AI image-to-image generation, supporting core functions such as outfit transformation image creation, local work saving, and community work release;

• The voice feedback data collected based on the microphone permission is only used to handle your usage problems and function suggestions, and there are no other usage scenarios;

• Basic device information is used to adapt to different devices and system environments, ensuring the stable operation of core functions such as AI image-to-image, image editing, and community interaction.

4.2 Optimize Product Experience

• Provide you with personalized recommendations based on your browsing history, function usage preferences, creation behaviors and other data, accurately push outfit theme materials, AI generation templates and high-quality community works that meet your interests, and reduce interference from invalid information;

• Analyze the overall user usage habits and function usage frequency, optimize the App's interface layout, function operation process and content distribution efficiency, and improve the product's usability and operational smoothness;

• Based on your text/voice feedback, promptly fix product defects, optimize function design, respond to reasonable function needs, and continuously improve the product use experience.

4.3 Safety and Compliance Guarantee

• Monitor the App's operation status, prevent malicious attacks, online fraud, illegal content dissemination and other behaviors, and ensure the safety of your device use and the overall use environment of the App;

• Count the number of legitimate users and function usage data, which is used to complete compliance reports required by regulatory authorities, accept regulatory inspections and other legitimate purposes, and ensure that the App's operation activities comply with the laws and regulations of various regions around the world and the rules of the Google Play Store.

4.4 Other Legitimate Purposes

Within the scope of obtaining your explicit consent or permitted by laws and regulations, the collected personal data will be used for other legitimate purposes directly related to the services of this App, and such purposes will not infringe on your legitimate rights and interests; if it is necessary to use the data for new purposes, we will clearly inform you in advance and separately obtain your consent.

5. Legal Basis for Data Processing

In accordance with major global data protection laws and regulations, the legal basis for us to process your personal data includes the following situations. All data processing behaviors have clear legal support and strictly comply with the requirements of relevant laws and regulations:

5.1 Based on Your Explicit Consent

For data that can only be collected with your authorization of device permissions (such as images taken by the camera, images selected from the album, voice recorded by the microphone), as well as work release data and feedback data actively provided by you, the legal basis for us to process such data is your explicit consent; you can withdraw such consent at any time in accordance with the agreement of this Policy. Withdrawing consent will not affect the legality of data processing behaviors that have been carried out based on legal authorization before the withdrawal.

5.2 Necessary Condition for Fulfilling the Service Agreement

Processing relevant personal data is a necessary condition for us to provide you with the core services of this App (such as AI image-to-image, work saving, community interaction, etc.); if you refuse to provide such necessary data, we will not be able to provide you with complete App services, but you can still use other functions that do not rely on such data.

5.3 Realizing Legitimate Business Interests

On the premise of not harming your legitimate rights and interests and not causing unreasonable impact on your rights, process your personal data for legitimate business interests such as optimizing product experience, ensuring App safety, and counting the number of legitimate users; such data processing is all anonymized and de-identified, and will not identify your personal identity.

5.4 Complying with Legal Obligations

Process your personal data to fulfill compliance obligations in accordance with the mandatory requirements of laws and regulations, including but not limited to responding to regulatory authorities' investigations, cooperating with judicial authorities' legal procedures, complying with tax-related regulations, etc. Such data processing behaviors are strictly carried out in accordance with the scope and requirements of the law.

6. Storage and Protection of Data

6.1 Data Storage Instructions

6.1.1 Storage Location

Your personal data will be stored on a secure server that meets global data protection standards, and the storage location is an overseas data center with a complete data protection system; if cross-border data transmission is involved, we will strictly comply with the provisions of applicable laws and regulations on cross-border data transmission (such as passing the GDPR adequacy assessment, signing standard contractual clauses, etc.), and take measures such as encrypted transmission and permission control to ensure the safety and compliance of the data transmission process.

6.1.2 Storage Period

We only store your personal data for the necessary period required to realize the collection purpose agreed in this Policy. After the period expires, it will be processed in accordance with the following rules, and there is no indefinite storage behavior:

• Creation Materials and Work Data (uploaded images, generated outfit transformation images, works and captions published to the community): If you do not actively delete them, they will be continuously stored until the App stops operating or the retention period required by laws and regulations expires; if you actively delete them, we will completely clear all relevant data including backups within 7 working days.

