WuMask Privacy Policy

Privacy Policy

Last Modified: 9 May 2025

Your privacy is important to us.

Leeta Technology Pte. Ltd. and its affiliates (“Leeta”, “we”, “us” or “our”) are dedicated to protecting the privacy of our users (“users” or “you”). This Privacy Policy (this “Policy”) is meant to explain our practices regarding how we collect, store, use, manage and protect your user information (including your personal information) as a controller and/or business under applicable data protection laws during your use of WuMask application including all its features (our “Services”).

Please note that the scope of this Policy is limited solely to your user information (including your personal information) collected or received by Leeta when you are using the Services. In this Policy, “personal information” refers to any information or combination of information that can be used to identify, contact or locate an individual to whom the collected information pertains. For the purpose of this Policy, the term “affiliates” shall mean any entity which directly or indirectly controls, is controlled by, or is under common control with Leeta Technology Pte. Ltd.. For the purpose of the foregoing, “control” shall mean the direct or indirect ownership of more than 50 per cent of the outstanding voting securities or capital stock of such entity or other comparable equity or ownership interest.

BY USING OUR SERVICES, YOU ARE AGREEING TO THIS POLICY AND THE COLLECTION, USE, PROCESSING, RETENTION, DISCLOSURE AND SHARING OF YOUR USER INFORMATION, INCLUDING YOUR PERSONAL INFORMATION, IN THE MANNER PROVIDED IN THIS POLICY. IF YOU DO NOT AGREE WITH ANY OF THE TERMS OF THIS POLICY OR ANY SUBSEQUENT CHANGES TO THIS POLICY, PLEASE DO NOT USE OUR SERVICES.

Please note that it is mandatory for you to provide certain categories of data (as specified at the time of collection). In the event that you do not provide any or sufficient data marked as mandatory, we may not be able to complete the registration process or provide you with our Services. Also, please note that, unless we define a term in this Policy, all capitalized terms used in this Policy have the same meanings as in our Terms of Service. So, please make sure that you have read and understand our Terms of Service.

If you have any questions regarding this Policy or any privacy-related matters, please contact our Data Protection Officer via email at [email protected] (please quote “WuMask” in your email title) or via registered mail at 67 AYER RAJAH CRESCENT, 02-10/17, LAUCHPAD 139950, SINGAPORE (attention: Legal Department, Leeta). If your email is sent to an incorrect email address, relating to an incorrect subject matter, it may lead to a potential delay or failure in processing your requests properly.

THE INFORMATION WE COLLECT

In order to provide and improve our Services, we will collect and process your personal information and user information in accordance with this Policy. If you do not provide this information, we may be unable to provide you with our products or Services. You should ensure that all personal information and user information submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with all or some of our Services.

Mobile Device Information

When you use our Services on your mobile device, we will collect information about your device, including its International Mobile Equipment Identity (“IMEI”), Unique Device Identifier (“UDID”) or Android ID, Universally Unique Identifier (“GUUID”), and Identifier for Vendor (“IDFV”), Integrated Circuit Card Identifier (“ICCID”), Media Access Control (“MAC”) address, Open Anonymous Device Identifier (OAID), the type of device you use, operating system version, a list of mobile applications installed on your device and resolution, which will be used by us for statistical and/or analytical reasons, including without limitation to improve our technical functionality, server load-balancing, analysis of technical data relating to your mobile device so as to optimize our Services and graphics adaptation.

Mobile Analytics

We use mobile analytics software to allow us to better understand and improve the functionality of our Services. Such software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from.

Network Information

When you use our Services, we will collect information about the network you use, including the name of the operator and the type of network, so as to understand the distribution of operators and networks used by our users. In addition, we will collect information such as the name of the WiFi network to which you connect, the location of the WiFi network, and the duration of your WiFi connection to understand the environment under which you prefer to use our Services.

Log Information

When you use some of our Services, including generating and browsing certain content, we will automatically collect certain relevant log information stored in WuMask (“Log Information”). Log Information may include (i) details on when and how often you use our Services, (ii) device statistics, including critical operation paths, errors, crashes, language and time zone. This Log Information is used to improve our Services and is NOT USED to identify our users individually.

