Privacy Policy

Thank you for using Psyoto. Psyoto is provided to you by Flextech Inc. (hereinafter referred to as “Flextech”, “we”, or “us”). We are committed to protecting your privacy. This Privacy Policy sets out how we collect, store, process, share and use your information when you access our website, software, and services (the “Services”).


We only collect and use your personal information for legal, legitimate, and necessary purposes. Specifically, we collect and process your personal information to provide you with our services and functions. If you use other people’s personal information to access our services and functions, please ensure that you have been authorized to do so, and we reserve the right to verify if such personal information is legally used at any time.


We will ask for your separate consent in specific circumstances in strict accordance with laws and regulations. In addition to this Privacy Policy, we may also explain our rules for processing your personal information through notifications on pages of the product, pop-up prompts, push notifications, and so forth. The processing of personal information for each service or function is subject to specific rules, which have the same effect as this Privacy Policy.


1. We Process Your Personal Data as Follows


1.1 Information we collect and for what purpose


Technology License Services: If you use our technology license services, we will use the original images, videos, and other data provided to us by you or your end users for (1) facial recognition, including but not limited to facial detection, facial tracking, facial analysis, facial verification, facial search, and facial recognition purposes; (2) Human body recognition, including but not limited to human body key points, human attributes, human body profiling, and other purposes of human body information; (3) Portrait processing: including but not limited to facial information for purposes such as facial beauty and facial fusion; (4) Image recognition, including but not limited to personal information for purposes such as license plate recognition. We will use the personal information of your end users provided by you for your designated purposes such as facial recognition, human recognition, portrait processing, image recognition, etc., as well as for our internal research purposes, mainly to improve the accuracy of facial recognition, algorithm upgrades, and improve our products and services. When you use a specific product feature, we will apply to you for the necessary permissions to use that feature. Please understand that if you refuse to provide original images, videos, and other data, and refuse to provide the necessary permissions for specific product functions, the aforementioned functional applications will not be possible.


For the personal information of your end users, especially facial recognition, human body recognition, portrait processing, and image recognition information provided to us on image editing platform, you have obtained the consent of your end users in accordance with laws and regulations, and the scope of such consent should at least include our processing behavior of using such personal information.


Deviece information:Our web server collects data that your Internet browser communicates to us, including the IP address of the requesting computer, location data, device or app data, together with the date, time, the request, which file is requested (name and URL), the amount of data transferred to you, a message as to whether the request was successful, identification data of the browser and operating system used, and the website from which the access was made (should the access take place via a link). The server logs are stored for a maximum of 3 months. We also collect information about how you have interacted with our Services, such as the pages you view, the links you click, the features you use, session duration, if you login to your account and purchasing behaviour, and we may infer your industry from the class of image or video utilised. Collecting this information enables us to better understand how people are using our Services and we use this information for our internal analytics purposes to improve the quality and relevance of our Services. We may also use this information to create aggregate, anonymized statistics which we use to provide certain features within the Services and for promoting and improving our Services.


1.2 Store Your Personal Data


(a) We will collect, store, and use your personal data in accordance with this Privacy Policy and applicable laws, wherever it is processed.


(b) When you use Our Services on your devices, your data may be stored locally on the devices you use to access Our Services. When you sync your Devices with our Service, such data will be replicated on our servers maintained by us for processing and storage. While providing the Services, we may store, process, and transfer your information in Japan. Data privacy laws or regulations in your country/region may differ from those in the places where you are located. We will collect, store, and use your information in accordance with this Privacy Policy and applicable laws, wherever it is processed.


(c) We retain your data for no longer than is necessary for the purposes stated in this Privacy Policy. Once the retention period expires, we will delete or anonymize your data, unless otherwise required by applicable laws and regulations.




We use cookies and other similar tracking technologies (collectively referred to as “cookies”) to collect and use your personal information.


