Privacy Policy
Global Site

Privacy Policy (Global Site)

Welcome to PICPIK services!
In order to facilitate your registration, login, and use of PICPIK services (PICPIK.AI (opens in a new tab)), as well as to provide you with a more personalized user experience and services, when you use PICPIK services, UCLOUD INFORMATION TECHNOLOGY(HK) LIMITED (hereinafter referred to as "UCLOUD HK", "PICPIK" or "we") may collect and use your relevant information. UCLOUD HK attaches great importance to the protection of user information. We will take security measures to protect the security and controllability of your user information in accordance with legal and regulatory requirements.

In view of this, we have formulated this "PICPIK Privacy Policy" (hereinafter referred to as "this Privacy Policy") and remind you:
This Privacy Policy is closely related to the PICPIK you use and the various business functions included in the service (hereinafter collectively referred to as "our products and/or services"). We hope that you will carefully read and confirm that you have fully understood the contents stated in this policy before using our products and/or services, and make appropriate choices in accordance with the guidelines of this Privacy Policy. Once you start using or continue to use our products and/or services after we update this Privacy Policy, it means that you fully understand and agree to the content of this policy (including updated versions), and agree that we collect, use, store, and share your relevant information in accordance with this Privacy Policy.

1. Scope of Application of this Privacy Policy

  • This Privacy Policy applies to your access and use of our products and services through PICPIK web pages, PICPIK plugins, PICPIK software development kits (SDKs), and application programming interfaces (APIs) used by third-party websites and applications. However, if the product and/or service has separate privacy terms or agreements, the separate privacy terms or agreements shall prevail. For content not mentioned in the separate privacy terms or agreements, this policy applies.

  • This policy does not apply to the following situations:

    1. Information and/or services provided by third parties included in or linked to our products and/or services (including any third-party applications, websites, products, services, etc.). These information and/or services are operated by third parties, and the collection and use of personal information by these third parties are subject to the rules separately explained to you.

    2. Other products and/or services provided to you by non-PICPIK entities.

2. How We Collect and Use Your Personal Information

We will collect and use your personal information based on the principles of legality, legitimacy, necessity, openness, and transparency, and for the purposes stated in this policy. If we use your personal information for other purposes not stated in this policy, or collect and use your personal information for specific purposes, we will explain in detail the rules for collecting and using the corresponding information, including the purpose, method, and scope of use, in a reasonable manner (including but not limited to updating this policy, signing new agreements, page prompts, pop-ups, in-site messages, emails, website announcements, or other means that are easy for you to understand), after obtaining your authorization and consent.

System permissions such as contacts, location, camera, microphone, and photo album will not be enabled by default. They will only be accessed with your explicit authorization to achieve specific functions or services, and you can withdraw your authorization at any time. It is worth noting that even with your authorization to access your corresponding permissions, we will only access them within the scope of your authorization. If you refuse to provide such permissions, you will only be unable to use the corresponding functions, but it will not affect your normal use of other functions of the product and/or service.

In order to provide you with services, we will collect and use your personal information in the following ways:

(I) Functions Necessary for Using PICPIK Products or Services

  • Account registration information: When you first register a PICPIK account, you need to provide your email address and mobile phone number, and create a login password. The above information is necessary for registering a PICPIK account. If you refuse to provide this information, you will not be able to register a PICPIK platform account and can only use browsing and search services. After successfully registering an account, you can log in to PICPIK products or services using your email and password.

  • Search: When you use the search service, we collect your search keyword information and log information for analysis in order to show you search results that are more relevant. We may also record information that you provide, generate, or retain when using our services, such as the query terms you enter when searching, the history words you click, the suggested words, and the links you click. You have the right to refuse to provide the above information, but this may result in your inability to use certain services or features, or may prevent you from achieving the intended effects of the relevant services.

