Privacy Policy

Last updated: 01-11-2024 Arpobot Pty Ltd (“bloomin8” or “we” or “us” or “our”) operates http://bloomin8.com/ (the “site”) and provides the bloomin8 mobile app for Android and iOS (the “app”) and the bloomin8 art frame app (the “frame”).
We take your privacy seriously and are committed to protecting the information we collect. By using our app or frame, future products, services or features we develop and introduce, or our website (together the “Services”), you consent to the collection, processing and disclosure of data concerning you in accordance with this Privacy Policy. We hope that you carefully read and confirm that you fully understand the contents of this policy before using our products and/or services. If you have any questions while reading, please contact our customer service for consultation. If you do not agree with any terms in this agreement, please stop submitting information.
If you have any questions or concerns about this Privacy Policy or related matters, please email us at hello@bloomin8.com.


Information Collection
Information we collect when you use our Services:
Information You Provide to Us
Some features of the services may require you to directly provide certain information. You may elect not to provide this information, but doing so may prevent you from using or accessing these features. Information that you directly submit through our Services includes:
- Contact information, such as your name, email, address, phone number. We collect this information to provide the Services, as required to perform our contract with you, and because it is in our legitimate interest to communicate with you (including to tell you about products or services that may be of interest).
- Account information, such as username, password, profile picture and your IP address. We use this information to maintain your account and provide the Services, as required to perform our contract with you, and because it is in our legitimate interest to maintain and secure your account with us. If you choose to register an account, you are responsible for keeping your account credentials safe. We recommend you do not share your access details with anyone else. If you believe your account has been compromised, please contact us immediately. When you add a subscription to your Regular Account, the payment is handled by Google Payments or Apple Pay, so there is no need for bloomin8 to collect any personal information. Furthermore, information regarding your payment, such as credit card information, is not shared with bloomin8 by Google Payments or Apple Pay.
- User Input, such as text prompts that you enter and images that you upload to generate and output new content based on your User Input. We also collect other information you post, submit or make available through the Services, such as “likes” an image, “bin” an image or “push” an image to frame. We use User Input and other information you submit to the Services because it is in our legitimate interest to administer and improve the Services and improve and develop our products and technology.
- Other information you choose to provide in communications with us, such as your name, email address and other information you provide. We use this information because it is in our legitimate interest to be responsive to your queries, manage our relationship with you and improve our customer service and product offerings.


Information Collected Automatically
We, and third parties on our behalf, may automatically collect certain information about your interactions with the Services and emails, including through cookies, and other tracking technologies. We collect and use this information because it is in our legitimate interests to tailor your experience with the Services, run analytics, de-bug, and better understand user interactions with and improve the Services. We may associate this information with the device you use to access the Services, or email accounts you use to engage with us.
Such information includes
- Device Information, such as device type, operating system, screen size, unique device identifier and preferred language.
- Log Data, such as your device’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our site that you visit, the time and date of your visit or use of the app or frame, the time spent on those pages, which IPs communicate together through our servers and other statistics.
- We use automated devices and applications to evaluate usage of our app, frame and site. We also may use other analytics to evaluate our Services. We use these tools to help us improve our Services, performance and user experience. We do not share your personal information with these providers.