Transaction information

If you purchase the paid services provided by us, we may receive information about your transaction such as when it was made.

Social Media and Login Services

If you choose to sign in using third-party social networks or services (such as Google), we may collect information from those services, including your login or registration information for those services.

Information Received from Our Partners and Other Third Parties

We may link your subscription information with the data information we receive from our partners or other third parties (such as Firebase provided by Google) to help smoothly facilitate Our Services for you, to better understand your needs and to provide you with better Services experience. Use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Image Information

By choosing to use the masking feature of our Services, you understand and agree that we must upload your photos to our server for processing before returning processed photos to you for the purposes of providing such service to you and continuous optimization and that we will also receive the EXIF data about your photos (EXIF data may contain GPS coordinates where photos were taken and processed, equipment type, ISO and information about the front and rear cameras and creation time, depending on the equipment manufacturer) for the purpose of further optimizing our Services, such as providing a better match of photo effects to your equipment.

Metadata

Metadata refers to technical data associated with user content. Put simply, metadata is data that describes data. For example, metadata can describe the analysis results of facial features, gender, age, race of the characters in photos and other elements contained in photos, which are generated and tagged by the computer algorithm and artificial intelligence. When you use our Services, we will use photo metadata to provide you with certain features including precise “Facial Recognition”, “Key-Points Recognition”, “Region Segmentation”, “Content Tags” and other custom features based on a combination of these basic features. We may use your photo metadata to provide you with more suitable filters and better photo effect when our apps process your photos; we may also make use of the metadata to serve up a more contextually relevant products or services to you.

Facial Feature Information

In order to provide certain Services, apart from utilizing metadata as mentioned above, we may collect your facial feature information (including but not limited to facial images) and use face recognition technology to recognize faces in photos and camera experiences. We may detect and use facial marks to provide face recognition contents and facial manipulation features. The information we collect cannot be used for identifying a specific person, and is used to provide the mentioned features only. When the content recommendation is finished or upon the closing of the application, the facial mapping information is discarded. This information is not shared with any third parties.

We will neither use the results for other purposes, nor capture any data in the file nor upload data to the server for recording purposes.

Cookies

We use “cookies” that store and retrieve information of user’s usage from time to time provide customized Services for each user. Cookies are small amounts of information that the server uses to operate the app/website, sends to the user’s device and are also stored on the hard disk in the user’s device. You may refuse the installation of cookies. Information collected may include information about your Internet Protocol (IP) address, browser type, Internet Service Provider (ISP), referring and exit pages, your operating system, dates and timestamps, and clickstream data.

Purpose of use of cookies: Cookies are used to provide information optimized for each user by identifying the visit to and use type of each service and website that the user has visited, popular search terms, secure access status, etc.
Installation, operation and refusal of cookies: A user may refuse the installation of cookies by sending an email to [email protected](please quote “WuMask” in your email title) .
If a user refuses to store cookies, he or she may experience difficulties in using customized Services.

Information Collected by Third Party Services

Our Services provided to you may contain our service provider’s Application Programming Interfaces (APIs) or Software Development Kits (SDKs), which may have tracking tools of such service providers. These third parties may use cookies, APIs and SDKs on our Services and collect and analyze user information. Third parties may access your information such as your device identifiers, region (defined as the location where a given language is used), location information and IP address under their respective privacy policies. If you want to know more about such third parties, you may send an email to [email protected] (please quote “WuMask” in your email title).

Information that You Proactively Provide to Us

When you contact us (including but not limited to our customer support team and Data Protection Officer), we collect the data you provide to us, for example, your contact details (e.g. email address and/or telephone number).

Other Information

We may also collect other information which is not related to your identity. For example, we may collect information on the type and version number of your operating system to better understand system upgrades, we may collect information on your system language for the purpose of language adaptation, and we may collect your App list to understand user preferences. If we choose to collect such information, we will do so for the purpose of improving our Services provided to you.

