Haimeta Privacy Policy

Last Updated: August 6, 2025
Effective Date: August 6, 2025

“Haimeta” refers to products and services provided to users under the name Haimeta, including the client application, official website (www.haimeta.com), and other platforms legally owned and operated by ICEWHALE Ltd., a company incorporated in Hong Kong, and its affiliates (hereinafter referred to as “we,” “us,” or “the Company”).

As the operator of Haimeta, we fully understand the importance of personal information to you. We are committed to protecting your personal information and privacy in compliance with the Personal Data (Privacy) Ordinance (Cap. 486) of Hong Kong and other applicable laws and regulations. This Privacy Policy is designed to help you understand how we handle your information. Please read this Privacy Policy carefully before using Haimeta and its related services to ensure that you are fully informed and can make appropriate decisions. By starting to use or continuing to use our products and/or services after updates to this Privacy Policy, you confirm that you fully understand and agree to the content of this policy (including its updates) and consent to our collection, use, storage, and sharing of your information in accordance with this Privacy Policy.

1. Overview

This Privacy Policy explains how we process personal data in various scenarios. When you activate or use Haimeta, we process relevant information to enable the features or services you choose to use or to comply with legal and regulatory requirements. This Privacy Policy provides detailed explanations for these situations, and key terms regarding your personal data rights and sensitive information are highlighted in bold for your attention.

In specific scenarios, we may provide additional notifications (e.g., pop-ups or page prompts) or feature update explanations to inform you about the purposes, scope, and methods of information collection. These notifications and feature update explanations are part of this Privacy Policy and hold the same legal effect. Information will only be collected and processed in accordance with the stated purposes, scope, and methods after obtaining your explicit consent.

The following sections provide detailed information on how we collect, use, store, transfer, disclose, and protect personal data. They also explain how you can query, correct, supplement, delete, copy, or transfer your personal data. Important content regarding your personal data rights and sensitive information is highlighted in bold for your attention.

Sections:

1. How We Collect and Use Personal Data
2. Third Parties Involved in Data Processing and Information Transfers/Disclosures
3. Managing Your Personal Data
4. How We Protect Personal Data
5. How We Store Personal Data
6. Terms for Minors
7. Access and Revisions to the Privacy Policy
8. Contact Us

1. How We Collect and Use Personal Data

We adhere to the data protection principles under Hong Kong law, including lawfulness, fairness, necessity, and transparency when collecting and using your personal data for the purposes outlined in this policy. If we need to use your personal data for purposes not specified in this policy or for specific additional purposes, we will provide you with detailed explanations regarding the collection, use, and handling of the relevant information in a reasonable manner (including but not limited to policy updates, new agreements, page prompts, pop-ups, in-app messages, emails, website announcements, or other easily accessible methods). Your explicit consent will be obtained before collecting and using the information.

System permissions, such as access to your contacts, location, camera, microphone, and photo album, are not enabled by default. We will only request access to these permissions with your explicit authorization when necessary to provide specific features or services. You can revoke these permissions at any time. Please note that declining permissions may prevent you from using certain features but will not affect your access to other functions of the products and services.

To provide you with services, we collect and use your personal data in the following ways:

1.1 Account Services

1.1.1 Registration and Login
You can register and log in to Haimeta (referred to as “Account” or “Haimeta Account”) using a third-party account.
When using a third-party account to register or log in, you authorize us to access information from the third-party platform (e.g., your avatar, nickname, publicly available information, authentication details, and other authorized information) to facilitate your login and use of Haimeta and its related services.

1.1.2 Public Account Information
You may voluntarily complete your profile information, such as a bio. Not providing such information will not impact your use of your Haimeta account or its services.
Your follower count, fan count, usage count, likes, and publicly posted works will be displayed on your personal account homepage.
When we issue announcements regarding violations, the nickname of the violating account may be disclosed.

