Privacy Policy

Last Updated: March 27, 2026

Welcome to Evoto. We value your privacy and are committed to processing your personal information in a transparent, lawful, fair, and necessary manner. This Privacy Policy explains how we collect, use, disclose, store, transfer, and protect information relating to you, as well as the rights and choices available to you, when you visit our websites, register for an account, download or use our software, applications, cloud features, customer support services, marketing communications, and other related services (collectively, the “Services”).

This Privacy Policy applies to the Services provided by Evoto to users worldwide. For specific products, features, regions, or scenarios, we may provide supplemental privacy notices, in-product disclosures, or other supplementary documents. Where applicable, those documents should be read together with this Privacy Policy and will prevail to the extent of any inconsistency within their applicable scope.

1. Who We Are and the Scope of This Policy

1.1 Data Controller

Depending on where you are located, the Evoto entity that is generally responsible for determining the purposes and means of processing your personal information is as follows:

• If you are located in the United States, Canada, or Mexico, the relevant data controller is generally Truesight Technology Inc.
• If you are located outside the regions listed above, the relevant data controller is generally TRUESIGHT PTE. LTD.

If a specific Service is provided by a different controller or another relevant entity, we will explain that in the relevant page, terms, or notice.

Depending on the context, Evoto may act either as a data controller for information it processes for its own business purposes, or as a data processor / service provider for content and related personal information that professional or business customers submit for processing through the Services on their behalf.

1.2 What Information This Policy Applies To

This Policy applies to information that we collect directly from you as a data controller, as well as information that we collect automatically during your use of the Services or lawfully receive from third parties, including but not limited to:

• Information generated when you visit our websites, register, log in, subscribe, purchase, download, install, activate, or update our Services;
• Information you provide through software, websites, mobile applications, cloud features, customer support tickets, emails, message notifications, marketing campaigns, surveys, or social media interactions;
• Information relating to devices, logs, usage behavior, crash diagnostics, performance, security, and analytics;
• Content and related metadata that you upload, sync, store, generate, edit, share, or request us to process;
• Information that we lawfully receive from payment providers, identity verification providers, marketing partners, analytics providers, resellers, app stores, enterprise customers, or other third parties.

If you provide us with information about other individuals (for example, photos, project files, contact information, or other content containing another person’s personal information), you confirm that you have a valid legal basis to disclose that information to us and to authorize us to process it in accordance with this Policy and applicable law.

1.3 Professional, Business, and Enterprise Customer Scenarios; Situations Where This Policy May Not Apply

If professional users, freelance photographers, photography studios, creative teams, enterprise customers, organizational customers, or other business users use Evoto Services to process information relating to Customer Data Subjects (meaning the clients, employees, models, contractors, and other individuals whose personal information is processed by such customer), Evoto may act as a data processor, service provider, or similar intermediary on behalf of such customer, depending on the nature of the Service and applicable law.

In those scenarios, the relevant customer generally determines the purposes and means of processing the relevant personal information relating to Customer Data Subjects and is therefore generally the relevant data controller, business, or other responsible party under applicable law, while Evoto generally processes such personal information on that customer’s behalf and in accordance with its instructions, applicable agreements, and applicable law.

This commonly includes situations where a photographer, studio, agency, or other professional or business user uploads, stores, edits, enhances, retouches, synchronizes, exports, shares, or otherwise requests us to process photographs, project files, facial images, related metadata, or other content containing personal information of Customer Data Subjects in connection with that user’s professional or commercial activities.

In such cases, the relevant customer generally acts as the data controller and is responsible for determining how and why the relevant personal information of Customer Data Subjects is collected and submitted to Evoto, including providing any required privacy notices and handling applicable data subject requests. Unless otherwise required by applicable law, Customer Data Subjects whose personal information is processed in these scenarios should generally direct privacy rights requests to the relevant customer first. Where Evoto acts as a data processor or service provider, Evoto will, where required by applicable law or contract, provide reasonable assistance to the relevant customer in responding to valid privacy rights requests in accordance with the relevant customer’s instructions.

For the avoidance of doubt, Evoto may still act as a data controller with respect to certain information that it processes for its own purposes, such as account registration information, billing and transaction records, security logs, fraud prevention data, support communications, legal compliance records, and service analytics used to operate, secure, and improve the Services in accordance with applicable law.