We will use cookies to collect your personal information for the following purposes:


(a) Provide you with a better user experience and services;


(b) Advertising/Promotion Services: When you browse clients or web pages, we will share your browsing behavior, such as your clicks, dwell time, browser model, etc., with third parties for calculating user volume, daily activity, etc.


We will strictly require third-party partners to comply with the relevant provisions of this policy before sharing.


Please note that when you change your browser settings to turn off cookies or use the browser’s “anonymous browsing” feature, cookies will not continue to collect your personal information, but some corresponding functions on the platform to enhance your browsing experience will also be unavailable.


3.Sharing Your Personal Data


(a) Sharing


We will not share personal information about you and your end users with any company, organization, or individual, except for the following situations:


1) Sharing with explicit consent: After obtaining your and your end users’ explicit consent, we will share your and your end users’ personal information with other parties.


2) Sharing under legal conditions: We may share personal information of you and your end users externally in accordance with laws and regulations, litigation dispute resolution needs, and mandatory requirements made by government regulatory authorities or judicial authorities in accordance with the law.


3) To the extent required or permitted by law, it is necessary to provide personal information of you and your end users to third parties in order to protect the interests, property, or safety of Psyoto, its users, or the public from harm;


4) Sharing with our affiliated companies: Personal information of you and your end users may be shared with our affiliated companies (FLEXTECH INC. company). We will only share necessary personal information for the purpose of providing this service to you and are bound by the stated purpose of this personal information protection policy. If an affiliated company wishes to change the purpose of processing personal information, it will once again seek the authorization and consent of you and your end users. Except for the above situations, Psyoto will not actively share or transfer your and your end user’s personal information to a third party outside of FLEXTECH INC. company. If there are other situations where you and your end user’s personal information are shared or transferred, or if you and your end user need us to share or transfer your and your end user’s personal information to a third party outside of FLEXTECH INC. company, We will directly or confirm that a third party has obtained the express consent of you and your end users regarding the above actions. In addition, we will conduct a risk assessment of providing information to the public. At present, Psyoto will not proactively obtain personal information about you and your end users from third parties outside of xx company. If in the future, it is necessary to indirectly obtain personal information about you and your end users from a third party for business development, we will clarify the source, type, and scope of use of your and your end user personal information to you and your end users before obtaining it.


The personal information processing activities required for conducting business exceed the authorized consent scope of you and your end users when providing personal information to third parties. We will obtain the express consent of you and your end users before processing such personal information of you and your end users; In addition, we will strictly comply with relevant laws and regulations, and require third parties to ensure the legality of the information they provide.


(b) Transfer


We will not transfer the personal information of you and your end users to any company, organization, or individual, except for the following situations:


1) On the premise of obtaining your explicit consent, we will transfer the personal information of you and your end users to other parties;


2) When it comes to mergers, acquisitions, or bankruptcy liquidation, if it involves the transfer of personal information, we will require new companies, organizations, and other entities that hold your personal information to continue to be bound by this personal information protection policy. If there are changes in the collection, processing methods, use purposes, etc. of personal information stipulated in this policy, we will require the company, organization, and other entities to seek authorization and consent from you and your end users again.


(c) Public disclosure


We will only collect or publicly disclose your personal information in the following circumstances:


1) After obtaining explicit consent from you and your end users;


2) Based on mandatory requirements of laws and regulations, judicial authorities or administrative authorities, we may disclose personal information of you and your end users.


4.How do We Protect the Personal Information of You and Your End Users


We attach great importance to information security. We have a dedicated team to develop and employ a variety of security technologies and programs. We carry out security background checks on personnel in charge of security management and those in critical security positions. We have established a complete information security management system and internal mechanisms for handling security events and more. We take appropriate security measures and technical means in line with industry standards to store and protect your personal information, so as to prevent your information from being lost or accessed, disclosed, used, damaged, or revealed without authorization. All reasonable and feasible measures are being taken for protecting your personal information. In addition, we use encryption technology to ensure the confidentiality of data and apply trusted protection mechanisms to prevent malicious attacks on data.


