Privacy Policy

Last Updated: May 2026

Developer: Storm Adamsen, an individual developer from the Kingdom of Belgium (hereinafter referred to as "we", "us" or "our")

This Privacy Policy explains how we collect, use, share, and protect your personal information when you download, install, and use the MotionPop mobile application (the "App") for iOS devices. This Policy applies to all users of the App.

We take your privacy seriously and have designed this Policy to comply with applicable global data protection laws, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and other relevant regulations in the markets where the App is available.

IMPORTANT AGE NOTICE: This App is intended exclusively for users aged 16 and older. This age requirement is our policy choice. We do not knowingly collect personal information from anyone under the age of 16. If you are under 16, you may not use this App.

1. Information We Collect

We collect only the minimum information necessary to provide and improve our services, categorized as follows:

1.1 Information You Voluntarily Provide

• Account Information: When you sign in with Apple or Google, we receive the minimal information you authorize the relevant authentication provider to share with us, which may include your name, email address, and, for Google sign-in, profile picture depending on your Google Account settings. We do not have access to your Apple ID or Google Account credentials.
• User Uploaded Content: Photos and images you upload to the App for the purpose of generating AI-powered dynamic video content.
• Contact Information: When you contact our customer support, you may provide your email address and any other information included in your inquiry to help us respond to your request.

1.2 Special Notice Regarding Facial Data

For photos containing facial features that you upload:

• We only process this data temporarily during AI generation to create the dynamic video content you specifically request.
• We do not store your photos or facial data on our servers after processing is complete. Uploaded photos are deleted from all our systems (including temporary storage and caches) within 24 hours of processing completion, regardless of whether the generation succeeds or fails.
• We do not permanently retain, share, sell, or license facial data to any third party for advertising, profiling, or any purpose other than fulfilling your generation request.
• We do not use facial data to train our AI models, unless you provide explicit, separate written consent for this purpose.
• Legal basis for processing facial data: We process facial data contained in your uploaded photos based on your explicit consent (GDPR Article 6(1)(a) and Article 9(2)(a)). You may withdraw your consent at any time by contacting us, without affecting the lawfulness of processing based on consent before withdrawal. Withdrawing consent will not affect the quality or availability of other App features that do not require facial data processing.

1.3 Automatically Collected Information

• Device Information: We may collect basic device and technical information (such as device model, OS version, app version, and mobile network information) for compatibility, debugging, security, and service improvement purposes.
• Analytics and Attribution Data: We use Adjust, a mobile attribution and analytics platform, to help us understand app installation sources, measure marketing campaign performance, analyze app usage, and improve the App. Adjust may collect device identifiers, installation source information, user engagement metrics, session information, and other usage-related technical data. This data does not include your uploaded photos, facial data, or generated videos.
• Crash and Performance Data: We may collect crash reports and performance metrics to identify and fix technical issues and maintain the stability and security of the App.

2. How We Use Your Personal Information

We use your information solely for the purposes described in this Policy, with valid legal bases under applicable law:

• Provide Core App Services: To process your uploaded content to generate AI dynamic videos, manage your user account, enable content saving and sharing features. Legal basis: Performance of our contract with you. For facial data processing: Your explicit consent (see Section 1.2).
• Process Paid Transactions: To manage your points balance, process in-app purchases, verify transaction validity, and deliver paid premium features. Legal basis: Performance of our contract with you.
• Optimize and Improve the App: To fix bugs and crashes, optimize AI generation performance, enhance user experience, analyze aggregated usage patterns, and ensure the stability and security of the App. Legal basis: Our legitimate business interests.
• Analytics and Attribution: To use Adjust analytics to understand how users discover and interact with the App, measure marketing campaign performance, evaluate user acquisition channels, and identify areas for product improvement. Legal basis: Our legitimate business interests, subject to your rights and choices under applicable law.
• Customer Support: To respond to your inquiries, feedback, and complaints, and resolve technical issues you encounter. Legal basis: Our legitimate business interests and performance of our contract with you.
• Legal Compliance and Security: To prevent fraud, malicious, or illegal activities, enforce our Terms of Service, and comply with applicable legal obligations, court orders, or regulatory requirements. Legal basis: Compliance with legal obligations and our legitimate business interests.

We will not use your personal information for any purpose other than those listed above without providing you with prior notice and obtaining your consent where required by law.

3. How We Share Your Personal Information

WE DO NOT SELL YOUR PERSONAL INFORMATION TO ANY THIRD PARTY UNDER ANY CIRCUMSTANCES.