• Feedback Data (text/voice): Stored until we have completely processed your feedback and confirmed that it is no longer necessary to retain it, the maximum storage period will not exceed 6 months. After the period expires, it will be automatically anonymized and cannot be traced to individuals.

• Device Information and Usage Behavior Data: Stored for 24 months from the date you last used this App. If you use this App again during this period, the storage period will be recalculated; after the period expires, it will be automatically deleted or anonymized.

• Permission Usage Status Data: Synchronized with your App usage cycle. If you uninstall this App, the relevant data will be deleted immediately; if you continue to use it, it will only be updated and stored within the necessary scope.

6.1.3 Exceptional Circumstances

If laws and regulations require mandatory data retention (such as responding to lawsuits, regulatory authorities' investigation requirements, etc.), we will extend the storage period within the scope of the law, and only use such data to fulfill legal obligations, not for any other purposes; after the legal obligations are fulfilled, the relevant data will be processed in accordance with the agreement of this Policy immediately.

6.2 Data Security Protection Measures

We attach great importance to the security of your personal data, and take industry-high-standard technical and management measures to comprehensively prevent personal data from being unauthorized accessed, used, disclosed, tampered with, damaged or lost, ensuring the safety and compliance of data processing. The specific measures are as follows:

6.2.1 Technical Security Guarantee

• Data Transmission Encryption: All personal data is transmitted using end-to-end encryption technology (HTTPS) to ensure that the data is not stolen, tampered with or leaked during transmission;

• Data Storage Encryption: Sensitive personal data is stored in encrypted form and can only be obtained through strict access control; the storage server is equipped with firewall, Intrusion Detection System (IDS), Intrusion Prevention System (IPS) and other protective tools to monitor and resist network attacks in real time;

• Regular Security Testing: Conduct regular security vulnerability scans and penetration tests on the App system and storage server, timely fix potential security risks, and continuously maintain the security and stability of the system;

• Data De-identification: De-identify and anonymize automatically collected device information, usage behavior data, etc., and do not associate them with your personal identity to prevent data from being maliciously identified.

6.2.2 Management Security Guarantee

• Strict Permission Control: Establish a hierarchical data access permission control system, follow the principle of least privilege, only open data access permissions to a small number of authorized employees, and all data access behaviors have complete operation log records, which can be traced throughout;

• Regular Compliance Training: Conduct regular data protection compliance training for all employees, improve employees' data security awareness and compliance operation capabilities, clarify the data protection responsibilities of each position, and strictly prohibit any employee from accessing, using or disclosing user data in violation of regulations;

• Emergency Response Mechanism: Formulate a complete data security incident emergency plan. If a data security incident such as data leakage, loss, or tampering occurs, the emergency plan will be activated immediately, remedial measures will be taken to prevent the expansion of losses, and you and relevant regulatory authorities will be promptly informed of the incident, scope of impact and remedial measures in accordance with the requirements of applicable laws and regulations.

6.2.3 Third-Party Service Provider Control

If it is necessary to entrust third-party service providers (such as server hosting, technical support, data storage, etc.) to process personal data due to business needs, we will sign a strict Data Processing Agreement (DPA) with the third party, clarify the third party's confidentiality obligations, data protection requirements and liability division, and continuously supervise the third party's data processing activities to ensure that they comply with the provisions of this Policy and relevant laws and regulations; if the third party fails to perform data protection obligations, we will immediately terminate the cooperation and require it to bear corresponding legal responsibilities.

Special Reminder: The Internet environment has inherent uncertainty. Although we have taken the above strict security protection measures, we still cannot completely rule out data security risks caused by factors beyond our control such as force majeure, hacker attacks, and equipment failures. You need to understand and bear the corresponding reasonable risks.

7. Sharing and Disclosure of Data

We solemnly commit to strictly protecting the privacy of your personal data and will not arbitrarily share or disclose your personal data to any third party. We will only share/disclose data in the following limited legal and compliant situations, and all sharing/disclosure behaviors follow the principle of least privilege and take strict security measures:

7.1 Obtaining Your Explicit Consent

After you actively confirm and agree in writing or orally, we will share your personal data with the third party designated by you. The scope of sharing is strictly limited to the content you agree to, and there is no over-range sharing behavior.