HOW WE USE INFORMATION

We generally use the information we collect:

To provide, analyze, and maintain our Services
To fulfill requests for products, services, functionality, support and information for internal operations, including troubleshooting, data analysis, testing, research, statistical, and survey purposes and to solicit your feedback
To improve and develop Our Services and conduct product development
To enhance the safety and security of Our Services And to help us detect abuse, fraud, and illegal activity in Our Services
To communicate with you, including to notify you about changes in Our Services
To comply with our legal obligations

We may also use your information for other purposes. We use your information only when we have a valid legal basis.

SECURITY OF YOUR INFORMATION

We attach great importance to the security of your data and have adopted standard industry practices to protect your data and prevent it from unauthorized access, disclosure, use, modification, damage, or loss. We employ administrative, technical, and physical security controls where appropriate, such as encryption, 2-step verification, and strict contractual confidentiality obligations for employees and contractors.

If any data incident occurs, We will notify you, pursuant to relevant legal and regulatory requirements, of the basic data about the security incident and its possible impact, measures that We has taken or will take, suggestions about active defense and risk mitigation, and remedial measures. The notification may take the form of an email, text message, push notification, etc. If it is difficult to notify data subjects one by one, we will take appropriate and effective measures to release a Security Notice. In addition, we will also report the handling status of data security incidents as required by supervisory authorities.

We pay high level to attention to your data security and specially have a commission of data security, which leads and coordinates relevant departments in processing data security and inspects the risk level of data security on a periodical basis; in the meanwhile, the head of the commission will be the Data Protection Officer whose duty includes guarantee of our company-wide performance in fulfilling the commitment of data security, etc.You can contact our Data Protection Officer via email at [email protected] (please quote “WuMask” in your email title).

HOW WE STORE YOUR INFORMATION

We will collect, store, and use your personal data in accordance with this Privacy Policy and applicable laws, wherever it is processed.

When you use Our Services on your devices, your data may be stored locally on the devices you use to access Our Services. When you sync your Devices with our Service, such data will be replicated on our servers maintained by us for processing and storage.To store your personal data replicated on our servers, we recourse to data hosting services provided by Amazon Web Services, Inc. (a subsidiary of Amazon.com Inc.) that have adopted technical and organizational measures to protect your personal data against unauthorized/unlawful processing and accidental loss, destruction or other damage. We take your privacy seriously and, therefore, encrypt your personal data – if possible – before sending it to the hosting organizations for the purposes of its storage.

Data privacy laws or regulations in your country/region may differ from those in the places where you are located. We will collect, store, and use your information in accordance with this Privacy Policy and applicable laws, wherever it is processed.

We retain your data for no longer than is necessary for the purposes stated in this Privacy Policy.Once the retention period expires, we will delete or anonymize your data, unless otherwise required by applicable laws and regulations.

HOW WE SHARE YOUR INFORMATION

We do not share your data with other companies, organizations and individuals unless one of the following circumstances applies:

(a) Sharing with your consent.

After obtaining your consent, we will share the data that you have authorized with specified third parties or categories of third parties to the extent permitted by applicable laws and regulations.

(b) Sharing pursuant to laws and regulations.

We may share your data as required by laws and regulations, for resolving legal disputes, or as required by administrative or judiciary authorities pursuant to law.

Your data may be shared within our affiliates only for explicit, and legitimate purposes, and the sharing is limited only to data required by services.

(d) Sharing with third parties.

We may share your information with third parties who provide services on our behalf to help with our business activities. These services may include:

Payment processing;
Providing customer services;
Conducting research and analysis;
Providing cloud computing infrastructure.

We will not share with or disclose to third parties (other than our service providers) your personal information in whole or in part except for the purposes of:

(i) protecting the security of others or their property;

(ii) preventing or dealing with fraud;

(iii) safeguarding our legitimate rights and interests;

(iv) taking action in line with our purposes as described in the “The Information We Collect” or the “How We Use Information” sections;

(v) complying with laws, rules and regulations or requests by government departments, judicial authorities, law enforcement, or private parties, which are typically designed to uphold Internet security and the rights, property and safety of us, our users and third parties; and/or

(vi) evaluating or completing a transaction where we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or other event where your information may be sold or transferred.

