CyberLink Corporation Privacy Policy for Mobile App

Last Update: April 2024. This CyberLink Corporation Privacy Policy for Mobile App replaces and supersedes all prior versions.

This CyberLink Corporation Privacy Policy for Mobile App along with the CyberLink Corporation General Privacy Policy and Cookie Policy govern your use of and access to our Mobile App. When you use our services, you trust us with your information. This Privacy Policy is intended to help you understand your right to privacy.

Our Privacy Policy explains:

• What information we collect and why we collect it.
• How we use that information.
• The choices we offer, including how to access, update and manage your information.

We tried to keep this policy as simple, clear and easy to comprehend as possible. You should read this Policy carefully in order to protect your right to privacy.

Entities collecting your information

We, CyberLink Corporation (“CyberLink,” “we,” “us,” or “our”), will collect information related to you in our mobile applications, excluding U and FaceMe (collectively "Mobile App"). Information collected through the Mobile App may be stored, transferred and processed by CyberLink Corp. in the United States, CyberLink Corp. in Taiwan, and CyberLink Inc. in Japan (collectively, “CyberLink Group”). All transfers will occur in compliance with data transfer requirements of applicable laws and regulations.

Personal information we collect

Personal information in this Privacy Policy refers to information that could identify, locate or contact a natural person. We collect personal information to provide better services to all of our users – from figuring out basic stuff like which language you speak, to more complex things like which ads you’ll find most useful to you. When using our Mobile App to view our products, we may collect certain personal information in the following ways:

• Personal information you give us
• Analytic
• Engaging advertising
• Email
• Crash reporting
• Feedback and suggestions
• Use of CyberLink's service
• Biometric information (photos/videos if posted on or uploaded to our Mobile App)

How we use personal information on CyberLink’s Mobile App

CyberLink processes personal information on our servers in many countries around the world. We may process your personal information on a server located outside the country where you live. We will ask for your consent before using your personal information for a purpose other than those that are set out in this Privacy Policy.

We may use your personal information when using our Mobile App for the following purposes:

• create your CyberLink account, when needed to communicate with you;
• verify your identity and entitlement to certain products or services;
• communicate with you should you require technical or customer support service;
• connect to you about and manage your participation in contests, offers or promotions;
• Analytic
  Our Mobile App includes app analytic mechanism to log your usage behavior so as to enhance our apps user experiences. The analytics mechanism includes information relating to your usage behavior such as how you use and how often you use our apps. For instances like file types (eg: photo or video), filenames, file extensions, local path of the files that you input to the apps. This analytics do not show information of any photo, video or any materials that you input to the apps. Collected information or data are aggregated for analyze, we cannot use the collected data to target a specific person/user. The analytics are collect via vendors name below:
• Mixpanel;
• Google Firebase Analytics (here’s our partner’s privacy statement); and
• Facebook Analytics (here’s our partner’s privacy statement)
• Engaging advertising
  CyberLink allows other companies, called third-party ad servers or ad networks to display and/or serve advertisements within the Mobile App. These third-party ad servers or ad networks use technology to send, directly to your Mobile App the advertisements and links that appear on Mobile App. Our Mobile App advertising vendor as below:
• Facebook Audience Network (here’s our partner’s privacy statement)
• Google Admob (here’s our partner’s privacy statement)
• Google Ads Customer Match (click here for more details of how Google uses Customer Match data)
• Intowow Innovation
• Crash reporting
  Our Mobile App uses Fabrics or Google Play services to collect crash logs when the apps running on your devices crashed or stopped responding.
• Feedback and suggestions
  Your input and screenshots provided in “Feedback” / Report an Issue” pages in the Mobile App.
• Use of CyberLink’s service
  When you use CyberLink Cloud, DirectorZone, we may collect your usage behavior so as to enhance our Mobile App user experiences.
• When purchasing at our Mobile App
  Our Mobile App acts as a gateway for you to purchase our products online. Purchases of CyberLink products that are initiated from our Mobile App are actually completed on Apple App Store, Google Play, Microsoft Store or any other mobile application stores (collectively known as “Mobile App Stores”). In order to complete a purchase transaction, Mobile App Stores must collect personal information from you, including your credit card number. If you are interested in purchasing CyberLink software through the Mobile App Stores, please view the Privacy Statement of respective stores.
• Biometric information
  We may collect, capture, store, use, receive or otherwise obtain your photo/video or a scan of your face solely for the purpose of providing you with CyberLink’s service. We treat your biometric information with care and confidentially. We do not share, sell, rent, or trade your biometric information with third parties for any promotional purposes. Your biometric information will not be disclosed to, shared with or stored on any server, system or location outside of the device you use to access to CyberLink’s services, except for the services that require cloud computing such as cloud editing or certain AI processing functions.
  We will never use your biometric information obtained through the Mobile App to identify any individual person or for authentication purposes.