We train and assess our employees in terms of data security awareness and security abilities to enhance their comprehension of the importance of protecting personal information. We authenticate the identity of employees who process personal information and control their access, sign nondisclosure agreements with our employees and partners who have access to your personal information, and clarify job responsibilities and code of conduct, so that only authorized personnel can access personal information. In the event of any violation of the nondisclosure agreements, the employment will be terminated immediately with the violator held accountable by law. Moreover, there are also confidentiality requirements that relevant personnel must follow when they leave their posts.


We kindly remind you that the Internet is not absolutely secure. Hence, you should carefully protect your personal information when you interact with other users through third-party social software, emails, SMS, and other services integrated into Psyoto under the condition that you are uncertain whether your information is completely encrypted during transfer.


Also, we appreciate your understanding that due to the technical restrictions, rapid development, and various latent and malicious attacks pertaining to the Internet industry, we may not be able to keep your information secure a hundred percent even though we make every effort to enhance our security measures. Hence, the system and communication network based on which you use our product and/or the Services may encounter security problems in other processes beyond our control.


Our security management system regards the disclosure, damage, or loss of personal information as the most serious security event. Once it occurs, our highest-level emergency plan will be implemented with multiple departments dealing with the event as one emergency response team.


We formulate an emergency plan for network security events to promptly respond to system vulnerabilities, computer viruses, cyber-attacks, network intrusions, and other security risks. In case of an event endangering network security, we will immediately carry out the plan, take remedial actions, and report to competent authorities as required.
The disclosure, damage, and loss of personal information are regarded as the most serious security events. Accordingly, we organize members of working groups to perform security plan drills on a regular basis to avoid such events. In the event that such events do occur, we will carry out the emergency plan as a top priority and form an emergency response team to trace the cause and mitigate losses in the shortest time possible.


In case of a personal information security event, we will, as required by laws and regulations, inform you of the basic information about the security event and its possible impact, the measures we have taken or will take, recommendations on actively preventing and mitigating risks for you, and remedial measures for you. We will inform you of event-related information in a timely manner through our notifications or the contact information you have provided to us including SMS, phone number, and email address. If it is difficult to inform our users one by one, we will make announcements in a reasonable and effective way. Meanwhile, we will report the disposal of the personal information security event in accordance with the requirements of regulatory authorities. We appreciate your understanding that according to laws and regulations, if measures taken by us can effectively avoid the harm caused by disclosure, tampering, and loss of information, we may choose not to notify you of a personal information security event unless a regulatory authority requires us to do so.


We refer to the requirements of the GDPR, select appropriate measures for technical security protection based on the nature, scope, background, and purpose of data processing, as well as the risks to individuals, and regularly test and evaluate the measures to maintain their effectiveness.


If data is accidentally disclosed, we will notify affected people as soon as possible and report to competent authorities within 72 hours. If it is impossible to report it within 72 hours, the reason for the delay will be clarified.
We take appropriate technical and organizational measures to achieve our data protection objectives, such as the principle of data minimization and the integration of necessary safeguards into data processing to protect the rights of data subjects and make sure any data processed is necessary for a specific purpose by default.


5.Rights and Obligations of The User


In accordance with the laws, regulations, standards, and established practices of the relevant country and region, we guarantee that you can exercise the following rights for your personal information. If you have any questions or claims about the exercise of rights, you may contact us at [email protected]. You can view, change, download, delete, or share your information from your Psyoto account.


(1)The right of access


If you wish to know the extent to which your personal information is collected, saved, and shared by Psyoto or the purpose of processing such information, you can contact us for details.


(2)The right of rectification and supplementation


If you find any error in your personal information processed by us, you have the right to rectify the error or add the missing information. After your identity has been verified, you can submit your rectification or supplementation application to us by means of feedback and error reporting or through the aforementioned contact information. We will reply to you as soon as possible after receiving your application.


