Kapi Action Privacy Policy
Last Updated:01/30/2026
Welcome to Kapi Action!
Shanghai Yuhuan Technology Co., Ltd. and its affiliates (collectively,“Kapi Action”,, or“we”)operates the Kapi Action mobile application and the device (the “Services”). Kapi Action is a mobile application designed for taking photos or videos. This Privacy Policy (the “Policy”) describes how we collect, store, use, and share information through our Services.
We care about the protection and confidentiality of your information. We process your personal information only as described in this Policy. If you have any questions regarding this Policy, please contact us according to the information listed below under the Section “Contact Us”.
1. PERSONAL INFORMATION WE COLLECT
2. HOW WE USE YOUR INFORMATION
3. HOW WE SHARE YOUR PERSONAL INFORMATION
4. HOW WE TRANSFER YOUR DARA AROUND THE WOLRD
5. HOW WE SECURE YOUR INFORMATION
6. HOW DO WE RETAIN YOUR PERSONAL INFORMATION
7. YOUR RIGHTS AND CHOICES
9. CHANGES TO THIS PRIVACY POLICY
10. CONTACT US
11. JURISDICTIONS' SUPPLEMENTAL TERMS
1. PERSONAL INFORMATION WE COLLECT
For the purpose of this Policy,“personal information”means any information relating to an identified or identifiable individual. In certain jurisdictions, this may be referred to as“personal data”. However, for the sake of consistency, this Policy will use the term“personal information” throughout to refer to such data. Anonymized data does not constitute personal information. To avoid ambiguity, please be advised that personal information does not include anonymized information.
1.1 Information you provide
· Photos and Videos. When you use the photo or video recording feature, we need to access your camera, and microphone permissions..
When you upload your photos or videos, we will require your authorization to access the photo album in your device. All the information aforementioned will only be cached in your device and will not be uploaded to our server.
• Information in the correspondences you send to us. This includes the information you send to us when you contact us for support or feedback.
1.2 Information we collect from third parties
• Payment information.You can purchase goods/services via Kapi Action membership services. During the payment process, we will collect your User ID and the result of payment from Apple Store or Google Store.
1.3 Information we collect automatically
• Technical Information we collect about you. We collect certain information about the device you use to access the Kapi Action. Specifically, we will collect device information and device identifiers, IP Address, running processes, storage, browser type and settings, language setting, sensor, operation system related information, network-related information, Bluetooth address (when you use relevant features), software-related data, and relevant meta data.We will also collect Ads identifiers for advertising purposes. In addition, we will automatically assign user IDs when you purchase goods/services via Kapi Action membership services and device IDs. Where you log in from multiple devices, we may use your information such as your device IDs and user ID to identify your activities across different devices. We may associate your account with information collected from additional devices that you use to log in to the Services.
1.4 Cookies and other similar technologies
We and our service providers may use cookies or similar technologies to collect the above data when you access our Services. Cookies are text files stored on your device that uniquely identify your browser or store information or settings within the browser to help you navigate efficiently between pages, remember your preferences, enable features, and assist us in understanding user activity and patterns.
We will not use cookies for any purposes other than those described in this policy. You may manage or delete cookies according to your preferences. You can clear all cookies saved on your computer or mobile device, and most web browsers have features to block cookies. However, if you do so, you will need to manually change user settings each time you visit our services.
2. HOW WE USE YOUR INFORMATION
We use your information to facilitate your use of the Services, to improve, support and control this Services, to allow you to use and control its functionalities and features, and to fulfill and enforce our Terms of Service.
We will only use your personal information when the applicable laws allow us to. Our legal basis for collecting and using the personal information described in this Policy depends on the personal information we collect and the specific context in which we collect the information:
Ÿ We need to perform a contract with you;
Ÿ You have given us consent to do so;
Ÿ In specific jurisdictions, processing your personal information is in our legitimate interests, including:
§ providing, maintaining and marketing our Services;
§ detecting, preventing and enforcing violations of our Terms of Use including misuse of services, fraud, abuse, and other trust and safety protocols; and
§ protecting our legal rights and the rights of others.