2. Information We Collect

2.1 Information You Provide Directly to Us

Depending on how you interact with us, we may collect the following categories of personal information:

• Account and identity information: such as your name, display name, email address, mobile phone number, password, login credentials, country/region, language preference, account identifier, avatar, and basic profile information shared with us when you choose to log in through a third-party account.
• Transaction and payment information: such as billing information, country/region, order information, tax-related information, payment status, payment currency, payment amount, transaction time, subscription term, refund information, and limited payment information such as the last four digits of your payment card, card issuer information, or expiration date. Full payment card numbers and security codes are generally processed directly by our payment service providers and are not stored by Evoto.
• Customer support and communications information: such as the information and attachments you provide in emails, support tickets, online forms, social media interactions, comments, surveys, feedback, appeals, dispute handling, error reports, or other communications.
• Marketing and preference information: such as whether you wish to receive newsletters, product updates, special offers, marketing promotions, message notifications, SMS, or other communications, as well as your communication preferences and unsubscribe choices.
• Identity verification information: such as information needed for registration, login, two-factor verification, SMS verification codes, account security checks, anti-spam registration, or anti-fraud purposes.

2.2 Information We Collect Automatically

When you visit our websites or use the Services, we may automatically collect the following information:

• Device and network information: such as IP address, device model, device identifiers, operating system, browser type, application version, system language, time zone, network status, device performance metrics, and crash information.
• Log information: such as access time, login time, feature usage, click paths, error logs, diagnostic data, performance metrics, launch information, session identifiers, referral sources, and other logs relating to security and operation.
• Usage and analytics information: such as how you interact with features, which pages or features are used, feature preferences, conversion and retention information, marketing campaign effectiveness, and aggregated or de-identified analytics information used to improve our products.
• Cookies and similar technology information: such as online activity information collected through cookies, SDKs, pixel tags, local storage, device identifiers, or similar technologies.

2.3 Your Content and Project Data

When you use editing, generation, cloud sync, project saving, sharing, export, collaboration, technical support, or other Service features, we may process the content that you upload, import, create, save, sync, or request us to process, including but not limited to images, project files, presets, parameters, text inputs, metadata, and related information (collectively, “Your Content”).

If the local computing capability of the Service is insufficient to complete the processing you request, or if a feature is inherently cloud-based, we may need to transmit Your Content to our servers or to the environments of entrusted service providers for processing, analysis, transmission, caching, or storage. For online editing and other inherently cloud-based features, Your Content may need to be uploaded to and stored on our servers in order to provide the Service.

As a general rule, Evoto does not retain image content for longer than is necessary to perform the requested processing. However, where Customer uses specific features of the Services that require cloud-based storage or cloud-based processing, the relevant image content may be stored on Evoto’s servers until deleted by Customer. If not deleted earlier by Customer, such content will be automatically and permanently destroyed, and rendered irrecoverable, upon the expiration of a 30-day period after the expiry or termination of the applicable service. This 30-day period is maintained solely as a limited user recovery and service continuity window, unless a longer retention period is required by applicable law.

Depending on the specific Service you use, Your Content may contain personal information or other legally protected information of other individuals, such as photographs, facial images or related metadata. You should ensure that you have a valid legal basis to upload, process, share, and authorize us to process such information in accordance with this Policy and applicable law.

Where you use the Services in a professional, studio, agency, or other business context, including to provide photography, editing, post-production, design, media, or related services involving Customer Data Subjects, you are responsible for ensuring that you have provided any required privacy notices and obtained any consents, permissions, authorizations, or other lawful basis required under applicable law for the collection, upload, editing, enhancement, storage, sharing, export, or other processing of such content by Evoto on your behalf.

2.4 Permission Information

Depending on your device, operating system, and the features you use, we may, with your authorization, access relevant permissions such as:

• Photo album, folder, media library, or storage permissions, for importing, editing, exporting, and saving your work;
• Camera permissions, for capturing images, scanning codes, tethered shooting, or other camera-dependent features;
• Clipboard permissions, for recognizing instructions, importing content, or improving efficiency;
• Notification permissions, for sending service notices, order notices, security alerts, marketing messages, or product updates, depending on your settings and applicable law;
• Advertising identifiers, device tracking, or similar identifiers (such as identifiers provided by mobile platforms), only where you authorize such use and applicable law permits it.

You may withdraw these permissions at any time in your device or application settings, although doing so may affect the normal operation of certain features.