  • Purchase: When you purchase recharge services or trade copyrighted works, we need to collect some or all of the following personal information: transaction information of the works or services, recharge amount, recharge time, order number, order status, payment method, payment account, and payment status. We collect this information to help you successfully complete transactions and recharges, query order information, and provide customer service.

  • AI Creation: When you engage in AI creation, we collect the content you provide, including the text you input and the images you upload. We collect this information solely for the purpose of generating works that meet your requirements based on your instructions. If the images you upload involve your personal portrait, without your authorized consent, we will not share, transfer, or disclose it to any other third-party companies, organizations, or individuals. Please be aware of this.

(II) Providing Products or Services to You

When you use PICPIK services, in order to maintain the normal operation of our services, improve and optimize our service experience, and ensure the security of your account, we will collect the following information from you:

  • Device Information: We will receive and record the device-related information you use (including device model, operating system version, IP address, software version, and other software and hardware characteristic information) based on the specific permissions you grant during software installation and use. We will collect certain device permissions to provide more convenient and better services and experiences:

    1. Photo Access Permission (for iOS): Obtaining photo access permission is used for specific business scenarios such as uploading base images, uploading works, background images, etc., and can only be done with your authorized consent.

    2. Storage Permission (for Android): Obtaining storage permission is to ensure the stable operation of the client. After you enable device storage permission, it is used to write downloaded work files to storage when downloading works. Please be aware that the prerequisite for obtaining the above permissions is that you have allowed the camera/camcorder, photo access permission, and storage permission on your device to collect and use the information involved in these permissions. You can check the status of the above permissions in the settings/application permissions of your device (may vary depending on the device type), and choose to enable or disable the corresponding permissions as needed. Please note that by enabling any permission, you authorize us to collect or use the relevant personal information to provide you with the corresponding service. Once you disable any permission, it means you have revoked the authorization, and we will no longer collect and use the relevant personal information based on the corresponding permission, nor can we provide the service corresponding to that permission. However, this will not affect the information collection and use based on your previous authorization.

    3. Clipboard Permission: In scenarios such as sharing or receiving shared information, participating in activities, etc., we need to access your clipboard locally to read passwords, share codes, links, etc., to achieve functions or services such as jumping, sharing, and activity linkage. We will only recognize the clipboard with your authorized consent, and we will only upload it to our server when the locally recognized clipboard content is an instruction related to jumping, sharing, activity linkage, etc.

  • Log Information: We will collect detailed usage information about our services as related log records, including access network methods, types and statuses, network quality data, operation logs, and service log information.

  • Personal Information Submitted by You through our customer service or when participating in our events: When you contact us, we may save your communication/call records and content or the contact information you leave behind to contact you or help you solve/locate problems, or record the handling plan and results of relevant issues.

(III) Other Purposes

If we collect your personal information for other specific purposes not specified in this policy, we will seek your prior consent. The purpose of collecting and using the above information is to better provide PICPIK products and services. If there are any updates, we will notify you through methods including but not limited to website announcements, in-site messages, phone calls, or text messages.

If we cease the operation of PICPIK products or services, we will promptly stop continuing to collect your personal information, notify you of the cessation of operation individually or through announcements for at least 30 days, and delete or anonymize the personal information we hold. If it involves children's personal information, we will promptly notify the child's guardian of the cessation of operation.

(IV) Exceptions to Authorization

You are fully aware that according to the requirements of relevant laws and regulations, we do not need to obtain your authorization to collect and use your personal information in the following circumstances:

  • Related to the obligations of the personal information controller as stipulated by laws and regulations;

  • Directly related to national security and defense security;

  • Directly related to public safety, public health, and significant public interests;

  • Directly related to criminal investigation, prosecution, trial, and execution of judgments;

  • Necessary to protect the vital interests of the personal information subject or other individuals, but it is difficult to obtain the consent of the individual;

  • The personal information involved is voluntarily disclosed by the personal information subject to the public;

  • Necessary for signing and performing contracts at the request of the personal information subject;

  • Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels;

  • Necessary to maintain the secure and stable operation of the provided products or services, such as discovering and handling faults in products or services;

  • The personal information controller is a news unit and it is necessary for the legitimate news reporting;

  • The personal information controller is an academic research institution, and it is necessary for statistical or academic research for public interests. When providing research or description results to the public, the personal information contained in the results is de-identified.

