PrizmaTech

Universal Privacy Policy

Effective Date: 2030.12.12

Last Updated: 2030.12.12

Contact: info@prizmatech.uz

Contents
Contents

1.Scope & Universal Applicability

This Privacy Policy ("Policy") is issued by PrizmaTech ("Company", "we", "us", or "our") and describes how we collect, use, store, share, and protect personal information in connection with the mobile applications, games, websites, and related services we publish and operate (collectively, the "Services").

Master Policy Clause

This Policy acts as a single, universal master document and applies to all current and future applications published by PrizmaTech on the Apple App Store, Google Play, and any other distribution platform, across all industries and categories — unless a specific application publishes its own dedicated privacy policy, in which case that dedicated policy prevails for that application to the extent of any conflict.

Not every application in our portfolio collects every category of data described here. Each section applies only to the extent an individual application actually requests the relevant permission or offers the relevant feature. By downloading, installing, or using any of our Services, you acknowledge that you have read and understood this Policy.

2.Information We Collect

Depending on the application and the features you use, we may collect the following categories of information:

2.1 Information You Provide Directly
  • Identity data: name, surname, username, display name, profile photo, date of birth.
  • Contact data: email address, phone number, postal address (where relevant).
  • Account credentials: passwords (stored in hashed form), authentication tokens, and account recovery information.
  • User content: content you create, upload, or share within an app, including text, images, audio, and video.
  • Support communications: messages, feedback, and correspondence you send to us.
2.2 Information Collected Automatically
  • Device identifiers: device ID, advertising identifiers (IDFA/GAID, subject to your platform-level consent), IP address, device model, operating system and version, language, and time zone.
  • Usage analytics: app opens, session duration, screens viewed, features used, in-app events, crash logs, and performance diagnostics.
  • Approximate location: coarse location derived from IP address; precise (GPS) location only where an app expressly requests it and you grant the corresponding operating-system permission.
2.3 Information from Third Parties
  • Sign-in providers (e.g., Apple, Google, social login), limited to the data you authorize them to share.
  • App store platforms (e.g., purchase confirmations, subscription status), without exposing your payment card details to us.

3.Media & Hardware Access (Camera, Microphone, Photos & Videos)

Some of our applications request access to your device's camera, microphone, or photo/video library. In accordance with Apple App Store Review Guidelines and Google Play Developer Program Policies, we disclose the following:

  • Camera access is requested only where an app offers features such as taking photos or videos, scanning documents or codes, video calling, augmented-reality experiences, or profile photo capture. The camera is never activated in the background without your knowledge.
  • Microphone access is requested only for features such as voice messages, voice/video calls, audio recording, or voice input. Audio is not recorded when the relevant feature is not in active use.
  • Photo & video library (gallery) access is requested only so you can select, upload, share, edit, or attach media within an app. We access only the items you explicitly select where the operating system supports scoped/limited access.
  • Processing: media you capture or upload may be processed and stored on our servers or on secure cloud infrastructure to deliver the requested feature (e.g., sending a photo in a chat, applying a filter, generating a document scan).
  • No hidden collection: we do not access, harvest, or transmit the contents of your gallery, camera, or microphone beyond what is required for the feature you are actively using.

All such permissions are granted through the standard iOS/Android permission dialogs and may be revoked at any time in your device settings. Revoking a permission may limit the corresponding feature.

4.Face Data (Apple TrueDepth API)

Apple Face Data Disclosure

Certain of our iOS applications may use Apple's TrueDepth API to enable features such as 3D face modelling, advanced camera effects, augmented-reality masks/filters, or depth-based photography.

  • What is collected: the TrueDepth camera may generate a depth map and facial geometry data of your face in real time solely to render the relevant visual effect or feature.
  • How it is used: face data is used exclusively on your device to power the specific feature (e.g., placing a 3D effect on your face). It is not used to identify you, build biometric profiles, or for advertising.
  • Storage & sharing: face data is processed in real time, is not stored after the feature session ends, and is never shared with or sold to third parties. It does not leave your device unless a specific app clearly states otherwise in its own dedicated disclosure and obtains your explicit consent.
  • Face ID: where an app offers Face ID for authentication, the biometric matching is performed entirely by Apple's operating system in the device's Secure Enclave. We never receive, see, or store your Face ID biometric data.
  • Retention: because face data is not retained by us, no retention period applies; any temporary in-memory data is discarded immediately after processing.

