Last Updated: July 8, 2026
Effective Date: July 22, 2026
ToChat Android (the “Software” or “App”) is operated by the ToChat Android Team (the “team,” “we,” “us,” or “our”).
In order to provide you with the Software and related services, we need to collect and process certain information about you. Your privacy is important to us, and we are committed to protecting it. We have therefore developed this Privacy Policy to explain our practices.
This Privacy Policy explains how we treat your information and protect your privacy when you use our mobile applications and related services (collectively, the “Services”), as well as the rights and options available to you regarding your information.
We believe that you have a right to know our practices regarding the information we may collect and use when you use the Software and Services. The Software and Services may include various features and content that are offered and delivered to you by us.
IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS SET FORTH HEREIN, PLEASE DO NOT USE THE SOFTWARE OR SERVICES.
To access and use this App, you must be at least 18 years old or meet the legal age of majority required by the laws and regulations of your home jurisdiction (the “Minimum Legal Age”).
We do not knowingly collect information from or market to children, minors, or anyone under the Minimum Legal Age. If you are under that age, you must not use this App and must not provide any personal information through any of its features.
If we discover that a person below the Minimum Legal Age has opened an Account or provided us with personal data, we will act promptly to close that Account and permanently delete all personal information connected to it.
If you believe that we have personal data relating to someone under the Minimum Legal Age, please contact us using the email address provided at the end of this Privacy Policy.
We take child safety and privacy very seriously. For this reason, we have created a separate and detailed Child Safety Standards Policy. You may read the full text through the preceding link.
When you create an account (an “Account”), you may voluntarily provide certain information (“Account Information”) about yourself to the Software, such as:
“Your Content” includes any content you create, import, upload, send, publish, generate, receive, or store through the Software or Services, including any content generated through artificial intelligence features that we may provide, if applicable.
Your Content may include, without limitation:
Keep in mind that people who view your photos, chats, or other shared content may take screenshots, save the content, copy it, or share it elsewhere. You should avoid sharing anything that you would not feel comfortable having another person retain or distribute.
Information you provide may contain sensitive personal information within the meaning of applicable state privacy legislation.
Our processing of such information is governed by applicable legal requirements and is conducted to deliver the Services and for other authorized purposes set forth under relevant laws, including the California Consumer Privacy Act (“CCPA”).
You have sole discretion over whether to include sensitive personal information in Your Content or other voluntary submissions. As defined under laws such as the CCPA, sensitive personal information may include:
We do not require you to provide this information. However, if you choose to post Your Content relating to these topics, please understand that the information may become visible to other users or the public, subject to the privacy settings and visibility controls available within the Software.
We may collect approximate location information inferred from your device and network identifiers, including your IP address and device system configuration parameters.
If you choose to enable Location Services in the App and in your device settings, we may retrieve location signals from your device’s GPS and other positioning sensors. Depending on the permission level you enable, we may receive approximate or precise location information transmitted by your device’s geolocation module.
Approximate location information reveals only a broad geographic area, such as your city or a nearby district, without identifying your exact location. We may determine that your device is located within a particular general area, but we cannot use approximate location information to pinpoint your exact location.
Precise location information provides a significantly higher degree of geographic accuracy.
When you choose to enable Location Services, we may use your approximate or precise location information to:
Where precise location access is available, you may enable or disable it at any time through your device’s Location Services settings.
To use video or voice communication features in the Software, you may voluntarily grant us access to your microphone and camera.
To use other features, such as setting a profile avatar or sending images to other users, you may voluntarily permit us to access your camera or photo gallery.
We will access your camera, microphone, or photo album only after you have expressly granted the relevant permission.
To allow you to save photos or cache information normally on your device, you may voluntarily grant the Software permission to access your device’s storage.
When you use third-party mobile applications, floating-window permission may be required to maintain the availability of our voice and video chat functionality.
