Privacy Policy (Revised Draft)

Published Date:February 6 st, 2026

Updated Date: February 6 st, 2026

Effective Date:February 6st

Melo platform operator (hereinafter referred to as "we") attaches great importance to the privacy and protection of users' personal data and appreciates your trust in us. We will take corresponding security protection measures as required by laws and regulations (including but not limited to the European Union’s General Data Protection Regulation (GDPR), the United States’ California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Philippines’ Data Privacy Act of 2012 (DPA 2012), and the laws of Hong Kong, China), strive to safeguard the security of your personal data, and provide you with reasonable and efficient privacy protection. Therefore, we have formulated this "Privacy Policy" (hereinafter referred to as "this Policy") to explain how we collect, use, store, protect and externally provide your data, as well as your rights.

This Policy applies to the Melo platform developed and operated by NEXORA LABS PTE.LTD., as well as other Internet products developed and operated by NEXORA LABS PTE.LTD.. and its affiliates, unless other products have independent Privacy Policies. If the collection, use, storage, protection and other provisions of user data in other products are inconsistent with this Policy, their independent provisions shall prevail. We prohibit minors from registering or using the platform in accordance with the legal age limits of their respective regions (e.g., 13 years old in the EU/US, 18 years old in the Philippines). Personal data of minors is subject to both this Policy.

This Privacy Policy does not apply to services provided to you by other independent third-party vendors, nor to products or services on the Melo platform that have separately set legal notices and privacy policies. When third parties on our platform provide services to you relying on our platform, the personal data you provide to third parties does not apply to this Privacy Policy.

Before using our products or services, please carefully read and fully understand this Privacy Policy, especially the clauses marked in bold (which may involve your important rights). Please use the relevant products or services only after confirming that you fully understand and agree. Once you start using the products or services provided by us, it is deemed that you have fully understood and agreed to the contents described in this Policy.

Part I Definitions

• Melo Platform: Refers to the Melo official website (http://www.meloparty.com/) and mobile application (APP).
• Melo Platform Services: Various services provided by Melo platform operators to you through multiple forms such as the Melo platform website and user terminals based on the Internet (including new service forms emerging in future technological development). If you log in to or use products or services of an affiliated company of the Melo platform operator, and such affiliated products or services do not have an independent user service agreement and privacy policy, this Privacy Policy shall also apply to that part of the products or services.
• Melo Platform Operator: NEXORA LABS PTE.LTD.. and its affiliated parties (hereinafter collectively referred to as "we").
• User: (hereinafter referred to as "you" or "user") refers to an individual or organization that registers, logs in, uses, browses, and obtains services in accordance with this Agreement.
• Personal Data: Refers to all types of data recorded by electronic or other means that can identify the identity of a specific person or reflect the activities of a specific person alone or in combination with other data, including name, date of birth, ID information, personal biometric information, address, phone number, etc.
• Personal Sensitive Data: Refers to personal data that may endanger personal and property safety, easily lead to damage to personal reputation, physical and mental health, or discriminatory treatment if leaked, illegally provided, or misused, including ID information, personal biometric information, bank accounts, property information, whereabouts, communication content, minor information (in line with local legal age limits), health and physiological information, etc. (We will prominently identify specific personal sensitive data in this Privacy Policy with bold and underlined formatting).
• Personal Data Deletion: Refers to the act of removing personal data from systems involved in the realization of daily business functions to prevent it from being retrieved and accessed.
• Data Protection Officer (DPO): A person designated by us to be responsible for supervising the compliance of personal data processing activities, who can be contacted by users for data protection-related issues.
• Standard Contractual Clauses (SCCs): Legally recognized cross-border data transfer tools to ensure that personal data transferred across borders receives adequate protection.

Unless otherwise agreed, the definitions used in this Policy have the same meanings as those in the User Agreement.

Part II Privacy Policy Details

This Policy will help you understand the following:

1. How we collect and use your personal data
2. How we use cookies and similar technologies
3. How we share, transfer and publicly disclose your personal data
4. How we store your personal data
5. How we protect your personal data
6. How we handle minors' personal data
7. How you can manage your personal data
8. Changes to this Statement
9. How to contact us

Article 1 How We Collect and Use Your Personal Data

When you use our products and/or services, the personal data we need/may need to collect and process includes the following:

1. To implement the basic functions of providing our products and/or services to you, you must authorize us to collect and process necessary data. If you refuse to provide the corresponding data, you will not be able to use our products and/or services normally;
2. To provide you with additional functions of our products and/or services, you can choose to authorize us to collect and process data. If you refuse to provide it, you will not be able to use the relevant additional functions or achieve the functional effects we intend to achieve, but this will not affect your normal use of the basic functions of our products and/or services.