Ÿ We need to comply with our legal obligations under the applicable laws.
3. HOW WE SHARE YOUR PERSONAL INFORMATION
In order to provide you with more comprehensive and high-quality Services, we will authorize our commercial partners to provide certain services to you. In such cases, we may share some of your personal information with our partners.
We will only share your personal information for lawful, legitimate, necessary, specific, and explicit purposes, and we will only share the personal information required to provide the Services. We will require our partners, through agreements, to retain data only for the necessary period and to implement adequate security measures to protect data security.
We will disclose personal information to the following categories of third parties for the purposes explained in this Policy:
· Advertisers and ad-related third parties. We share information with advertisers, including Apple, Google, and third-party measurement companies, to demonstrate how many users and which users of the Services have viewed or clicked on an advertisement; to help advertisers understand their audience and customer feedback about their products and service; to perform analytics so that we can see how our services are performing and to better understand our users.
· Our Service Providers. We may engage with service providers to provide you with different services on behalf of us; e.g. payment company, cloud storage services and other services. Third-party SDK directory
· Affiliates and corporate partners. We disclose the categories of personal information described above between and among our affiliates and related entities, for legitimate business purposes and the operation of the Services, in accordance with applicable laws.
· Law enforcement agencies, public authorities or other judicial bodies and organizations. We disclose your personal information if we are legally required to do so, or if we have a good faith belief that such use is reasonably necessary to comply with a legal obligation, process or request; enforce our Terms of Use and other terms, policies, and standards, including investigation of any potential violation thereof; detect, prevent or otherwise address security, fraud or technical issues; or protect the rights, property or safety of us, our users, a third party or the public as required or permitted by applicable laws (including exchanging information with other companies and organizations for the purposes of fraud protection).
· Change of corporate ownership. If we are involved in a merger, acquisition, bankruptcy, reorganization, partnership, asset sale or other transaction, we may disclose your Information as part of that transaction.
4. HOW WE TRANSFER YOUR DARA AROUND THE WOLRD
Your personal data may be processed or transferred outside the country or region where you reside. Currently, your personal information will be stored in our servers located in Japan. For users from the EU, such transfers are made on the basis of an adequacy decision.
Besides, in the event of an international transfer of personal information, when required by applicable laws, we will provide an adequate level of protection for your personal information using various means, including implementing Standard Contractual Clauses or data transfer agreements that comply with applicable laws between our affiliates and third parties or any other lawful approach that permits the lawful transfer of personal data from those countries.
5. HOW WE SECURE YOUR INFORMATION
We place utmost importance on personal information security and implement stringent measures to protect user data. We have designated dedicated personnel responsible for personal information protection matters, having obtained ISO 27001 and ISO 27701 international certifications. We employ advanced security technologies including encrypted transmission and storage, access control, and HTTPS protocols.
Our server systems undergo rigorous security hardening, with regular audits and upgrades. Employees are subject to the principle of least privilege and receive comprehensive confidentiality training. We have established cybersecurity emergency response protocols, conducts regular drills, and ensures timely incident response and user notification when necessary.
We are committed to continuously enhancing security safeguards. However, users should also strengthen self-protection awareness and provide personal information only when absolutely necessary.
6. HOW DO WE RETAIN YOUR PERSONAL INFORMATION
We adhere to retention policies for the personal information we collect to ensure that it is not retained longer than necessary for the intended purpose.
If you deactivate your account, delete personal information, or the retention period is expired, we will delete or anonymize your personal information, except in the following cases:
Ÿ Compliance with legal requirements regarding data retention according to the applicable laws.
Ÿ Extension of the period for financial, audit, dispute resolution, or other legitimate purposes.