7.2 Necessary Behaviors to Realize Core Functions

Share limited, de-identified personal data with third-party service providers that provide us with necessary services such as technical support, server hosting, data storage, and payment settlement (if any); such third parties can only use your personal data within the scope of providing services for us, have no other purposes, and must strictly abide by the Data Processing Agreement (DPA) signed with us and relevant confidentiality requirements.

7.3 Complying with Laws and Regulations or Legal Procedures

Disclose your personal data within the scope of the law in accordance with the legitimate subpoenas, rulings, instructions of courts, arbitration institutions, regulatory authorities and other competent authorities, or to comply with applicable laws and regulations and administrative rules; such disclosure behaviors will retain relevant legal documents to ensure compliance.

7.4 Necessary Behaviors to Protect Legitimate Rights and Interests

Share or disclose your personal data within a reasonable and necessary scope to protect the legitimate rights and interests of us, you or other third parties (such as responding to online fraud, handling infringement complaints, protecting personal and property safety, etc.), and such behaviors will not infringe on your legitimate rights and interests.

7.5 Enterprise Merger or Asset Transfer

If an enterprise change such as enterprise merger, acquisition, bankruptcy liquidation, or asset sale occurs, your personal data may be transferred to the transferee as part of the company's assets; we will clearly inform you through prominent methods such as App pop-up windows and official emails before the transfer (except as otherwise stipulated by laws and regulations), and the transferee must issue a written commitment to continue to strictly abide by all terms of this Policy; if the transferee refuses to make such a commitment, we will immediately terminate the data transfer.

Special Statement: Without your explicit written consent, we will never sell your personal data to any third party for commercial interests, and this App has no commercial arrangements related to data sales.

8. Core User Rights

In accordance with applicable global data protection laws and regulations, as a data subject, you enjoy the following core rights. We will provide convenient, efficient and barrier-free support for you to exercise your rights, without any unreasonable restrictions or requirements, and will not charge any fees:

8.1 Right to Know

You have the right to access and understand all relevant information about our collection, use, storage and sharing of your personal data, including purposes, methods, scope, storage period, data recipients, etc. The above information has been fully and detailedly listed in this Policy; if you have further questions, you can consult us through the official email at any time, and we will give a comprehensive and clear reply.

8.2 Right of Access

You have the right to request us to provide a copy of your personal data in our possession, including the creation materials, published works, feedback content you actively provided, as well as the automatically collected device information, usage behavior records, etc.; we will provide you with a copy of the data in a structured, common and machine-readable format (such as CSV, JSON) to meet your data usage needs.

8.3 Right to Rectification

If you find that the personal data of you stored by us is inaccurate, incomplete, outdated, etc., you have the right to request us to correct and supplement the relevant data in a timely manner; we will verify it in a timely manner after receiving your request, and if the verification is true, we will complete the data correction/supplement within 3 working days and feedback the processing result to you.

8.4 Right to Erasure (Right to Be Forgotten)

In the following circumstances, you have the right to request us to completely delete your relevant personal data, and we will complete the deletion operation within the statutory time limit without any unreasonable delay:

1. The purpose of data processing has been achieved, or there is no need to continue storage;

2. You have withdrawn your consent to data processing, and there is no other legal basis for data processing;

3. Our data processing behavior violates applicable laws and regulations or the agreement of this Policy;

4. You no longer use this App, and there is no legal requirement to compulsorily retain relevant data;

5. Other circumstances where data should be deleted as stipulated by applicable laws and regulations.

Exception: If deleting data conflicts with legal retention obligations, contract performance, or public interests, we will restrict the processing of the data (instead of directly deleting it) in accordance with legal requirements, and explain the specific reasons to you in writing.

8.5 Right to Restrict Processing

In the following circumstances, you have the right to request us to restrict the processing of your personal data. During the restriction period, except for storing and protecting the data, we will not perform any other processing on the data unless we obtain your explicit consent or otherwise required by laws and regulations:

1. You have raised an objection to the accuracy of the data, and the verification work is in progress;

2. Our data processing behavior is illegal, but you do not want to delete the relevant data;

3. The storage period of the data has expired, but you need the data to resolve legal disputes;

4. You have withdrawn your consent to data processing, and the relevance between the consent and data processing is still being confirmed.