(3)The right of erasure


You may request us to delete your personal information in the following circumstances:


(a)Our processing of your personal information is in violation of laws and regulations or the agreement with you;


(b)Our processing purpose has been met, cannot be met, or is no longer necessary;


(c)We have stopped providing the product or the Services, or the retention period has expired;


(d)You have decided to withdraw your consent;


(e)Other circumstances required by laws and administrative regulations.


When you delete information from the Services, we may not immediately delete the corresponding information from our backup system, but will delete it after the backup has been updated. We appreciate your acknowledgment and understanding that if the retention period has not yet expired as required by laws and administrative regulations or set forth in this Privacy Policy, or it is technically difficult to delete your personal information, we will stop processing the information other than storing it and taking necessary security protection measures for it.


(4)The right of withdrawal of consent


The implementation of each service or function requires some basic personal information. For any additional collection and use of your personal information, you may give or withdraw your consent at any time.
You can directly disable access to the contacts, photos, camera, and so on in the system of your device, change the scope of consent, or withdraw your authorization.


Following your withdrawal of consent, we cannot continue to provide you with the service involved, and will no longer use the relevant personal information. However, your decision to withdraw your consent will not affect our processing of your personal information previously conducted on the basis of your consent.


(5)The right of account deletion


You may delete the account that you have created. You can delete your account in Psyoto at:


[Account Avatar] – [Menu] – [Settings] – [Security Center] – [Account Deletion].


Once you have deleted your account, you will not be able to use the Services of TearBox, so please think it through before deletion. For the sake of protecting the legitimate rights and interests of you or other users, we will determine whether to accept your deletion request based on your usage. For example, if you have unused Premium benefits or any data in your account, we will not accept your request immediately. Unless otherwise required by laws and regulations, we will stop providing you with the product and the Services, and delete your personal information according to your requirements after your account has been deleted.


(6)The right of copy and data portability


You have the right to copy your personal information collected by us. On the premise that it is required by laws and regulations, in compliance with the instructions and conditions stipulated by competent authorities, and technically feasible, you may request us to transfer your personal information to another designated subject.


In your exercise of the said rights of personal information subjects, we will update third parties on the relevant information in a timely manner to ensure that the above-mentioned rights are exercised in accordance with laws and regulations, regulatory requirements, and technical feasibility.


If your request is manifestly unjustified or beyond necessity, especially when such request is repetitive, we may:


(a) charge a reasonable fee based on the administrative costs of information provision, communication, or corresponding actions; or


(b) refuse to act on the request.


6. Links to Other Sites


This Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by me. Therefore, I strongly advise you to review the Privacy Policy of these websites. I have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.


7. Children’s Privacy


Our services are not intended for anyone under 16. And that’s why we do not knowingly collect personal information from anyone under 16. We understands the importance of safeguarding the personal information of children, which we consider to be an individual under the age of 16 or the equivalent age as specified by law in your jurisdiction. Please contact our Data Protection Officer via email at [email protected] if you believe we have any personal information from any Child without such parental/guardian consent and acknowledgment so that we can promptly investigate and remove such personal information.


8. Changes to This Privacy Policy


We may change this Privacy Policy from time to time. Under certain circumstances (for example with certain material changes or where it is required by applicable privacy laws) we will provide notice to you of these changes and, where required by applicable law, we will obtain your consent. If we change this Privacy Policy, we will change the “last updated” date at the top of this Privacy Policy and the revised policy will be posted to this page so that you can review it. Sometimes, we’ll let you know by revising the date at the top of the Privacy Policy that’s available in Psyoto. Other times, we may provide you with additional notice (such as providing you with an in-app notification).


9.How to Contact Us


If you have any questions or suggestions about my Privacy Policy, do not hesitate to contact me at [email protected].