When assessing how long your personal information is retained, we consider criteria such as: (i) the nature of the personal information and the activities involved; (ii) when and for how long you use the Services; and (iii) our legitimate interests and our legal obligations.
7. YOUR RIGHTS AND CHOICES
Subject to applicable law and depending on where you reside, you may have some rights regarding your personal information, as described below. If you have any other requests relating to the access of your personal information, please contact us using the contact details listed in the Section “Contact Us”.
7.1 Data Access and right to obtain a copy
You may have the right to know what personal information we process about you, including the categories of personal information, the business or commercial purposes for collection, the categories of third parties to whom we disclose it and other information according to the applicable law.
You may have the right to access and obtain a copy of your personal information in accordance with the applicable laws. Where applicable, we will provide the information in a portable, machine-readable, readily usable format.
7.2 Data Correction
You may have the right to request that we correct inaccurate personal information that we retain about you, subject to certain exceptions.
7.3 Data Deletion
You have the right to delete your account and erase your personal information. Upon deleting your account, all your personal information will be deleted. Additionally, you may also request deletion of the personal information you provide by contacting us. If some of your personal information cannot be deleted, we will inform you of the reasons for not taking action.
Please note that we reserve the right to retain some of your personal information where there are valid grounds for us to do so under applicable laws.
In accordance with Facebook's Platform Terms for apps and websites, we provide a User Data Deletion Callback URL or a Data Deletion Instructions URL. If you wish to delete your activity record for the Kapi Cam application, you may follow these steps:
Go to your Facebook account's "Settings & Privacy" and click "Settings."
Locate "Apps and Websites," where you will see all the applications and websites linked to your Facebook account.
Search for "Kapi Cam" in the search bar and click on it.
Select the checkboxes based on your preferences and click the "Remove" button.
Congratulations! You have successfully removed your application activity.
7.4 Withdrawal of Consent
Where we process your personal information on the basis of your consent, you may withdraw your consent by contacting us. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
7.5 Objection to the Processing
Subject to applicable laws, you may object to the processing of your personal information based on our legitimate interests where there are grounds relating to your particular situation by contacting us. Please note that we may have an overriding legitimate interest to keep processing your personal information, but we will let you know where this is the case.
7.6 Restriction to the Processing
If you would like to restrict our processing of your personal information, you may contact us. You have the right to restrict the processing of your data where one of the following applies:
Ÿ the processing is unlawful and you oppose the erasure of relevant personal information;
Ÿ for the purpose of establishment, exercise or defense of legal claims, you request us to retain your personal information that we were supposed to delete;
Ÿ your objection regarding the accuracy of your personal information is pending our verification;
Ÿ your request to object to the processing of your personal information is pending our verification.
7.7 Data Portability
Data portability is the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier). Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of the available information.
7.8 Lodge a complaint with your local data protection authority
Subject to applicable data protection laws, you may have the right to submit your complaint to the local data protection authority where you reside if you consider that the processing of your personal information infringes any applicable data protection laws.
7.9 Other Rights
Depending on your jurisdiction, you may be entitled to additional rights in relation to your personal information. If you would like to contact us to exercise one or more of these rights, to ask a question about these rights or any other provision of this Policy or about our processing of your personal information, or to file a complaint about how we process your personal information, you may use the contact details provided in Section “Contact Us” below.
When submitting a right request, please specify the scope and basis of your request and provide us with the necessary information to verify your identity. We may contact you to confirm your identity in order to handle your request. We will typically respond to your request no later than the timeframe required by applicable laws.
8. USE BY MINORS
Our Services is not specifically designed for children. If a child is not qualified as a person who can solely and freely give consent to using our services, their parents or guardians shall decide whether the child may download and use Kapi Action.
If any parent or guardian wishes to submit a complaint or claim regarding the processing of personal data of children or minors, or if you believe that a user is under the age of 16, please contact us at @sensetime.com. We are continuously improving our services and its features to provide a safer and better experience for children and teen users.
