1. Key Definitions

Personal Information / Personal Data: Any recorded information related to an identified or identifiable natural person in electronic or other forms, excluding anonymized data, as defined by applicable laws in each jurisdiction.

Sensitive Personal Information: Data that may easily infringe upon personal dignity or threaten personal and property security if leaked, illegally disclosed or misused, including biometric data, health information, financial data, precise device identifiers, user album images and minor personal information.

Automated Decision-Making: Computer-programmed automatic analysis and assessment of user preferences, behavioral habits and content interaction data to deliver AI outfit recommendation services.

Data Processing by Third Parties: To improve App operating efficiency and functional capabilities, We authorize qualified third-party service providers to process user data via APIs and SDKs under strict data agreements.

Data Subject: Any natural person who registers, accesses or uses TrendSeek services.

2. Collection and Use of Personal Data

We adhere to the principles of minimal necessity, purpose limitation and explicit consent. We only collect data necessary for service delivery and shall not collect irrelevant information by fraud, misrepresentation or coercion.

2.1 Data Collected for Core Functional Services

The following data is essential for core services. Refusal to provide such data will result in the inability to use corresponding functions:

Account Registration & Authentication

Collected Data: Mobile phone numbers, email addresses, verification codes, account passwords.

Purpose: Account creation, identity verification, account security management, customer service and rights protection.

Note: Guest mode only supports basic browsing; cloud wardrobe, AI recommendation and community functions require registered accounts.

Cloud Wardrobe & Intelligent Clothing Management

Collected Data: Clothing images actively uploaded by users, clothing attributes including brand, category, size, color and wearing scenarios.

Permission Rules: Album/camera permission is only requested when users actively initiate uploading. We will not automatically scan or batch upload local photos without user consent.

Purpose: Cloud storage, intelligent classification, wardrobe sorting and clothing life cycle management.

AI Outfit Recommendation

Processed Data: Cloud wardrobe content, user dressing preferences, body type information and interactive behavior data such as likes, favorites and feedback.

Processing Rules: We extract and analyze non-identifiable feature data to generate personalized outfit solutions. Only anonymized and de-identified aggregated data may be used for algorithm optimization with separate user consent.

Purpose: Deliver customized outfit suggestions and optimize AI recommendation accuracy.

2.2 Optional Functional Data Collection

You may independently authorize or reject the following permissions. Disabling authorization will not affect core App functions:

Community Interaction & Content Sharing

Collected Data: Nickname, avatar, personal profile, user-posted images, texts, comments, likes and follow relationships.

Notice: Public community content may be viewed by other users. You may adjust visibility settings or delete published content at any time. We will remove public display promptly and permanently delete data within 15 working days upon deletion request, except for data required by law to be retained.

Device & Operation Logs

Collected Data: Device model, operating system version, resetable device identifiers (OAID/AAID), IP address, network type, App operation logs, crash logs and service access records.

Storage Rule: Local logs shall be retained for no less than 180 days; server-side logs will not exceed 180 days. Users may apply for manual deletion of logs at any time. All logs will be automatically deleted or anonymized upon expiration.

Purpose: System stability maintenance, fault diagnosis, cybersecurity risk prevention, anti-fraud and service optimization.

Third-Party API & SDK Services

We only cooperate with compliant third-party providers and sign binding data processing agreements to restrict data processing scope, purpose and duration. All third parties are prohibited from unauthorized data disclosure or resale.

Common Third-Party Services:

• Cloud Storage SDK: Secure storage of user wardrobe and uploaded content
• AI Algorithm API: De-identified image feature analysis and outfit calculation
• Data Statistics SDK: Aggregated user behavior analysis and performance optimization
• Push Notification SDK: Account security alerts and system message delivery

Users may disable third-party service permissions through system settings or contact our support team.

2.3 Lawful Data Processing Without Prior Consent

We may process your personal data without your explicit consent under the following circumstances:

• Performance of a contract concluded between you and Us;
• Compliance with legal obligations and regulatory requirements;
• Emergency response to protect vital interests of natural persons;
• Public interest activities such as news reporting and public supervision;
• Processing of information voluntarily disclosed by users;
• Other circumstances stipulated by applicable laws and regulations.

3. Data Storage and Security Protection

3.1 Data Storage Location

Data of users in Mainland China will be stored in qualified domestic servers in accordance with local data localization requirements.

Data of users in Hong Kong, the European Economic Area (EEA), the United States and other overseas regions will be stored in compliance with local data protection laws.

3.2 Storage Duration

Account active period: Account information, cloud wardrobe data and community content will be retained during normal account use.

Account Cancellation: All personal data will be deleted or anonymized within 15 working days after account cancellation.

Log Data: Automatically deleted or anonymized after the 180-day retention period.

Mandatory Retention: Data required by mandatory laws will be retained within the statutory period and deleted immediately after the retention period expires.

