Popro Privacy Policy

(Effective Date: March 30, 2026)

This Privacy Policy is formulated by Shiyan Kanweiweng E-commerce Co., Ltd. (hereinafter referred to as "we", "our company" or "data controller") to clarify how the Popro application (hereinafter referred to as "this Application") collects, stores, uses, shares and protects the personal information of users (hereinafter referred to as "you"). This Application is only intended for users aged 18 and above, and complies with Google Play Store review standards, the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Lei Geral de Proteção de Dados (LGPD), the French Data Freedom and Privacy Act (FADP) and other globally applicable privacy laws and regulations.

This Application has no registration or login function. You can use it only by checking and agreeing to this Privacy Policy and the User Terms; it does not collect personal identification information (such as name, email address, mobile phone number, etc.), and only collects necessary device and permission information when you actively authorize it. All data processing is based on the principles of legality, legitimacy and necessity.

I. Data Controller and Data Protection Officer (DPO)

1. Basic Information of the Data Controller

- Name: Shiyan Kanweiweng E-commerce Co., Ltd.

- Contact Email: lanemaschimmsandat@gmail.com

- Address: No. 47, Group 6, Qingshan Village, Tanjiawan Town, Yunyang District, Shiyan, Hubei Province

2. Data Protection Officer (DPO)

Our company has appointed a Data Protection Officer (DPO) who is responsible for responding to your privacy rights requests, answering privacy-related questions and handling data compliance matters.

- DPO Email: lanemaschimmsandat@gmail.com

- DPO Responsibilities: Coordinate the compliance of personal information processing, respond to your rights requests, communicate with regulatory authorities, and supervise internal data processing processes.

II. Types and Purposes of Collected Personal Information

This Application only collects information necessary to realize core functions without redundant collection, as detailed below:

Type of Information	Collection Method	Core Purpose	Legal Basis
Device Information	Automatically obtained (at installation and startup)	Adapt to device model and system version, ensure smooth video shooting/playback, and locate service scope	Based on functional necessity (GDPR Art. 6(1)(b); CCPA/CPRA business operation necessity)
Permission Information (Camera/Photo Album/Microphone/External Storage/App Information/Advertising Identifier)	Your active authorization (pop-up confirmation)	1. Camera: Shoot Kpop dance videos, supporting cover dance, original choreography, and practice daily shooting; 2. Photo Album: Select local dance videos to upload and publish; 3. Microphone: Synchronously record sound when shooting dance videos to match video content; 4. External Storage: Store shot/uploaded video materials and support local reading; 5. App Information: Read app version and running status to ensure stable functionality; 6. Advertising Identifier: Provide personalized advertisements, count advertising effects, and optimize user experience	1. Camera/Photo Album/Microphone: Based on your active authorization (GDPR Art. 6(1)(a)); 2. Advertising Identifier: Based on your authorization + legitimate interest (advertising services, GDPR Art. 6(1)(f)); 3. Other Permissions: Based on functional necessity (GDPR Art. 6(1)(b))
Video Content and Interaction Data	Your active upload/operation (like, collect, comment, forward)	1. Store your dance videos and display them on your personal homepage and community content stream; 2. Interaction data (likes, collections, comments): Optimize the content recommendation algorithm to accurately push Kpop dance content you are interested in; 3. Forwarding data: Support sharing to mainstream European and American social platforms such as Instagram and TikTok	Based on your active authorization + functional necessity (GDPR Art. 6(1)(a)(b))
Device Log Information (IP address, access time, operation records)	Automatically collected (server logs)	Ensure app security, troubleshoot faults, count user behavior, and optimize functional experience	Based on legitimate interest (security guarantee, service optimization, GDPR Art. 6(1)(f))

Important Notes

1. This Application does not collect personal identification information (name, email address, mobile phone number, etc.), sensitive personal information (race, religion, health status, etc.), geographical location information, nor does it collect information related to children (strictly complying with children's data protection regulations).

2. Permission authorization is optional. You can turn off authorization at any time in the device system settings (such as turning off the camera/microphone permission), but you will not be able to use the corresponding functions (such as being unable to shoot dance videos) after turning it off.

III. Information Sharing and "Sale" Management

1. Information Sharing Principles

This Application does not sell your personal information to third parties. It only shares necessary information in the following scenarios, and the shared objects are all compliant service providers, which are only used to realize the functions of this Application:

- Necessary Service Providers: Such as cloud storage service providers, video processing service providers, and advertising service providers, used to store videos, optimize video playback, and provide advertising services. All have signed strict data processing agreements requiring them to comply with this Privacy Policy and applicable laws and regulations, and not to use the information for other purposes.

- Legal Requirements: When required by judicial organs or regulatory authorities in accordance with the law, provide necessary information to cooperate with investigations and perform legal obligations, and only provide the minimum scope of information required by law.

- Business Transfer: In the event of merger, acquisition, asset transfer and other situations of our company, we will notify you and require the transferee to continue to comply with this Privacy Policy to protect your information rights and interests.

2. "Sale" and Right to Opt Out of Data Sharing

Definition of "Sale": Refers to the transfer of your personal information to a third party (including advertisers, data brokers, etc.) in the form of currency or other consideration for the third party's marketing or commercial purposes.