This overlay permission allows the Software to display its interface in a layer above other applications running on your device. This enables you to continue participating in an audio or video conversation without fully returning the Software to the foreground.
You may enable or disable this permission at any time through your device’s system settings.
If you communicate with us through our support section or by email, we may collect:
If you participate in activities within the Software, such as expressing interest in a particular commercial offering, liking or commenting on commercial content, or participating in a commercial campaign, we may collect information relating to those activities.
Such information may include:
For the purpose of improving the effectiveness of these activities, such information may be displayed with or associated with advertisements, promotional offers, and other sponsored or commercial content displayed by us through the Software.
When you use the Software, we may automatically collect information about your device, including:
The Software may collect information about your device’s network status, including:
We use this information to stabilize service operation, adapt the Services to different network environments, and optimize the delivery of in-app services and advertising content.
For example, identifying your current network type and connection availability may enable us to prioritize content transmission over an available WLAN or Wi-Fi network. This may reduce cellular data consumption and provide a more stable user experience.
Network-status information is collected solely for service adaptation and operational optimization. We will not use this information to track users or create user profiles.
We may collect information relating to your use of and interaction with the Software, including, without limitation:
We may automatically analyze your usage information based on your configured preferences or through computer-programmed algorithms in order to predict your preferences.
This analysis may enable us to provide enhanced friend and user recommendation services, such as:
When you upload a photo to set your profile avatar, we use technology solely to detect whether a human face is present in the photo. If no face is detected, the Software may prompt you to upload another photo.
When you use certain features involving the processing of facial photos, we or third-party artificial intelligence providers, where such features are powered by those providers, may analyze face-related information contained in the photo.
Such information may include, without limitation:
Such face-related information is processed solely to generate or render special-effect images based on the portrait you provide.
Where certain features are enabled through third-party artificial intelligence providers, we may share the facial photos you upload with those providers solely to process the photos in accordance with your instructions and generate special-effect images for you.
We will store a facial photo only when you upload it as your profile avatar, and such storage is limited to displaying the avatar you have selected.
Except for profile-avatar storage, neither we nor third-party providers will store other face data.
For additional information about our processing of biometric information, please refer to Section 3.4 of this Privacy Policy.
To provide a safe and healthy user experience within the Software, we may collect photos, videos, text, and voice content that you intend to post on your profile or moments.
We may share such content with third-party service providers for moderation before publication. These providers screen content for material that may be:
If the content is determined to fall within a prohibited category, you may be prevented from publishing it on your profile or moments.
When you use AI-powered features provided through the Software (collectively, “AI Features”), such as AI image editing or generation, we may collect:
We may share such data with third-party artificial intelligence and content-moderation providers.
This sharing is necessary to allow the artificial intelligence technology to interpret your instructions and produce corresponding outputs. Content-moderation technology may simultaneously screen your inputs and AI-generated outputs to identify and filter content that may violate applicable laws or our content policies.
We may collect and process information relating to the virtual diamonds and points associated with your Account, including, without limitation:
We collect this information to provide the core functionality of our virtual economy and maintain accurate activity records for your Account.
We process this information to perform the Services and conduct internal analytics. We will not use it for purposes other than those described in this Privacy Policy.
We may collect information relating to your purchases and consumption records in connection with virtual diamonds and other paid services offered through the Software.
Such information may include:
We do not collect or store your payment card number, bank-account credentials, or other sensitive financial payment credentials.
Payment transactions are processed and stored by third-party payment service providers, such as Google for the Android version of the Software.
We recommend that you read and familiarize yourself with the privacy policies of the relevant payment service providers before providing personal information or completing a transaction.
We may receive information described in this Privacy Policy from external sources, including the following:
If you choose to register for or log in to the Services using a third-party service, we may receive publicly available profile information and your email address from that service.
Other users or third parties may provide information about you to us. For example, information may be provided where:
The terms “biometric identifier” and “biometric information” shall be interpreted in accordance with:
“Biometric identifier” means retina scans, iris scans, fingerprints, voiceprints, facial-geometry scans, and other physiological or behavioral biometric markers.