We only share your personal information in the limited circumstances below, and only share the minimum data necessary to fulfill the stated purpose:

Trusted Service Providers

We share data with third-party service providers who assist us in operating the App, subject to strict data protection obligations:

• Payment Processing: Apple Inc., which handles all in-app purchase transactions. We do not have access to your credit card or payment details, which are processed exclusively by Apple under its own privacy policy.
• Authentication Providers: Apple Inc. and Google LLC, when you choose to sign in using Apple ID or Google Account. We receive only the information you authorize these providers to share with us, and these providers process your data according to their own privacy policies.
• Analytics and Attribution: Adjust GmbH, which provides mobile attribution and analytics services. We share limited device and usage information with Adjust to help us understand app installation sources, user engagement, and marketing campaign performance. Adjust is not provided with your uploaded photos, facial data, or generated videos.
• Push Notification Services: Apple Push Notification service (APNs), to deliver generation completion alerts and other notifications you enable.

AI Processing

All AI processing to generate dynamic video content from your uploaded photos is performed on our own self-hosted servers. We do not send your photos or facial data to any third-party AI service provider for processing. Your uploaded content is processed exclusively within our own infrastructure.

Legal Requirements

We may disclose your information if we have a good faith belief that disclosure is necessary to:

• (a) comply with applicable law, regulation, court order, or governmental request;
• (b) protect our legal rights, property, or safety;
• (c) protect the personal safety of our users or the public;
• (d) investigate fraud, security breaches, or illegal activities.

Business Transfers

In the event of a merger, acquisition, asset sale, or bankruptcy, we will notify you before your personal information is transferred, and ensure the receiving party is bound by equivalent data protection obligations.

Social Sharing Services

If you choose to share your generated videos or content directly to third-party social media platforms including Facebook, Instagram, and X, your content will be transmitted to the selected platform(s) by the platform's native sharing functionality. This transmission is initiated solely by your explicit action.

Once you tap the share button and select a platform:

• Your generated video/photo and any accompanying text you provide will be sent directly to the third-party platform you selected.
• This data will be subject to the receiving platform's own privacy policy and terms of service, which you agree to comply with by using the share feature.
• We do not control, endorse, or assume any responsibility for how these third-party platforms collect, use, or store your shared content.

4. International Data Transfers

Our AI processing servers are located in the United States. Depending on your country of residence, your personal data may be transferred to and processed in countries that may have data protection laws different from those in your jurisdiction.

We ensure all international transfers of your personal data comply with applicable law, including:

• For data transfers from the EEA to the United States: We implement the European Commission's Standard Contractual Clauses (SCCs) adopted on 4 June 2021 (Commission Implementing Decision (EU) 2021/914), together with supplementary technical measures (including data encryption in transit and at rest) and organizational measures to ensure your data receives an adequate level of protection.
• For transfers involving third-party providers such as Adjust and Google: We require appropriate contractual and technical safeguards, including data processing agreements and applicable transfer mechanisms where required.
• For all users: We only transfer data to recipients who have implemented appropriate security measures to protect your personal information.

You have the right to request further information about the specific safeguards we have put in place for international transfers by contacting us using the details in Section 13.

5. Data Retention

We retain your personal information only for the minimum period necessary to fulfill the purposes for which it was collected:

• Account Information: Retained for the duration of your active account, and deleted within 30 days of your account deletion request, except where we are required to retain data to comply with legal obligations (e.g., tax, accounting, or audit requirements).
• User Uploaded Content: Your photos are transmitted to our servers for AI processing only, and are deleted from all our systems (including temporary storage and caches) within 24 hours of processing completion, regardless of whether the generation succeeds or fails. We do not retain your uploaded photos after this period. Generated videos are saved directly to your device; we do not store the final output on our servers.
• Analytics, Attribution, and Crash Data: Analytics, attribution, crash, and performance data, including data processed through Adjust, is retained for up to 12 months for analysis and service improvement purposes, after which it is permanently deleted or anonymized.
• Legal Retention: We will retain your information for the period required by applicable law, and delete it once the retention obligation expires.

6. Your Rights

Depending on your country of residence, you have the following rights under applicable data protection laws:

6.1 Universal User Rights

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete personal information.
• Deletion: Request deletion of your personal information and user account (via the "Delete My Account" feature in the App's Settings).
• Restriction: Request restriction of processing of your personal information, where applicable.
• Objection: Object to processing of your personal information based on our legitimate interests, including analytics and attribution processing through Adjust.
• Data Portability: Request a copy of your personal information in a structured, machine-readable format.
• Withdraw Consent: Withdraw your consent to the processing of your facial data at any time, without affecting the lawfulness of processing based on consent before withdrawal.