Cookies and Similar Technologies:
We may collect information about your use of our Services through the use of cookies, pixels or similar technologies. For example, we may use this information to provide or improve our Services, for measurement and analytics to better understand how our Services function and are used, or for internal operations. Cookies are small pieces of data that are stored on your mobile phone, computer, or other device. Pixels, often used in connection with cookies, are small instances of code placed in web pages that do things like allow another server to measure how frequently web pages are viewed and used.
Third parties may also use cookies to collect information about your activities on our website. Your browser or device may offer you control over the use of cookies or other technologies when you use the Services. For example, you may be able to set your browser or device to disable, clear, reset or block the use of cookies or similar technologies.
Information Collected From Other Sources
We may obtain information about you from social media platforms, such as when you interact with us on Facebook, Instagram or Tiktok, which we use in our legitimate interests to communicate with you and personalize our Services. Any information received from outside sources will be treated in accordance with this Privacy Policy. We are not responsible for the accuracy of the information provided to us by third parties and are not responsible for any third party’s policies or practices.
In addition to the specific uses described above, we may use any of the information described in this section to provide and improve the Services and our products offerings and to maintain our business relationship, as a matter of our legitimate interests, including by enhancing the safety and security of our Services (e.g., troubleshooting, data analysis, testing, system maintenance, reporting), training the models that power our Services, providing customer support, sending service and other communications, monitoring and analyzing trends, conducting internal research and development, complying with applicable legal obligations, enforcing any applicable terms of service, and protecting the Services, our rights, and the rights of our employees, users or other individuals.

Information Sharing, Transfer, and Public Disclosure
Sharing
We will not share your personal information with any company, organization or individual outside of Arpobot Pty Ltd, except for the following cases:
- Obtaining your prior express consent or authorization;

- Provided in accordance with applicable laws and regulations, as required by legal process, or as necessary for mandatory administrative or judicial requirements;
- To the extent permitted by law or regulation, as necessary to protect Bloomin8, Bloomin8's affiliates or partners, you or other Bloomin8 users, or the public interest, property, or safety from harm;
- Only share your information to achieve the core functions of our products and/or services or to provide the services you need;
- To handle disputes or controversies between you and others for you upon your request;
- To comply with the relevant agreements signed with you (including the electronic agreements signed online and the corresponding platform rules) or other legal documents agreed to be provided;
- Used based on academic research;
- Used in the public interest in accordance with laws and regulations.

We may share your personal information with our affiliated parties (including but not limited to Arpobot Pty Ltd's subsidiaries, holding companies, affiliates, advertising agencies, etc.). The information shared is subject to the purposes stated in this Privacy Policy. Our affiliates will again seek your authorized consent if they wish to change the purposes for which personal information is processed.
We may share your order information, account information, device information, and location information with third parties such as partners (e.g., agencies) to ensure the smooth completion of the services provided to you. However, we will only share your personal information for lawful, legitimate, necessary, specific, and explicit purposes, and only as much personal information as is necessary to provide the Services. Our partners are not authorized to use the shared personal information for any other purpose. Our partners include the following types:
- Suppliers of goods or technical services. We may share your personal information with third parties who support our functions. These supports include supplying or providing infrastructure technical services, logistics and delivery services, payment services, data processing, etc. to us. We share this information to enable core shopping functions for our products and/or services, such as when we must share your order information with a logistics service provider to arrange for delivery; or when we need to share your order number and order amount with a third party payment provider to enable it to confirm your payment instructions and complete payment, etc.
- Third Party Merchants. We must share your order information and necessary information about the transaction with third party merchants to enable you to purchase goods or services from them and to enable them to complete subsequent after-sales service.
- Partners who engage us to conduct promotions. At times we may provide promotional services on behalf of other businesses to groups of users of our products and/or services. We may use your Personal Information and indirect user profiles formed by aggregating your non-Personal Information to share with partners who engage us to conduct promotions ("Engagers"), but we will only provide these Engagers with information about the reach and effectiveness of the promotion, not your personally identifiable information, or we will aggregate this information in aggregate so that it does not identify you personally. For example, we may tell that principal how many people saw their promotion or purchased the principal's goods after seeing that information, or provide them with statistical information that does not personally identify them to help them understand their audience or customers.