5.Chat & Communication Data (Messaging Apps)

Some of our applications include full-featured messaging and communication functionality. Where you use such features, the following applies:

  • Message content: text messages, voice messages, images, videos, documents, and other media you exchange with other users are transmitted through and stored on our servers (or our cloud infrastructure providers) to the extent necessary to deliver, synchronize, and display them across your devices.
  • Communication metadata: we process communication logs such as sender/recipient identifiers, timestamps, delivery and read status, and call duration (for voice/video calls) to operate the service, ensure reliability, and prevent abuse.
  • Shared media: media shared in chats is stored securely and made accessible only to the intended participants of the conversation.
  • Protection: chat data is protected with encryption in transit (TLS) and encryption at rest on our storage systems. Where a specific app offers end-to-end encryption, this will be stated within that app.
  • Moderation & safety: we may use automated tools and, where lawful, limited human review to detect spam, fraud, malware, child-safety violations, and other abuse, and to respond to user reports.
  • Deletion: when you delete messages or your account, the associated chat content is deleted or irreversibly anonymized within a reasonable period, except where retention is required by law or for legitimate safety and legal-claim purposes. Copies already delivered to other participants' devices may remain with those participants.

6.Payments, In-App Purchases & Financial Integrations

Some of our applications offer in-app purchases, subscriptions, or integrations with third-party payment gateways.

Payment Data Warning

We do not directly collect or store sensitive payment card information. Full credit/debit card numbers, CVV codes, and banking credentials are handled exclusively by secure, PCI-DSS-compliant third-party payment processors and by platform billing systems (Apple In-App Purchase and Google Play Billing).

  • Platform purchases: purchases made through Apple or Google are processed under those platforms' own terms and privacy policies. We receive only transaction confirmations (e.g., product purchased, transaction ID, subscription status) — never your card details.
  • Third-party gateways: where an app integrates an external payment provider, your payment data is entered directly into that provider's secure environment. We receive only the information needed to confirm and fulfil your order (e.g., payment status, order amount, masked card digits where provided by the processor).
  • Records: we retain transaction records (excluding sensitive card data) as required for accounting, tax, fraud-prevention, and legal-compliance purposes.

7.Third-Party Services & SDKs

Our applications incorporate third-party software development kits (SDKs) and services that may collect or process data on our behalf or as independent controllers, including:

  • Analytics services (e.g., app usage measurement and product analytics) — to understand how our apps are used and to improve them.
  • Crash reporting & diagnostics — to detect, diagnose, and fix errors and performance issues.
  • Cloud infrastructure & hosting — to store data and operate backend services securely and reliably.
  • Machine Learning / AI services — to power features such as image processing, recommendations, speech recognition, or content moderation. Inputs sent to such services are limited to what the feature requires.
  • Push notification services — to deliver notifications you have enabled.
  • Advertising & attribution partners (only in apps that display ads) — subject to your platform-level tracking consent (e.g., Apple App Tracking Transparency).

These providers are contractually bound to process data only for the purposes we specify and to protect it in accordance with applicable law. Their own privacy policies also apply to data they process as independent controllers.

8.How We Use Your Information

  • To provide, operate, maintain, and improve our Services and their features;
  • To create and manage your account and authenticate you;
  • To deliver messages, calls, and shared media between users;
  • To process transactions and manage subscriptions;
  • To provide customer support and respond to your requests;
  • To monitor performance, fix bugs, and develop new features;
  • To personalize content and, where applicable and consented to, show relevant advertising;
  • To detect, prevent, and address fraud, abuse, security incidents, and violations of our terms;
  • To comply with legal obligations and enforce our legal rights.

9.Legal Bases for Processing (GDPR)

Where the EU/UK General Data Protection Regulation applies, we process personal data on the following legal bases:

Legal BasisExamples
Performance of a contract (Art. 6(1)(b))Creating your account, delivering chats and calls, processing purchases.
Legitimate interests (Art. 6(1)(f))Analytics, crash reporting, security, fraud prevention, service improvement.
Consent (Art. 6(1)(a))Precise location, camera/microphone/gallery access, marketing communications, ad tracking.
Legal obligation (Art. 6(1)(c))Tax and accounting records, lawful requests from authorities.

Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

10.How We Share Information

We do not sell your personal information. We share it only:

  • With service providers listed in Section 7, under data-processing agreements;
  • With other users, when you deliberately share content (e.g., sending a chat message or publishing a profile);
  • With platform providers (Apple, Google) as required to distribute apps and process purchases;
  • In connection with a merger, acquisition, or asset sale, subject to this Policy's protections;
  • When required by law, to comply with legal process, or to protect the rights, property, and safety of our users, the public, or the Company.

11.Data Retention

  • Account data is retained for as long as your account remains active.
  • Chat content and shared media are retained while needed to provide the service, and deleted or anonymized after account deletion, subject to legal retention obligations.
  • Analytics and crash data are retained in aggregated or pseudonymized form for service-improvement purposes.
  • Transaction records are retained for the periods required by applicable tax and commercial law.

When data is no longer required, it is securely deleted or irreversibly anonymized.

12.Data Security

We implement appropriate technical and organizational measures to protect personal data, including encryption in transit (TLS/HTTPS), encryption at rest for stored data, access controls and least-privilege principles, secure cloud infrastructure, and regular security reviews. No method of transmission or storage is completely secure; we cannot guarantee absolute security, but we work continuously to protect your information and will notify you and the competent authorities of data breaches where required by law.

13.Your Rights & Data Deletion

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you and receive a copy;
  • Rectify inaccurate or incomplete data;
  • Delete your account and associated personal data ("right to erasure");
  • Restrict or object to certain processing, including direct marketing;
  • Data portability — receive your data in a structured, machine-readable format;
  • Withdraw consent at any time where processing is based on consent;
  • Lodge a complaint with your local data protection supervisory authority.
How to request account & data deletion (required by Apple App Store & Google Play)

You may request the complete deletion of your account and all associated data at any time by either:

  1. Using the in-app "Delete Account" option, where available (typically under Settings → Account); or
  2. Submitting a request through our data deletion page: https://prizmatech.uz/en#contacts; or
  3. Emailing us at info@prizmatech.uz with the subject line "Data Deletion Request", specifying the app name and your account identifier.

We will verify your identity and complete deletion requests within 30 days, except for data we are legally required to retain (e.g., transaction records), which will be deleted once the legal retention period expires.

14.California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to: know what categories of personal information we collect and the purposes of collection; access and receive a copy of your personal information; delete your personal information; correct inaccurate information; and not be discriminated against for exercising these rights. We do not "sell" or "share" personal information as those terms are defined by the CCPA/CPRA. You may exercise your rights via the channels listed in Section 13, and you may designate an authorized agent to act on your behalf.

15.International Data Transfers

Your data may be transferred to and processed in countries other than your own, including countries where our cloud infrastructure providers operate. Where required, such transfers are protected by appropriate safeguards, including the European Commission's Standard Contractual Clauses (SCCs) or other lawful transfer mechanisms, together with supplementary technical measures such as encryption.

16.Children's Privacy

Our Services are not directed to children under the age of 13 (or the higher minimum age required in your jurisdiction, such as 16 in parts of the EEA), and we do not knowingly collect personal data from children. If we learn that we have collected personal data from a child without verifiable parental consent, we will delete it promptly. Parents or guardians who believe their child has provided us with personal data may contact us at info@prizmatech.uz.

17.Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The "Last Updated" date at the top of this page indicates the latest revision. For material changes, we will provide reasonable notice through the affected app or by other appropriate means. Continued use of the Services after an update constitutes acceptance of the revised Policy.

18.Contact Us

If you have questions, concerns, or requests regarding this Policy or our data practices, please contact:

IT Consulting

IT CONSULTING &
MANAGED SERVICES

Consulting Services

  • IT Infrastructure Audits
  • Custom Server & Cloud Architecture
  • Disaster Recovery & Business Continuity

Managed IT Services

  • 24/7 Server Monitoring & Maintenance
  • Cybersecurity & Compliance
  • On-Demand Technical Support