You understand and agree:

1. We are committed to creating a variety of products and services to meet your needs. Since we may provide you with multiple products and services, and the specific products/services chosen by different users vary, the corresponding basic/additional functions and the type and scope of personal data collected and used will also differ. Please refer to the specific product/service functions;
2. To bring you a better product and service experience, we continuously improve our technology and may introduce new or optimized functions from time to time, which may require collecting and processing new personal data or changing the purpose of personal data use or third parties using the data. In this regard, we will separately explain the purpose, scope of data collection and the data user through updating this Policy, pop-up windows, page prompts and other channels, provide you with independent choices and consent options, and collect and use the data only with your explicit consent (each data processing purpose requires separate consent; "bundle consent" is prohibited);
3. The services described in this Policy may vary based on your mobile phone model/system version/software application version/mobile device client and other factors. The final products and services shall be subject to the actual Melo application you use and the actual services provided to you.

I. Data Required for Basic Functions:

Registration and Login: During the account registration or service use process, you need to fill in or submit some necessary information: your mobile phone number, nickname, created username, and gender. This data is collected to help you complete the registration of the Melo account. After registration verification and your reading and agreement to this Policy and the User Agreement, the account registration will be completed. You will be able to use functions such as short messages, real-time audio/video calls, sending gifts, and comments. If you do not agree to authorize or refuse us to obtain the above data, you will not be able to use the above functions and services as a registered user. During the registration process, if you provide the following additional information (avatar, birthday, personalized signature, interests), it will help us provide you with better services and experiences, but your failure to provide this information will not affect the basic functions of Melo.

1. Browsing and Following When you browse on the Melo platform, you can "follow" other users you are interested in. To implement this function, we will collect your device information when you use Melo (including device model, operating system version, device settings, IMEI/MEID/Android ID/IDFA/IDFV/OAID/MAC ADDRESS/IMSI/ICCID/UDID/GUID; the same definition applies below).
2. "Sharing and Posting" FunctionYou can post moments on Melo, comment on or share moments posted by other users. In this process, we will collect your device information, network access log information and user log information (including account information, operation time, operation records, network source address and destination address, source port, client hardware characteristics, nicknames, introductions, notes, logos, user profiles, sharing and comment records; the same definition applies below).
3. When you use functions such as "interest tags", "video updates", and "photo walls", the content, pictures, voices, and video information you upload will be stored on our servers, as storage is necessary to implement this function. You can delete this information at any time. Unless you choose or comply with relevant laws and regulations, we will not provide the above information externally or use it for purposes other than this function. Please note that the information you publish may involve your own or others' personal data or even personal sensitive data. If you choose to upload pictures containing personal data, please carefully consider whether to share or even publicly share the relevant data when using our services. If you do not agree to our collection of this data, please do not upload or post, but this will not affect the use of other basic functions.

II. Data Required for Additional Functions:

1. purchase and Consumption When you use the consumption function of Melo, we will collect your purchase records and consumption records to facilitate your query of transaction records and maximize the protection of your property and virtual property security. In this process, we may collect your user ID or the Apple/Google/Stripe and others third-party payment channel you use. The above data is sensitive data, but the collection of the above data is necessary for these related functions; otherwise, the transaction process cannot be completed. We have no intention of and cannot obtain your personal property data based solely on this data, nor can we identify specific individuals.

We will not sell your personal data to third parties for commercial purposes without your explicit consent. You have the right to opt out of data sales through the platform's one-click opt-out function.

