1. Introduction and Scope Welcome to Wallmax (“we,” “our,” or “us”). This Privacy Policy explains how we collect, use, disclose, and protect your information when you access and use our mobile applications available on Android and iOS devices. By downloading or using our app, you agree to the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not download or use the app. Wallmax is a wallpaper application that allows users to browse, download, and upload wallpapers via integration with third-party services such as wallhaven.cc. Our app is designed to enhance your user experience by providing high-quality wallpaper content, as well as by continuously improving our services. This Privacy Policy applies to all users of our app and covers the practices regarding the collection and use of information both directly from you and through the use of our services. We are committed to providing transparency about how your personal information is handled and ensuring your privacy rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) for our users in the European Economic Area, and the California Consumer Privacy Act (CCPA) for our users in California. We also adhere to various other applicable state and international data protection laws. This document outlines: • The types of information we may collect. • The purposes for which we collect and process your information. • The third parties with whom your information may be shared. • Your rights regarding your personal information. • The security measures we have in place to protect your data. • How to contact us if you have concerns about our privacy practices. By using Wallmax, you acknowledge that you have read, understood, and agreed to be bound by the terms of this Privacy Policy. We reserve the right to change or update this Privacy Policy at any time, with changes effective upon posting the revised version in the app and on our website. 2. Information We Collect When you use Wallmax, we may collect and process several types of information to improve our service, ensure app security, and deliver personalized content. This information is collected through various methods including direct input, automated technologies, and integrations with third-party services. A. Information You Provide Directly • Account Information: If you create an account or profile within the app, we may collect information such as your name, email address, and any other details you choose to provide. • Content Submissions: When you upload wallpapers, provide feedback, or contact support, we may collect the content you share with us, along with metadata (e.g., upload date, file format). • Preferences and Settings: Information related to your app preferences and customization choices. B. Information Collected Automatically • Device and Usage Data: We automatically receive and log technical data from your device including device type, operating system, unique device identifiers, IP address, and language settings. • App Usage Information: Details about how and when you use the app, including interactions with features, navigation paths, and the duration and frequency of use. • Crash and Performance Data: Automatic collection of data regarding app performance metrics, crash reports, and diagnostic information to help us improve the stability and functionality of the app. C. Data from Third-Party Sources • Wallpaper API Data: Our app integrates with wallhaven.cc to source wallpapers. Information provided by this API may include image metadata and source details, which are used solely to enhance the wallpaper viewing experience. • Analytics and Advertising Platforms: We integrate with third-party analytics, advertising, and performance monitoring tools. Such tools may collect anonymized and aggregated data regarding your interactions with the app, such as user engagement metrics and ad performance data. D. Cookies and Similar Technologies • While using our app, cookies or similar tracking technologies may be used to enhance your experience, administer the app, analyze usage, and serve targeted advertisements. Please refer to our Cookies and Tracking section for further details on managing these technologies. We only collect the information outlined above for purposes consistent with this Privacy Policy and in accordance with applicable data protection laws. If you have questions about the type or amount of data we collect, please feel free to contact us. 3. How We Use Your Information We use the information we collect from you for several purposes to ensure efficient operation, enhancement of your experience, and continual service improvement. Specifically, your information is used for the following purposes: A. To Provide and Maintain Our App • Deliver Content: To display and update wallpapers, including those sourced via wallhaven.cc, and to ensure smooth interaction and functionality of all app features. • Manage User Accounts: To create and manage your user profile and account, if applicable, and to provide access to personalized settings and content. B. To Enhance and Personalize Your Experience • Customization: To tailor the content and recommendations based on your preferences, usage history, and interactions with the app. • Communication: To send you notifications regarding app updates, new features, or support-related communications, if you have opted in for such communications. C. For Analytics, Research, and Service Improvements • Performance and Crash Analysis: To monitor app performance and diagnose issues—including recording crash reports and performance metrics—to improve the functionality and