Privacy Policy

Date of Publication: October 10, 2025

Effective Date: October 10, 2025

General Provisions of the Privacy Policy

Purpose and Scope

This Privacy Policy (hereinafter referred to as "this Policy") is formulated by the developer and operator of ZOOZIP (hereinafter referred to as "we" or "the Company"). As the developer and operator of the "ZOOZIP" application (hereinafter referred to as "the Application"), we recognise the importance of personal information to you. This Policy aims to clearly and transparently explain our specific practices regarding the processing of personal information during your use of the Application, including information collection, use, storage, and protection, to help you understand your information rights and how to exercise them.

Scope of Application and Effectiveness

1. This Policy applies to all your actions involving the download, installation, and use of the Application and related services (including image/video compression, format conversion, animal skin collection, etc.) via the Apple App Store. It constitutes the core agreement between you and us regarding the processing of personal information.
2. Where matters not explicitly addressed herein involve specific services (such as third-party SDK services), the separate rules accompanying such services shall prevail. Where such separate rules are absent, this Policy shall continue to apply.
3. Before using this application, please read and fully comprehend all provisions of this policy, paying particular attention to bolded clauses (which concern your core information rights and liability limitations). Should you disagree with any clause herein, you must immediately cease using this application. Your continued use shall be deemed as acknowledgement that you have read, understood, and agreed to be bound by this policy.

Core Service Features

As an image and video compression tool, this application performs all core functions locally on your device. Specific features are as follows:

1. You may use the application after granting necessary device permissions (such as access to your photo library), without needing to provide identity information or create an account;
2. Local Data Storage: Your photos, videos, and other files awaiting processing, along with compressed files, compression logs, skin collection records, and other data, are stored locally on your device by default. We do not actively upload such data to cloud servers or third-party platforms.
3. Localised Functionality: Core operations such as image/video compression and format conversion are executed on your device, eliminating the need for network-based file transfers.

Personal Information Processing Practices

Personal Information Collection Scenarios

We collect personal information solely within the "necessary scope" required to provide services, ensure security, or optimise your experience. This includes information you actively authorise or data generated during usage, as detailed below:

Photo and Video Processing-Related Collection

When utilising this application's image/video compression functionality, you must grant access to your photo library. This permission is fundamental to enabling core features:

1. Content collected: Access to photos or video files you actively select when initiating the compression operation, with temporary local reading of basic file information on your device;
2. Purpose of Collection: To complete file compression processing and generate compressed files meeting your requirements. The full file content is not retained during processing; only compression records are stored locally.

Device Information Collection

To ensure stable application operation and optimise feature compatibility, we automatically collect the following non-identifiable device information without requiring additional authorisation:

1. Data collected: Device model, operating system version, unique device identifier, IP address, remaining device storage capacity, network connection status;
2. Purpose of collection: To identify device compatibility issues, resolve application crashes, and optimise compression algorithm adaptability, ensuring service stability across different devices.

Service Data Logging

To analyse user habits and enhance product quality, we automatically collect service log data during application usage:

1. Data collected: Feature usage frequency, operation records, performance metrics, application error logs (e.g., compression failure reason codes);
2. Purpose of collection: To refine feature design, enhance compression efficiency, resolve potential faults, and provide services better tailored to your requirements.

Purpose of Personal Information Use

We strictly adhere to the "purpose limitation" principle. Personal information collected is solely used for the following purposes and will not be utilised beyond these scope:

1. Delivering core services: Enabling image/video compression, format conversion, skin collection, and other functionalities to ensure service operation;
2. Ensuring service security: Identifying abnormal operations, preventing application failures or security risks, and safeguarding your local data security;
3. Optimising user experience: Analysing device compatibility issues and user habits to refine feature design and develop new functionalities;
4. Processing User Feedback: Responding to your customer service enquiries, complaints, or suggestions to resolve issues encountered during usage;
5. Other purposes permitted by laws and regulations: such as cooperating with regulatory investigations or fulfilling statutory obligations.

Should we require personal information for purposes not outlined in this guidance, we shall obtain your separate consent via in-app pop-ups, email, or other appropriate means.

Processing scenarios not requiring authorisation

Pursuant to the Personal Information Protection Law and relevant laws and regulations, we may process your personal information without requiring your authorisation or consent in the following circumstances:

1. Where directly related to national security or defence security;
2. Directly related to public safety, public health, or significant public interests;
3. Directly related to criminal investigation, prosecution, trial, and enforcement of judgments;
4. Where necessary to safeguard your or another individual's vital legitimate interests, such as life or property, and obtaining consent is impracticable;
5. Where the personal information collected has been voluntarily disclosed by you to the public;
6. Where personal information is collected from lawfully publicly disclosed information (such as government-published equipment technical standards);
7. Where necessary for the conclusion or performance of a contract at your request;
8. Necessary for maintaining the secure and stable operation of this application (e.g. detecting and intercepting malicious programme attacks);
9. Other circumstances stipulated by laws and regulations.