8.6 Right to Data Portability

You have the right to request us to provide your personal data to you or another data controller designated by you in a structured, common and machine-readable format; this right only applies to data processing activities based on your consent or contractual agreement, and will not harm our legitimate rights and interests.

8.7 Right to Object to Data Sale/Sharing

You have the right to explicitly object to our sale or sharing of your personal data to third parties. If you raise an objection, we will immediately stop the relevant data sale/sharing behavior without any additional conditions.

8.8 Right to Withdraw Consent

You can withdraw your consent to data processing at any time (such as revoking the authorization of device permissions such as camera, album, microphone, etc.). The withdrawal methods include device system settings, in-App permission management, submitting a withdrawal request to the official email, etc.; withdrawing consent does not affect the legality of data processing activities that have been carried out based on legal authorization before the withdrawal, nor does it affect our data processing activities based on other legal bases.

8.9 Right to Complaint

If you believe that our data processing behavior has infringed your legitimate rights and interests, you have the right to file a complaint with the data protection regulatory authority in your jurisdiction. We will actively cooperate with the regulatory authority's investigation and handling and bear corresponding responsibilities in accordance with the law.

8.10 Method of Exercising Rights

If you wish to exercise any of the above rights, you can submit a written request to us through the official contact email listed in this Policy. The email subject must clearly indicate "Exercising Rights + Specific Right Name + Unique Device Identifier (such as Android ID, optional)", and attach necessary identity verification information (such as work release screenshots, function usage record screenshots, etc.) to facilitate us to quickly complete identity verification and improve processing efficiency.

After we receive your valid request, we will give a written reply and complete the processing within 15 working days; if the matter is complex and requires an extension of the processing period, we will inform you in advance through email, and the maximum extension period will not exceed 30 working days (in line with the maximum processing period requirements of GDPR and other laws and regulations).

If you authorize a third party to exercise the above rights on your behalf, you need to provide us with a written power of attorney and the identity information of both parties. After we verify the authenticity of the authorization, we will handle the relevant request in accordance with the entrusted content.

9. Right to Object to Data Sale/Sharing and Opt-Out Mechanism

To fully protect your control over personal data, we have formulated a clear and convenient method for exercising the right to object to data sale/sharing and an opt-out mechanism. You can exercise the relevant rights at any time according to the following operations, and all operations are free and efficient:

9.1 Object to Data Sale

• We do not conduct any data sales activities by default. If it is necessary to carry out activities related to data sales due to business adjustments in the future, we will separately obtain your explicit written consent through prominent methods such as App pop-up windows, official emails, and in-site announcements. Without your consent, no data sales operations will be carried out;

• If you wish to explicitly object to any form of data sales, you can submit an application to the official email (mabelwilson196@gmail.com), with the email subject marked "Object to Data Sale + Unique Device Identifier (optional)". After we receive the application, we will complete the registration within 10 working days and feedback the processing result to you through email; this objection is valid for a long time unless you take the initiative to revoke it in writing later.

9.2 Opt-Out of Data Sharing

If you have agreed to us sharing your personal data with third-party service providers (such as authorizing the use of specific third-party functions), you can opt out of such sharing at any time through the following methods: send an email to the official email with the subject marked "Opt-Out of Data Sharing + Name of Third-Party Service Provider (if known) + Unique Device Identifier (optional)". After we receive the application, we will stop subsequent data sharing activities within 15 working days and notify the relevant third parties to stop using your personal data (except as otherwise stipulated by laws and regulations).

Validity Statement

1. After you raise an objection to data sale or opt out of data sharing, we will immediately stop the relevant data processing activities, but it will not affect the legality of the data sale/sharing activities that have been completed based on your legal consent;

2. If data sale/sharing is a necessary condition for realizing specific functions of this App, your objection or opt-out behavior may lead to the unavailability of the function. We will clearly inform you of this impact through App pop-up windows, emails, etc. before you operate, and you can independently decide whether to continue the operation.