Please note that if the information cannot identify your personal identity alone or in combination with other information, it does not belong to your personal information in the legal sense. When your information can identify your personal identity alone or in combination with other information, or when we combine data that cannot be associated with any specific personal information with other personal information of yours, these information will be treated and protected as your personal information according to this policy during the period of combination.

3. How We Use Cookies and Similar Technologies

To provide you with a more convenient browsing experience, when you use our products or services, we may collect and store relevant data about your access to PICPIK services through various technologies. By identifying your identity when you access or re-access PICPIK services, we can provide you with better and more services through data analysis. This includes using small data files to identify your identity, which is done to understand your usage habits, save you the trouble of repeatedly entering account information, or help determine your login status and account security. These data files may be Cookies or other local storage provided by your browser or associated applications (collectively referred to as "Cookies").

We will not use Cookies for any purposes other than those described in this privacy policy. You can manage or delete Cookies according to your preferences. You can clear all Cookies stored on your computer. Most web browsers automatically accept Cookies, but you can usually modify your browser settings to reject Cookies according to your needs. In addition, you can also clear all Cookies stored within the software.

You understand and acknowledge that some of our products/services can only be achieved through the use of Cookies or similar technologies. If you refuse to use or delete them, you may not be able to obtain the best service experience of our products and/or services, and it may also have certain impacts on the protection of your information and account security.

4. How We Share, Transfer, and Disclose Your Personal Information

(I) Sharing

We attach great importance to protecting your personal information. Without your authorized consent, we will not share your personal information with other third-party companies, organizations, and individuals, unless it is anonymized or de-identified and cannot be identified or associated with you, and the shared third party cannot re-identify the natural person subject to such information. We will only share your personal information for legitimate, lawful, necessary, specific, and explicit purposes, and only share the necessary personal information. If we share your sensitive personal information, we will seek your authorization and consent again. If a third party changes or exceeds the scope of your original authorized consent to use your personal information, we will require the third party to obtain your authorization and consent again.

1. Sharing necessary for the realization of our services and functions:

In certain circumstances, in order to provide you with our services or realize the core functions of our products and services, we must share your personal information to achieve the core functions of our products and services or provide the services you need, for example:

Service providers that provide support for our products and services: including providing your order payment-related information to payment institutions that provide payment services, etc.; when we accept due diligence or audits, we share your relevant information with external regulatory and professional consulting organizations (such as audit firms).

2. Necessary and reasonable sharing within PICPIK

In order to provide you with consistent services based on the unified PICPIK account system, identify account anomalies, protect the personal and property safety of users or the public from infringement, and facilitate unified management for you, you understand and agree that your relevant personal information may be shared within our products.

Note: The term "our products" refers to various websites (including but not limited to PICPIK.AI (opens in a new tab)) and plugin products under PICPIK (i.e., Party A and its affiliated companies). For the aforementioned PICPIK products, they should include subdomain web pages or platforms of any website, as well as websites and mobile application products that PICPIK may change or add from time to time.

3. Sharing information for security and analysis statistics

  • Ensuring security of use: We attach great importance to the security of accounts and services. In order to protect the security of your account and property, and to protect your and our legitimate rights and interests from unlawful infringement, we and our affiliated companies or service providers may share necessary device, account, and log information.

  • Analyzing product usage: In order to analyze the usage of our services and improve the user experience, we may share statistical data on product usage (crashes, flashbacks) with affiliated parties or third parties. It is difficult to identify your personal identity by combining this data with other information.