Personal Information Storage and Security Safeguards

Storage Location and Scope

1. Storage Location: We store your personal information solely within the territory of the People's Republic of China. Your photographs, video files, compressed records, skin collections, and other such data are stored exclusively on your local device and are not transmitted to our servers.

2. Scope of Storage: The information we store is limited to the "minimum necessary scope required to achieve the service purpose", specifically including:

1. Device information logs;
2. Customer service communication records (e.g., your enquiry content and our responses);
3. Application performance data (e.g., crash logs, compression success rate statistics);
4. Data stored locally on your device (which you control; we do not actively collect this).

Storage Period

1. We retain your personal information only for the period necessary to fulfil the purpose of providing our services:

1. Device logs and application performance data: retained until the issue is resolved or the feature optimisation is completed, for a maximum period of 6 months;
2. Customer service communication records: retained for 12 months after your issue is resolved, after which they are anonymised;
3. Your device's local data: Retention period determined by you; uninstalling the application may result in data deletion.

2. Should we cease operation of this application, we shall notify you at least 30 days in advance via in-app pop-ups and official email. You must back up your local data within the notification period. Upon expiry of this period, we shall delete all stored personal information (except where retention is required by law).

Security Safeguards

We employ dual "technical and managerial" safeguards to protect your personal information against leakage, damage, or loss:

Technical Safeguards

1. Data Encryption: Sensitive information transmitted within the application is encrypted using SSL technology, while non-public data stored locally undergoes data anonymisation.

2. Access Control: Strictly restrict internal personnel's access to personal information, authorising only necessary roles to handle it, with access requiring multi-factor authentication;

3. Security Monitoring: We conduct real-time monitoring of application operations to guard against attacks such as viruses, trojans, and malicious tampering, promptly addressing vulnerabilities (e.g., SDK security flaws) that could lead to data breaches.

Management Safeguard Mechanisms

1. Policies and Procedures: Establish specialised systems including the Personal Information Security Management System and Data Security Incident Emergency Response Plan, clarifying security responsibilities at each stage of information processing and standardising operational workflows;

2. Organisational Safeguards: Establish a dedicated Personal Information Protection Team responsible for overseeing compliance in information processing, evaluating third-party security capabilities, and responding to security incidents.

3. Staff Training: Conduct regular training for internal staff on personal information protection regulations, requiring them to sign confidentiality agreements and strictly prohibiting the disclosure of user information; hold employees accountable for non-compliant operations in accordance with established procedures.

Security Incident Response

Should a personal information security incident occur, we shall immediately activate the emergency response plan:

1. Risk Containment: Implement technical measures to prevent escalation, such as suspending affected SDK services, patching vulnerabilities, and isolating compromised data;

2. User Notification: In accordance with legal requirements, inform users via in-app pop-ups or provided contact details regarding the incident's basic details, remedial actions taken, and self-protection recommendations;

3. Regulatory Reporting: Where the incident involves significant risk, we shall promptly report the handling progress to the relevant regulatory authorities.

Important Notice: The internet environment is not inherently secure. We shall not be held liable for information leaks resulting from your device being infected with malicious software, device loss, voluntary disclosure of data to third parties, or operational errors.

Rules for Sharing and Disclosure of Personal Information

We strictly adhere to the principles of "minimum necessity" and "lawfulness and legitimacy". We do not proactively share, transfer, or disclose your personal information, and only process it lawfully under the following specific circumstances:

4.1 Fundamental Principles of Information Processing

Where third-party processing of personal information is required for service purposes (e.g., application crash analysis, functional support), we shall adhere to the following principles to ensure data security:

1. Lawfulness and legitimacy principle: All information processing activities are based on explicit, lawful purposes with no hidden uses;
2. Principle of Specific Purpose: Third parties are informed of the precise purpose of information processing, and processing is not delegated beyond this scope;
3. Minimum Necessity Principle: Only the minimum information necessary to achieve the purpose is provided to third parties, with no transmission of irrelevant data;
4. Security Assurance Principle: Third parties undergo rigorous security capability assessments. A written Data Processing Agreement is executed, clearly defining the scope of information processing, security responsibilities, and confidentiality obligations, with their processing activities subject to continuous oversight.