9. CHANGES TO THIS PRIVACY POLICY
The Services and our business may change from time to time. As a result, at times it may be necessary for us to make changes to this Policy. we recommend that you regularly check the latest version of this Policy via Kapi Action. If there are any substantial changes to this Policy, depending on the nature of such changes, we will notify you in advance through pop-ups, push notifications, and other appropriate means.
10. CONTACT US
For more information about your data subject rights, or how we process your personal information, please contact us by using the information below.
Controller: Shanghai Yuhuan Technology Co., Ltd
Data Protection Officer: Yuhuan Privacy Team
Address: Unit 6-54, 6th Floor, No. 1900 Hongmei Road, Xuhui District, Shanghai.
Contact Details: kaipai.action@sensetime.com
11. JURISDICTIONS' SUPPLEMENTAL TERMS
If you are using the Services in the EU/EEA, the following additional terms shall apply.
11.1 EU/EEA Addendum
11.1.1 Legal Base for Processing Your Data
The purposes for which we process personal information, subject to applicable laws, and the legal basis on which we perform such processing, are as follows:
Purpose | Type of Personal Information | Legal Basis |
To provide you with functions related to user | Technical Information | Performance of contract |
To provide the core functionality of the Services | Camera, Microphone and Photo Album, | Performance of contract |
To provide you with the paid Services | Payment information | Performance of contract |
To provide the additional functionality of the Services | Information in the correspondences | Consent |
To monitor and protect the Services to ensure the normal operation of the Services you use, including preventing fraud, criminal activity, and misuse of our Services | Technical Information | Performance of contract & Legitimate interests |
To comply with legal obligations, and defend against legal claims and disputes | Technical Information | Legal Obligations, Legitimate interests, Consent, where required by applicable laws |
11.1.2 Children or Minor Users
If you are a minor under the age of 16, you are not permitted to use our Services in the EU/EEA. If a minor cannot provide consent independently due to age requirements that differ across EU Member States, we will comply with the specific age thresholds applicable in each Member State and conduct appropriate age-verifications before allowing access to or use of our Platform.
11.1.3 Data Transfers outside of EU/EEA
Your data will be collected and stored by us in Japan. When we conduct transfer data outside of EU, we will rely on:
Adequacy decisions. These are decisions issued under Article 45 of the GDPR (or equivalent provisions under other applicable laws) recognizing that a non-EU country ensures an adequate level of data protection. Where our service providers or third parties are located in such countries, we may rely on this mechanism for the transfer of personal data.
11.1.4 Your Data Protection Rights
In the EEA and Switzerland, you have the following rights, subject to conditions under the GDPR and/or any local data protection laws in addition to those set forth in Section 7:
- To object, on grounds relating to your circumstance, to the processing of your personal data by us. This includes the right to object to our processing of your personal data for direct marketing (also known as mass marketing under Swiss law) and the right to object to our processing of our personal data where we are performing a task in the public interest or pursuing our legitimate interests (as aforementioned, particularly the right to opt-out the AI training) or those of a third party. If we process your personal data based on our legitimate interests or those of a third party, or in the public interest, you may object to this processing, and we will cease processing your personal data, unless the processing is based on compelling legitimate grounds or is required for legal reasons. Where we use your personal data for direct marketing for our own products and services, you can always object and opt out of future marketing messages using the unsubscribe link in those communications or through other means.
- To obtain confirmation from us, as to whether your personal data is being processed, and, where that is the case, request access to details about how we process your personal data and copies of the personal data.
- To request the restriction of processing of your personal data, in which case, it would be marked and processed by us only for certain purposes.
- To withdraw your consent at any time. This will not affect the lawfulness of our use of your personal data before your withdrawal.
- To lodge a complaint with a supervisory authority. You may view a list of supervisory authorities in the EEA and Switzerland and their contact information here:
- EEA: Our Members | European Data Protection Board
- Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html
To submit a request to exercise your privacy rights, you can contact us by emailing kaipai.action@sensetime.com directly.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. In EU, normally within 1 month. If your request is complicated, we will inform you in time to explain the reason why we may need more time (no more than 2 months) to process your request.
