Privacy

This Privacy Policy outlines how your Personal Data is collected, used, stored, and disclosed. Users may contact the Controller for additional information about the handling of their Data.

Data Controller Information

Controller / Responsible Entity

"ST PURRFECT APPS DEVELOPMENT LIMITED"

Scope of Data Collected

The Controller does not provide a comprehensive inventory of all categories of Personal Data collected.

Details regarding the specific types of Personal Data processed may be presented within relevant sections of this Privacy Policy or shown to Users prior to Data collection.

Personal Data may be:

a. provided voluntarily by the User, or

b. collected automatically as Usage Data during interaction with the Application.

Unless explicitly stated otherwise, all requested Data is considered essential for the functioning of the Application. Refusal to provide mandatory Data may result in reduced functionality or an inability to access the Service.

Where optional Data fields exist, Users may decline to provide such Data without impacting basic Service availability.

Users unsure about the mandatory nature of certain Data are encouraged to reach out to the Controller.

Cookies and similar tracking technologies may be employed by the Application and by authorized third-party services strictly for operational and functional purposes, as described in this Privacy Policy and in the Cookie Policy.

Users are solely responsible for any Personal Data belonging to third parties that they submit or share through the Application.

Methods and Locations of Data Processing

Processing Procedures

The Controller enforces strict technical and organizational security measures to prevent unauthorized access, alteration, disclosure, or destruction of Personal Data.

Data may be processed using secure IT systems and operational procedures aligned with the stated purposes.

Authorized personnel and vetted third-party service providers (e.g., hosting providers, IT support, communication services) may access Data if necessary for service operation. All such parties are bound by confidentiality and may only process Data under the Controller's instructions.

A list of Data Processors is available upon request.

Processing Locations

Personal Data is processed at the Controller's operational facilities and other locations where involved parties operate.

Depending on the User's location, Data may be transferred internationally. Details regarding cross-border Data processing can be found in relevant sections of this Policy.

In addition, the Application operates directly on the User's device, and content identified or analyzed by the Application is not stored, transmitted, or saved on our servers. All decisions regarding which files or items to delete are made solely by the User, who remains fully responsible for choosing the content they wish to remove.

Duration of Storage

Unless specified elsewhere in this Privacy Policy, Personal Data is retained only for the period strictly necessary to fulfil the purposes for which it was collected.

Extended retention may occur:

• when justified by legal obligations,
• when required for legitimate business needs,
• or when the User has granted explicit consent.

After the retention period expires, Data will be securely erased, anonymized, or otherwise rendered inaccessible.

Legal Grounds for Processing Personal Data

The Controller processes Personal Data only when at least one of the following legal bases applies:

The User has provided explicit consent.

Processing is required to fulfil a service agreement or to carry out pre-contractual actions.

Processing is necessary to comply with legal or regulatory obligations.

Processing is carried out in the public interest or under an official mandate.

Processing supports the Controller's legitimate interests and these interests do not override the User's fundamental rights.

The Controller will clarify the applicable legal basis upon request and inform Users whether the provision of Data is mandatory.

Additional Retention Clarifications

We retain the information necessary for operating the Application for as long as the User continues to access and use it, as this data is essential for the proper functioning and performance of the Service. All user-related information is stored in an anonymized form and is retained for up to 3 years before being securely deleted.

We do not share, sell, or disclose this information to third parties. However, we may be legally required to provide certain data if we receive an official request from authorized governmental bodies.

User Rights Under Applicable Law (Including GDPR)

Users may exercise the following rights, within legal limits:

• Withdraw consent at any time. This allows the User to stop any processing that relies on consent without affecting processing based on other legal grounds.
• Object to processing, particularly when based on legitimate interest or public interest. If an objection is raised, the Controller will evaluate whether processing must stop or whether overriding legitimate grounds apply.
• Access their Personal Data and receive information about its processing. This includes the right to know what data is held, why it is processed, and with whom it may be shared.
• Correct or update inaccurate Data. Users may request adjustments to ensure the stored information remains accurate and up to date.
• Restrict processing under qualifying circumstances. During restriction, the Data will be stored but not actively processed, except for limited lawful reasons.
• Request deletion of their Personal Data. This right applies when Data is no longer necessary, consent is withdrawn, or processing is unlawful.
• Receive Data in a portable format and request transfer to another controller (where technically possible). This enables Users to obtain their information in a structured, commonly used format that can be easily reused.
• Lodge a complaint with the relevant Data Protection Authority. Users may contact their local supervisory authority if they believe their rights have been violated.
• Request information about international Data transfers and applicable safeguards. The Controller will provide details about how such transfers are protected in accordance with legal requirements.

Right to Object — Special Note

Users may object to processing performed under legitimate interest or public interest by presenting reasons related to their particular situation.

Users may object at any time and without justification to the use of their Personal Data for direct marketing. If they do, such processing will stop immediately.

Exercising User Rights

Users may direct any rights requests to the Controller using the contact details provided at the beginning of this Privacy Policy.

Requests are free of charge and will be addressed within legally mandated timeframes (typically one month).

When feasible, the Controller will notify any recipient of the Data about any rectification, erasure, or restriction unless this would require disproportionate effort.

Additional Information on Data Handling

Legal and Regulatory Actions

Personal Data may be used for legal defence purposes or in judicial or administrative proceedings arising from misuse of the Application.

Users acknowledge the Controller's obligation to disclose Personal Data upon lawful requests from public authorities.

Supplementary Information

The Application may present additional contextual information regarding specific Data collection or processing related to certain services.

System Logs and Technical Monitoring

For operational integrity and security, the Application and its third-party services may collect system logs and technical identifiers, such as IP addresses.

Additional Requests

Further details regarding Data processing may be requested from the Controller at any time.

Updates to This Privacy Policy

The Controller reserves the right to revise this Privacy Policy at any time.

Updates may be communicated within the Application and/or on this page. Users should review this Policy regularly.

If changes significantly affect processing activities that rely on User consent, renewed consent will be obtained as required by law.