For companies, organizations and individuals with whom we share personal information, we will sign strict confidentiality agreements with them, requiring them to handle personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures.
Transfer
We will not transfer your personal information to any company, organization or individual, except in the following cases:
- With your prior express consent or authorization;
- Provided in accordance with applicable laws and regulations, the requirements of legal proceedings, mandatory administrative or judicial requirements as necessary;
- In accordance with the relevant agreements signed with you (including the online signed electronic agreement and the corresponding platform rules) or other legal documents agreed to provide;
- In case of merger, separation, dissolution, bankruptcy or other reasons that require the transfer of your personal information, we will inform you of the name or name and contact information of the recipient, and we will require the new company or organization holding your personal information to continue to be bound by this privacy policy. Otherwise, we will require the company or organization to seek your authorized consent again.

Public Disclosure
We will only publicly disclose your personal information under the following circumstances and provided that we take security measures that meet industry standards:
- Disclosure of your specified personal information in accordance with your needs and in a manner that you have expressly agreed to disclose;
- We may publicly disclose your personal information in accordance with the type of personal information requested and the manner of disclosure when required to provide your personal information by law, regulation, mandatory administrative enforcement or judicial requirements. Subject to laws and regulations, when we receive a request for such disclosure, we will require that a legal document, such as a subpoena or letter of inquiry, must be produced in response. We strongly believe in being as transparent as possible about the information we are asked to provide, to the extent permitted by law. We carefully review all requests to ensure that they have a legal basis and are limited to data that law enforcement has a legal right to obtain for specific investigative purposes.

Information Protection and Storage
Our technology and measures to protect your personal information
We attach great importance to the security of personal information, and take all reasonable and feasible measures to protect your personal information:
Technical measures for data security
- We will use industry-standard security measures, including the establishment of reasonable system specifications, security technology to prevent unauthorized access to your personal information use, modify, to avoid damage or loss of data.
- Bloomin8's network services take the transport layer security protocols and other encryption technology to ensure the safety of user data in the transmission process.
- Bloomin8 take encryption technology to encrypt the user's personal information is stored, and isolated through the isolation technology for isolation. In the use of personal information, such as personal information display, personal information associated with the calculation, we will use a variety of data desensitization techniques, including content replacement, SHA256, to enhance the security of personal information in use.
- Bloomin8 use strict data access rights control and multiple identity authentication technology to protect personal information, to avoid the use of data violations.
- Bloomin8 use automatic code security checks, data access log analysis technology for personal information security audit.
- Bloomin8 uses Google Cloud to provide infrastructure support for the security and integrity of your data.
Bloomin8 to protect personal information to take other security measures
- Bloomin8 through the establishment of data classification and classification system, data security management norms, data security development norms to manage and regulate the storage and use of personal information.
- Bloomin8 through the information contact person confidentiality agreement, monitoring and auditing mechanisms to comprehensive security control of data. Strengthen security awareness. We also hold security and privacy training courses to enhance employee awareness of the importance of protecting personal information.
- We only allow employees and partners of Arpobot Pty Ltd and Arpobot Pty Ltd affiliates who have a need to know such information to access personal information, and we have set up strict access control and monitoring mechanisms for this purpose. We also require all persons who may have access to your personal information to comply with their confidentiality obligations. Failure to comply with these obligations may result in legal liability or suspension of our relationship with Arpobot Pty Ltd.
- We will take all reasonably practicable steps to ensure that no unrelated personal information is collected. We will only retain your personal information for as long as necessary to achieve the purposes described in this policy, unless an extended retention period is required or permitted by law.

Security event disposal
- If a personal information security incident occurs, we will, in accordance with the requirements of laws and regulations, promptly inform you of: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, the suggestions you can independently prevent and reduce the risk, the remedial measures for you, etc. We will also promptly inform you of the event-related situation by email, letter, telephone, push notification, etc. When it is difficult to inform the subject of personal information one by one, we will take a reasonable and effective way to issue an announcement. At the same time, we will also take the initiative to report the disposal of personal information security incidents in accordance with the requirements of the regulatory authorities.
We take security of your information seriously and use reasonable electronic, personnel, and physical measures to protect it from loss, theft, alteration, or misuse. However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorised persons will view your information. We are not responsible for third party circumvention of any privacy settings or security measures.