1.2 Image and Video Generation Services

1.2.1 Service Content
Using artificial intelligence (AI) model technology, we provide content generation services, such as image and video generation. To deliver these services, we collect the text, images, audio, video, and instructions you input or choose. This information is analyzed to better produce content that aligns with your instructions. Additionally, securely encrypted, anonymized data may be used for model optimization.
When using AI content generation features (e.g., importing images or exporting generated content), we may request access to your photo album. Declining this permission will prevent the use of these specific features but will not affect other functionalities of Haimeta.
To ensure high-quality output, original content you upload may be sent to our servers for processing. For features requiring facial analysis (e.g., generating character likeness or lip-syncing), your authorization will be requested for processing content with facial information. If you upload third-party facial content, you are responsible for obtaining the necessary authorization and ensuring no infringement of third-party rights. Rest assured that such content will only be used to achieve specified features and will not be stored or extracted for facial recognition purposes. If images you upload involve your personal likeness, they will not be shared, transferred, or disclosed to third parties without your consent.

1.2.2 Content Browsing
During your browsing of Haimeta content, we record your activity. If you are not logged in, we track activity using device identifiers (e.g., clicks, views, downloads, shares, and feedback). If logged in, we record additional activity through your Haimeta account (e.g., clicks, views, downloads, shares, follows, feedback, likes, and comments).

1.3 Content Publishing

When you upload or publish content on Haimeta (e.g., “remix content,” feedback), we may request permission to access your photo album. If you decline, publishing features may be unavailable, but this will not affect other functionalities of Haimeta.

1.4 Interactions and Follows

When you follow or unfollow creators on Haimeta, we create or update follower relationships. To maintain service stability, we may collect information about user interactions (e.g., browsing, sharing, or visiting profiles of other users).

1.5 Search

When using the search function, we collect search keywords and log information to present more relevant results. We may also record related activity (e.g., entered queries, clicked keywords or suggestions). Declining to provide this information may limit your ability to use certain features or achieve desired service outcomes.

1.6 Other Features

1.6.1 Notifications
We may send you notifications (e.g., alerts, identity verifications, security checks, and user experience surveys) via contact details provided during service use. You can opt out via unsubscribe options in messages or by contacting us directly.

1.6.2 Sharing and Interaction
For sharing or participating in activities, Haimeta may locally access clipboard data to read or write passwords, codes, or links to enable features such as redirects or participation in shared content. Clipboard data is only uploaded to our servers when associated with Haimeta instructions. Clipboard or album data unrelated to Haimeta is not uploaded. Some devices may display clipboard access alerts, even for local processing. Contact us for clarification if needed.

1.6.3 Feedback
You can submit feedback through support@haimeta.com. When submitting feedback, we collect descriptions and supplementary information to address your concerns. If additional information is required, we may request access to relevant activity logs to resolve issues.

1.6.4 Product Operations
To ensure safe and efficient operations, we collect log information (e.g., user ID, User Agent details, timestamps), device details (e.g., model, OS version, MAC address), and network status for diagnosing and resolving service anomalies.

1.7 Operations and Security

To maintain secure, reliable services, we collect necessary data such as hardware details, network information, and operating logs. This includes but is not limited to device identifiers, IP addresses, Wi-Fi and Bluetooth information, and sensor data.

1.8 Cookies and Similar Technologies

We use cookies and similar technologies for the following purposes:

1. Ensuring product and service security;
2. Simplifying access by saving repeated input of personal details;
3. Recording browsing activity for debugging and improvement.

1.9 Service Changes

If there are changes to Haimeta’s products or services that alter how personal data is processed, we will provide updates through page prompts or announcements and seek your consent as required by Hong Kong law.

1.10 Legal Bases for Processing Without Consent

Under certain conditions permitted by Hong Kong law, we may process your personal data without explicit consent, including but not limited to:

1. Necessary for the conclusion or performance of a contract at your request;
2. Necessary for compliance with legal obligations;
3. Necessary for protecting vital interests of natural persons;
4. Processing for legitimate interests that are not overridden by your data protection rights;
5. Processing personal data that you have made publicly available;
6. Other circumstances specified by Hong Kong laws and regulations.

Special note: Under Hong Kong law, information that cannot identify a specific individual either alone or in combination with other information is not personal data. When your information can be used to identify you either alone or in combination with other information, or when we combine data that has not been linked to any specific individual with your personal data, we will treat it as your personal data and handle and protect it in accordance with this privacy policy.