1. Additional Functions Based on Camera You can use services such as photography, live streaming, and video calls by enabling your device's camera permission, or use auxiliary functions such as activating the camera flash. During video calls, call data will be collected.
2. Additional Functions Based on Accessing or Uploading from Your Album (Photos & Videos)You can upload your photos, pictures, and/or videos by enabling the permission to access and upload from your device's album to update your profile avatar, post/share moments, communicate with our customer service and/or provide evidence, etc.
3. Additional Functions Based on Microphone Voice Technologies You can enable your device's microphone permission to enjoy voice/video calls or record audio, during which we will collect your voice data. Please note that even if you have enabled the device's microphone permission, voice data will not be collected unless you actively click the microphone icon.
4. Applying for "Master" Identity When applying for the "Master" identity, you need to provide relevant and necessary personal account information and complete real-name authentication. Without real-name authentication, you cannot apply to become a "Master". Furthermore, when you apply for withdrawal (if applicable), you need to submit photos of both the front and back of your ID to verify your identity. In addition, you need to provide bank account-related information such as bank account number, place of deposit, and issuing bank to ensure that the withdrawn amount can be successfully transferred to your bank account. If the above information is not submitted or does not meet the requirements, the withdrawal function cannot be used.
5. Search When you use the search function, we will collect your search keyword information and clipboard content to provide efficient search services.
6. Customer Service for Complaints When you contact us to make a complaint, appeal, or consultation, you may be required to provide necessary personal information to verify your identity as a real user to ensure the security of your account and the system. To contact you, solve your problem as soon as possible, or record the process and results of specific cases, we may need to record our communications, correspondences, or conversations, as well as related information (including account information, other information you provide as evidence, or your contact information). In the absence of the above information, we may not be able to reply in a timely manner.
7. Security Guarantee To ensure the safe operation of the provided software and services, protect network security, prevent cyber crimes, identify anomalies related to your account, and for anti-fraud purposes, we will collect your network access logs, user logs, device information, and device location information (including IP address, GPS location, WLAN access points that provide relevant information, Bluetooth, and base station/sensor information), software version, network access method/type/status/operator, SSID and BSSID, network quality, software installation list, currently running processes, overall operation status of applications, overall installation and usage performance, application source, and other log information (details of usage time and frequency, device statistical information, critical operation paths, error logs, crash records, language and time zone, Internet Protocol (IP) address, Internet Service Provider (ISP), referral/exit pages, operating system, date/time stamp, and clickstream data). For the purpose of fulfilling content moderation and safety obligations under the User Agreement, we may retain and process necessary information related to violations; see the Melo User Agreement (https://api.meloparty.com/static/personal/userAgreement.html).
8. We collect your IP address by default and may infer your approximate location (country/region) from your IP for security, anomaly detection, compliance (e.g. regional restrictions), analytics and product improvement; such collection and purposes are disclosed in this section and related functions.
9. We may collect and display your last active time or online status (and related logs necessary for this function) for displaying activity status, matching or recommendations; you may turn off or hide this display in settings where available.
10. Personalized Recommendation, Display, or Push Services To analyze your preferences, habits, and location characteristics and provide you with more customized services, we will collect the following data:

• Follow, search, browse preferences, and other data related to your operations and usage behaviors;
• Interactive data you actively provide, such as feedback, posts, likes, comments, and rewards, which will be stored on our servers as storage is necessary to implement this function;
• Your device's geographical location with your explicit consent (including IP address, GPS location, WLAN access points that provide relevant information, Bluetooth, and base station/sensor information). GPS information is sensitive data. Refusing to provide this information will prevent you from using GPS location-based services and may prevent you from obtaining better platform services, but will not affect the normal use of other functions. You can go to "My → Settings → Privacy Settings" to choose to be invisible to nearby users, clear location information, or show/hide the distance from other users;
• Names and information of active applications.

Unless authorized by you or required by laws and regulations, we will not combine this information with any personally identifiable information you provide in the application to ensure that you will not be identified. We will combine this information with information from other services we provide, conduct feature and preference analysis through program calculations, and perform indirect crowd profiling based on feature tags to personalize recommendations, displays, or pushes of specific live streams, audios, videos, advertisements, and other information that may be of interest to you, or recommend specific functions or services that are more suitable for you.

If personalized recommendations are based on automated decision-making, you have the right to request human intervention and refuse discriminatory treatment resulting from automated decisions. We will provide a clear explanation of the logic, significance, and potential impact of automated decision-making upon your request.

1. Additional Functions Based on Local Storage By enabling local storage permission, you can download or cache pictures, videos, and other content to your mobile phone storage, and upload local pictures, videos, and other data from your mobile phone storage to Melo.
2. Additional Functions Based on Contacts You can authorize us to access your device's contacts to find friends through contacts.

III. Device Permissions We May Apply For

When providing services to you, we may need to apply for certain device permissions on your device to collect the above information and enable relevant functions. These permissions are disabled by default and will only be activated with your explicit authorization to enable specific functions or services. You may also withdraw your consent and deny these permissions. In particular, even if we have previously obtained your consent for these sensitive permissions, your information will not be collected when the relevant functions or services are not needed. In addition, please note that we may use certain third-party SDK to implement functions and ensure the security of our business operations and products. When using our products, you may also use H5 pages or mini-programs developed by third parties, and these third parties may also apply for relevant operating system permissions.

A list of permissions that may be required is as follows:

1. For Android System

1. Read contents in SD card (read storage/photo permission):

• Function description: Read data in device storage;
• Usage Scenario and Purpose: Allow applications or mini-programs to read pictures and other content in storage, mainly used for posting, uploading pictures such as avatars, and recording crash logs locally.

2. Write/Delete contents in SD card (write/delete/storage space/photo permission):

• Function description: Allow writing external data;
• Usage Scenario and Purpose: Allow applications to write/download/save/cache/delete photos, files, and crash logs.