11.2 US Addendum
11.2.1 States Except for California
Unless stated otherwise, this section applies to residents of U.S. states whose privacy laws apply to us and grant the rights described below (collectively, the “State Privacy Laws”).
This section describes how we collect, use, and share Personal Information of residents of these states and the rights these users may have with respect to their Personal Information. Please note that not all rights listed below are included in each State Privacy Law, so all of the listed rights may not be afforded to all users. In addition, we may not be able to process your request if you do not provide us with sufficient detail to allow us to confirm your identity or understand and respond to it.
Depending on where you live and subject to the conditions under the applicable State Privacy Laws, you may have the following rights with respect to the personal data that we have collected from or about you in addition to those set forth in Section 7:
• Right to request that we correct inaccuracies in your personal data, taking into account the nature of the personal data and the purposes of processing of the consumer's personal data, except this right is unavailable in Iowa and Utah;
• Right to request to opt out of the processing of your personal data for the purposes of: (i) targeted advertising, (ii) the sale of personal data and/or sharing of your sensitive personal data, or (iii) profiling/automated decision making.
• Right of Non-discrimination.
• Right to appeal. You can appeal our denial of any request validly submitted.
When you use our services, we may collect, use and disclose your device information, browsing and usage data for targeted advertising purposes as described in Section 3 above. Some of the laws that apply to our processing of personal data qualify our collection, use and disclosure of personal data for targeted advertising purposes. You may opt out of targeted advertising on our services by clicking [Settings]-[Privacy Settings]-[Personalized Options] and toggling off [Enable Ads Personalization].
To submit a request to exercise the remaining rights, please email kaipai.action@sensetime.com and specify in your email the details of your request. Please note that these rights are subject to exceptions. To verify your identity, we may require you to confirm receipt of an email sent to an email address that matches our records, provide us with details relating to your history with us, or provide additional information. If we are unable to verify your identity, we may deny your request. You may also have the right to appeal against our decision if we deny your request. To appeal, please contact us at the email address set out above and specify what you wish to appeal.
11.2.2 California
We collect personal information from and about you in the preceding 12 months as described in Section 1. PERSONAL INFORMATION WE COLLECT above.
We disclose personal information with third parties for business purposes as below:
Categories of personal information | Disclosed to which categories of third parties |
All categories detailed in Section 1 above | Cloud storage services provider and our affiliates |
User ID | Payment company |
Advertisement information | Advertisers and ad-related third parties |
To the extent provided for by local law and subject to applicable exceptions, you may have the following rights in addition to those set forth in Section 7:
Ÿ Limit the Use of Sensitive Personal Information. You also have the right to request limitation of use and disclosure of your sensitive personal information, subject to certain exceptions. If you would like to limit the use of your sensitive personal information, please contact us by using the contact details provided in the Section “Contact Us” above.
Ÿ Do Not Sell or Share My Personal Information. Based on the definition of “sell” and “share” under applicable State data protection laws, we do not believe that we engage in such activity and have not engaged in such activity in the past 12 months from the effective date of this Policy.
Ÿ Appeal. You may appeal our refusal to take action on a request by contacting us using the contact details provided in Section “Contact Us” above.
Ÿ Direct Marketing. We do not disclose personal information to third parties for their direct marketing purposes.
If you would like to contact us to exercise one or more of these rights, to ask a question about these rights or any other provision of this Policy or about our processing of your personal information, or to file a complaint about how we process your personal information, you may use the contact details provided in the Section “Contact Us” above. According to applicable laws, we may request you provide documents such as application form and proof of identity. We may contact you to confirm your identity in order to handle your request. We will respond to your request or complaint in due course under the applicable laws. We will not discriminate against you for exercising any of these rights.