4. Assisting you in participating in marketing and promotional activities

When you choose to participate in marketing activities organized by us, our affiliates, or third parties, it may be necessary for you to provide your name, contact information, and bank account information. This information is sensitive personal information. Refusing to provide it may affect your participation in related activities, but it will not affect other functions. Only with your consent will we share this information with affiliates or third parties to ensure that you receive consistent services in joint activities or entrust third parties to promptly fulfill rewards. We promise that without your separate authorized consent, we will not share personal information that can identify your identity with them.

5. Third-party SDK partners:

In order to ensure the stable operation and implementation of our client, and to enable you to use and enjoy more services and functions, our application may embed SDKs or similar applications from authorized partners.

We will conduct strict security testing on the application programming interfaces (APIs) and software development kits (SDKs) that authorized partners use to obtain information, and agree with authorized partners on strict data protection measures, requiring them to handle personal information in accordance with this policy and any other relevant confidentiality and security measures. For companies, organizations, and individuals with whom we share user information, we will sign strict confidentiality agreements with them or include confidentiality clauses in the agreement, requiring them to handle user information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures.

6. Other circumstances

  • To protect you, our other users or employees, PICPIK, or public interests, property, or safety (e.g., fraud or credit risks), we may share information with third parties.

  • Shared in accordance with relevant agreements signed between you and us (e.g., service agreements) or legal documents.

  • In accordance with agreements between you and other third parties.

(II) Transfer

We will not transfer your personal information to any company, organization, or individual, except in the following cases:

  • Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties.

  • In the event of a merger, acquisition, or bankruptcy liquidation involving PICPIK service providers, or other situations involving mergers, acquisitions, or bankruptcy liquidations, if personal information transfer is involved, we will require the new company or organization holding your personal information to continue to be bound by this policy. Otherwise, we will require the company, organization, and individual to seek your authorization and consent again.

(III) Public Disclosure

  • We will not disclose your information unless it is in compliance with applicable laws and regulations or with your authorized consent. When we disclose your personal information, we will adopt industry-standard security measures.

  • When announcing penalties for violating accounts or fraudulent activities, we will publicly disclose relevant account information. In cases where you violate laws and regulations or violate PICPIK platform-related agreements and rules, or to protect the personal and property safety of PICPIK platform or the public, we may disclose your account information based on laws and regulations, platform agreements, or with your consent.

(IV) Exceptions to Obtaining Prior Authorization and Consent for Sharing, Transfer, and Public Disclosure of Personal Information

In the following situations, we may share, transfer, or publicly disclose your personal information without obtaining your prior authorization and consent:

  • Related to the fulfillment of obligations stipulated by laws and regulations regarding personal information controllers;

  • Directly related to national security and defense;

  • Directly related to public safety, public health, and significant public interests;

  • Directly related to criminal investigation, prosecution, trial, and execution of judgments;

  • Necessary to protect your or other individuals' vital interests, but it is difficult to obtain your consent;

  • Personal information that you voluntarily disclose to the public;

  • Collected from legally disclosed information, such as lawful news reports, government information disclosure, and other channels.

5. How We Protect and Store Your Personal Information?

(I) Storage of Your Personal Information

1. Storage

We may store your personal information in your country/region and overseas, including Hong Kong. You can access and correct certain data in your account portal at any time. If you believe that we have processed other personal information related to you or if you are unable to correct inaccurate information, you can contact us at to make a request. You may also have the right to receive copies of certain personal information (see the section on portability below). Under Hong Kong law, you do not have the right to delete your data, but we may delete your data upon request.

However, please note that if we have sufficient legal grounds under data protection laws (e.g., for legal claims defense or freedom of speech), we may retain personal information. If this is the case, we will notify you.

2. Storage period

The information you provide to us may be regularly archived or stored by us according to backup procedures, and the retention period is based on the purpose of collecting such information, providing our products and services to you, resolving disputes, establishing legal defenses, conducting audits, pursuing legitimate business purposes, enforcing our agreements, and complying with applicable laws.