2. Partners Involved in Data Use, and the Transfer or Disclosure of Personal Data

2.1 Partners Involved in Data Use

2.1.1 Fundamental Principles
In our collaboration with partners, we adhere to the following principles:
a) Lawfulness Principle: Data processing activities must comply with Hong Kong legal requirements.
b) Legitimacy and Necessity Principle: Data use must serve legitimate purposes and be limited to what is necessary to achieve those purposes.
c) Security and Prudence Principle: We carefully evaluate the purpose of our partners’ data use, assess their security capabilities, and require compliance with legal agreements.

2.1.2 Data Processing
For scenarios where personal data processing is delegated, we sign agreements with the entrusted partners as required by Hong Kong law and supervise their processing activities.

2.1.3 Joint Processing
For joint personal data processing, we sign agreements with partners that define the respective rights and obligations to ensure compliance with Hong Kong legal requirements and data security during data use.

2.1.4 Scope of Partners
If specific features or scenarios involve services provided by our affiliates or third parties, the scope of partners includes these affiliates and third parties.

2.2 Scenarios for Collaboration

2.2.1 Delivering Features or Services within Haimeta
When you use features provided by our partners within Haimeta, or services jointly offered by software service providers, smart device providers, or system service providers, we may share the necessary information for business purposes. This may include the following:

1. Event Participation:
   • If you choose to participate in marketing events, with your consent, we and our partners may use your name, contact address, phone number, and bank account information to fulfill event rewards.
   • We may also share de-identified device information with partners to verify identity, detect fraudulent activities, and filter illegal activities during reward fulfillment.
   • For events co-hosted with affiliates, account identifiers, participation results, progress, and earnings may be synchronized across participating platforms to ensure a seamless experience.

2. Customer Service:
   • To address complaints, suggestions, or other requests, customer service providers may use your account and related information to promptly understand and respond to your needs. If necessary, your phone number or other contact details may be used for communication.

3. Payment Services:
   • Payment functions are provided by third-party payment institutions (e.g., payment processors) through SDKs or related technologies. These institutions may require your name, ID number, bank card type and number, expiration date, and phone number. ID numbers and bank card details are sensitive information essential for payment processing. Refusal to provide such information will prevent the use of payment features but will not affect other functionalities.

2.2.2 Ensuring Security and Statistical Analysis

1. Security Safeguards:
   • To ensure the safety of products, services, and accounts, and to protect legitimate rights and interests, partners may use necessary device, account, and log information.

2. Product Analysis:
   • For stability analysis, partners providing analytics services may use service-related information (e.g., crash or failure logs), device identifiers, and overall usage data.

3. Academic Research:
   • To advance research capabilities and promote technological progress, we may share de-identified or anonymized data with research institutions and universities for legitimate purposes under secure conditions.

2.3 Operational Changes

In the event of mergers, acquisitions, or asset transfers, your personal data may be transferred. We will ensure the receiving party complies with Hong Kong data protection standards no less stringent than those outlined in this policy. If the receiving party changes the purposes or methods of processing, they must obtain your consent anew.

2.4 Discontinuation of Operations

If we discontinue product or service operations, we will stop collecting your personal data promptly. Notifications will be sent to you individually or through announcements, and relevant personal data will be deleted or anonymized in accordance with Hong Kong law.

2.5 Disclosure

We will not disclose information that you have not made public unless required by Hong Kong law or with your consent. We will inform you of the purpose, type, and possible sensitive nature of the disclosed information and obtain your separate consent where required.

2.6 Transfer

As our business develops, mergers, acquisitions, or asset transfers may occur. We will notify you of such circumstances and continue to protect your personal data according to Hong Kong legal requirements or higher standards stipulated in this policy.

2.7 Legal Exemptions from Consent

Under the following circumstances permitted by Hong Kong law, your personal data may be shared, transferred, or disclosed without your consent:

1. Necessity for fulfilling a contract at your request;
2. Compliance with legal obligations under Hong Kong law;
3. Necessity for protecting vital interests in urgent situations;
4. Public interest activities within reasonable bounds;
5. Processing personal data you have made public or that has been legally disclosed;
6. Other situations as prescribed by Hong Kong laws and regulations.