WHAT ARE YOUR RIGHTS AND CHOICES

You can control and manage your data, you have the following rights and choices:

(a) Access, Correction, and Portability. You can access and edit most of your basic account data right in WuMask.You have the right to receive a copy of certain of your data in a structured, commonly used and machine-readable format. If you need to do so, please contact us.

(b) Withdraw your consent. In most cases, if you let us use your data, you can simply revoke your permission by changing the settings in the app or on your device if your device offers those options. Of course, if you do that, certain services may lose full functionality.

(c) Deletion.

If for some reason you ever want to delete your account, you can contact us.

You can also delete some information in the app, like photos you’ve uploaded to WuMask.

You may request that we delete the data we hold about you where:(i) you believe that it is no longer necessary for us to hold your data;(ii) we obtained your consent to process the data and you withdraw that consent (and we have no other valid legal grounds for processing the data);(iii) you believe we are unlawfully processing your data; or(iv) you are or were under the age of 16 (or such applicable age of majority under relevant local laws) when we collected the data and we can verify this.

(d)Restrict processing

If you want to restrict the processing of your personal data, please contact us. You have the right to restrict the processing of your data under the following circumstances:(i) your data is unlawfully processed, but you do not want to erase it;(ii) you have a legal claim that you need to establish, exercise, or defend, and you requested us to keep your data when we would not otherwise keep it;

Your request for objection is pending our verification process; or(iii) you have contested the accuracy of your personal data, and the accuracy of your data is pending our verification process.

Because your privacy is important to us, we will ask you to verify your identity or provide additional information before allowing you to manage your data. We may also reject your request to your data for a number of reasons, including, for example, if the request risks the privacy of other users or is unlawful.

INFORMATION ABOUT CHILDREN

We will not knowingly collect or request personal information from children under 16 (or any other age stipulated by law applicable to your region). If you are under such age, please do not send your personal information to us, including but not limited to your name, address, phone number or email address. If you believe we may have any information about children under 16 (or any other age stipulated by law applicable to your region), you may send an email to [email protected] (please quote “WuMask” in your email title) or send a registered mail to 67 AYER RAJAH CRESCENT, 02-10/17, LAUCHPAD 139950, SINGAPORE (attention: Legal Department, Leeta). If we learn that we have collected personal information from children under 16 (or any other age stipulated by law applicable to your region), we will promptly take steps to delete such information and terminate the associated account.

CROSS-BORDER DATA TRANSFERS

Depending on the jurisdiction in which you are a user of, and subject to the special rules and policy of such jurisdiction as stated in this Policy, you understand and agree that all information collected via or by us may be transferred, processed, and stored anywhere in the world, including but not limited to, Singapore, the People’s Republic of China, in the cloud, on our servers, on the servers of our affiliates, or the servers of our service providers, in order to provide our Services.

AMENDMENTS TO THIS POLICY

You agree that we may update this Policy according to relevant laws and regulations or based on our business decisions, and you agree to be bound by any such revisions hereto. We will post any significant changes to this Policy on WuMask or notify you by other means as required by law.

ADDITIONAL NOTICE FOR CALIFORNIA RESEDENTS(HOW WE COMPLY WITH CCPA)

The California Consumer Privacy Act (CCPA) enhances privacy rights and consumer protection for individuals who reside in California. We are committed to full CCPA compliance.

What categories of personal information do we collect?

We may collect personal identifiers, such as your transaction information; activity information relating to internet or other electronic networks such as interaction with app.

We do not knowingly collect any information about anyone under the age of 16.

Do we share, disclose or sell your personal information?

Where required we share your personal information with third parties to comply with a legal obligation; when we believe in good faith that an applicable law requires it; at the request of governmental authorities conducting an investigation; to verify or enforce our terms of use or other applicable policies; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of you, third parties, our business or the public.

We do not sell your personal information.

What are your rights under the CCPA?