- This Application does not currently sell your personal information. If a "sale" occurs in the future, we will notify you in advance through in-app notifications, emails, etc., and provide a clear opt-out channel.

- You have the right to refuse data sharing/sale: You can send an email to lanemaschimmsandat@gmail.com to clearly request to "opt out of data sharing/sale". We will process and reply within 15 working days, and your existing usage rights will not be affected during the processing period.

IV. Data Storage and Security Protection

1. Storage Period

The storage period of your personal information is the shortest time necessary to achieve the purpose of the function:

- Video Content and Interaction Data: Stored until you actively delete it or this Application stops serving. You can delete your own video content on your personal homepage at any time;

- Device Information, Permission Information, Device Logs: Stored until you uninstall this Application, and will be automatically deleted after uninstallation (except for information that needs to be retained in accordance with the law).

- If it needs to be retained due to legal requirements (such as judicial investigation, regulatory requirements), only necessary information will be retained and strictly kept confidential.

2. Security Protection Measures

Our company takes strict technical and management measures to protect your personal information from leakage, tampering and abuse:

- Technical Measures: Adopt encryption transmission (HTTPS), encrypted data storage, access permission control, security audit and other technologies to prevent the risk of hacker attacks and data leakage;

- Management Measures: Establish a data protection management system, conduct privacy compliance training for employees, restrict the access rights of internal personnel to information, and conduct regular security audits and risk assessments;

- Emergency Handling: In the event of a data leakage incident, we will immediately启动 an emergency response, notify you (if applicable) and regulatory authorities affected, and take remedial measures to minimize risks.

V. Your Privacy Rights

Based on GDPR, CCPA, CPRA, VCDPA, LGPD, FADP and other laws and regulations, you enjoy the following privacy rights, which can be exercised by sending an email to lanemaschimmsandat@gmail.com. We will respond within 15 working days (complex cases can be extended to 30 days, which will be notified to you in advance):

1. Right to Access and Obtain Information

You have the right to inquire about the processing of your personal information from us, including the type of collected information, purpose of use, shared objects, storage period, etc.

2. Right to Rectification

If you believe that the information we store about you (such as interaction records, video tags, etc.) is inaccurate, you can request rectification, and we will verify and modify it in a timely manner.

3. Right to Erasure (Right to Be Forgotten)

You have the right to request the deletion of your personal information, including:

- Actively delete dance videos on your personal homepage;

- Request the deletion of non-video data such as device information and permission information (except for information that needs to be retained in accordance with the law).

4. Right to Restrict Processing

You can request us to restrict the processing of your information in the following circumstances:

- The information is inaccurate;

- The processing is illegal, but you do not agree to deletion;

- We no longer need to process the information, but need to retain it to perform legal obligations;

- You object to the legality of the processing.

5. Right to Data Portability

You have the right to request us to provide your personal information in a structured, commonly used and machine-readable format, or directly transmit it to other data controllers (applicable to the scope of GDPR).

6. Right to Object

- You have the right to object to our processing of your information based on "legitimate interests" (such as advertising personalization), and we will stop such processing after your objection;

- You have the right to refuse information sharing/sale, see "III. Information Sharing and 'Sale' Management" of this Policy for details.

7. Right to Lodge a Complaint

If you are not satisfied with our privacy processing behavior, you can:

1. First communicate and resolve through the DPO email (lanemaschimmsandat@gmail.com);

2. Lodge a complaint with the local data protection regulatory authority, such as the EDPB in the EU, the CPRA in California, USA, the ANPD in Brazil, etc.

VI. Applicable Laws and Cross-Border Data Transfer

1. Applicable Laws

This Privacy Policy applies to all users worldwide and complies with the privacy laws and regulations applicable in the user's region, including but not limited to:

- EU/European Economic Area: GDPR;

- California, USA: CCPA, CPRA;

- Virginia, USA: VCDPA;

- Brazil: LGPD;

- France: FADP;

- Other regions: Local data protection laws and regulations.

2. Cross-Border Data Transfer

The servers of this Application are located in China. If your information needs to be transferred cross-border (such as when the service provider is located overseas), we will comply with the cross-border transfer requirements of applicable laws and regulations:

- Obtain your explicit authorization;

- Sign a data protection agreement (such as standard contractual clauses) with the overseas recipient to protect your information rights and interests;

- Ensure that the overseas recipient provides the same level of information protection as in this region.

VII. Protection of Minors

This Application is clearly intended for users aged 18 and above and does not actively collect personal information of minors. If a minor is found to be using this Application, we will immediately stop providing services and delete the relevant information.

VIII. Updates to the Privacy Policy

This Privacy Policy may be updated due to changes in laws and regulations or functional adjustments. After the update, it will be publicly displayed in a prominent position in the Application (such as the settings page, pop-up window at the first startup) and marked with the update date. Major updates will be notified to you through email (if you provide it) or in-app notifications. Your continued use of this Application shall be deemed as your consent to the updated Privacy Policy.

IX. Contact Us

If you have any questions about this Privacy Policy, need to exercise your privacy rights, or put forward complaints and suggestions, you can contact us through the following methods:

- Email: lanemaschimmsandat@gmail.com

- Address: No. 47, Group 6, Qingshan Village, Tanjiawan Town, Yunyang District, Shiyan, Hubei Province

We will wholeheartedly provide you with privacy services and protect your information rights and interests.