If we engage a third-party processor to process your personal information, the processor will be subject to binding contractual obligations to: (i) only process such personal information in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of such personal information; together with any additional requirements under applicable law. We request such third-party processor to purge your personal information upon the termination of relationship and upon your request for deletion.

Personal information we share

We do not share personal information with companies, organizations and individuals outside of CyberLink unless one of the following circumstances applies:

• For external processing and customer/technical support
  We provide personal information to our affiliates or partners to process on our behalf based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures or provide necessary customer and technical support in response to customer’s feedback.
• For legal reasons
  We will share personal information with companies, organizations or individuals outside of CyberLink if we have a good-faith belief that access, use, preservation or disclosure of personal information is reasonably necessary to:
• meet any applicable law, regulation, legal process or enforceable governmental request.
• enforce applicable Terms of Service, including investigation of potential violations.
• detect, prevent, or otherwise address fraud, security or technical issues.
• protect against harm to the rights, property or safety of CyberLink, our users or the public as required or permitted by law.

Children's guidelines

CyberLink is committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children’s online activities. The Mobile App is not intended for children under 16 years of age, and by the Mobile App’s terms of service, users affirm that they are at least 16 years old. We do not knowingly collect or use any online contact information or identifiable off-line contact information about a child without parental consent. We do not knowingly distribute personally identifiable information about children without parental consent. We do not knowingly give children the ability to post or distribute information without parental consent. We do not entice children with children-targeted games or contests that would encourage them to disclose information.

Your Californian Privacy Right

If you are a resident of California, the following section are intend to provide you with information as required by the California Consumer Protection Act of 2014 (CCPA) and the California Privacy Regulation Act of 2023 (CPRA). These sections apply to personal information defined in the beginning of this Privacy Policy.
Right to know and Right to access. We will provide following information upon your request, where relevant and required by the CCPA and CPRA, types of data we may collect, sources from which data may be collected, the purposes to collect data, the third parties that may receive your personal information, and your personal information if we ever collect it.
Right to opt-out. We do not sell or share your Personal Information to any third party for a business or commercial purpose under any circumstances. However, you have the right to opt-out of the sale or share of your personal information in we ever notify you that we engage in such activity.
Right to correct inaccurate Personal Information. If you believe your personal information is not correct you may contact us and provide personal information to replace erroneous data.
Right to Request Deletion of Information. You have the right to request that we delete any information that we have collected from you. However, we are not required to comply with a request to delete where it is necessary for us to retain information in order to:

• Complete the transaction for which we collected the information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
• Debug products to identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
• Comply with legal obligations.
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

If you have questions or concerns with respect to our Privacy Policy, or you want to access, delete, or correct your Personal Information, you may contact us at:

• Written requests be sent to 15F., No.100, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.)
• Attn: Privacy Policy Team
• Call us toll free at (+1) 888-226-6030
• Or by email at: privacy@cyberlink.com

We will respond to these requests for the list within 30 days. Requests that come to us through other channels may result in a delayed response.
The procedure and method of information destruction are as follows.
1)     Destruction procedure
You can delete or request to delete your information by managing your membership and click to delete your information. Once you click to delete your information, your information will be deleted and removed from the cloud storage permanently.

2)     How to destroy
Following by the aforementioned destruction procedure, we will confirm if your information has fully destroyed and removed from the cloud storage. We do not keep your information recorded and stored in paper documents or hardware devices.

Information security

We are committed to protecting your interest when using our services from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:

• We encrypt many of our services using, for example, TLS, SHA-2, etc.
• We review our information collection, storage and processing practices to guard against unauthorized access to systems.
• We restrict access to information to CyberLink’s employees, contractors and agents on a need to know basis in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.

Information retention

We take every reasonable step to ensure that your information are only processed for the minimum period necessary for the purposes set out in this Privacy Policy. The criteria for determining the duration for which we will retain your information are as follows:

(1) we will retain information in a form that permits identification only for as long as:

• we maintain an ongoing relationship with you (e.g., where you are an active user who logs in to our services within past two (2) years, or you are lawfully included in our mailing list and have not unsubscribed); or
• your information are necessary in connection with the lawful purposes set out in this Privacy Policy, for which we have a valid legal basis (e.g., where your information are included in a contract between us and your employer, and we have a legitimate interest in processing those information for the purposes of operating our business and fulfilling our obligations under that contract; or where we have a legal obligation to retain your information),
• plus:

(2) the duration of:

• any applicable limitation period under applicable law (i.e., any period during which any person could bring a legal claim against us in connection with your information, or to which your information are relevant); and
• an additional two (2) month period following the end of such applicable limitation period (so that, if a person brings a claim at the end of the limitation period, we are still afforded a reasonable amount of time in which to identify any information that are relevant to that claim),
• and:

(3) in addition, if any relevant legal claims are brought, we continue to process information for such additional periods as are necessary in connection with that claim.