2.5 Information from Third Parties

We may also lawfully obtain information relating to you from third parties, such as:

• Basic account information provided by third-party login or social media platforms;
• Transaction confirmation or subscription information provided by payment providers, app stores, resellers, or order management providers;
• Technical information provided by messaging, verification, anti-fraud, security, analytics, advertising, or cloud service partners;
• Member information, authorization information, or seat allocation information provided by enterprise customers, team administrators, or organizational accounts;
• Information from publicly available sources or business partners where permitted by law.

2.6 Sensitive Personal Information

Unless necessary to provide the Services you request, comply with legal obligations, protect security, or where we have obtained your explicit consent, we generally do not proactively require you to provide sensitive personal information. That said, Your Content may contain facial data, image characteristics, location information, identity documents, communications content, or other legally protected information. If you choose to upload or submit such content, we will process it in accordance with this Policy, the applicable product disclosures, applicable law, and necessary security measures.

We process sensitive personal information only where necessary to provide the Services, ensure security, comply with legal obligations, or obtain necessary authorization. Unless permitted or required by law, we will not use such information for purposes unrelated to the relevant Services. If applicable law gives you rights to restrict such use or disclosure, you may contact us as described in this Policy.

When you upload, import, sync, save, or request processing of images or other content containing faces, we may, to provide the editing, enhancement, generation, retouching, restoration, organization, or other image-processing Services you request, technically process facial regions, facial features, keypoint information, or related image information contained in such content, to the extent necessary. Such processing may begin once the content is uploaded so that we can complete the functionality you requested or generate the results. This processing is performed for the purpose of providing the requested image-processing functionality and not for the purpose of identifying a specific natural person.

We may temporarily process facial regions, facial features, keypoint information, or similar image information to the extent necessary to provide the requested image-processing functionality. However, we do not separately extract or create biometric templates for the purpose of identifying a specific natural person. We do not use such information to identify a specific individual, conduct ongoing profiling, or use it by default to train our AI models. Any such temporary processing is limited to what is necessary to provide the relevant Services and is not retained longer than necessary unless a longer retention period is required by law or enabled by the relevant Service settings.

3. How We Use Your Information

We may use the information described above for the following purposes:

• To create, manage, and maintain your account;
• To provide, deliver, activate, update, maintain, and support the Services;
• To process orders, payments, subscriptions, invoices, taxes, refunds, and customer relationship management;
• To verify identity, protect account security, and prevent fraud, abuse, unauthorized access, illegal content, and other security incidents;
• To respond to your inquiries, requests, comments, complaints, appeals, or privacy rights requests;
• To analyze Service usage, diagnose issues, debug crashes, improve stability, and improve product design and user experience;
• To send you newsletters, offers, product updates, event notices, surveys, marketing information, or message alerts, where you consent or applicable law otherwise permits;
• To support cloud sync, project storage, content processing, collaboration, sharing, export, cross-device access, and other cloud features;
• To enforce contracts, terms, and policies, resolve disputes, and protect our lawful rights, property, users, and public safety;
• To comply with applicable laws, regulatory requirements, court orders, law enforcement requests, or other legal processes;
• With your explicit, opt-in consent, we may use Your Content or feedback for specific service improvements, such as troubleshooting software bugs or optimizing the speed of existing tools. For absolute clarity: 'service improvement' does NOT include using Your Content to train generative AI models. Even if you opt-in to help us improve the software, we will never use your images, edits, or facial data to train our AI models.

Evoto never uses Your Content to train our AI generative models without your explicit, proactive, and opt-in consent. Model inference, content processing, quality monitoring, safety review, troubleshooting, and service delivery carried out to provide existing Services do not constitute using Your Content for general model training.

4. How We Disclose and Share Your Information

We do not sell your personal information to third parties for monetary consideration. However, in some jurisdictions, certain data sharing for advertising, analytics, or cross-context behavioral advertising purposes may be considered a “sale,” “sharing,” or “targeted advertising” activity. Where required by applicable law, we will provide you with the relevant choices.

We may disclose your information in the following circumstances:

