Face Analysis Test Privacy Policy

Effective date: December 2, 2025

I. The Personal Information We Collect and Its Uses

“Personal information” refers to various kinds of information recorded electronically or by other means that can identify a specific natural person either alone or in combination with other information, or that can reflect the activities of a specific natural person. We will collect and use your personal information based on the following purposes.

(1) Photos You Upload (Face Data)

When you use Face Analysis Test to perform intelligent face testing, beauty analysis, skin analysis, face shape analysis, beauty PK/contest and other functions, we will, based on your active operations, collect the static photos containing faces that you choose to upload or take with the camera (including photos you take directly, or a frame captured from a recorded video, hereinafter collectively referred to as “face data”).

1. Purpose of Collection and Use

We only use your face data to provide you with the following functions and display the analysis results to you, including but not limited to:

• Beauty analysis: Analyze facial features such as eyes, nose, mouth, and face shape to generate beauty scores and evaluations;
• Skin analysis: Analyze your skin condition (such as spots, acne, dark circles, skin health, etc.) and generate a skin report;
• Face shape analysis: Analyze your face shape type and display descriptions related to your face shape;
• Beauty PK / contest: When you actively upload group photos for comparison, generate beauty comparisons and rankings based on the above analysis results and display them only to you.

During the analysis process, the system may temporarily extract technical features related to your face in memory (such as facial key point positions, skin feature parameters, scores, etc.) to complete the image analysis. These intermediate data only exist briefly during the analysis process and will not be independently stored for a long time or used for other purposes.

In some functions, we may provide you with a way to obtain clearer facial images by recording a short video and then selecting a frame from it. In this process, the recorded video and its audio may be saved by the system to your local device/photo library and are managed by you:

• We do not upload the complete video or audio file to the server;
• We do not recognize, analyze, or separately store the content of your voice;
• We will only upload and use, for this analysis, the single frame image of your face captured from the video after you confirm it, and this frame will be treated as “face data”.

Unless you later actively select such a video or images from it in the app and request an upload, we will not collect, upload, or process that video or its audio content.

We will not use your face data and related technical features for identity recognition or identity verification. We will not create a persistent “face template” that can be used across different scenarios, and we will not use face data for advertising, user profiling, behavior tracking, or any other purposes unrelated to the functions of this app.

2. Uploading, Storage Method, and Retention Period

• The facial photos you select or take in the app (including frames captured from videos) will be uploaded over the network to our servers for processing;
• We will temporarily store the photos and their corresponding analysis results for the time necessary to complete the analysis;
• The maximum retention period for photos (including face data) and the corresponding analysis results on our servers is 1 day (24 hours);
• After the above period, we will delete the relevant data or perform irreversible anonymization so that it can no longer be linked to any specific individual.

The above does not affect the original photos or videos that the system saves in your local photo library. Such local files are managed by you.

3. Your Choices

If you do not use the relevant functions, we will not collect your face data.

You may also refuse us to collect the corresponding photo information by declining camera or photo library permissions, but some functions may not work as a result.

(2) Device Information

Based on the specific permissions you grant during the installation and use of Face Analysis Test and related services, we may collect the following device-related information, including but not limited to:

• Device model;
• Operating system version;
• Device configuration;
• Device identifiers (such as IDFV, etc.);
• Device network information (such as network type);
• Device environment information;
• Other hardware and software characteristic information.

When you take photos, if you have enabled location services in the system and granted authorization, Face Analysis Test may use the system camera to write the shooting location into the photo’s metadata (such as EXIF information), so that you can manage and view photos by location in the system photo library.

When you later submit such photos for testing in the app, we may receive the shooting location and other location information embedded in the photos along with the photos. Unless necessary to comply with laws and regulations or to complete the current service, we will not separately extract or analyze such location data, nor will we use it for location profiling, behavior tracking, precision marketing, or other purposes unrelated to the main functions of this app.

If you do not want location information to be recorded in your photos, you can disable the camera’s location function in Settings > Privacy > Location Services on your device, or refuse to grant the relevant location permission in the system popup.