During the periods noted in paragraphs (2)a and (2)b above, we will restrict our processing of your information to storage of, and maintaining the security of, those data, except to the extent that those data need to be reviewed in connection with any legal claim, or any obligation under applicable law.

Once the periods in paragraphs (1), (2) and (3) above, each to the extent applicable, have concluded, we will either:

• permanently delete or destroy the relevant information; or
• anonymize the relevant information.

International transfer of information

Because of the international nature of our business, we transfer information within CyberLink Group, and to third parties as noted in this Privacy Policy, in connection with the purposes set out in this Privacy Policy. For this reason, we transfer information to Japan, US, and Taiwan that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.

Please note that when you transfer any information directly to any CyberLink Group entity established outside the jurisdiction in which you are located, we are not responsible for that transfer of information. We will nevertheless process such information, from the point at which we receive those information, in accordance with the provisions of this Privacy Policy.

*Transferred personal data:

• Personal details: given name(s); preferred name; and photograph(s).
• Demographic information: gender; date of birth / age; salutation; title; and language preferences.
• Contact details: correspondence address; shipping address; telephone number; email address; and social media details.
• Expertise: records of your expertise, professional history, practicing details and qualification details, information about your experience, participation in meetings, seminars, advisory boards and conferences, information about your professional relationship with other individuals or institutions, language abilities and other professional skills;
• Consent records: records of any consents you have given, together with the date and time, means of consent and any related information (e.g., the subject matter of the consent).
• Purchase details: records of purchases and prices; shipping details; consignee name, address, contact telephone number and email address;
• Data relating to our Sites and Apps: device type; device hardware; device model; device resolution; operating system; browser type; browser settings; IP address; Internet Service Provider; mobile network carrier; language settings; dates and times of connecting to a Site or App; duration of usage of a Site or App; App usage statistics; App version; SR number (for App version); App settings; Firebase Cloud ID (FCM ID); advertising ID; clickstream data; referral URL; exit URL; other technical communications information (some of which may constitute Personal Data); username; password; security login details; usage data; aggregate statistical information; and information about the way you use our Apps after you have installed and registered them (e.g. launch data, feature usage, page clicks, sign-in information, and feature vectors).
• Employer details: where you interact with us in your capacity as an employee of a third party, the name, address, telephone number and email address of your employer, to the extent relevant.
• Content and advertising data: records of your interactions with our online advertising and content, records of advertising and content displayed on pages or App screens displayed to you, and any interaction you may have had with such content or advertising (e.g., mouse hover, mouse clicks, any forms you complete in whole or in part) and any touchscreen interactions.
• Views and opinions: any views and opinions that you choose to send to us, or publicly post about us on social media platforms.

* Users can refuse to transfer their personal information abroad through the company's personal information protection manager and department in charge. If so, the company excludes the user's personal information from the overseas transfer target. However, in this case, the use of the service that necessarily entails the transfer of personal information abroad among the company's services may be restricted.

When this privacy policy applies

Our Privacy Policy does not apply to services offered by other companies or individuals, including products or websites that may be displayed to you when using our Service. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies and other technologies to serve and offer relevant ads.

Merger or sale

If CyberLink is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any information and give affected users notice before information is transferred or becomes subject to a different privacy policy.

Changes

Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes).

General

This Privacy Policy shall be governed by and interpreted in accordance with the laws of Taiwan without regard to conflict of law principles. You and CyberLink hereby irrevocably consent that any legal action or proceeding arising under or in connection with this Privacy Policy must be submit to the personal and exclusive jurisdiction of arbitration in Taipei, Taiwan for the purpose of arbitrating any dispute. In the event that any provision in this Privacy Policy is held to be invalid or unenforceable, the remaining provisions will remain in full force and effect. The failure of a party to enforce any right or provision of this Privacy Policy will not be deemed a waiver of such right or provision. Any waiver, to be effective, must be in writing signed by the waiving party (in the case of CyberLink, by an authorized officer). You may not assign this Agreement (by operation of law or otherwise) without the prior written consent of CyberLink and any prohibited assignment will be null and void. CyberLink may assign this Privacy Policy or any rights hereunder without your consent. You agree that this Privacy Policy and the rules, restrictions and policies contained herein, and CyberLink’s enforcement thereof, are not intended to confer and do not confer any rights or remedies upon any person other than you and CyberLink. This Privacy Policy together with constitute the entire agreement between CyberLink and you with respect to the subject matter hereof. Any notice or other communication to be given hereunder will be in writing and given (a) by CyberLink via email (in each case to the address that you provide), (b) a notice on the service, or (c) by you via email to contact privacy@cyberlink.com or to such other addresses as CyberLink may specify in writing. The date of receipt shall be deemed the date on which such notice is transmitted.

YOU UNDERSTAND AND AGREE THAT, BY ENTERING INTO THIS PRIVACY POLICY, YOU WAIVE THE RIGHT TO GO TO COURT OR TO PARTICIPATE IN A CLASS OR REPRESENTATIVE ACTION.