• Within Evoto: with our parent company, subsidiaries, affiliates, or internal support teams in order to provide the Services, customer support, billing, research and development, maintenance, compliance review, and operational management;
• Service providers and processors: with third parties that provide services on our behalf, such as cloud hosting and computing providers, payment providers, customer support and ticketing system providers, identity verification and SMS providers, analytics providers, communications and email providers, marketing support providers, security providers, anti-fraud providers, development and operations support providers, and professional advisers; We impose strict contractual obligations on these providers to ensure they process Your Content only for the specific purpose of delivering the Service. Our third-party partners are strictly prohibited from using Your Content to train their own AI models or for any independent commercial use;
• Advertising, measurement, and marketing partners: with partners that help with ad attribution, marketing effectiveness measurement, conversion analytics, and campaign optimization, within the scope of your consent or as otherwise permitted by law;
• Enterprise customers or team administrators: if you use an organization, team, enterprise, or invited-seat Service, the relevant administrators, organizational customers, or purchasing entities may access information relating to account status, seat allocation, usage status, subscription management, and customer support;
• Business transactions: if we are involved in a merger, financing, asset sale, restructuring, bankruptcy, change of control, or related due diligence, your information may be disclosed or transferred as part of that transaction;
• Legal and safety purposes: where necessary to comply with legal obligations, respond to court orders, law enforcement requests, or regulatory investigations, or protect the rights, property, and safety of Evoto, users, partners, or the public. To the extent permitted by law, we review such requests and seek to disclose only the information necessary for the relevant purpose;
• With your consent or at your direction: where you authorize us to disclose information to a third party, or where you actively use a feature that requires information to be shared with a third party.

We require service providers that process personal information on our behalf to process such information in accordance with our written instructions and to implement appropriate confidentiality, security, and data protection measures. Where appropriate, we enter into data processing agreements (DPAs) or other compliance documentation with such providers to limit their use of your information for their own independent purposes.

To enhance transparency, we may further disclose, through our List of Third-Party Service Providers and Sub-processors, Cookie Policy, in-product notices, or other supplemental notices, the names or categories of certain third-party recipients, service providers, and Sub-processors, the processing purposes, and the types of personal information involved.

5. Cookies, Analytics, Advertising, and Similar Technologies

We may use cookies, SDKs, pixel tags, local storage, logging mechanisms, and similar technologies on our websites, applications, and Services for the following purposes:

• To keep websites and Services functioning properly;
• To remember login status, preferences, and language selection;
• To analyze traffic, usage trends, feature popularity, and performance;
• To measure marketing effectiveness, attribute conversions, and optimize advertising;
• To prevent fraud, abuse, and abnormal access;
• Where permitted by applicable law, to provide personalized content or advertising.

In regions where applicable law requires it, we will obtain your consent before using non-essential cookies or similar technologies and provide you with choices through cookie banners, consent management tools, browser settings, device settings, or other mechanisms. For more information, please refer to our Cookie Policy.

For certain marketing emails, we may use pixel tags or similar technologies to understand whether an email was delivered, opened, or clicked in order to improve communication effectiveness. Where required by applicable law, we will obtain the necessary consent or provide you with convenient unsubscribe and preference management options.

6. Your Content, Cloud Processing, and Automated Analysis

6.1 Cloud Processing

To provide editing, processing, sync, sharing, project saving, cross-device access, backup, restoration, collaboration, or other cloud features, we may need to upload Your Content to our servers or cloud service environments for processing. If content is processed only temporarily to complete your current request, we generally delete it, anonymize it, or retain only short-term backups within a reasonable period after processing is complete, unless:

• You have enabled cloud sync, project storage, sharing, version history, collaboration, or another persistent feature;
• We need to retain the relevant content to comply with legal obligations, resolve disputes, enforce agreements, or ensure security;
• You separately authorize us to retain the relevant content for service improvements or another explicit purpose.

6.2 Automated Analysis and Safety Review

For purposes of Service operation, security protection, content management, and product improvement, we may use automated technologies to analyze Your Content, metadata, logs, or related characteristics. For example, this may include identifying system errors, malicious files, spam content, abuse, illegal content risks, account anomalies, infringement indicators, or performance issues.

If you use public sharing, collaboration, community showcases, or other features directed to other users, the content you share or make public may be subject to automated review and, where necessary, human review for safety, intellectual property, unlawful content, or abuse-related issues. For absolute clarity, this automated review only applies to content you actively choose to upload to our cloud-based features, such as public sharing, community showcases, or collaboration tools. We do not monitor, scan, or analyze Your Content while it is being edited locally on your device or stored in your local folders.

Unless permitted by law and adequately disclosed to you, we generally do not make decisions based solely on automated processing that produce legal effects or similarly significant effects on you. If such circumstances arise, we will provide you with additional disclosures and applicable rights as required by law.

6.3 Your Control Over Content

As between you and us, and subject to applicable law, third-party rights, and limitations necessary for the operation of the Services, you generally retain the rights and interests you have in Your Content. You may manage, export, delete, or withdraw certain authorizations relating to content processing through product settings, account features, or by contacting us, although doing so may affect the availability of some features.