We determine the storage period of personal information primarily based on the following criteria:

  • Completing the transaction purposes related to you, maintaining corresponding transaction and business records to respond to your possible queries or complaints;

  • Ensuring the security and quality of the services we provide to you;

  • Whether you agree to a longer retention period;

  • Whether there are other special agreements or legal regulations regarding retention periods.

After the retention period expires, we will delete or anonymize your personal information in accordance with applicable laws.

(II) Measures We Take to Protect Your Information

  • We have always attached great importance to the security of users' personal information. To this end, we have adopted security measures, organizational and management measures, and other protective measures that comply with industry standards to minimize the risks of your information being disclosed, damaged, misused, unauthorized access, unauthorized disclosure, and alteration.

  • We will take reasonable and feasible security measures and technical means to store and protect your personal information in accordance with industry standards to prevent the loss, unauthorized access, public disclosure, use, modification, damage, loss, or leakage of your information. We will take all reasonable and feasible measures to protect your personal information. We will use encryption technology to ensure the confidentiality of data; we will use trusted protection mechanisms to prevent data from being maliciously attacked.

  • We regularly train employees on data security awareness and security capabilities to enhance their awareness of the importance of protecting personal information. We sign confidentiality agreements with employees and partners who have access to your personal information, clarify their job responsibilities and code of conduct, and establish strict access control and approval processes to ensure that only authorized personnel can access personal information. Any violation of the confidentiality agreement will be held accountable.

  • We have a responsibility and obligation to remind you that the Internet is not an absolutely secure environment. We recommend that you use complex passwords as required, do not disclose your password/verification code, do not lend your account and devices to others at will, and pay attention to the security of your devices and personal information. When using PICPIK services on public devices, do not remember passwords and log out in a timely manner after use to prevent being used by others. If you find any abnormality or theft of your account, please change your password promptly and contact us for assistance as instructed in this policy.

  • If our physical, technical, or managerial protective measures are compromised, resulting in unauthorized access, public disclosure, tampering, or destruction of information, and causing damage to your legitimate rights and interests, we will promptly initiate emergency plans, take reasonable remedial measures, and minimize the impact on your personal information and other rights and interests as much as possible.

(III) Handling of Personal Privacy Data Breaches

In the event of a personal privacy data breach, we will promptly inform you in accordance with relevant laws and regulations: the basic situation and possible impact of the personal privacy data breach, the measures we have taken or will take to handle it, suggestions for you to prevent and reduce risks, and remedial measures for you. We will also notify you of the relevant situation through email, letter, telephone, push notification, etc. When it is difficult to inform each individual, we will make announcements in a reasonable and effective manner. At the same time, we will proactively report to regulatory authorities on the handling of personal privacy data breaches as required.

6. How You Manage Personal Information

We attach great importance to your concerns about personal information and make every effort to protect your rights to access, correct, and delete your personal information, so that you have the ability to fully protect your privacy and security. Your rights include:

(I) Access and Correction

We encourage you to update and modify your information to make it more accurate and effective. You can query, access, and manage your personal account information. You can enter the user center to access and manage your personal information, and complete or request us to modify or supplement it according to the corresponding information management method. You can change your password in the user center-settings interface, or you can contact our customer service or send an email to: to apply for correction of your information. We promise to complete the verification and processing within 30 working days.

When accessing, correcting, and deleting the above information, we may ask you to verify your identity to ensure the security of your account.

(II) Deletion

In the following circumstances, you can request us to delete personal information, except for data anonymization or as otherwise provided by laws and regulations.

  • The purpose of processing has been achieved, cannot be achieved, or is no longer necessary for achieving the purpose of processing;

  • We stop providing products or services, or the retention period has expired;

  • Personal consent is withdrawn;

  • If our processing of personal information violates laws, regulations, or agreements with you;

  • Other circumstances stipulated by laws and regulations.