10. Additional Rights for Users in Specific Jurisdictions

In accordance with the exclusive data protection laws and regulations of specific jurisdictions, users in the following regions, in addition to enjoying the core rights agreed in Article 8 of this Policy, also enjoy exclusive additional data rights. We will strictly in accordance with the legal requirements of the corresponding regions to ensure the realization of your additional rights and provide exclusive support for the exercise of rights:

10.1 European Union/European Economic Area (GDPR Applicable Regions)

1. You have the right to request us to explain the specific legal basis for processing your personal data and the category of data recipients (especially the recipient information in the case of cross-border data transmission);

2. If you believe that our data processing behavior violates the GDPR provisions, you have the right to file a complaint with the data protection regulatory authority of your member state or the European Data Protection Board (EDPB). The complaint channel can be queried through the EDPB official website;

3. You have the right to refuse to be subject to decisions made solely on the basis of automated processing (including user profiling) that have legal effects or similar significant impacts on you. This App has no such automated decision-making behavior;

4. If cross-border data transmission is involved, you have the right to understand the cross-border data protection guarantee measures we take (such as standard contractual clauses, adequacy assessment results, etc.), and we will make a comprehensive and transparent explanation.

10.2 California, USA (CCPA/CPRA Applicable Region)

1. You have the right to know whether your personal data has been shared, and request us to disclose the categories, sources, processing purposes and categories of data recipients of your personal data collected, sold and shared by us in the past 12 months. We will provide you with this disclosure report free of charge;

2. You have the unconditional right to object to data sale, and we will not take any discriminatory measures against you (such as reducing service quality, increasing fees, restricting function use, etc.) because you exercise this right;

3. In accordance with the requirements of CPRA, you have the right to restrict our use and disclosure of your sensitive personal data (if any). We will only process your sensitive personal data with your explicit consent or as permitted by law;

4. Your exercise of the right to erasure is not subject to any unreasonable restrictions. After we receive the deletion request, we will complete the data deletion operation within the statutory time limit, except for statutory exceptions (such as fulfilling legal obligations, ensuring safety, etc.).

10.3 Virginia, USA (VCDPA Applicable Region)

1. You have the right to request us to correct inaccurate personal data. After verification, we will correct it in a timely manner and inform you of the correction result in writing;

2. You have the right to opt out of our use of your data for targeted advertising, user profiling or data sale. This opt-out operation takes effect immediately without any delay;

3. If a data breach incident that may harm your legitimate rights and interests occurs, we will notify you and the Office of the Attorney General of Virginia (if applicable) within 72 hours of discovering the breach, and clearly inform you of the category of the breached data, potential impact and the remedial measures we have taken.

10.4 Brazil (LGPD Applicable Region)

1. You have the right to request us to correct, update or anonymize incomplete, inaccurate and outdated personal data. After receiving the request, we will complete the verification and processing in a timely manner;

2. When the data processing behavior may harm your legitimate rights and interests, you have the right to request us to suspend the processing of the data until the relevant risks are eliminated;

3. If we have any illegal data processing behavior, you can file a complaint with the Brazilian Data Protection Authority (ANPD). The complaint process can be queried through the official ANPD channels;

4. Our processing of your personal data will strictly follow the principle of purpose limitation, and will only be used for the purposes that have been legally informed, without any over-range processing behavior.

10.5 United Arab Emirates (FADP Applicable Region)

1. You have the right to request us to confirm whether we are processing your personal data. After receiving the request, we will give a written reply within 3 working days;

2. You have the right to request us to transmit your personal data to other data controllers that meet the requirements of FADP. We will provide the data in a machine-readable format to ensure the realization of the right to data portability;

3. If our data processing behavior violates the FADP provisions, you have the right to request us to bear corresponding compensation liabilities, and we will make compensation in accordance with the law.

10.6 Tips for Exercising Additional Rights

If you are a user in the above regions, please clearly inform your jurisdiction in the written request when exercising additional rights to us. We will provide exclusive support for the exercise of your rights in accordance with the legal requirements of the corresponding regions to ensure that your rights are fully protected.