7. International Data Transfers

Evoto provides Services to users worldwide, and your personal information may therefore be transferred to jurisdictions outside your country or region, including countries and regions where we, our affiliates, service providers, partners, or infrastructure providers are located. At present, user data collected by Evoto is stored on Amazon Web Services (AWS) servers located in Oregon, United States. The data protection laws in those countries and regions may differ from those in your place of residence.

Where required by applicable law, we will implement appropriate safeguards to ensure that your personal information receives adequate protection when transferred across borders. Such safeguards may include:

• Entering into Standard Contractual Clauses (SCCs), the UK Addendum, Swiss supplementary clauses, or other recognized transfer terms with relevant recipients;
• Relying on adequacy decisions, certification mechanisms, or other lawful transfer mechanisms recognized under applicable law;
• Implementing supplementary technical and organizational measures, such as access controls, encryption, data minimization, role-based access, backups, and security audits;
• Carrying out transfer impact assessments or other compliance assessments where required by law.

To the extent required by applicable law, you may contact us to learn more about the safeguards we use for cross-border transfers or, where feasible, request a copy or summary of the relevant transfer mechanism.

8. Data Processing Agreement (DPA) and International Transfer Terms

For customers for whom Evoto acts as a data processor, service provider, or similar intermediary under applicable law, including professional customers, photography studios, business users, enterprise customers, organizational customers, and other customers using the Services to process personal information on behalf of others, Evoto offers a Data Processing Agreement (“DPA”) where required by applicable law or reasonably requested in connection with the use of the Services.

The DPA is intended to apply to customer content and related personal information that Evoto processes on behalf of the relevant customer in connection with the Services, including where such customer uploads or submits photographs, facial images, project files, metadata, or other content containing personal information of Customer Data Subjects.

Where applicable, the DPA may include or incorporate the European Commission’s Standard Contractual Clauses, the UK Addendum, Swiss supplementary terms, or other recognized cross-border transfer provisions, together with appropriate supplementary technical and organizational measures.

To the extent permitted by applicable law, the DPA may be incorporated by reference into the relevant order form, subscription terms, Service Terms, enterprise terms, procurement document, or other written agreement between Evoto and the relevant customer, if those terms expressly provide for such incorporation. Alternatively, the parties may execute the DPA separately.

For the avoidance of doubt, in scenarios where Evoto provides Services directly to individual consumers for their personal use and Evoto is not processing customer content on behalf of a business customer acting as controller, this Privacy Policy itself does not constitute a data processing agreement.

Where the applicable Service Terms, User Agreement, order form, or other written agreement expressly incorporates the DPA by reference, eligible customers’ acceptance of such terms will be deemed acceptance of the DPA, which will become effective accordingly without the need for a separate signature.

9. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by applicable law. We generally manage the retention and deletion of relevant information through a unified retention and cleanup mechanism based on account status, Service features, processing purposes, and any deletion or account closure actions taken by you. For cloud-stored content, including content uploaded for online editing and other inherently cloud-based features, we retain such content during your subscription term unless you delete it earlier. If your subscription expires or is terminated, any remaining cloud-stored content may be retained for up to 30 days solely to allow renewal of the subscription or export of the content, after which it is permanently deleted and cannot be recovered, unless a longer retention period is required by law or is necessary for security, fraud prevention, or legal claims. When relevant information is no longer necessary, we will delete it, anonymize it, or otherwise handle it in accordance with law within a reasonable period. Certain cached, logged, or backup copies may continue to exist for a limited period and be gradually deleted or overwritten pursuant to system rules. After deletion or account closure, system and backup copies may be cleared on a rolling basis over a limited period. To comply with legal obligations, handle disputes, enforce agreements, maintain security, or protect lawful rights and interests, we may retain certain information for a longer period to the extent necessary. In some cases, certain information may be retained separately for a longer period because of legal obligations, audits, dispute resolution, or security needs.

10. Your Privacy Rights

Depending on your location and applicable law, you may have one or more of the following rights:

• To know how we collect and use your personal information;
• To access, confirm, and obtain a copy of the personal information we hold about you;
• To correct inaccurate or incomplete personal information;
• To delete your personal information;
• To restrict or object to certain processing activities;
• To withdraw consent where processing is based on consent, without affecting the lawfulness of processing before withdrawal;
• To receive or request transfer of portable data;
• To opt out of direct marketing, profiling, certain analytics, or certain sharing or targeted advertising activities;
• Where applicable, to object to solely automated decision-making or request human intervention;
• To lodge a complaint with a supervisory authority.