The purposes for which we collect the above device and related information are:

• To provide you with a better-matched service and display experience;
• To understand product compatibility and improve performance and stability;
• To ensure service security and prevent malicious programs, attacks, or abnormal usage.

The above information usually cannot identify your specific identity on its own, and we will not use it for any purposes unrelated to this service.

(3) Network Log Information

When you use Face Analysis Test and related services, we may automatically collect service usage-related network log information, such as:

• Dates and times when you use Face Analysis Test and related services;
• App runtime status, crash logs, etc.

This information is mainly used to:

• Help us troubleshoot issues and improve product stability;
• Identify abnormal usage and safeguard service security;
• Comply with relevant laws and regulations.

(4) Security and Risk Control

We may use or integrate your device information and related network log information in order to:

• Enhance your security when using our services;
• Protect your and other users’ or the public’s personal and property safety from infringement;
• Prevent security risks such as phishing, fraud, security vulnerabilities, computer viruses, cyber attacks, and intrusions;
• Better identify and handle behaviors that violate laws, regulations, or the Face Analysis Test terms and rules;
• Make a comprehensive judgment of abnormal usage behaviors, monitor and prevent security incidents, and take necessary recording, analysis, and handling measures in accordance with the law.

(5) Customer Service and Communication Records

When you contact us via QQ, email, or other means, we may retain your communication records and related content, or the contact details you provide (such as email address, QQ number), for the purposes of:

• Contacting you;
• Helping you resolve issues;
• Recording handling plans and results for relevant issues;
• Improving our products and services.

(6) Exceptions Where Prior Consent Is Not Required

In accordance with relevant laws and regulations, we may collect and use your personal information without your prior consent in the following circumstances:

• Directly related to national security or national defense security;
• Directly related to public safety, public health, or major public interests;
• Directly related to criminal investigations, prosecutions, trials, or execution of judgments;
• To protect your or other individuals’ life, property, and other major lawful rights and interests where obtaining your consent is difficult;
• Personal information that you have disclosed to the public yourself;
• Personal information that is collected from legally disclosed information, such as legal news reports or government information disclosure channels;
• As necessary to sign or perform a contract at your request;
• Other circumstances as provided by laws and regulations.

If we cease operation of Face Analysis Test and related services, we will immediately stop collecting your personal information and notify you of the termination of services through separate notices or announcements, and will delete or anonymize your personal information in accordance with relevant laws and regulations.

II. Device Permissions We May Need to Obtain

To provide you with relevant functions or services, we may need to request the following iOS system permissions. You may choose whether to grant or revoke these permissions at any time:

(1) Camera Permission

Purpose:

• Call the device camera to take photos or record videos to obtain your facial image in order to implement portrait recognition, beauty test, skin test, face shape analysis, beauty PK, and other functions;
• When you collect facial images via video recording, we will capture a single clear frame from the video as a facial photo, and only this captured frame will be uploaded to the server for analysis; the complete video will not be uploaded.

Notes:

• If you do not use the above functions, we will not access your camera;
• You can manage or disable the app’s camera access at any time under Settings > Privacy > Camera on your device.

(2) Photos (Photo Library) Permission

Purpose:

• Read and upload photos from your photo library to implement portrait recognition, beauty test, skin test, face shape analysis, beauty PK, and other functions;
• When you use the in-app shooting/recording functionality, the system may save the photos or videos you capture to the photo library so that you can manage and view them yourself;
• Unless you actively select photos or video frames from your photo library within the app for testing and initiate an upload, we will not actively access or collect other photos or videos stored in your photo library.

Notes:

• If you do not use the above functions, we will not access your photo library;
• You can manage or revoke the app’s access to the photo library under Settings > Privacy > Photos on your device.

(3) Microphone Permission

Purpose:

• When you choose to collect facial images by recording short videos, the system will invoke both the camera and microphone to record video with sound, from which we will capture clear frames to generate facial photos for beauty tests, skin tests, face shape analysis, beauty PK, and related functions;
• We will not upload video or audio files to the server, nor will we recognize, analyze, or separately store your voice content.