3. Read the status and identity of the device (phone permission, device permission):

• Function description: Provide access to mobile device identification and other information;
• Usage Scenario and Purpose: Read the device's call status and ID, identify the device ID, used for audio/video/information display, account login, and security functions. Please rest assured that these permissions cannot be used to monitor or obtain any content of your calls or messages.

4. Obtain approximate geographic location:

• Function description: Obtain approximate geographic location through network location information (such as base stations and WLAN);
• Usage Scenario and Purpose: Used for security-related services and location-based services (LBS), such as recommending nearby users, positioning services when you post on the platform, and location services required by mini-programs.

5. Obtain accurate geographic location:

• Function description: Obtain accurate geographic location through the Global Positioning System (GPS) or network location information (such as base stations and WLAN);
• Usage Scenario and Purpose: Same as "Obtain approximate geographic location".

6. Audio Recording (android.permission.RECORD_AUDIO):

• Function description: Use the microphone to record audio data; Usage Scenario and Purpose:
• Used for posting audio/video materials, live streaming, voice chat, and other relevant functions based on this permission.

7. Photograph/Video(android.permission.CAMERA):

• Function description: Take photos or record videos;
• Usage Scenario and Purpose: Used for posting audio/video materials, live streaming, taking photos, video calls, and other relevant functions based on this permission.

8. Read Contacts (android.permission.READ_CONTACTS):

• Function description: Read contact information on the device;
• Usage Scenario and Purpose: Used for friend recommendations.

9. Connect to Bluetooth:

• Function description: Allow the application to activate Bluetooth;
• Usage Scenario and Purpose: Connect to nearby devices through the Bluetooth pairing process.

10. Find and connect to Bluetooth (BLUETOOTH_ADMIN):

• Function description: Allow the application to find and connect to other devices via Bluetooth;
• Usage Scenario and Purpose: Same as "Connect to Bluetooth".

2. For iOS System

1. NS Photo Library Add Usage Description

• Function description: Add materials to the album;
• Usage Scenario and Purpose: Allow the application to write/download/save/modify/delete images, files, and crash logs.

2. NS Photo Library Usage Description

• Function description: Read contents in the album; Usage Scenario and Purpose:
• Allow the application to read stored images and files, mainly used for services such as posting.

3. NS Camera Usage Description

• Function description: Activate the camera;
• Usage Scenario and Purpose: Used for posting audio/videos, live streaming, taking photos, video calls, and other relevant functions based on this permission.

4. NS Location Always Usage Description

• Function description: Continuously obtain geographic location; Usage Scenario and Purpose:
• Used for security-related services and location-based services (LBS), such as city information display, positioning services when you post on the platform, and location services required by mini-programs.

5. NS Location When In Use Usage Description

• Function description: Obtain geographic location only when the APP is in use;
• Usage Scenario and Purpose: Same as above.

6. NS Location Always And When In Use Usage Description

• Function description: Continuously obtain geographic location only when using the application;
• Usage Scenario and Purpose: Same as above.

7. NS Contacts Usage Description

• Function description: Read contact information on the device;
• Usage Scenario and Purpose: Used for friend recommendations.

8. NS Microphone Usage Description

• Function description: Use the microphone to record audio data;
• Usage Scenario and Purpose: Used for posting audio/video materials, live streaming, voice chat, and other relevant functions based on this permission.

9. NS Face ID Usage Description

• Function description: Use Face ID;
• Usage Scenario and Purpose: Log in via Face ID.

10. NS User Tracking Usage Description

• Function description: Read the device ID to identify device information;
• Usage Scenario and Purpose: Only used to identify the device, ensure service security, and improve browsing experience.

IV. Data from Third Parties

1. Third-Party Authorization When you register or log in to the product through a third-party account, we may collect public information (including avatar, nickname, gender, age) of the third-party account you use to log in and bind the account to your product account. This is to help the platform record your login identity as a Melo user to provide you with higher-quality products and/or services. We will only collect and process your information within the scope of your authorization and consent. If you do not agree to authorize or refuse to provide the above information, you will not be able to register or log in to the product through the third-party account, but this will not affect your normal use of other functions of the product.

After logging in via a third-party account, that account will be bound to your Melo account. You can go to [My - Account Settings - Account Security] to unbind, or contact Melo's in-app customer service: [My - Customer Support] - Enter "Operator Service" for consultation.

1. Information shared by other users may contain information related to you.

V. Sensitive Data

Before providing any sensitive data, please carefully consider and ensure that the provision of your sensitive data is appropriate, and you agree that this sensitive data may be processed for the purposes and in the manner described in this Policy. We will collect and process the sensitive data you agree to provide to enable relevant functions, and will also allow you to express your disagreement with the collection and processing; however, your refusal to provide such information will affect the use of the relevant functions.