stability of our app. • Usage Analysis: To understand how users interact with the app, optimize the design and layout, and develop new features and improvements. • Research: To use aggregated data for internal research purposes, including market trends and user behavior analysis, to better align our service with user needs. D. For Marketing and Advertising Purposes • Targeted Advertising: To analyze user interactions and display relevant ads based on your interests and behavior within the app. • Third-Party Advertising Partners: To share anonymized or aggregated data with third-party advertising networks to enhance ad targeting and measure advertising effectiveness. • Campaign Evaluation: To assess the effectiveness of advertising and promotional campaigns and to conduct occasional surveys and research to capture feedback. E. To Meet Legal and Regulatory Obligations • Compliance: To comply with applicable laws, regulations, and legal processes, including responding to valid legal requests and protecting our rights and user safety. • Dispute Resolution and Security: To investigate potential breaches, fraudulent activities, security incidents, or other violations of our policies or terms of service. F. For Operational and Administrative Purposes • Service Improvement: To facilitate customer support and to enable us to resolve issues, process support requests, and manage user inquiries efficiently. • Internal Audits: To conduct internal reviews, audits, and other administrative operations that help in maintaining and enhancing app security and functionality. All data usage activities are performed in accordance with applicable privacy laws and data protection regulations. By using our app and consenting to this Privacy Policy, you agree to the use of your information as described above. 4. Third-Party Integrations and Services Our app leverages various third-party services and integrations to provide, improve, and secure our services. These integrations help us with functionalities such as content delivery, analytics, advertising, performance monitoring, and data storage. Below is an overview of the key third-party providers and how they interact with our app: A. External APIs • Wallpaper API (wallhaven.cc): We integrate with wallhaven.cc to source wallpapers and related metadata that enhance your browsing experience. The data provided via this API is used solely for presenting high-quality wallpapers to users. Please note that while we strive to ensure that all external data adheres to its own privacy practices, we are not responsible for the privacy policies or practices of wallhaven.cc. • Other Content Providers: If any additional third-party content sources are used, they will be clearly identified, and similar practices regarding data usage and privacy will apply. B. Cloud Service Providers • Google Cloud Platform (GCP): Our services are hosted on GCP. This includes the storage and processing of data. GCP employs robust security measures to protect data and ensures compliance with industry best practices and regulatory requirements. C. Analytics and Performance Monitoring Tools • Analytics Providers: We utilize third-party analytics services to understand user behavior, monitor app usage, and improve our offerings. These services may collect anonymized and aggregated data, which is used to analyze trends and optimize app performance. • Crash Reporting and Performance Tools: Tools integrated into our app automatically capture and report crash logs, errors, and performance metrics. These insights help us to address and resolve technical issues, thus improving stability and functionality. D. Advertising and Marketing Partners • Ad Networks: We partner with advertising networks to serve and measure the effectiveness of advertisements shown within our app. These partners may collect and use certain non-personally identifiable or aggregated data to tailor and improve their advertising efforts. • Marketing Service Providers: In some cases, marketing platforms may be used to send promotional information about updates, features, or partnered services. Any communication sent by these providers will be subject to their own privacy policies and terms. Each of these third-party providers has its own privacy practices and policies that govern the handling of data. We encourage you to review the privacy policies of these service providers for more details about their data practices. While we take steps to ensure that our third-party integrations comply with applicable data protection laws, we are not responsible for the privacy practices of these external services. By using our app, you acknowledge and agree that your data may be processed by these service providers in accordance with their respective privacy policies. 5. Legal Bases for Data Processing (for GDPR Compliance) In accordance with the GDPR, we process your personal data only when we have a valid legal basis. The primary legal bases that we rely on for processing your information are as follows: A. Consent • When required, we ask for your consent to process certain types of personal data (e.g., for personalized content or targeted advertising). • You have the right to withdraw your consent at any time. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal, but may limit your access to and experience of certain features within the app. B. Contractual Necessity • Processing is necessary for the performance of a contract to which you are a party. For example, managing your user account or fulfilling requests made through the app requires processing of the data you’ve provided. • This lawful basis ensures that we can deliver the services and features you have requested. C. Legal Obligation • We may process data to comply with legal obligations imposed on us by applicable laws and regulations. • This may involve data sharing with regulatory bodies or retaining information for records as required by law. D. Legitimate Interests • We process data on the basis of our legitimate interests, provided that such interests are not overridden by your privacy rights. • Legitimate interests include, but are not limited to, ensuring the security of the app and users, analyzing how our services are used to improve app functionality, detecting and preventing fraud or abuse, and administering marketing and advertising campaigns. • When processing is based on legitimate interests, we carefully balance our interests with your rights and freedoms to ensure fair and transparent processing. E. Vital Interests • In rare situations where it is necessary to protect your vital interests or those of another individual (for example, in an emergency where personal data is necessary to prevent harm), processing may be undertaken. • This basis is applied only when there is an imminent threat to life or safety and when no other legal basis is appropriate. Each processing activity is assessed against these legal bases to ensure our actions remain compliant with GDPR requirements. You have the right to obtain further details about the legal grounds for processing your data and to exercise your rights in relation to this processing. If you have any questions or require additional information regarding the legal basis of our data processing practices, please contact our Data Protection Officer (DPO) using the details provided in the Contact Information section. 6. Data Sharing and Disclosure We take your privacy seriously and limit the sharing of your information to situations where it is necessary for the functioning of our app or required by law. In summary, we may share your data under the following circumstances: A. With Service Providers and Business Partners • Third-Party Processors: We work with trusted third-party service providers (such as cloud hosting providers, analytics services, advertising networks, and crash reporting tools) whose roles are essential for delivering and enhancing our services. These providers have access only to the data necessary for them to perform their functions and are obligated to maintain its confidentiality and security. • Business Partners: In some instances, we may share data with our business partners for purposes such as joint promotions or service integrations. In such cases, the data shared will be limited to what is necessary and will be governed by contractual obligations to protect your confidentiality. B. In Response to Legal Obligations • Legal Requests: We may disclose your information if required to do so by law or in response to reliable and properly constituted legal process (e.g., a court order, subpoena, or government mandate). • Protection of Rights: We reserve the right to disclose information if we believe it is necessary in order to protect the rights, property, or safety of our organization, our users, or others. C. In the Context of Business Transactions • Merger, Acquisition, or Sale: Should our company undergo a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred as part of the transaction. In such cases, we will notify you via email and/or a prominent notice on our website or within the app prior to any change in ownership or the use of your information. • Successor Entities: Any successor entity in the case of a company restructuring will assume responsibility for protecting your data in accordance with this Privacy Policy. D. With Your Consent • We may share your information with third parties when you give consent to do so. For example, enabling social media integrations or sharing content directly through third-party platforms will involve data disclosure as specified by those integrations. • You have the right to review and manage your consent preferences at any time through your account settings or by contacting us. E. Aggregated and Anonymized Data • We may also share aggregated or anonymized information that does not directly identify you. Such data is used for statistical analysis, research, and marketing purposes without compromising your individual privacy. F. International Data Transfers • When data is transferred to or accessed from jurisdictions outside your country of residence, we ensure that adequate safeguards are in place. This includes data transfers to third parties in countries that may not have data protection laws equivalent to those in your region, by relying on approved transfer mechanisms such as standard contractual clauses or other legally recognized instruments. Each data sharing or disclosure is carried out under the framework of applicable data protection laws and only when there is a legal basis for the processing. If you have any questions or concerns about our data sharing practices, please contact our Data Protection Officer (DPO) using the contact information provided in the Contact Information section. 