4.2 Information Sharing Scenarios

Commissioning Third-Party Processing

We may entrust third-party partners to process certain personal information to fulfil specific service functions:

1. Crash Analysis Services: Entrusting third parties to collect application crash logs and performance data for fault identification and resolution. Data undergoes de-identification during analysis.
2. Functional Support Services: For instance, when engaging third parties to provide image/video format parsing components, such third parties shall only process header information essential for format conversion and shall not access complete file content;
3. All commissioned third parties must comply with this policy, refrain from exceeding the scope of information usage, and provide regular updates on information processing activities.

Third-Party Service Integration

This application may integrate third-party services to deliver a comprehensive functional experience:

1. When using third-party services, the processing of your personal information shall be governed by the relevant third party's privacy policy. We recommend you carefully review such policies prior to use. We shall not be liable for the information processing practices of third-party services, and the inclusion of such services does not constitute our endorsement thereof.

The specific list of third-party SDKs integrated into this application (including provider name, types of information collected, purpose of use, and official website link) is detailed in the "Third-Party SDK List" (Appendix). This list will be dynamically updated as SDKs are adjusted.

4.3 Information Transfer

Should it become necessary to transfer your personal information due to business adjustments (such as company mergers, acquisitions, or asset transfers), we shall:

1. Ensure the transfer complies with the Personal Information Protection Law and relevant regulations, and that the recipient possesses security protection capabilities equivalent to ours;
2. Notify you via in-app pop-ups, official emails, or other means of the recipient's name, contact details, and information processing rules;
3. If the recipient's information processing rules fall below the standards set forth in this guidance, we shall require them to revise their policies to meet the requirements or obtain your renewed authorisation and consent before proceeding with the transfer. Should you object to the transfer, you may cease using this application, and we shall delete your personal information.

4.4 Disclosure in Accordance with the Law

We shall not disclose your personal information publicly except in the following circumstances:

1. Where we have obtained your explicit written consent;

2. When required by laws, regulations, or requests from judicial or administrative authorities;

3. Disclosure within reasonable limits to address public health emergencies or protect the life, health, or property safety of individuals;

4. Where you have voluntarily made such information publicly available;

5. Other circumstances permitted by laws and regulations.

Safeguarding Users' Personal Information Rights

You retain rights to access, rectify, erase, or withdraw consent regarding your personal information. We provide convenient avenues for exercising these rights:

Rights and Their Content

Right to Access

You have the right to inquire about the personal information we process concerning you, including:

Device information collected (e.g., device model, IP address logs);

Records of your communications with customer service;

The purposes and methods by which we use your personal information;

Circumstances under which we share your personal information with third parties.

Right to Rectification

Should you discover any inaccuracies in the personal information we hold about you, you have the right to request that we correct it to ensure its accuracy.

Right to erasure

You have the right to request that we erase your personal information in the following circumstances:

1. Where we have processed your information in breach of laws, regulations, or this policy;

2. The purpose for processing the information has been fulfilled, cannot be fulfilled, or is no longer necessary to fulfil that purpose;

3. We cease providing this application or related services, or the retention period for the information has expired;

4. You withdraw your authorisation for a specific function;

5. Other circumstances stipulated by laws and regulations.

Exercising Your Rights

You may exercise the aforementioned rights through the following methods. We shall process your request after verifying your identity:

1. Requests for access, rectification, or erasure: Send an email to the official email address (AICompressKit@outlook.com). The email must include the following materials:
2. Proof of identity of the applicant;
3. Specification of the type of right being exercised;
4. Description of the relevant information;
5. For applications on behalf of minors, additional proof of the guardian's identity and proof of kinship (e.g., household register) must be provided.
6. Withdrawal of Permissions: You may withdraw authorisation for permissions such as photo library access and notifications at any time via your device's "Settings > Privacy & Security > ZOOZIP". Upon withdrawal, we shall cease collecting information based on such permissions.

Exceptions to exercising rights

In accordance with laws and regulations, we may be unable to respond to your request in the following circumstances:

1. Where directly related to national security or defence security;
2. Directly related to public safety, public health, or significant public interests;
3. Directly related to criminal investigations, prosecutions, trials, or enforcement of judgments;
4. Where there is sufficient evidence indicating you possess malicious intent or are abusing your rights (such as repeatedly requesting the deletion of the same information);
5. Where responding to your request would cause serious harm to the legitimate rights and interests of you or other individuals or organisations;
6. Involving trade secrets;
7. Other circumstances stipulated by laws and regulations.