You may manage certain information and preferences through your account settings, such as updating profile information, resetting your password, managing notifications, withdrawing analytics consent, unsubscribing from marketing emails, turning off certain features, or requesting account deletion. For requests that cannot be completed within the product, you may contact us using the methods described in the “Contact Us” section of this Policy.

To protect the security of your account and information, we may need to verify your identity before responding to your request. We will respond within the time period required by applicable law. If we cannot fulfill your request, we will explain the reasons and any next steps available to you to the extent required by law.

Where required by applicable law, you will not be unlawfully discriminated against for exercising your privacy rights.

11. Regional Supplemental Privacy Notice

11.1 Supplemental Notice for Users in the EEA, the UK, and Switzerland

If you are located in the European Economic Area, the United Kingdom, Switzerland, or another region with similar applicable laws, we generally process personal information on one or more of the following legal bases:

• Performance of a contract: for example, to provide your account, software, subscriptions, payments, customer support, cloud features, sync, order fulfillment, or other Services you request;
• Legitimate interests: for example, to protect Service security, prevent fraud and abuse, diagnose problems, improve performance, conduct necessary business analytics, resolve disputes, protect our rights, and carry out reasonable product improvements, provided that such interests are not overridden by your fundamental rights and freedoms;
• Your consent: for example, to send certain marketing communications, enable certain analytics functions, access certain device permissions, use cookies or similar technologies, process content you authorize for improvement purposes, or in other scenarios where consent is required;
• Legal obligations: for example, to comply with tax, accounting, anti-fraud, sanctions, consumer protection, information security, law enforcement assistance, or other legal obligations;
• Vital interests or public interest: in limited cases, to protect an individual’s vital interests, cooperate with lawful investigations, or perform legal duties.

Where we rely on legitimate interests as a legal basis, you may object to such processing where permitted by applicable law, and we will assess whether compelling legitimate grounds exist that override your rights and freedoms.

11.2 U.S. State Privacy Rights (Including California Residents)

If you are a resident of California or another U.S. state with an applicable privacy law, you may have rights to request to know, correct, delete, obtain a copy of, or opt out of the “sale,” “sharing,” or targeted advertising processing of your personal information, depending on applicable law and how you interact with us. Where available, you may refer to our “Your Privacy Choices” page for relevant information and to submit an applicable request.

12. Privacy of Minors

Evoto’s Services are generally not directed to children or minors under 16 years of age, or a higher age threshold required under applicable law. We do not knowingly collect personal information from such children or minors unless permitted by applicable law and the necessary authorization has been obtained from a parent, guardian, school, or other lawful representative.

If you believe that a minor has provided personal information to us without appropriate authorization, please contact us using the contact details provided in this Policy. After verification, we will take appropriate measures in accordance with applicable law, including deleting the relevant information or restricting further processing.

13. Data Security

We implement reasonable administrative, technical, and physical security measures to help protect your personal information from unauthorized access, use, disclosure, alteration, loss, or destruction. These measures may include access controls, permission segregation, encrypted transmission, backups, audit logs, data minimization, employee confidentiality obligations, vendor management, and security monitoring.

Nevertheless, no internet transmission, electronic storage, or security measure can be guaranteed to be absolutely secure. You should safeguard your account credentials, avoid sharing your password with others, and contact us promptly if you become aware of a security incident, account anomaly, or suspicious activity.

14. Third-Party Links, Third-Party Services, and Public Content

Our Services may contain links to or integrations with third-party websites, plugins, SDKs, payment channels, social media pages, app store pages, or other third-party services. Those third parties have their own privacy policies and data processing practices, and we encourage you to review them before use.

If you choose to post content in community areas, comment sections, public pages, shared spaces, collaborative areas, or other public settings, that information may be viewed, copied, forwarded, scraped, or indexed by other users. Please consider carefully what information and content you choose to make public.

15. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, changes to our Services, updates to our information processing practices, or other business needs. The updated version will be posted on the relevant page and the “Last Updated” date will be revised. Where required by law, or where changes materially affect you, we may also notify you through website notices, in-product messages, email, or other appropriate means, and obtain your consent where necessary.

To the extent permitted by applicable law, your continued use of the Services after the updated Privacy Policy takes effect constitutes your acknowledgment of the updated Policy.

16. Contact Us

If you have any questions, comments, or requests regarding this Privacy Policy, our personal information handling practices, or your privacy rights, you may contact us by email at contactus@evoto.ai.