7. Data Retention and Storage A. Data Retention Guidelines • We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, handle ongoing interactions, and comply with legal obligations. • Specific retention periods may vary by data type and purpose, including but not limited to account management, support inquiries, analytics, and advertising. After the purposes for which your data was collected have been fulfilled, we employ measures to securely delete or anonymize your information. B. Storage Locations • Your data is primarily stored on secure servers hosted by our trusted cloud service provider, Google Cloud Platform (GCP). • GCP adheres to industry-standard security practices and complies with applicable legal and regulatory requirements regarding data protection. C. Security Measures • We implement various security measures, including encryption, access controls, and regular assessments, to safeguard your data from unauthorized access, disclosure, alteration, or destruction. • Regular audits and updates of our security practices further ensure the confidentiality and integrity of your information throughout its lifecycle. D. Data Deletion and Anonymization • Should you request the deletion of your personal data or if your data is no longer needed for its original purpose, we will take appropriate steps to either delete or permanently anonymize your information. • In certain circumstances, due to legal or operational requirements, some data may be retained in backups or archive systems for a limited period even after removal from active databases. E. Legal and Regulatory Retention Requirements • In addition to our internal retention practices, we may also be required to preserve particular data for certain periods under applicable laws, regulations, or legal proceedings. • Such data will be protected in accordance with these legal obligations and will be deleted or anonymized as soon as the retention period legally allows. By using Wallmax, you acknowledge that you have read and understood our approach to data retention and storage. For any questions or concerns regarding your data, please contact our Data Protection Officer (DPO) or the support team using the contact information provided in the Contact Information section. 8. Security Measures A. Overview of Security Practices • Data Encryption: We use robust encryption methods to safeguard your data both at rest and in transit. This includes industry-standard protocols (e.g., TLS/SSL) to ensure that information exchanged between your device and our servers is protected from interception. • Secure Transmission Protocols: All communication between the app and our backend services is secured using current best practices, including secure socket layers and other encryption technologies, to reduce the risk of unauthorized access during data transfer. • Access Control and Authentication: We implement strict access control policies that limit access to your data to only those employees and service providers who require it for their job functions. Multi-factor authentication and secure credential management are employed to further safeguard your information. B. Measures to Protect Against Unauthorized Access, Alteration, or Disclosure • Regular Security Audits: We conduct periodic security audits and vulnerability assessments to identify and remediate potential risks in our systems. • Continuous Monitoring: Our infrastructure is monitored around the clock for any suspicious activity or potential security events. In the event of anomalies, our technical team is immediately alerted to investigate and resolve issues. • Data Integrity Protections: We employ tools and techniques designed to ensure that your data remains accurate and unaltered. This includes checksums, database integrity verification, and version control mechanisms. • Employee Training: Our team regularly receives training on data security best practices and the importance of handling personal information securely, ensuring that everyone is aware of their responsibilities in protecting your data. C. Incident Response and Breach Notification Processes • Incident Response Plan: We have established an Incident Response Plan that outlines clear procedures for detecting, containing, investigating, and resolving security incidents. Our plan is regularly reviewed and updated to ensure a prompt and effective response in the event of a security incident. • Breach Notification: In the unlikely event that a data breach occurs, we will promptly notify affected users and relevant authorities, in accordance with applicable data protection laws. Our notification will include details on the nature of the breach, the data impacted, and the remedial measures implemented to mitigate the effects of the breach. • Remediation Measures: Following any security incident, we take immediate steps to remediate vulnerabilities and prevent a recurrence. This includes strengthening our security measures, updating our systems, and providing guidance to affected users, if necessary. 9. Data Protection Rights and User Control We are committed to respecting your privacy rights and providing you with control over your personal information. This section explains the rights available to you under applicable data protection laws and how you can exercise those rights. A. Rights Under the GDPR If you are located in the European Economic Area (EEA), you have the following rights regarding your personal data: • Right of Access: You have the right to request access to the personal data we have collected about you. • Right to Correction: You may request that any inaccurate or incomplete personal data be corrected. • Right to Deletion: Under certain circumstances, you have the right to request that we delete your personal data. • Right to Object: You can object to the processing of your personal data when it is based on our legitimate interests, or under certain other conditions. • Right to Data Portability: You have the right to receive your data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller where technically feasible. B. Rights Under California Law (CCPA) If you are a resident of California, you are afforded additional rights regarding your personal data: • Right to Know: You have the right to request information regarding the categories and specific pieces of personal data we have collected about you, including the sources, purposes, and third parties with whom your data is shared. • Right to Delete: You may request that we delete the personal information we have collected about you, subject to certain exceptions dictated by law. • “Do Not Sell My Personal Information”: You have the right to opt-out of the sale or sharing of your personal information with third parties for their direct marketing purposes. • Right to Non-Discrimination: Exercising any of these rights will not result in any discrimination from us regarding your access to the app or quality of service. C. How to Exercise Your Rights To exercise any of your rights, please follow these steps: • Account Settings: For users with an account, many rights (such as accessing, editing, or deleting personal data) can be exercised directly by visiting your account settings within the app. • Contact Us: If you are unable to use the app’s settings or for any other inquiries regarding your personal data, please submit your request using the contact details provided below. Please include sufficient information to identify you and specify the rights you wish to exercise. D. Contact Information for Exercising Rights • Data Protection Officer (DPO): - Name: Kushal Sharma - Email: kushal@muse-mesh.com - Mailing Address: HD-627, WeWork DLF Forum, DLF Cyber City, Phase III, DLF QE, Dlf Qe, Gurgaon- 122002, Haryana • General Inquiries and Requests: - Email: kushal@muse-mesh.com We will respond to your request within the timelines mandated by applicable law. In some cases, we may request additional information to verify your identity before processing your request. If you have any questions or concerns regarding your data protection rights, please do not hesitate to contact our Data Protection Officer or support team. 10. International Data Transfers A. Data Transfers Outside Your Jurisdiction • Our services are accessible globally, and as such, your data may be transferred to, stored, and processed in countries outside of your home jurisdiction—including the European Union (EU) and European Economic Area (EEA). • When your data leaves your country of residence, we take steps to ensure that your personal information remains protected and that data protection standards are maintained, regardless of location. B. Safeguards for International Data Transfers • To ensure that your data is adequately protected when transferred internationally, we implement safeguards such as: - Standard Contractual Clauses (SCCs): We rely on SCCs approved by the European Commission or other recognized transfer mechanisms to provide adequate protection for transferring personal data to countries that may not have data protection laws equivalent to those in your jurisdiction. - Other Legal Mechanisms: Where applicable, we may also employ other appropriate legal instruments or safeguards that comply with data protection requirements. • We regularly review these safeguards to ensure continued compliance with applicable data protection laws and the security of your data during international transfers. By using Wallmax, you acknowledge and agree that your personal information may be processed outside of your jurisdiction under these protections. If you have any questions or concerns about international data transfers or the safeguarding measures we have in place, please contact our Data Protection Officer (DPO) using the contact details provided in the Contact Information section. 11. Use of Cookies and Similar Technologies A. Overview and Purpose • We and our third-party partners may use cookies and similar tracking technologies to enhance your experience, improve the functionality of our app, and collect analytics data. • These technologies help us understand user behavior, remember your preferences, and deliver personalized content and advertisements. B. How Cookies and Similar Technologies Are Used • User Experience Enhancement: Cookies can store information about your app usage and preferences, which enables us to provide a more personalized and seamless user experience. • Analytics and Performance: Tracking technologies allow us to analyze user behavior and interactions with the app. This helps us identify trends, optimize app functionality, and correct any issues. • Advertising: Cookies may be used to deliver targeted advertisements relevant to your interests. Third-party advertising partners may also use cookies to measure ad performance and refine marketing campaigns. C. Managing or Opting Out • Browser and Device Settings: Most web browsers and mobile operating systems allow you to manage or disable cookies through their settings. Please refer to your device’s documentation or settings menu for information on how to do this. • Opt-Out Tools: Some third-party advertising networks offer opt-out tools that allow you to manage targeted advertising preferences. • App-Specific Settings: If applicable, you may be able to configure your cookie preferences directly within the app’s settings. Check the app’s settings menu for options regarding analytics or personalized advertising. • Limitations: Please note that disabling cookies or tracking technologies may impact the functionality of our app and your overall user experience. We are committed to transparently informing you about our use of cookies and similar technologies and providing you with choices to manage these settings. If you have questions or concerns about our tracking practices, please contact our Data Protection Officer (DPO) or support team using the contact information provided in the Contact Information section. 