Categories excluded under Section 10 of BIPA shall not be treated as biometric identifiers under this Privacy Policy.
“Biometric information” means information derived from a biometric identifier that may be used to identify a natural person.
Raw photographs, videos, and audio files do not constitute biometric information unless they undergo dedicated technical processing for the purpose of uniquely identifying or authenticating an individual.
“Biometric identifiers” and “biometric information” are collectively referred to in this Privacy Policy as “Biometric Information.”
“Third-Party Provider” means a vendor with which we cooperate to provide content moderation or artificial intelligence technology services.
By clicking to accept this Privacy Policy, you provide your express written consent and authorization for us to collect, store, transmit, process, retain, and disclose Biometric Information that may be contained in Your Content for purposes including, without limitation:
If another individual appears in any video, photograph, or audio content that you post or intend to post, by uploading that content you represent and warrant that you have obtained the prior, explicit, and informed consent of that individual or their guardian, where required by law.
Such consent must permit us to collect, analyze, and process their image, voice, and other information contained in the content as described in this Privacy Policy.
You acknowledge and agree that Your Content uploaded to the Software may contain Biometric Information as defined under applicable laws.
By uploading content containing your facial image, voice, or other Biometric Information, you acknowledge that this Privacy Policy constitutes the written notice required under applicable law.
We disclose the following processing practices:
Notwithstanding the consent described above, the Software does not currently use native functional modules, algorithms, or commercial tools designed to actively extract, scan, analyze, match, or independently exploit facial, fingerprint, or other biometric templates for:
Neither we nor our Third-Party Providers will use facial or voice information from uploaded content to identify you or another individual appearing in that content.
Our processing of Your Content as described in paragraphs (b) and © below is not intended to constitute the collection, capture, storage, or use of Biometric Information for identification or authentication under applicable law.
To provide a safe and appropriate service experience, we may collect and analyze images, voice content, and text contained in Your Content that you intend to publish through the Software.
This analysis may be performed by Third-Party Providers solely to detect and filter illegal or objectionable content and prevent such content from being published through the Software.
Image review is performed at the overall-image level, such as detecting prohibited visual material, without measuring or extracting:
Audio review is performed at the overall-audio level, such as detecting prohibited verbal content, without extracting or processing voiceprints for identification.
When you use AI Features, such as AI image editing, we may collect text, images, audio, and other materials that you submit and share them with Third-Party Providers.
Third-party artificial intelligence tools may interpret your requests and generate corresponding outputs in accordance with your instructions.
Third-party moderation systems may review both your inputs and AI-generated outputs to filter illegal or objectionable material.
The purpose of processing text, images, or audio through AI Features is to create edited or generated content in accordance with your instructions, rather than to identify or authenticate an individual through biometric information.
Although we do not intentionally collect, capture, or store Biometric Information for identity recognition or authentication, we maintain a publicly available retention and destruction policy for files that may incidentally contain Biometric Information.
Under this policy:
(a) We will not intentionally collect or retain Biometric Information for identification or authentication purposes;
(b) If we incidentally obtain Biometric Information while processing Your Content, it will be permanently deleted upon the earlier of:
We may extend the retention period only where a valid warrant, subpoena, preservation request, or court order issued by a court or authority with competent jurisdiction requires us to retain the information.
We will not sell, lease, trade, or otherwise derive commercial profit from Biometric Information contained in Your Content.
We will not disclose Biometric Information to a third party unless one of the following circumstances applies:
Limited data sharing with Third-Party Providers for content moderation and AI Features as described in this Section shall not constitute prohibited disclosure where such sharing is permitted under applicable law.
We apply a reasonable standard of care consistent with practices used within the social-media industry to encrypt, store, and transmit user content that may incidentally contain Biometric Information.
We take measures intended to prevent unauthorized access, improper disclosure, alteration, or data leakage.