3. Managing Your Personal Data

We value your ability to manage your personal data and strive to protect your rights under Hong Kong law, including access, correction, deletion, and data portability. This enables you to understand and safeguard your personal data.

Please note that certain business features and services rely on specific information to function. If you withdraw consent or authorization, we may no longer provide the corresponding features or services, nor process the related personal data. However, your decision to withdraw consent does not affect prior processing activities conducted based on your authorization.

3.1 Access and Correction

We encourage you to update and modify your information to ensure accuracy and effectiveness. You can view, access, and manage your account information and request modifications or additions. You can do this through the [Personal - Settings] section, by contacting our customer service, or by sending an email to support@haimeta.com. We promise to complete the verification and processing within fifteen (15) business days. For security, we may require identity verification before allowing access, corrections, or deletions.

3.2 Deletion

You may request the deletion of personal data in the following scenarios, except for data anonymized or as otherwise stipulated by Hong Kong laws and regulations:

1. The purpose of processing has been achieved, cannot be achieved, or is no longer necessary.
2. We discontinue providing products or services, or the retention period has expired.
3. You withdraw consent.
4. Our processing violates Hong Kong laws, regulations, or agreements with you.
5. Other cases prescribed by Hong Kong laws or regulations.

Deletion means removing personal data from systems involved in daily business functions, making it irretrievable or inaccessible. After deletion, due to legal and technical constraints, the information may not be immediately erased from backup systems. During this period, we will securely store your personal data and restrict further processing until backups are cleared or anonymized.

3.3 Data Portability and Transfer

You may contact us using the methods outlined in this policy to request transfer or copies of your personal data. We commit to completing verification and processing within fifteen (15) business days.

3.4 Account Deletion

If you wish to terminate our services, you may request account deletion through the designated methods provided in this policy. We promise to verify and process your request within fifteen (15) days.

After account deletion:
• You can no longer log in or use our services or any third-party services linked to this account.
• Any unused benefits or anticipated rights tied to this account will be cleared.
• All content, information, and records associated with the account will be deleted or anonymized (except as required by Hong Kong law or regulatory authorities).
• Deleted accounts cannot be recovered.

4. Protecting Your Personal Data

We prioritize the security of your personal data and employ reasonable measures to ensure compliance with Hong Kong legal and regulatory requirements, preventing unauthorized access, leakage, alteration, or loss of personal data.

4.1 Security Technical Measures

We utilize industry-standard encryption, de-identification, anonymization, and other reasonable methods to protect your personal data. Security mechanisms are implemented to prevent malicious attacks on your data.

4.2 Management Systems

We have established dedicated security teams, management systems, and data security processes to safeguard your personal data. Measures include:
• Enforcing strict data access controls to ensure only authorized personnel can access personal data.
• Regular security training for staff and audits of data and technology.
• Preparing and implementing emergency response plans for personal data security incidents, aiming to mitigate harm and prevent escalation.

If a security incident (e.g., leakage, alteration, or loss) occurs or may occur, we will promptly notify you per Hong Kong legal requirements, detailing:
• The types of personal data involved, reasons, and potential risks.
• Remedial measures taken and suggestions to minimize harm.
• Ways to contact us for further assistance.

We will notify you through push notifications, emails, letters, SMS, or other appropriate means. If individual notifications are impractical, we will issue public announcements. We will also report the handling of such incidents to relevant Hong Kong regulatory authorities.

4.3 Security Tips

Despite our efforts to adopt effective measures and comply with Hong Kong legal standards, please understand that due to technical limitations and potential malicious activities, absolute security cannot be guaranteed in the internet industry.

We recommend actively safeguarding your personal data by, for example, not sharing your account or related details with others.

If you leave Haimeta to browse or use third-party products or services, we cannot ensure the security of any personal data you submit to third parties. Regardless of whether such use stems from Haimeta links or guidance, we advise caution when engaging with third-party platforms. We will notify you when you access third-party products or services to help you protect your personal data effectively.