Notes:

• If you do not use the video recording method for face collection, we will not access your microphone;
• You can manage or disable the app’s microphone access under Settings > Privacy > Microphone on your device.

(4) Location Permission

Purpose:

• When you take photos, if you have enabled location services and granted authorization, we will obtain your current location through the system camera to write the shooting location into the photo’s metadata (such as EXIF), so that you can manage and view photos by location in the system photo library;
• We do not perform continuous background location tracking, nor do we separately record or upload your real-time location;
• When you later actively choose and upload photos containing shooting location information for testing, we may receive such location information along with the photos, but we will not use this information for location profiling, behavior tracking, precision marketing, or other purposes unrelated to the main functions of this app.

Notes:

• If you do not want to save shooting locations in your photos or do not want us to receive your location information along with the photos, you can turn off the camera’s or the app’s location authorization in Settings > Privacy > Location Services, or choose “Don’t Allow” in the system popup;
• Even if you have already granted permission, you can still revoke location permissions at any time in the system settings, but some functions that rely on writing shooting locations into photos may no longer be available or may be affected.

Aside from the permissions mentioned above, we will not actively enable other system permissions that may involve your personal information. Even if you have granted permissions, you may revoke them at any time in system settings, but some functions may no longer function properly as a result.

III. How We Share and Disclose Your Personal Information

(1) Sharing

We will not sell your personal information to any company, organization, or individual.

Under the premise of not harming your legal rights and interests, we also will not share your personal information with third parties unless:

• We have obtained your explicit consent or authorization in advance;
• We are required to do so by laws or regulations, or by administrative or judicial authorities in accordance with the law;
• It is necessary to protect the life, property, and other major lawful rights and interests of you or other natural persons, and it is difficult to obtain your consent;
• Other circumstances as provided by laws and regulations.

Special notes:

• At present, we have not integrated any third-party SDKs (including but not limited to analytics, crash reporting, advertising, third-party face recognition, or third-party cloud storage SDKs), and we will not provide your photos, face data, analysis results, or other personal information used for precision marketing to third-party advertisers;
• Regarding your face data (photos containing faces and corresponding analysis results), we will not provide them to any third party for its independent use, nor will we provide your face data to third-party advertisers or data analytics institutions for advertising, user profiling, or other commercial purposes;
• We will not upload or provide the complete videos or audio files you recorded to third parties for their independent use.

If in the future we need to integrate third-party services or third-party SDKs (for example, cloud storage, analytics, crash analysis, etc.), we will update this Privacy Policy and provide additional notices in an appropriate form, clearly listing the names of such third parties, the types of personal information collected, the purposes of use, and the processing methods. Where necessary, we will obtain your explicit consent again.

(2) Disclosure

We will not publicly disclose your personal information to any third party unless:

• You actively choose to disclose it, or explicitly authorize us to disclose it, in which case we will disclose the relevant information within the scope you consent to;
• In accordance with laws and regulations or the requirements of competent authorities, we may disclose your personal information in the following situations:
  • Related to national security or national defense security;
  • Related to public safety, public health, or major public interests;
  • Related to criminal investigations, prosecutions, trials, and execution of judgments;
  • Necessary to protect your or other individuals’ life, property, and other major lawful rights and interests where obtaining your consent is difficult;
  • Personal information collected from legally disclosed channels (such as legal news reports, government information disclosure);
  • Other situations where disclosure is required by laws, regulations, or competent authorities.

IV. How We Protect Your Personal Information

(1) Security Technologies and Management Measures

We will take reasonable and feasible security protection measures to prevent your personal information from being used illegally, or from unauthorized access, disclosure, alteration, damage, or loss. Within a reasonable level of security, we will adopt the following measures, including but not limited to:

• Using encryption technologies (such as SSL/HTTPS) to protect data transmission;
• Encrypting storage of sensitive information (including photos, face data, and related analysis results) and performing anonymization or de-identification as much as possible;
• Establishing sound security mechanisms to prevent malicious attacks;
• Establishing strict access control mechanisms, following the principle of least privilege, and only authorizing necessary personnel to access personal information;
• Regularly conducting security and personal information protection training to enhance employees’ security and compliance awareness.