The technical, administrative, and physical safeguards we apply to materials that may contain Biometric Information will be equal to or more protective than the safeguards we apply to other confidential and sensitive personal information maintained by us.
Subject to applicable law, you may have rights relating to your Biometric Information, including the right to:
Additional information about these rights and the procedures for exercising them is provided in Section 11 of this Privacy Policy.
If you withdraw your consent to the processing of Biometric Information, the withdrawal will not affect the lawfulness of processing performed before the withdrawal based on your original consent.
We use the information we collect for purposes directed toward providing and improving the Services and maintaining safety and security.
Such purposes include:
Operating and administering the Services, including enabling the creation, sharing, and interaction of content, providing user support, and offering other core functionality.
Supporting social features, including connecting users, recommending Accounts, and facilitating sharing and interaction with user content.
Communicating with you, including notifying you about changes to the Services or this Privacy Policy.
Conducting marketing, promotional, and brand-building activities for the Services and affiliated offerings, including using Your Content on social media platforms, application stores, websites, events, and other cooperative channels, subject to applicable law and the authorizations you provide.
Reviewing, supporting, improving, and developing the Services and underlying technologies, including machine-learning models, by analyzing:
Maintaining safety, security, and stability, including addressing:
Complying with legal obligations and protecting our legal rights, commercial interests, affiliates, users, and the public.
Carrying out other purposes disclosed at the time information is collected or based on your consent.
We may combine information obtained from different sources in order to fulfill any of the purposes described above.
If you are located in the European Economic Area (“EEA”), the United Kingdom, or Switzerland, we process your personal data under one or more of the following legal bases:
This basis corresponds primarily to purposes 1, 2, and 3 above.
Processing is necessary to provide the Services you request, including:
This basis corresponds primarily to purposes 4 and 8 above.
We may rely on your consent for:
This basis corresponds primarily to purposes 5 and 6 above.
We may process information based on our legitimate interests in:
We rely on legitimate interests only where our interests are not overridden by your rights and freedoms.
This basis corresponds primarily to purpose 7 above.
We may process information where necessary to comply with:
Where processing is based on consent, you may withdraw your consent at any time. Withdrawal will not affect the lawfulness of processing carried out before your consent was withdrawn.
We share your information with third parties only in the circumstances described in this Privacy Policy.
We may share information with certain third parties that provide services in connection with the Software and Services.
These third parties may include, without limitation:
Such third parties may provide services involving:
In some cases, these third parties may collect information directly through the Software or through software development kits (“SDKs”) integrated into the Software.
We take appropriate measures intended to prevent users from being individually identified through disclosures where identification is unnecessary.
We require applicable Third-Party Providers to:
If you wish to delete personal information that we have shared with a third party, you may contact us using the email address provided at the end of this Privacy Policy.
We will use reasonable efforts to notify the relevant third party of your deletion request. However, we cannot guarantee that a third party will delete information where the third party is independently entitled or required to retain it.
We may disclose information to law-enforcement agencies, competent authorities, courts, regulators, or other third parties where disclosure is required or permitted by law.
This may include disclosure to:
If we or one of our affiliates undergoes a business transition or change of ownership, we may disclose or transfer personal information as part of that transaction.
Such events may include:
We may share your information for other purposes where you give us consent or direct us to make the disclosure.
You may access or modify the registration or Account information you have provided through the functions available within the Software.
When your Account is deactivated, we take reasonable measures to ensure that it is no longer visible within the App.
We are not responsible for information, pictures, comments, or other content that is deleted from our systems as a result of Account deactivation.
Warning: Even after you remove information from your profile or delete your Account, copies of that information may remain visible or accessible where the information:
- Was previously shared with other users;
- Was copied, downloaded, or stored by other users;
- Was included in screenshots or recordings;
- Was indexed or stored by a search engine; or
- Was provided to third-party applications or websites.