You have the right to request us to only use your sensitive personal data for the necessary purposes of providing services, and we will not use it for other purposes without your explicit consent.

VI. Exceptions to Obtaining Authorized Consent

According to relevant laws and regulations, collecting your personal data in the following situations is stipulated by law and does not require your additional explicit consent:

1. Directly related to national security and national defense security;
2. Directly related to public safety, public health, and major public interests;
3. Directly related to criminal investigation, prosecution, trial, and execution of judgments;
4. Necessary to protect your or other individuals' life, property, and other important legal rights but difficult to obtain your consent;
5. The personal data collected has been publicly disclosed by yourself;
6. Collect your personal data from legally publicly disclosed information, such as legal news reports and government information disclosure channels;
7. Necessary to sign and perform the contract according to your requirements;
8. Necessary to maintain the safe and stable operation of Melo's products and/or services, such as discovering and handling product or service failures;
9. Necessary for legal news reports;
10. Necessary for academic research institutions to conduct statistical or academic research based on public interests, and when providing academic research results or descriptive materials externally, DE-identify the personal data contained in the results;
11. Other situations stipulated by laws and regulations.

Please be informed that in accordance with applicable laws, if we process personal data through technical measures and other necessary measures such that the data recipient cannot re-identify specific individuals and cannot recover the data, the use of such processed data does not require notifying you or obtaining your consent.

If we stop operating Melo platform products or services, we will promptly stop collecting your personal data, notify you of the service suspension through individual delivery or announcements, and delete or anonymize the personal data related to the discontinued business held by us.

Article 2 How We Use Cookies and Similar Technologies

Cookies, device identification, and other similar technologies are widely used on the Internet. When you use Melo and related services, we may use relevant technologies to send one or more cookies or anonymous identifiers to your device to collect information that identifies your access to and use of the products. We promise that these cookies will not be used for purposes other than those described in this Policy. We use cookies and similar technologies mainly for the following functions or services:

1. Ensure the safe and efficient operation of products and services: We may set cookies or anonymous identifiers for authentication and security to confirm whether you are in a safe environment when logging in, or whether you have encountered account theft, fraud, or other illegal activities. These technologies will also help us improve service efficiency and speed up the login and response process;
2. Facilitate and improve your access experience: Using such technologies can help you avoid repeating steps when filling in personal information or entering search content (e.g., search history and form auto-fill);
3. Recommend, display, or push content or users you may be interested in:

o We may use such technologies to learn about your preferences and usage habits and conduct data analysis to improve products and services and recommend information or functions you may be interested in;

o We may use cookies to record browsing activities for information recommendations, detect crash and delay-related anomalies, and explore better service methods;

4. Cookie clearing: Most browsers allow users to clear browser cache data. You can find this function in the browser settings. If you clear the data, you may not be able to use relevant services that rely on cookies.

You can manage or disable cookies through browser settings, and we will not restrict your use of basic services due to your disabling of non-essential cookies. Where required by law (e.g. in the EU), we will obtain your consent before using non-essential cookies or similar technologies; you may manage or refuse non-essential cookies via your browser or our preference settings.

Article 3 How We Share, Transfer, and Publicly Disclose Your Personal Data

(1) Sharing

We will keep your personal data confidential and will not share or provide it to others except in the following situations:

1. Sharing with explicit consent: After obtaining your explicit consent, we may share or provide your personal data to external recipients;
2. Sharing under legal conditions: We may share or provide your personal data to judicial or administrative authorities in accordance with laws and regulations, litigation and dispute resolution requirements, or the requirements of these authorities;
3. Sharing with our affiliates: Your personal data may be shared with our affiliates and/or their designated service providers to facilitate and help us provide products and services to you based on your Melo or its affiliates' account, recommend content and information you may be interested in, identify account anomalies, and ensure the account and property security of Melo or its affiliates' users. We will only share necessary data and comply with the provisions of this Policy. If the shared data is sensitive data, or the affiliate receiving the data changes the processing purpose, we will separately seek your authorization;
4. Sharing with authorized partners: To provide you with better quality products and services, we may entrust and authorize our business partners, or introduce third-party service providers to implement certain technical functions (such as embedded codes, plug-ins, SDKs, etc.) to provide you with services or perform duties on our behalf. We will only share your data with them for legal, legitimate, necessary, specific, and explicit purposes as stated in this Policy. The above-mentioned third-party service providers will only access your data within the scope necessary to perform their duties and guarantee the adoption of industry-leading technologies to protect the data.