If a personal information security incident such as a data breach occurs, we will activate the emergency response plan to prevent the incident from expanding further and will notify you via push notifications, announcements, or other means, fulfilling relevant obligations in accordance with laws, regulations, and regulatory requirements.

(2) Data Security Management System

We have established a relatively complete data security management system. Starting from the entire life cycle of data, we strengthen personal information security from multiple dimensions, including organizational management, institutional development, process specifications, and technical measures. Specifically:

• Establishing dedicated management systems and organizational structures;
• Strictly limiting the scope of people who can access information and requiring them to assume confidentiality obligations;
• Auditing and supervising relevant operations.

If a personal information security incident occurs, we will report the handling progress and results to relevant regulatory authorities as required.

(3) Avoiding Excessive Collection

We will take reasonable and feasible measures to avoid collecting personal information unrelated to realizing the functions.

If you discover that your personal information (especially photos, face data, location information, etc.) has been leaked, please contact us immediately so that we can take corresponding protective measures upon your request.

Please also note: when you use our services, the information you actively share or disclose publicly may involve your or others’ personal information. Please be cautious when choosing to share or publicly disclose such information.

V. How You Can Manage Your Personal Information

(1) Accessing Your Personal Information

In the current version of Face Analysis Test, you are not required to register an account, and we do not collect registration information such as your name or mobile phone number that can directly identify your identity.

The personal information generated during your use mainly includes:

• Photos you actively upload or take, and corresponding analysis results (face data);
• Device-related information and network log information.

These types of information are generally not retained in the app for a long time, and the maximum retention period for photos and face data on the server is only 1 day. If you wish to confirm whether we still retain specific information related to you or need to know relevant records, you may contact us through the contact information listed in Section IX of this Policy. We will respond to your access request within 15 days.

(2) Correcting or Supplementing Your Personal Information

Under the current product design, you generally do not need to provide us with registration information that directly identifies your identity. If you believe that we have misunderstood or incorrectly recorded personal information about you, you may request corrections or supplements via the contact information provided in Section IX of this Policy, and we will handle your request within a reasonable period.

(3) Deleting Your Personal Information

Personal information generated when you use Face Analysis Test (such as photos, face data, and analysis results) will be processed according to the purposes and retention periods set out in this Policy. We will also proactively delete or anonymize the information after the retention period expires.

You have the right to request that we delete your personal information in the following situations:

• Our processing of personal information violates laws or regulations;
• We collect and use personal information without your explicit consent;
• Our processing of personal information seriously violates our agreement with you;
• You no longer use our products or services;
• We permanently cease providing products or services to you.

If we decide to respond to your deletion request, we will also, where possible, notify related parties that obtained your personal information from us and request that they delete it in a timely manner (if applicable), except where otherwise provided by laws and regulations or where such parties handle the information independently based on your separate authorization.

When you delete information from our services, we may not immediately delete the corresponding information from backup systems, but we will delete or anonymize it when the backups are updated.

(4) Changing the Scope of Your Authorization and Consent

Each business function requires some basic personal information (see Section I of this Policy). In addition, for optional permissions (such as camera, photo library, microphone, and location), you may change or withdraw your authorization at any time in your device’s system settings:

• Adjust permissions under Settings > Privacy > Camera/Photos/Microphone/Location Services on your device.

Once you withdraw authorization, we will no longer process the personal information within the scope of that permission. However, your decision to withdraw authorization will not affect the personal information processing that has been carried out based on your prior consent.

(5) Our Responses to Your Requests

For security reasons, you may need to submit your request through contact methods we have verified, and we may require you to complete reasonable identity verification before processing your request (for example, by providing relevant usage records, contact information, etc.).

We will respond within 15 days. If you are not satisfied with our response, you may also further complain or provide feedback through the contact information listed in this Policy.

We generally do not charge fees for reasonable requests. For repeated requests that exceed a reasonable limit, we may charge a certain cost-based fee.