If you are a resident of California, the CCPA grants you the following rights:

The right to request disclosure of our data collection and sales practices in connection with your personal information, including the categories of personal information we have collected, the source of the information, our use of the information and, if the information was disclosed or sold to third parties, the categories of personal information disclosed or sold to third parties and the categories of third parties to whom such information was disclosed or sold;
The right to request a copy of the specific personal information collected about you during the 12 months before your request (together with right listed above, a “personal information request”);
The right to have such information deleted (excepting where such information is required to: i.provide you with goods or services you requested; ii. detect or resolve issues security or functionality-related issues; iii. comply with the law; iv. conduct research in the public interest; v. safeguard the right to free speech; and vi. carry out any actions for internal purposes that you might reasonably expect).
The right to request that your personal information not be sold to third parties, if applicable.
The right not to be discriminated against because you exercised any of the new rights.

You are entitled to make two information requests within a 12-month period. If you make an information request, we will need to collect certain information from you in order to verify your identity. You will receive a response to your request within 45 days.

Opt-Out Options

If you don’t want us to collect and/or process your information any more please contact us at [email protected]. Note that if you decide to opt out of data collection and processing this can affect some functions and you may not be able to use all features of Our Services to the fullest extent possible.

How can You submit a personal information request?

You can submit a personal information request via email at [email protected].

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your personal information. For all requests, we will need to collect certain information from you in order to verify your identity.

ADDITIONAL NOTICE FOR EU/EEA RESIDENTS(HOW WE COMPLY WITH GDPR)

The General Data Protection Regulation(GDPR) regulates the processing of personal data about individuals in the European Union. We are committed to full GDPR compliance.

What are your rights under the GDPR?

You have many rights relating to your personal information. Additional information on your rights can be requested directly from the data protection regulator within your country. Your rights include:

The right to object to processing

You have the right to object to certain types of processing, including processing for direct marketing.

The right to be informed

You have the right to be provided with clear, transparent, and easily understandable information about how we use your information and your rights (such as the information provided in this policy).

The right of access

You have the right to request access to your information and certain other information relevant to how your information is attained and used.

The right to rectification

You are entitled to have your information corrected or amended if it is inaccurate or incomplete.

The right to erasure

This right, also known as ”the right to be forgotten,” allows you to request that your information be permanently deleted or removed if you feel that you no longer want us to keep and use it. There can be exceptions to this dependent upon the situation.

The right to restrict processing

You have the right to block or suppress the further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be blocked to make sure the restriction is respected in future.

The right to data portability

You have the right to obtain and reuse your personal information for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our information technology systems and theirs safely and securely, without affecting its usability.

The right to lodge a complaint

You have the right to lodge a complaint about the way we handle or process your personal information with your national data protection regulator.

The right to withdraw consent

If you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful). This includes your right to withdraw consent to us to use your personal information for marketing purposes.

If you make a request regarding your rights, we have one month to respond to you. If you would like to exercise any of the above rights, you can contact us via email at [email protected].

Legal basis of processing your personal information

We process information if one of the following applies:

a. Necessary for entry into, or performance of, any contract(s) with you (Art 6(1)(b) of the GDPR). This applies to section 5(1) to provide Our Services, which include troubleshooting, identifying, supporting.

b. Necessary for the legitimate interests of us, where these are not overridden by your interests or fundamental rights and freedoms (Art 6(1)(f) of the GDPR). This applies to section 5(2) to improve and develop our Services, 5(3) to protect the security and prevent criminal activity.

c. Necessary for compliance with a legal obligation to which we are subject (Art 6(1)(c) of the GDPR). This applies to section 5(4) to comply with our legal obligations.

How do we comply with data transfer rules?

When transferring data from the European Economic Area (EEA), the United Kingdom, or Switzerland to non-EEA countries,, we rely on one or more of the following legal mechanisms: Standard Contractual Clauses, and the European Commission's adequacy decisions about certain countries, as applicable.

How to contact us?

If you have any questions about this privacy policy or if you would like to exercise any of your rights, you may contact our Data Protection Officer via email at [email protected].

Additional Notice for Brazilian Residents(How We Comply with LGPD)

The Brazilian Privacy statute, Lei Geral de Proteção de Dados (LGPD), enhances privacy rights and consumer protection for individuals who reside in Brazil. We are committed to full LGPD compliance.