Currently, the categories of our authorized partners include the following:

• Basic service providers: Including partners providing payment, one-click login, message push, geographic location, and anti-fraud services. Data sharing with these service providers is mostly carried out through SDKs;
• Partners providing data services (including data statistics and data analysis): To maintain/improve our products/services and provide you with higher-quality content, we may share your relevant data (including device information, terminal model, location) with designated partners providing such services, and we will not share your personal identity data without your consent;
• Content security monitoring service providers: We may cooperate with specific content security monitoring service providers for illegal audio and video annotation and analysis, and may share live streaming information with these service providers;
• Partners providing broadcasting or live streaming services: When we cooperate with third-party platforms providing broadcasting or live streaming services, we may share publicly available user data in chat rooms, such as user nicknames, rankings, and gift-giving records.

We will sign Standard Contractual Clauses (SCCs) with cross-border data recipients (including affiliates and third-party partners) to ensure adequate protection of personal data. You can obtain a copy of the SCCs by contacting our DPO. We will separately disclose the list of third parties that may receive your data for commercial purposes in the "Data Sales and Sharing" section of the platform, and provide a one-click opt-out function. For regions with specific filing requirements, we will submit the list of third-party service providers to the local regulatory authority for filing and disclose the filing number in this Policy.

We will update this Policy or the annex when we add new categories of personal data recipients or make material changes to the list, and will notify you in the manner set out in this Policy.

(2) Transfer

We will not transfer your personal privacy data to any company, organization, or individual except in the following situations:

1. Transfer with explicit consent: After obtaining your explicit consent, we may transfer your personal data;
2. In the event of mergers, acquisitions, bankruptcy liquidation, if the transfer of personal privacy data is involved, we will require the transferee to continue to be bound by this Policy; otherwise, we will require the transferee to obtain your authorization separately.

Cross-border transfer of personal data will comply with the requirements of local laws and regulations, such as adopting SCCs, relying on adequacy decisions, or obtaining approval from local regulatory authorities, and ensuring that the transferee has an equivalent level of data protection.

(3) Public Disclosure

We will only publicly disclose your personal privacy data in the following situations:

1. Obtain your explicit authorization and consent;
2. Disclosure based on legal and regulatory provisions;
3. If we have verified that you have violated any laws or regulations or seriously violated the relevant agreements and policies of the Melo platform, or to protect the personal and property safety of Melo platform users or the public, we may disclose your personal data in accordance with laws and regulations without seeking your consent.

Article 4 How We Store Your Personal Data

(1) Storage Location

You hereby agree that, based on our IT deployment, we may transfer data to servers in Hongkong for the purpose described in this Privacy Policy.

(2) Storage Duration

We will only retain your personal data for the period necessary to achieve the purposes stated in this Policy, unless otherwise required by law. We mainly determine the storage duration based on the following criteria (whichever is longer):

1. Comply with applicable laws and regulations;
2. Comply with court judgments, rulings, or other legal procedure requirements;
3. Comply with the requirements of government agencies or legally authorized organizations;
4. Reasonably necessary for the performance and implementation of our platform agreements or this Policy, or for the protection of public interests, the personal safety of Melo, its affiliates, other users, or employees.

When the storage period exceeds the above limits, your data will be deleted or anonymized. The storage duration of each type of data will be clearly specified in the platform's data processing records, which you can query through the data subject rights exercise channel.

Article 5 How We Protect Your Personal Data

1. We attach great importance to the security of your personal data and strive to take all reasonable security measures (including technical and management aspects) to protect the security of your personal privacy data, preventing the personal privacy data you provide from being improperly used, or unauthorized accessed, publicly disclosed, used, modified, damaged, lost, or leaked;
2. We will adopt reasonable and feasible means such as encryption technology and anonymization processing not lower than industry standards to protect your personal data, and use security protection mechanisms to prevent your personal data from being maliciously attacked;
3. We will establish a dedicated security department, security management system, and data security process to protect your personal data. We adopt strict data use and access systems to ensure that only authorized personnel can access your personal data, sign confidentiality agreements with them, monitor their operations, and conduct security audits on data and technology to ensure the security of your personal data;
4. We have formulated strict emergency response plans to minimize losses in emergencies. Once a user data security incident (such as leakage or loss) occurs, we will notify you and the relevant regulatory authorities within 72 hours. The notification will include the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, recommendations for you to independently prevent and reduce risks, and remedies for you. We will promptly inform you of the incident through push notifications, emails, letters, announcements, etc. When it is difficult to notify individuals one by one, we will issue an announcement through reasonable and effective channels. At the same time, we will report the handling of the user data security incident in accordance with the requirements of relevant regulatory authorities;
5. While protecting the security of your personal privacy data, we also recommend that you enhance your awareness of personal privacy data protection, do not disclose your personal privacy data to others via the Internet, and do not randomly open links sent by others.