11. Changes to This Privacy Policy

We may revise this Privacy Policy in accordance with updates to laws and regulations, adjustments to Google Play Store listing policies, iterations and optimizations of product functions, improvements to data processing practices, and other circumstances. The revised policy will more comprehensively protect your personal data rights and comply with the latest global data protection requirements.

11.1 Material Changes

If material changes are made to this Policy (including but not limited to: substantial adjustments to the purpose, scope, method of data collection and sharing rules; significant changes to users' core rights; major updates to applicable laws; changes to the information of the data controller or DPO), we will prominently inform you through in-app pop-ups, prominent in-app announcements, official emails, and other methods. You need to re-check to agree to the revised policy before continuing to use this App; if you do not agree to the revised policy, you may stop using this App, and we will respect your choice and process your personal data in accordance with the original policy.

11.2 Non-Material Changes

If non-substantive adjustments are made to this Policy (such as: optimizing text expression, supplementing details on permission usage, updating feedback processing time limits, etc., without affecting your core rights), we will publish the revised policy on the [About > Privacy Policy] page of this App, and the changed content will take effect on the date of publication; your continued use of this App after the change shall be deemed your acceptance of the revised policy terms.

11.3 Reminder to Review Regularly

We recommend that you review this Privacy Policy regularly to keep abreast of our latest data protection measures and rules. Your continued use of this App after any revision of this Policy indicates that you fully understand the meaning and legal consequences of all revised terms and voluntarily accept their binding force.

12. Contact Us

If you have any questions, comments, or suggestions about this Privacy Policy, or wish to exercise any rights agreed upon in this Policy, please contact us separately through the following official channels, and we will provide you with professional and efficient responses and handling services:

12.1 Official Contact Information

• Data Controller: Baoding Zhaoshang Electronic Technology Co., Ltd.

• Mailing Address: Room 202, Unit 1, Building 4, Jinye Community, Hongxing Road Street, Lianchi District, Baoding, Hebei Province, 071000, China

• Official Email: mabelwilson196@gmail.com

• Service Scope: Consultation on Privacy Policy, requests to exercise personal data rights, data protection complaints, and data-related issues during function use.

12.2 Response Timeframe

• Receipt Timeframe: A confirmation receipt email will be sent within 3 working days after receiving your request;

• Processing Timeframe: General consultations will be processed and results will be fed back within 7 working days; complex issues (such as data access, data portability, cross-border data requests, etc.) will be processed and results will be fed back within 15 working days, with a maximum of 30 working days (complying with the response time requirements of major global data protection laws and regulations);

• Progress Update: If the processing needs to be extended, we will provide you with a progress update every 10 working days to ensure you are timely informed of the status of your request processing.

13. Other Terms

13.1 Relationship with the "User Service Terms"

This Privacy Policy constitutes the core agreement between you and us regarding personal data protection, and together with the "StyleMe User Service Terms", forms the complete legal agreement governing your use of this App. If there is any conflict between the two agreements, matters involving personal data protection shall prevail in accordance with this Privacy Policy, and other matters involving App usage rules and service terms shall prevail in accordance with the "StyleMe User Service Terms".

13.2 Severability

If any term of this Privacy Policy is deemed fully or partially invalid, illegal, or unenforceable by a competent judicial or administrative authority, such determination shall not affect the validity, legality, and enforceability of the other terms, and the remaining terms shall continue to be strictly implemented in accordance with the agreement of this Policy.

13.3 Acceptance of Terms

Your checking to confirm and agree to this Privacy Policy and subsequent use of this App indicates that you have fully and unconditionally understood the meaning and legal consequences of all terms and provisions of this Policy and voluntarily accepted its binding force on both parties. If you do not check to agree to this Privacy Policy, we will not provide you with any services of this App nor collect any of your personal data.

13.4 Governing Law

The formation, performance, interpretation, and dispute resolution of this Privacy Policy shall be governed by the currently effective data protection laws and regulations of major global jurisdictions and the relevant rules of the Google Play Store. In the event of a dispute, both parties shall first attempt to resolve it through friendly negotiation; if negotiation fails, either party shall have the right to file a lawsuit with the competent court where the data controller is located.

Baoding Zhaoshang Electronic Technology Co., Ltd. reserves the final interpretation right of this Privacy Policy.