We cannot control information independently retained by other users, search engines, third-party applications, or websites, and we do not accept responsibility for their independent storage or use of that information.
If you have authorized third-party applications or websites to access your personal information, they may retain that information to the extent permitted under their own terms of service and privacy policies.
As the App and Services evolve, we may revise this Privacy Policy from time to time.
The most current version of this Privacy Policy will govern our processing and use of your information.
When appropriate, we may notify you of material changes through:
By continuing to access or use the App after changes to this Privacy Policy become effective, you acknowledge the revised Privacy Policy.
Where applicable law requires your consent to a change, we will request that consent separately.
We implement commercially reasonable administrative, technical, and physical security measures intended to protect your information against:
However, no website, mobile application, storage system, or internet transmission method is completely secure. We cannot guarantee that unauthorized access, hacking, data loss, or another security breach will never occur.
You can help protect your Account by following these precautions:
Information collected by third parties may not be protected by the same security measures that we apply to information you provide directly to us. We are not responsible for the independent security practices of third parties.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, WE DISCLAIM REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESS OR IMPLIED, RELATING TO SECURITY BREACHES, DAMAGE TO YOUR DEVICE, OR LOSS OR UNAUTHORIZED USE OF YOUR ACCOUNT INFORMATION OR OTHER DATA.
To provide the Services, the information described in Section 3, “Information We Collect,” may be stored and processed on servers located in the United States and hosted by third-party cloud-service providers.
Our operations team, which is primarily located in Hong Kong, may access and review certain user information for purposes including:
Whenever we transfer information to a jurisdiction outside your country of residence, we take measures intended to ensure that the transfer complies with applicable local legal requirements and that your personal information receives an adequate level of protection.
While your information is stored or processed outside your country of residence, it may be subject to the laws of the jurisdiction in which it is held. It may also be subject to lawful disclosure to governmental agencies, courts, law-enforcement agencies, or regulators in that jurisdiction.
If you are located in the EEA, the United Kingdom, or Switzerland, we may rely on the Standard Contractual Clauses (“SCCs”) approved by the European Commission or another legally recognized transfer mechanism for international transfers of personal data.
Where personal data is transferred from the EEA, the United Kingdom, or Switzerland to the United States or Hong Kong, we conduct such transfers in accordance with applicable data-protection laws.
We implement appropriate safeguards, including SCCs where applicable, to provide an adequate level of protection during such transfers.
Relevant operational entities located in China may be granted limited remote access to information described in Section 3 solely for the performance of essential operational functions. Such entities are subject to confidentiality obligations and our internal data-access policies.
The period for which we retain your information depends on the minimum amount of time reasonably necessary to provide the Services and perform the activities described in this Privacy Policy.
We may retain information for a longer period in the following circumstances:
Where applicable law or a contract requires us to retain it;
Where we have a legitimate business reason to retain it, such as:
Where the information may be required to establish, exercise, or defend legal claims;
Where retention is necessary to comply with tax, accounting, audit, or regulatory obligations; or
Where a valid legal-preservation request, subpoena, court order, or governmental request requires continued retention.
When information is no longer reasonably required for the purposes described in this Privacy Policy, we will delete, anonymize, or otherwise securely dispose of it, subject to applicable legal and technical limitations.
Depending on your place of residence and applicable law, you may have the right to:
To exercise any of these rights, please contact us using the email address provided in Section 12.
Before processing a request, we may need to verify your identity. Verification may include asking you to:
We will respond within the period required by applicable law, which is usually within 30 days, although the applicable response period may vary depending on your jurisdiction and the complexity of the request.
If we refuse to act on your request, we will explain the reason for the refusal where required by law and inform you of any available right to appeal or submit a complaint to a relevant supervisory authority.
Applicable law may permit you to submit a request through an authorized agent.
Where an authorized agent submits a request on your behalf, we may require:
We may also contact you directly to verify your identity and confirm that you authorized the request.
If you:
please contact us at:
Email: tochatapp@outlook.com