Article 6 How We Handle Minors' Personal Data

Melo's products and services are designed for adults(18+). Minors are prohibited from registering or using the platform in accordance with local legal age limits. If you are a minor who meets the local legal age for using the service, you must read this Policy with your legal guardian and obtain their explicit written consent before using the service and providing your personal data to us. If the minor starts using or continues to use the service, it is deemed that their legal guardian has completed the above consent procedure.

If your guardian disagrees with your use of our services or the provision of any personal data to us in accordance with this Policy, please do not use the services and promptly inform us.

For the data of minors we have collected with the consent of the data subject's parents or legal guardians, we will not process or disclose it unless permitted by law, consented by the data subject's parents or legal guardians, or necessary to protect the minor.

If you are the guardian of a minor and have questions about the data of the minor under your guardianship, please contact us through the contact information described in Article 9 "How to Contact Us" of this Policy. We will keep the minor's data confidential and secure in accordance with relevant laws and regulations and the provisions of this Policy. If we find that we have collected a minor's personal data without the verifiable consent of the guardian, we will attempt to delete the relevant data as soon as possible.

If we identify a user as a minor or any information shared by other users contains a minor's personal data, the minor's personal data shall be subject to both this Policy and the "Children's Privacy Protection Statement".

If you are the guardian of a minor, you should carefully read this Policy, specific privacy protection guidelines (if any), and the "Children's Privacy Protection Statement". If you have any questions about the personal data protection of the child under your guardianship, or need to claim any data subject rights, please contact us through the contact information disclosed in the "Children's Privacy Protection Statement", and we will handle and reply to you within a reasonable time.

Article 7 How You Can Manage Your Personal Data

We attach great importance to your right to manage your personal data and will make every effort to protect your rights to query, access, modify, delete, withdraw consent/authorization, cancel your account, complain and report, and change privacy settings, so that you can protect your privacy and personal data security.

(1) Change or Withdraw Authorization Scope

1. Change or withdraw sensitive permission settings: You can disable precise location information, address book, camera, microphone, album, calendar, and other permissions in the device's operating system, change the permission scope, or withdraw authorization. After withdrawing authorization, we will no longer collect information related to these permissions;
2. Change or withdraw consent authorization: You can change or withdraw consent authorization by contacting us through the contact information stated in Article 9 "How to Contact Us" of this Policy;
3. Change or withdraw authorized information processing: Specific business functions and services require your information to be completed. After you withdraw consent or authorization, we cannot continue to provide you with the functions and services corresponding to the withdrawn consent or authorization, and will no longer process your personal data. However, your decision to withdraw consent or authorization will not affect our prior processing of personal data based on your authorization.

(2) Access, Delete, Correct/Modify Your Personal Data

1. Query, access, correct, modify, and delete personal account information: You can query and access your avatar, nickname, gender, birthday, occupation, voice, signature, personal tags, friend preferences, etc., and query, access, correct, or modify your profile;
2. Query, access, correct, modify, and delete other personal data:
   • Enter [Dynamics] to access and delete your published dynamics;
   • Access [Follow] to query the information of accounts you follow. In the follow list, click the "Followed" button (if any) next to the corresponding account or enter the homepage of the corresponding followed account and click the upper right corner to unfollow;
   • Access [Account and Security] to access, correct, modify, and bind mobile phone numbers, third-party accounts, and secure mobile phone numbers;
   • For security and identification reasons, you may not be able to modify some of the information you submit; if you need to modify such information, please contact us through the contact information in Article 9 "How to Contact Us" of this Policy. We will review the relevant issues as soon as possible and give a timely reply after special personnel verify your user identity;
3. Control the visibility of information:
   • Enter [Blacklist] to control whether others can communicate with you and view your account content;
   • Enter "Mobile Phone Address Book Stealth" to control whether others can find you through the mobile phone address book;
   • Enter "Show Distance" to control whether others can see the distance from you.

You have the right to request us to provide your personal data in a structured, machine-readable format, or directly transmit it to other data processors (data portability right). You also have the right to request us to delete your personal data when the data processing is no longer necessary, you withdraw consent, or the processing is illegal (right to be forgotten). We will complete the deletion or anonymization within the time limit required by local laws and regulations and notify you of the result.

After we assist you in deleting relevant information, due to applicable laws and security technology limitations, we may not be able to immediately remove the relevant information from the backup system. We will securely store your personal data and isolate it from any further processing until the backup can be erased or anonymized.