Deletion of personal information: refers to the act of removing personal information from the systems involved in daily business functions, so that it remains in an unretrievable and inaccessible state. After you or we assist you in deleting the relevant information, due to applicable legal and security technology restrictions, we may not be able to immediately delete the corresponding information from the backup system. We will securely store your personal information and restrict any further processing until the backup can be cleared or anonymized.

(III) Refusal, Return, Transfer, and Request for Data Copy

You can contact us through the methods provided at the end of this policy to refuse, return, transfer, or request a copy of personal information. We promise to complete the verification and processing within 15 working days.

(IV) Raise Objections

If you believe that our processing of your personal information violates this policy or relevant laws and regulations, you can send an email (email address: to raise your objections. We promise to reply and handle your valuable suggestions within 15 working days.

(V) Account Cancellation

When you need to terminate the use of our services, you can apply to cancel your account by contacting our customer service. We promise to complete the verification and processing within 15 working days.

After you cancel your account, you will no longer be able to log in and use our products and services with this account, as well as third-party products and services that use this account for login. All rights, including the rights and future expected benefits that have been generated but not fully consumed during the use of our products and services under this account, will be cleared. The content, information, data, records, etc. under this account will be deleted or anonymized (except as otherwise provided by laws and regulations or required by regulatory authorities). At the same time, once the account is successfully canceled, it cannot be restored.

7. Protection of Minors' Information

We attach great importance to the protection of minors' personal information. PICPIK is mainly targeted at adults. If you are a minor under the age of 18, before using PICPIK and related services, you should read and agree to this privacy policy together with your parents or other guardians under their supervision and guidance. If you are the guardian of a minor under the age of 16, before using PICPIK and related services, you should have the supervised person read and agree to this privacy policy.

We protect the personal information of minors in accordance with relevant national laws and regulations. We only collect, use, or disclose the personal information of minors when permitted by law, with explicit consent from parents or other guardians, or when necessary to protect the minors. If we discover that we have collected personal information of a minor without prior verifiable consent from a guardian, we will make efforts to delete the relevant information as soon as possible.

If you are the guardian of a minor and have any other questions about the personal information of the supervised minor, please contact us through the contact information provided in this privacy policy.

8. How This Policy Is Updated

  • In order to provide you with better services, this privacy policy will also be updated accordingly. We will release updated versions on the PICPIK website and mobile app, and notify you of the updated content through website announcements or other appropriate means before it takes effect. Please also visit PICPIK to stay informed of the latest privacy policy.

  • For significant changes, we will provide more prominent notifications (including but not limited to emails, text messages, or special prompts on browsing pages) to explain the specific changes to the privacy policy. Significant changes referred to in this policy include but are not limited to:

    1. Significant changes in our service model, such as the purpose of processing personal information, types of personal information processed, and methods of using personal information;

    2. Significant changes in our ownership structure, organizational structure, etc., such as business adjustments, bankruptcy and mergers, resulting in changes in ownership, etc.;

    3. Major changes in the main recipients of personal information sharing, transfer, or public disclosure;

    4. Changes in cooperation with third-party suppliers;

    5. Changes in the department responsible for the security of personal information, contact information, and complaint channels;

    6. Personal information security impact assessment report indicating high risks.

After the update of this privacy policy, we will release updated versions on PICPIK and notify you of the updated content through the official website (opens in a new tab), document center (opens in a new tab), or other appropriate means before the updated terms take effect, so that you can timely understand the latest version of this privacy policy.

9. How to Contact Us

If you have any questions, opinions, or suggestions regarding this privacy policy, or if you need to make a complaint or report regarding the security of personal information, please send an email to or contact us through various methods including mailing.


We will reply within 15 working days. If you are not satisfied with our response, especially if our handling of personal information has harmed your legitimate rights and interests, you can also seek a solution through the court where UCLOUD HK is located.