6.2 Additional Rights for EEA Users (GDPR)

• You have the right to lodge a complaint with your local data protection authority if you are dissatisfied with our handling of your personal data. The Belgian supervisory authority is the Gegevensbeschermingsautoriteit (GBA), accessible at https://www.gegevensbeschermingsautoriteit.be.
• You may also access the EU Online Dispute Resolution platform at https://ec.europa.eu/consumers/odr.
• There is no limit on the number of times you may exercise your GDPR rights.

6.3 Additional Rights for California Residents (CCPA/CPRA)

• You have the right to request disclosure of the categories and specific pieces of personal information we collect, the sources of the information, the purposes for processing, and the categories of third parties with whom we share the information.
• You have the right to request deletion of your personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights. We will not deny you services, charge you different rates, or provide a lower quality of service for exercising your privacy rights.
• As permitted by the CCPA/CPRA, we limit verified consumer requests to two per 12-month period.

6.4 How to Exercise Your Rights

To exercise any of the rights listed above, please:

• For account deletion: Use the "Delete My Account" feature directly in the App's Settings page.
• For all other requests: Contact us via email at [email protected], with the subject line "Privacy Rights Request".

Response times:

• For EEA users: We will respond to all valid requests within one month. If your request is complex, we may extend this period by up to two additional months, in which case we will inform you of the extension and the reasons for the delay.
• For California residents: We will respond within 45 days, with a possible extension of up to 90 days, as permitted by the CCPA/CPRA.

We may request additional information to verify your identity to protect your data security.

7. Your Choices and Opt-Out Options

• Advertising Tracking: Since our App does not serve personalized advertisements, we do not use your IDFA for ad tracking purposes unless we first request and obtain any App Tracking Transparency authorization required by Apple and applicable law.
• Analytics and Attribution Choices: Adjust analytics helps us measure app installs, campaign performance, and app usage. Where applicable, you may limit tracking through your iOS privacy settings or exercise your right to object by contacting us.
• Push Notifications: You can disable push notifications via Settings > Notifications > MotionPop on your iOS device.
• Photo Library Access: You can manage the App's access to your photo library via Settings > Privacy & Security > Photos on your iOS device.
• Social Sharing Control: The share feature is optional. You are under no obligation to share any content via the App. If you do not wish to share your content with third-party platforms, simply do not use the share function.
• Facial Data Processing: You may choose not to upload photos containing facial features. The App will still function for content that does not involve facial data processing.

8. Data Security

We implement industry-standard technical and organizational security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These measures include encrypted data transmission (SSL/TLS), strict access controls, data encryption at rest, and regular security audits.

However, no electronic storage or transmission method is 100% secure. While we take all reasonable steps to protect your data, we cannot guarantee absolute security.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33;
• Notify you without undue delay if the breach is likely to result in a high risk to your rights and freedoms, as required by GDPR Article 34;
• Provide you with information about the nature of the breach, the likely consequences, and the measures we have taken or propose to take to address the breach.

9. Data Protection Impact Assessment

Given that our App processes facial data (a special category of personal data under GDPR) and uses AI to generate content involving human likenesses, we have conducted a Data Protection Impact Assessment (DPIA) in accordance with GDPR Article 35. This assessment evaluates the necessity, proportionality, and risks of our data processing activities, and documents the measures we have implemented to mitigate those risks.

10. Children's Privacy

This App is not intended for, and we do not knowingly collect personal information from, users under the age of 16. This age threshold is our policy choice and is higher than the minimum age of 13 set by Belgian law for digital consent under GDPR.

If you are a parent or guardian and become aware that your child under 16 has provided us with personal information without your consent, please contact us immediately. We will take prompt steps to delete the relevant information from our systems.

11. Third-Party Services

This Privacy Policy does not apply to data processed independently by third-party services. When you use Apple ID or Google Account authentication, make in-app purchases through Apple, or when limited analytics and attribution data is processed through Adjust, your use may also be subject to those providers' own privacy policies:

• Apple: https://www.apple.com/legal/privacy/
• Google: https://policies.google.com/privacy
• Adjust: https://www.adjust.com/terms/privacy-policy/

We encourage you to review the privacy policies of these third-party services. We are not responsible for the privacy practices of third-party services that operate independently from us.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes that affect your rights, we will notify you via in-app notification or email at least 30 days before the changes take effect, and update the "Last Updated" date at the top of this Policy.

Your continued use of the App after the effective date of the updated Policy constitutes your acceptance of the changes, except where applicable law requires your explicit consent. We encourage you to review this Policy regularly.

13. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at:

Developer: Storm Adamsen

Email: [email protected]