(3) Cancel Your Account

You can apply to cancel your account in the following ways:Self-service application for cancellation:

[Account and Security] - [Account Cancellation] to submit the application.

You can only apply for Melo account cancellation after meeting the Melo account cancellation conditions. Melo platform personnel can cancel the Melo account after verifying that the Melo account cancellation requirements are met. You acknowledge and understand that account cancellation is irreversible, and after you cancel your account, we will delete your information or anonymize it, except as otherwise provided by laws and regulations.

After you cancel your account, all content you have published will be anonymized. If you need to delete the content, please handle it yourself before applying for cancellation.

Account cancellation does not constitute a waiver or mitigation of any actions or responsibilities of the account prior to cancellation. You can submit an account cancellation application through the local language application form provided by the platform (if applicable), and we will complete the processing within the time limit required by local regulations.

(4) Restrict the Automatic Decision-Making of Information Systems

In some business functions, we may make decisions based on a non-artificial automatic decision-making mechanism (including information systems, etc.). If these decisions significantly affect your legitimate rights and interests, you have the right to request us to provide an explanation, and we will make a reasonable explanation on the premise of not infringing on Melo's trade secrets, other users' rights and interests, social public interests, and national interests. Where we make decisions based solely on automated processing (including profiling) that have legal or similarly significant effects on you, you have the right to obtain human intervention, express your point of view and contest the decision.

(5) Complaints and Reports

You can file a complaint or report in accordance with our publicly announced system. If you believe your rights may have been infringed, or find evidence of such infringement, you can contact us through the contact information provided in Article 9 "How to Contact Us" of this Policy. You can also file a complaint with the local regulatory authority if you are dissatisfied with our handling results.

(6) Respond to Your Above Requests

When you make the above requests, we may ask you to verify your identity to ensure account security. If you refuse to provide relevant supporting materials, we may not be able to respond to your request.

Please understand that due to technical limitations, legal or regulatory requirements, we may not be able to meet all your requests, but we will respond to your request within the time limit required by local laws and regulations (e.g., 1 month for EU users, 45 days for US users, 15 working days for Philippine users). Under the following circumstances, we will not be able to respond to your request in accordance with laws and regulations:

1. Related to national security, national defense security, and national interests;
2. Related to public security, public health, or major public interests;
3. Related to criminal investigation, prosecution, case filing, trial, and execution of judgments;
4. There is sufficient evidence to show that you have subjective malice or abuse of rights;
5. Responding to your request will cause serious damage to the legitimate rights and interests of other individuals or organizations;
6. Involving commercial secrets;
7. Other circumstances stipulated by law.

Article 8 Changes to This Statement

We may revise the terms of this statement from time to time, and such revisions form part of this statement. Without your explicit consent, we will not limit your rights under this statement. After this Policy is updated, we will remind you of relevant content updates through reasonable, appropriate, and prominent channels such as in-app pushes and official website announcements, so that you can understand any changes to this statement; you can also go to [Contact Us] - [Privacy Policy] to view the full text of this Policy. For major changes, we may also provide more prominent notifications to explain the specific changes to this statement according to the specific situation (including but not limited to emails, SMS, in-app messages, announcements, homepage, or special reminders on browsing pages).

Major changes referred to in this statement include the following:

1. Significant changes in our service model;
2. Major changes in the ownership structure and organizational structure of the Melo platform;
3. Changes in the main objects of information sharing, transfer, or public disclosure;
4. Major changes in your rights to participate in personal data processing and their exercise channels;
5. Changes in our department responsible for personal data security, contact information, and complaint channels;
6. Personal data security impact assessment reports indicating high risks.

If the revision involves changes to the scope or purpose of personal data processing, we will re-obtain your explicit consent. If you disagree with the revised/changed version of this Policy, you have the right and should stop using Melo and its services; if you continue to use Melo or its services, it is deemed that you have agreed to and accepted all/any revisions/changes.

Article 9 How to Contact Us

If you have any questions, comments, or suggestions about this Policy, you can contact us through the following channels:

• Email: zhimailian@meloparty.com
• In-app customer service on Melo: [My] - [Customer Support] - Enter "Operator Service" for consultation
• Customer Service Phone:+86 18271459309
• For other regions: Within 7 working days.

The validity, interpretation, modification, execution, and dispute resolution of this Agreement shall be governed by the laws of Hong Kong, China. If the local mandatory laws and regulations have more favorable provisions for you, such provisions shall prevail. Disputes arising from this Agreement shall first be resolved through negotiation between the parties; if negotiation fails, either party may submit the dispute to the Wuhan International Arbitration Commission for arbitration in accordance with its arbitration rules (arbitration place: Wuhan, arbitration language: Chinese).