The grounds on which we process your personal information

We can process your personal information only if we have a legal basis to do so. The following legal bases are recognized under the LGPD:

Your consent to processing activities;

Our compliance with a legal and regulatory requirements;

Carrying out of public policies provided in laws or regulations or based on contracts, agreements and similar legal instruments;

Carrying out of a contract and its preliminary procedures, in cases where you are a party to said contract;

Exercising of our rights in judicial, administrative or arbitration procedures;

Protection or physical safety of yourself or a third party; and

Our legitimate interests, provided that your fundamental rights and liberties do not prevail over such interests.

Your Brazilian privacy rights

You have the right to:

obtain confirmation of the existence of processing activities on your personal information;
access your personal information;
have incomplete, inaccurate or outdated personal information rectified;
obtain the anonymization, blocking or elimination of your unnecessary or excessive personal information including information that is not being processed in compliance with the LGPD;
obtain information on the options to provide or deny your consent and the consequences thereof;
obtain information about the third parties with whom we share your personal information;
obtain, upon your express request, the portability of your personal information (except for anonymized information) to another service or product provider, provided that our commercial and industrial secrets are safeguarded;
obtain the deletion of your personal information being processed if the processing was based upon your consent, unless one or more exceptions provided for in Article 16 of the LGPD apply;
revoke your consent at any time;
file a complaint related to your personal information with the Brazilan National Data Protection Authority (Autoridade Nacional de Proteção de Dados or “ANPD”);
oppose a processing activity in cases where the processing is not carried out in compliance with the law;
request clear and adequate information regarding the criteria and procedures used for an automated decision; and
request the review of decisions made solely on the basis of the automated processing of your personal information, which affect your interests, if applicable.

You will never be discriminated against, or otherwise suffer any sort of detriment, if you exercise your rights.

How to file your request

You can file your express request to exercise your rights free from any charge, at any time, by using the contact details provided in this Privacy Policy, or via your legal representative.

Transfer of personal information outside of Brazil permitted by the law

We are allowed to transfer your personal information outside of the Brazilian territory in the following cases:

when the transfer is necessary for international legal cooperation between public intelligence, investigation and prosecution bodies, according to the legal means provided by the international law;
when the transfer is necessary to protect your life or physical security or those of a third party;
when the transfer is authorized by the Brazilan National Data Protection Authority (Autoridade Nacional de Proteção de Dados or “ANPD”);
when the transfer results from a commitment undertaken in an international cooperation agreement;
when the transfer is necessary for the execution of a public policy or legal attribution of public service;
when the transfer is necessary for compliance with a legal or regulatory obligation, the carrying out of a contract or preliminary procedures related to a contract, or the regular exercise of rights in judicial, administrative or arbitration procedures.

Additional Notice for Japanese Residents

Right to data disclosure, correction, erasure or suspension of use

If you are in Japan, as a data subject, you have the right to request the disclosure, correction, erasure or suspension of use of your personal information, and we are obliged to meet your request without undue delay. You may send your request by email to [email protected].

Additional Notice for South Korean Residents

International Data Transfers

We process the personal information of users only within the scope specified under HOW WE USE INFORMATION, and in principle, will not provide personal information of users to a third party. However, with your consent, for purposes of providing our Services described under INFORMATION SHARING AND DISCLOSURE to you, we may collect your personal information from, transfer it to, and store and process it elsewhere.

Personal information transferred: please refer to the section “The Information We Collect” of this Policy above
Transfer date and method: transferred on submission for storage and processing
Country to which personal information is transferred: China
Retention of personal information: please refer to the section “Data Retention” of this Policy above

Whenever we share information outside of where you live, we ensure that the transfer complies with your local law so that your personal information is adequately protected.

If you do not wish to have your personal information transferred outside of South Korea, we will be unable to provide you with our products or Services.

Data Retention

Subject to applicable laws, rules and regulations and the fulfillment of our business or legal purposes, we will delete your information (including your personal information) promptly upon your termination of your account with us. We will destroy your personal information according to the following procedures and methods.

Procedures for Destruction: We select personal information subject to destruction and destroy them with approval of our data protection officer.

Method of Destruction: We will destroy personal information stored and filed electronically in a way that can be deleted by using a means that renders the record irrecoverable as far as possible.