For reasonable requests, we shall not charge fees in principle. For repeated requests or those exceeding reasonable limits, we may charge appropriate costs or refuse the request, providing reasons in our response.

Protection of Personal Information for Special Groups

6.1 Protection of Minors

This application primarily provides services to adults and implements additional safeguards for minors' personal information:

1. If you are a minor under the age of 18, you must read this guidance in the presence of your legal guardian and obtain their explicit consent before using this application and authorising relevant permissions. During use, you must follow your guardian's guidance to avoid actions beyond your level of understanding.
2. If you are the guardian of a minor and have queries regarding the processing of their personal information, you may contact us via our official email address. You must provide proof of guardianship, the minor's identity documentation, and evidence of your familial relationship. We shall cooperate in verifying identities and prioritise such matters.
3. Should we discover, through technical monitoring or user reports, that personal information of minors has been collected without guardian consent, we shall immediately cease collection and delete the relevant information within three working days following verification. Should you encounter such circumstances, please contact us for assistance; we shall provide timely feedback on the outcome.

Guidance Amendment and Notification Mechanism

Guidance Updates

To adapt to updates in laws and regulations, service functionality adjustments, or optimisations to information processing rules, we reserve the right to revise these guidelines. Revised guidelines will not diminish the rights you currently enjoy under the effective guidelines and will clearly indicate the "date of promulgation" to ensure you are aware of the update timing.

Notification of Changes

1. Notification of Significant Changes: Should significant alterations be made to this policy, we shall notify you via in-app notifications and official email (if you have provided an email address). You must acknowledge having read the changes before continuing to use this application.
2. Non-Material Change Notification: For non-material changes such as wording refinements or supplementary security measure descriptions, we shall notify you via standard in-app notifications.
3. You may review the latest version at any time via the "Settings - Privacy Policy" page within this application to ensure timely awareness of information processing rules.

Contact Us and Dispute Resolution

Contact Us

Should you have queries regarding this policy, wish to exercise your personal information rights, or report personal information security issues (such as discovering SDKs collecting information in violation of regulations), you may contact us via the following channels:

1. Official email: AICompressKit@outlook.com
2. Response Timeline: We shall acknowledge receipt of your email within 3 working days and respond within 15 working days after verifying your identity. For complex issues, the response period may be extended appropriately, but shall not exceed 30 working days. You will be notified in advance of any extension and the reasons for it.

Dispute Resolution

1. The establishment, validity, interpretation, performance and dispute resolution of these Guidelines shall be governed by the laws of the Mainland Region of the People's Republic of China (excluding the laws of Hong Kong, Macao and Taiwan regions);
2. Any dispute arising from or in connection with these Guidelines shall first be resolved through friendly consultation between the parties. Should consultation fail, either party shall have the right to bring proceedings before the People's Court with jurisdiction in the defendant's place of residence.

Supplementary Provisions

Independence of Provisions

Should any provision of these Guidelines be deemed invalid, voidable, or unenforceable by a judicial or arbitral authority, such determination shall not affect the validity of the remaining provisions, which shall continue to be performed in accordance with their original terms. The invalid provision shall be interpreted in a manner that most closely approximates the original intent, subject to compliance with applicable laws.

Textual Effect

These Guidelines may be provided in multiple language versions (e.g., English). In the event of any conflict between different versions, the Simplified Chinese version shall prevail.

Effect of Annexes

The "Third-Party SDK List" (Annex) constitutes an integral part of these Guidelines and shall have equal legal effect. Your use of this application shall be deemed as acknowledgement of having read and agreed to the contents of the Annex. Notification of any updates to the Annex shall be provided to you concurrently with updates to these Guidelines.

Appendix: Third-Party SDK List

Firebase SDK

Company Information: Google LLC

Information Collected and Purpose: For analysing crash information and optimising product experience;

Official website link: https://policies.google.com/privacy?hl=zh-cn

Google Mobile Ads SDK

Company Information: Google LLC

Information collected and purpose: Device and storage information; for the provision of advertising;

Official website link: https://policies.google.com/privacy?hl=zh-CN

AppsFlyer SDK

Company Information: AppsFlyer Inc.

Information collected and purpose: Device and storage information; for the provision of advertising;

Official website link: https://www.appsflyer.com/legal/services-privacy-policy/

Sensors Analytics SDK

Company Information: Sensors Analytics

Information Collected and Purpose: To analyse crash information and optimise product experience;

Official website link: https://manual.sensorsdata.cn/sa/docs/tech_sdk_client_privacy_policy