5. How We Store Personal Data

5.1 Storage Location

In compliance with Hong Kong laws and regulations, personal data we collect may be stored in Hong Kong or other jurisdictions where we or our service providers operate. When personal data is transferred outside Hong Kong, we will ensure appropriate safeguards are in place as required by Hong Kong law, including:
• Obtaining your explicit consent,
• Ensuring the receiving jurisdiction has adequate data protection laws, or
• Implementing appropriate contractual safeguards.

5.2 Storage Period

We retain your personal data only for as long as necessary to provide you with Haimeta products or services. Examples include:

1. Mobile Number: If you use a mobile number to bind your account, we retain this information to ensure uninterrupted services, handle your inquiries or complaints, and protect your account and system security.
2. Content You Publish: Your content and related information are retained until you withdraw, delete it, or close your account to maintain continuity in service functionality.

After you delete your personal data, close your account, or upon expiration of the required retention period, we will delete or anonymize your personal data, except in the following cases:

1. Legal Retention Requirements: As required by Hong Kong law.
2. Extended Retention for Business Purposes: When necessary for financial, audit, or dispute resolution purposes, retention periods may be reasonably extended.
3. Compliance with Court Orders: Including rulings, orders, or other legal proceedings.
4. Compliance with Government Requests: As mandated by Hong Kong law enforcement or regulatory bodies.

If we cease operations of our products and/or services, we will notify you via push notifications or public announcements. Your personal data will then be deleted or anonymized within a reasonable period, unless otherwise required by Hong Kong law.

6. Terms for Minors

Haimeta primarily caters to adults, but we prioritize protecting the personal data of minors in accordance with Hong Kong law.

1. Minors Under 18: If you are under 18 years old, you must obtain prior consent from your parent or guardian before using our services.
2. Children Under 14: If you are under 14 years old, your parent or guardian must read this Privacy Policy and consent to your use of our services or the submission of your personal data.
3. Guardians: Guardians of minors must review and agree to this Privacy Policy before allowing minors under their care to use Haimeta and related services.
4. Legal Protection: We will only collect, use, share, or disclose a minor’s personal data if permitted by Hong Kong law, explicitly authorized by a parent or guardian, or necessary for the protection of the minor. If we discover that personal data was collected from a minor without verified consent from a parent or guardian, we will take steps to delete the information promptly.
5. Guardian Assistance: If you are a guardian and have concerns regarding the personal data of the minor under your care, please contact us using the details provided in this Privacy Policy.

7. Reviewing and Revising the Privacy Policy

7.1 Reviewing the Privacy Policy

1. Access Points:
   • You can view this Privacy Policy on the registration and login page or the official Haimeta website (www.haimeta.com).

2. Policy Versions:
   • Please note that to meet operational requirements, we may develop different versions of the app depending on your mobile device model, system version, or mobile client. Consequently, some features of Haimeta in specific versions may differ from those described in this Privacy Policy. However, such differences will not affect the purpose, methods, or scope of data processing. The specific features available are subject to the version you are using.

7.2 Updates and Notifications

1. Policy Updates:
   • To provide better services, Haimeta’s products and services will be updated and adjusted periodically. Consequently, this Privacy Policy may be revised from time to time. We will not reduce your rights under the currently effective Privacy Policy without your explicit consent.

2. Notification of Changes:
   • After updating this Privacy Policy, we will release the updated version on Haimeta and notify you of the changes via in-app messages or other appropriate methods to ensure you are informed of the latest content. If changes involve alterations to the purpose, methods, or types of personal data processing, we will obtain your renewed consent.

3. Enhanced Management Features:
   • Through functional updates, we may help you better manage your personal data. Please pay attention to the relevant feature descriptions.

8. Contact Us

8.1 Complaints and Reports

If you believe your personal data rights may have been violated or discover evidence of such violations, you can send an email to support@haimeta.com.
• We will verify and respond to your complaint or report within fifteen (15) business days.

8.2 General Inquiries

If you have questions or suggestions regarding personal data protection, please send an email to support@haimeta.com.
• We will review your inquiry or suggestion promptly and respond within fifteen (15) business days after verifying your user identity.

8.3 Governing Law and Language

This Privacy Policy is governed by Hong Kong law. This English version shall prevail in case of any discrepancy between different language versions of this Privacy Policy.