12. Children’s Privacy A. Age Restrictions • Our app is intended for use by individuals who are 13 years of age or older. • We do not knowingly collect or solicit personal information from children under the age of 13. If you believe that we have inadvertently collected such information, please contact us immediately. B. Measures to Protect the Privacy of Minors • To safeguard the privacy of minors, our app does not support or allow accounts from individuals under the age of 13. • Any personal information provided by users is handled in accordance with this Privacy Policy and in compliance with applicable data protection laws. In cases where information from minors is detected, we will take prompt steps to delete this data from our records. C. Parental Consent Requirements • Because our app is designed for users 13 years and older, parental consent is not required for account registration or data processing. • Parents or legal guardians who become aware that their child under the age of 13 has provided personal information without their consent should contact us immediately so that we can take appropriate action. If you have any questions or concerns regarding our policies on children’s privacy, please contact our Data Protection Officer (DPO) or support team using the contact information provided in the Contact Information section. 13. Compliance Information A. GDPR Compliance • We are committed to complying with the General Data Protection Regulation (GDPR) for users within the European Economic Area (EEA). • Our data processing practices, rights notices, and security measures are designed to meet GDPR requirements, including providing robust rights to access, correction, deletion, objection, and data portability. • We have appointed a Data Protection Officer (DPO) to oversee our GDPR compliance efforts and to address any inquiries regarding privacy and data protection. B. Compliance with California and Other State Laws (e.g., CCPA) • For residents of California, our app complies with the California Consumer Privacy Act (CCPA) by providing rights such as transparency, the right to know, the right to delete, and the "Do Not Sell My Personal Information" option. • We continually review and adjust our practices to meet evolving state laws and regulations that affect data privacy and consumer rights across the United States. • Additional regional regulations and frameworks are also considered, and we strive to offer a privacy experience that respects and fulfills local legal requirements. C. Legal Commitments and Ongoing Updates • Our Privacy Policy reflects our legal commitments to higher data protection standards and will be updated as necessary to comply with new or amended privacy laws and regulations. • We actively monitor legal developments in data protection and adjust our policies, practices, and technical measures to ensure ongoing compliance with applicable laws. • Should major changes occur in the legal landscape, we will notify our users through updated policy notices, in-app communications, or other suitable methods. 14. Changes to This Privacy Policy A. Process for Updating the Privacy Policy • We periodically review and update our Privacy Policy to reflect changes in data practices, legal requirements, or technological advancements. • When making material changes to this policy, we will revise the effective date and update the content accordingly. • All updates will be published on our website and within the app to ensure that you are aware of any modifications. B. Notification Methods for Users • In-App Notifications: For significant updates, you may receive a notification within the app informing you of the changes to our Privacy Policy. • Email Communication: When applicable, we will send an email to registered users highlighting key changes and providing a link to the updated policy. • Website Updates: The latest version of our Privacy Policy will always be available on our website. We encourage you to review it periodically to stay informed about our data practices. C. Effective Date of the Current Policy Version • The current version of this Privacy Policy is effective as of [Effective Date]. • By continuing to use our app after this date, you acknowledge and accept the updated terms as described in the revised policy. 15. Contact Information A. General Inquiries and Support • For any general questions or support inquiries regarding our app or services, please contact us using the following details: - Email: kushal@muse-mesh.com - Mailing Address: HD-627, WeWork DLF Forum, DLF Cyber City, Phase III, DLF QE, Dlf Qe, Gurgaon- 122002, Haryana B. Data Protection Officer (DPO) Contact Details • If you have any questions or concerns specifically related to data privacy or data protection practices, please reach out to our Data Protection Officer (DPO) using the contact information below: - Name: Kushal Sharma - Email: kushal@muse-mesh.com - Mailing Address: HD-627, WeWork DLF Forum, DLF Cyber City, Phase III, DLF QE, Dlf Qe, Gurgaon- 122002, Haryana C. Additional Information • We are committed to addressing your inquiries in a timely and efficient manner. If you have not received a response within a reasonable time frame, please feel free to follow up using the contact methods provided above.