The preservation of your personal information
All of your personal information will be stored in the United States of America. If we need to transfer your personal information outside of the United States to complete our business activities, we will follow the relevant national regulations, separately obtain your authorized consent and request the recipient to handle your personal information in accordance with the data protection agreement signed by both parties, this Privacy Policy and relevant laws and regulations.
Unless otherwise required by laws and regulations, we will keep your personal information until one month after the date of cancellation of your account. We promise that this is the minimum period of time your personal information must be kept at Arpobot Pty Ltd in order to protect your consumer rights at Arpobot Pty Ltd. We will delete or anonymize your personal information when it exceeds the period of time we keep it.
If we terminate our services or operations, we will notify you at least thirty days in advance, and we will delete or anonymize your personal information after the termination of services or operations.

Your Rights and Choices

Arpobot Pty Ltd takes your concerns about your personal information seriously and makes every effort to protect your rights to access, correct, delete, supplement, access, and withdraw consent to your personal information so that you have the full ability to safeguard your privacy and security. Your rights include the right to:
- to access, correct and supplement your personal information
- delete your personal information
- change the scope of your authorized consent or withdraw your authorization

- cancel your account In our products to provide you with the function of requesting cancellation. In order to protect your legitimate rights and interests, we need to verify your identity before you cancel your account, and combined with your use of Bloomin8 products to determine whether to support your cancellation application. After you cancel your account, we will stop providing you with products and / or services, and according to your request, unless otherwise provided by law or regulation, we will delete your personal information.
- response to your request
If you are unable to access, correct or delete your personal information in the manner described above, or you need to access, correct or delete other personal information generated by your use of our products and / or services, or you believe that Bloomin8 there is any violation of laws and regulations or agreements with you regarding the collection or use of personal information, you can contact us through other means at the bottom of this agreement. For security purposes, we may need you to provide a written request or otherwise prove your identity, and we will respond to your request within 30 days after we receive your feedback and verify your identity. For your reasonable requests, we do not charge in principle, but for repeated requests that exceed reasonable limits, we will charge a cost fee as appropriate. We may refuse requests that are unnecessarily repetitive, require excessive technical means (for example, requiring the development of a new system or a fundamental change in current practice), pose a risk to the legal rights of others, or are highly impractical (for example, involving the backup of recorded files).
We will not be able to respond to your request if we are required by law or regulation to do so in the following circumstances:
- Information that is necessary to protect the public interest, whether for health, safety, or other reasons;
- Information required for the purposes of historical research, statistics or scientific studies;
- Information necessary to comply with laws or regulations
- Related to national security or national defense security
- relating to public safety, public health, or vital public interest
- related to crime investigation, prosecution and trial, etc;
- Where there is sufficient evidence that you have subjective malice or abuse of rights
- Responding to your request will lead to serious damage to the legitimate rights and interests of you or other individuals or organizations
- Where commercial secrets are involved.
- obtaining a copy of personal information
You have the right to obtain a copy of your personal information. If you need to obtain a copy of your personal information collected by us, you can contact us through the contact information agreed in [How to contact us], and the relevant personnel will verify your identity as necessary and submit a copy of your personal information to you. Subject to relevant laws and regulations and technical feasibility, we will provide you with a copy of your personal information upon your request.
Children's Privacy
Our Services are not intended for children, and we do not seek or knowingly collect any personal information from children. If we become aware that we have unknowingly collected information from a child, in particular children under 13 years of age, we will make commercially reasonable efforts to delete such information from our database. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us to request that it be deleted.
Changes to Privacy Policy
We reserve the right to alter our privacy policy at any time. We will notify you of any alterations with reasonable notice through the service, such as by posting it on our website, by email, or otherwise. If you do not agree to the altered privacy policy, you may stop using our Services.
Contact Us
Should you wish to exercise any of your rights or if you have any questions regarding our Privacy Policy, please contact us via email: hello@bloomin8.com