3.3 Security Measures

We implement comprehensive technical and administrative safeguards to prevent data leakage, tampering and loss:

• Technical Protection: SSL/TLS transmission encryption, AES-256 storage encryption, access permission control, firewalls, intrusion detection and regular data backup;
• Administrative Management: Strict data confidentiality systems, employee confidentiality training, data access audit and emergency response mechanisms;
• Security Incident Handling: In the event of a personal data breach, We will promptly implement remedial measures, notify affected users and report to relevant regulatory authorities in accordance with legal requirements;
• Third-Party Supervision: Regular security audits are conducted on all third-party partners to ensure their data protection standards are consistent with ours.

4. Sharing, Transfer and Public Disclosure of Personal Data

We will never sell, rent or trade your personal data for commercial marketing purposes. Data sharing or transmission is only permitted under the following conditions:

4.1 Data Sharing

With your separate explicit consent;

Authorized third-party processors for service delivery within limited scope;

Response to mandatory legal documents from judicial and regulatory authorities;

Necessary measures to protect legitimate rights and interests of users, Us or third parties.

4.2 Data Transfer

In the event of merger, acquisition, reorganization or bankruptcy liquidation involving business transfer, We will inform users of the transferee’s information in advance and require the transferee to comply with this Privacy Policy. Any change of data processing purposes requires renewed user consent.

4.3 Public Disclosure

Personal data will only be publicly disclosed with user consent, for user-initiated public community content, or as required by mandatory laws and regulations.

5. Cross-Border Data Transmission

We fully comply with cross-border data laws in all jurisdictions to ensure lawful transmission and adequate data protection:

Mainland China Users: Cross-border data transmission will only be conducted after completing security assessment, certification or standard contract procedures and obtaining separate user consent.

Hong Kong Users: Comply with the Basic Law of Hong Kong and PDPO. Cross-border transmission is only permitted with adequate protection measures and legitimate grounds.

EU/EEA Users: In compliance with GDPR, data cross-border transmission adopts Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs) or other approved safeguards. We have appointed an EU local data protection representative to handle user privacy requests.

US Users: Comply with federal and state privacy laws to ensure legitimate cross-border transmission and user right protection.

6. Your Privacy Rights

You may exercise your data rights free of charge. We will not impose unreasonable restrictions or discriminatory treatment on users exercising legal rights.

6.1 Universal Rights

Right to Know & Withdraw Consent: You may view data processing rules and withdraw authorization at any time. Withdrawal shall not affect the legality of prior data processing.

Right of Access: View your account data, wardrobe content, published posts and authorization records in the App.

Right of Rectification & Completion: Correct inaccurate personal information independently or by contacting our support team.

Right to Erasure: Delete local logs, wardrobe files, community content or apply for full account data deletion.

Right to Account Cancellation: Use the in-app cancellation channel to terminate your account and clear personal data.

Right to Complain: Submit inquiries and complaints, and We will respond within 15 working days.

6.2 Jurisdiction-Specific Rights

Mainland China Users (PIPL): Right to restriction of processing, right to explanation of automated decision-making, right to opt out of personalized recommendation and data portability.

Hong Kong Users (PDPO): Right of data access, data correction and objection to direct marketing. A designated Data Protection Officer is arranged for local privacy inquiries.

EU/EEA Users (GDPR): Right to restriction of processing, right to object, right to be forgotten, data portability and the right to file complaints with local data protection authorities.

US Users (CCPA/COPPA): Right to transparent data disclosure, opt-out of data sharing and protection against discriminatory treatment. We do not knowingly collect data from children under 13 years old.

7. Minor Protection

Our App is not intended for children under 13 (US), 14 (Mainland China) and 16 (EU/EEA). We will proactively delete minor data collected unintentionally.

Minors aged between 14 and 18 shall use our services under the supervision and consent of their legal guardians. We will implement enhanced protection for minor personal data in accordance with the Minor Protection Law.

8. Cookies and Similar Technologies

We and third-party service providers may use local storage, cookies and pixel tags to optimize service stability, personalized recommendation and data statistics. You may disable relevant functions through device system settings, which may affect partial auxiliary functions.

9. Policy Updates

We may revise this Privacy Policy due to legal updates, regulatory requirements or business adjustments.

Material changes will be notified via in-app pop-ups, announcements or push notifications in advance.

Continued use of the App after policy updates constitutes acceptance of the revised terms.

The latest version is available in: Me - Settings - About Us - Privacy Policy.

10. Contact Information

For inquiries, suggestions, complaints or data right applications, please contact us through the following channels:

Operator: Shanghai Trendsetting Artificial Intelligence Co., Limited

Registered Address: Room 056, 2nd Floor, No.10, Lane 658 Jinzhong Road, Changning District, Shanghai

Global Privacy Email: contact@trendsetting-ai.com

EU GDPR Representative Contact

Hong Kong Data Protection Officer Contact

US Privacy Support Contact

11. Governing Law and Dispute Resolution

Mainland China Users: Governed by the laws of the People’s Republic of China. Disputes shall be submitted to the competent people’s court in Changning District, Shanghai.

Hong Kong Users: Governed by the laws of the Hong Kong Special Administrative Region.

EU/EEA Users: Governed by the law of your local member state.

US Users: Governed by the law of your resident state.