We may be unable to respond to some or all of your requests in the following circumstances:

• Directly related to national security or national defense security;
• Directly related to public safety, public health, or major public interests;
• Directly related to criminal investigations, prosecutions, trials, or execution of judgments;
• There is sufficient evidence of subjective malice or abuse of rights by the personal information subject;
• Responding to your request would cause serious damage to the lawful rights and interests of you or other individuals or organizations;
• Involves trade secrets.

VI. How We Handle Personal Information of Minors

We attach great importance to the protection of minors’ personal information.

If you are a minor under the age of 18, please read this Policy with your guardian and use our products and/or services and provide your personal information only after obtaining your guardian’s explicit consent.

If you are the guardian of a minor under the age of 14, when you allow the minor under your guardianship to use our products and/or services, we will assume that you have agreed to our processing of the personal information of the minor under your guardianship in accordance with this Policy.

Where we collect personal information of minors with the guardian’s consent, we will only use, share, transfer, or disclose such information within the scope permitted by laws and regulations, explicitly agreed to by the guardian, or necessary to protect the minor.

If your guardian does not agree that you use our services or provide personal information to us in accordance with this Policy, please stop using our services immediately and ask your guardian to contact us in a timely manner.

If you are a guardian of a minor and have any questions regarding the minor’s use of our products and/or services or the information they have provided to us, please contact us in a timely manner and we will provide prompt assistance.

VII. Where and How We Store Your Personal Information

We will store your personal information collected in accordance with this Policy in encrypted form and adopt reasonable security measures to protect it.

(1) Storage Media and Location

Your personal information will be stored on servers set up by us in accordance with the law or hosted by legally compliant service providers that we engage. We will require such service providers, through contracts and other means, to strictly protect your personal information in accordance with this Policy and applicable laws and regulations, and not to use your personal information for their own purposes.

(2) Storage Period

We will retain your personal information for the shortest period necessary to achieve the purposes described in this Policy. After that period expires, we will delete or anonymize your personal information, except where laws and regulations require otherwise.

Specifically:

• Photos (including photos containing faces, i.e., face data) and analysis results: We will retain them for up to 1 day (24 hours) as necessary to achieve the analysis purpose, after which we will delete them or perform irreversible anonymization;
• Device information, network logs, and security-related records: Generally retained for the shortest period necessary to achieve the purposes described in this Policy, unless laws and regulations require a longer retention period.

Except where laws, regulations, or judicial authorities require us to extend the retention period, we will promptly delete or anonymize your personal information after the retention period expires. When an extension is required, we will store your personal information securely in encrypted form and isolate it from normal business data until it can be deleted or anonymized in accordance with the law.

Once again, please note: the retention period above does not include photos, videos, and other files (including shooting location information embedded within them) stored by the system on your local device or in your photo library. Such local files are managed by you, and we do not upload or remotely control them.

VIII. Updates to This Privacy Policy

Our Privacy Policy may be adjusted or changed from time to time.

Without your explicit consent, we will not reduce your rights under this Privacy Policy. If there are major changes to this Policy, we will notify you by posting an announcement in a prominent place within Face Analysis Test or via pop-up prompts.

“Major changes” in this Policy include, but are not limited to:

• Significant changes in our service model, such as substantial adjustments to the purpose of processing personal information, the types of personal information processed, or how personal information is used;
• Significant changes in our control structure, such as changes in ownership due to mergers or reorganizations;
• Changes in the main recipients of personal information sharing, transfer, or public disclosure;
• Significant changes in how you participate in personal information processing or exercise your rights;
• Changes in the department responsible for personal information security, our contact information, or complaint channels;
• Personal information security impact assessment reports indicating high risks.

If such changes constitute major changes, we will present the updated Privacy Policy to you in a prominent way (such as a prominent notice or pop-up) before the changes take effect and, where necessary, obtain your consent again.

IX. How to Contact Us

If you discover any security issues such as potential personal information leakage, or if you have any questions, suggestions, or complaints regarding this Privacy Policy, you may contact us through the following methods:

If you are still not satisfied with our response, especially if you believe that our handling of your personal information has infringed upon your legitimate rights and interests, you may file a lawsuit with a people’s court that has jurisdiction over the place where the defendant is domiciled and seek a resolution through judicial channels.