Ssoul Privacy Policy

-Last Updated: December 12, 2025-

 1. Introduction  
We respect your privacy and are committed to protecting it. This Privacy Policy explains how we collect, use, store, and delete facial data and other information when you use our app.

 2. Data We Collect  
- Photos and videos you voluntarily upload to create face swaps, dancing videos, video-from-image effects, or anime-style images.  
- Temporary facial data (face landmarks, 3D facial mesh, and facial embeddings) automatically extracted from your uploaded media solely to generate the requested AI effects.

We do not collect your name, email address, Apple ID, location, contacts, or any other personal identifiers unless you contact support.

 3. How and Why We Store Facial Data (Required Detailed Disclosure)

-Purpose of storage-  
Facial data is temporarily stored on our secure cloud servers only when on-device processing is technically insufficient to deliver high-quality results (e.g., complex video face swaps or dancing animations that require powerful GPUs).

-Duration of storage-  
All facial data (landmarks, meshes, and embeddings) is automatically and permanently deleted from our servers -no later than 48 hours- after the processing of your request is completed.

-Reason for choosing exactly 48 hours-  
- 24 hours is required for normal processing and delivery of results.  
- An additional 24-hour buffer is retained solely to handle possible user support requests (e.g., “my video failed to generate, can you check?”) and automatic retry of failed jobs.  
- After 48 hours, no technical or customer-support purpose remains, so the data is irreversibly deleted. Retaining data indefinitely or for longer periods would be unnecessary and disproportionate.

-Deletion process-  
Deletion is automated, irreversible, and verified by daily logs. No backups are kept.

 4. Sharing of Facial Data – Full Transparency  
We do -not- sell, rent, license, or otherwise share your photos, videos, or facial data with any third party for advertising, analytics, marketing, or any other purpose.

The -only- entity that may temporarily receive facial data is:  
-Our cloud processing provider-: Amazon Web Services (AWS) in the United States, acting strictly as a data processor under a binding Data Processing Agreement (DPA).

-Details of sharing with AWS-  
- Facial data is transmitted encrypted (TLS 1.3) only when cloud processing is required.  
- AWS processes the data on our behalf and is contractually prohibited from using it for any other purpose, including training their own models.  
- AWS stores the data only for the same maximum 48-hour period described above.  
- After 48 hours, AWS automatically and permanently deletes all data and does not retain any copies or backups containing your facial information.  

No other third parties (including analytics providers, advertising networks, or social platforms) receive access to your facial data at any time.

 5. On-Device Processing  
Whenever possible, all face detection and effects are performed 100% on your device. No data leaves your iPhone/iPad in these cases.

### 6. Data Security & Detailed Facial Data Handling  
(Fully compliant with App Store Review Guideline 5.1.1(i)–(v) – expanded version)

6.1 Explicit Statement on Retention 
We do notretain your facial data after the strict retention window described below. All facial data is automatically and permanently deleted with no backups or archives kept.

6.2 Purpose and Necessity of Temporary Storage 
Facial data (face landmarks, 3D facial mesh, and facial embeddings) must be temporarily stored on secure cloud servers only when:  
- On-device processing cannot deliver acceptable quality or speed (e.g., high-resolution video face swaps, multi-person dancing videos, or complex text-to-video generation that require GPU clusters).  
- The task would otherwise fail or produce visibly poor results.

6.3 Exact Retention Period and Precise Justification for 48 Hours 
- All facial data is automatically and irreversibly deleted no later than 48 hoursafter the requested effect has been successfully generated and delivered to your device.  
- The 48-hour window is composed of:  
  – Up to 24 hours for initial processing, result delivery, and automatic retries in case of temporary network or server issues.  
  – An additional maximum 24 hours solely to allow our support team to troubleshoot rare failed generations if you contact us within that window (e.g., “my video never arrived”).  
- After 48 hours, no legitimate technical or customer-support purpose exists. Retaining the data longer would be unnecessary, disproportionate, and contrary to data-minimization principles. Indefinite storage is never performed.

6.4 Third-Party Access – Complete Transparency 
The onlythird party that ever receives your facial data is:  
Amazon Web Services, Inc. (AWS)– acting exclusively as our data processor under a binding Data Processing Agreement (DPA) and GDPR/US-compliant addendum.

Reason for sharing with AWS 
We share facial data with AWS only when cloud-based GPU computation is technically required to complete your requested effect.

AWS storage practices (as required by Apple) 
- AWS temporarily stores the data only for the exact same maximum 48-hour period described above.  
- Storage is necessary solely to perform the computation on our behalf and to enable immediate re-processing in case of transient failures.  
- After 48 hours, AWS automatically and permanently deletes all facial data from its systems. No copies, backups, or logs containing facial data are retained.  
- AWS is contractually prohibited from using the data for any other purpose (including training its own models).  
- Full details of AWS’s processor obligations are available at:  
  https://aws.amazon.com/compliance/data-processing-addendum/  
  and https://aws.amazon.com/privacy/

No other third parties — including analytics providers, advertising networks, machine-learning partners, or social platforms — receive your facial data under any circumstances.

6.5 Security Measures 
- End-to-end TLS 1.3 encryption in transit  
- AES-256 encryption at rest  
- Access restricted to a minimal number of authorized personnel  
- Daily automated deletion verification logs  
- Regular third-party security audits

 7. Your Rights  
You may request confirmation of deletion or raise any concern at any time. We will respond within 7 days.

 8. Children’s Privacy  
The app is not directed to individuals under 17. We do not knowingly collect facial or other personal data from children under 17.

 9. Changes to This Policy  
We will notify you of any material changes via the app and App Store.

 10. Contact Us  
Email: kiyuxbjd@outlook.com