Privacy Policy of Ravelys
Effective Date: May 11, 2026
1. Introduction
Welcome to Ravelys (hereinafter referred to as "the App"). Ravelys is an intelligent AI visual creation application designed for end users, offering one-stop visual creative functions including stylized image generation, single-image video creation, dual-image video synthesis, AI face swap, virtual outfit replacement and portrait dance animation. We are committed to delivering intuitive, secure and original AI visual creation services for all users.
We fully recognize the importance of user privacy and personal data security. This Privacy Policy is formulated in strict compliance with the App Store Review Guidelines, global data protection regulations and relevant internet information service management rules. This document clearly defines our data collection, usage, storage, protection and disclosure practices, as well as your legitimate rights regarding personal information.
By accessing and using Ravelys, you acknowledge that you have read, understood and unconditionally agreed to all terms of this Privacy Policy. If you disagree with any clause herein, please terminate your use of the App immediately.
2. Personal Information We Collect
We adhere to the lawfulness, necessity and minimalism principle. We only collect essential data required to realize the App’s core creative functions. No redundant personal data will be collected without user authorization. The detailed collection categories are specified as follows:
2.1 Information You Voluntarily Submit
2.1.1 Visual Material Data
To activate core creative features, you may voluntarily upload original photos and short videos. Such visual materials are exclusively applied to trigger corresponding AI algorithms, including image style conversion, static-to-dynamic video generation, dual-image scene fusion video production, facial replacement, costume modification and dance animation rendering. All uploaded materials are used merely for your real-time creative demands and will never be applied to irrelevant commercial or non-commercial scenarios without explicit consent.
2.1.2 Functional Preference Data
During operation, we record your manually selected creative parameters, including image aesthetic styles, video duration and frame rate, clothing templates, dance motion templates, dual-image composition parameters and content publishing preferences. These data are adopted to match personalized creative demands, optimize generation effects and improve user operational experience.
2.1.3 Community Interactive Data
Ravelys provides a creative discovery community with waterfall stream template display. If you choose to publish generated works, like, bookmark, comment or share community content, we will collect your published works (AI-generated images and videos), interactive behavior records and content visibility settings (public/private). These data maintain the normal operation of community display, social interaction and content classification management.
2.2 Special Statement for Biometric Facial Data
The AI face swap function involves biometric facial information. We attach extreme importance to the protection of facial biometric data and strictly abide by deep synthesis service management regulations. We prohibit any illegal, immoral and infringing usage of deep synthesis technology. The relevant processing rules are clarified below:
- Collection Scope: We only collect facial features extracted from portraits you actively upload for face swap tasks. No facial data will be secretly captured from local albums, cameras or other hidden channels.
- Usage Limitation: Facial data is solely used for real-time rendering and generation of face swap visual effects. It will never be utilized for user portrait profiling, identity verification, facial recognition or other irrelevant analysis.
- Storage Regulation: No facial biometric data will be cached or permanently stored on our servers or local devices. All facial data will be automatically and completely erased immediately after the face swap generation task is completed.
- Third-Party Isolation: Facial data processing is independently completed on compliant servers. We will never transmit, sell or share your facial information with any third-party institutions or individuals.
2.3 Automatically Collected Technical Data
2.3.1 Device Metadata
To guarantee stable operation of AI computing algorithms and complete fault diagnosis, we automatically collect non-sensitive device information, including device model, iOS system version, App installation version, device identification codes (IDFV, collected under user authorization only). Such data is anonymized and cannot be used to confirm user personal identity.
2.3.2 Behavioral Log Data
We record anonymous usage logs, including function access frequency, template browsing records, generation task volume, community browsing trajectory, App crash logs and operation behavior traces. These data are used for product iteration, algorithm optimization, vulnerability repair and service stability improvement.
2.4 Data We Do Not Collect
Ravelys has no collection intention and technical permission for highly sensitive personal information. We will never actively collect real-name information, identity documents, address book data, call records, SMS records, precise location information and financial account information. If you voluntarily submit the above sensitive data in private communication, we will strictly encrypt and isolate such information.
3. Usage Rules of Collected Information
All collected data shall only be used for the explicitly notified purposes in this policy. We will not expand the usage scope without obtaining your explicit authorization.
3.1 Realize Core Creative Services
Your uploaded visual materials and custom parameters are invoked for AI rendering tasks such as style beautification, intelligent video generation, costume replacement and dance animation. Community interactive data maintains the normal display, recommendation and interaction of creative square content. Facial biometric data is temporarily processed to complete face swap effects in compliance with the minimal necessity principle.
3.2 Optimize Product and Algorithm Experience
Anonymous device logs and behavioral data are analyzed to optimize AI generation clarity, shorten rendering response time, classify community templates intelligently and match personalized creative preferences, so as to continuously upgrade product fluency and content quality.
3.3 Ensure Platform Usage Security
We monitor abnormal operation behaviors through technical logs to prevent malicious brushing, illegal content publishing, piracy infringement and abusive access. We maintain community content compliance, protect user usage safety and defend the legitimate rights and interests of all platform users.
3.4 Fulfill Legal Compliance Obligations
We may retain and submit relevant data within the scope required by laws, judicial judgments and regulatory supervision to cooperate with official inspections, prevent illegal criminal acts and complete legal compliance procedures.
If we need to adjust the data usage purpose, we will issue in-app announcements or pop-up reminders in advance and obtain your explicit consent before implementation.
4. Information Storage & Security Protection
4.1 Storage Location & Retention Period
4.1.1 Storage Location
All user non-biometric data is stored on compliant cloud servers and Apple Cloud Service storage nodes. All data storage facilities are located within the territory of the People's Republic of China. Any cross-border data transmission will be carried out only after obtaining your separate explicit consent and complying with cross-border data supervision regulations.
4.1.2 Retention Period
Uploaded original materials are only cached during the creative task and will be automatically cleared after task completion. If you manually save generated works or publish content to the community, the relevant content will be retained until you manually delete, set it to private or uninstall the App. Anonymous device logs and behavioral data will be deleted or anonymized after the expiration of the optimized usage cycle. Facial data is permanently deleted immediately after generation without any retention.
4.2 Comprehensive Security Protection Measures
We adopt industry-leading encryption technology and standardized management mechanisms to build a multi-dimensional data security protection system and avoid risks such as data leakage, tampering and loss:
- Technical Encryption: We adopt SSL/TLS end-to-end encryption for data transmission and storage. Strict access authority classification is implemented for internal server data to limit unauthorized data access.
- Internal Management: We establish complete data privacy management specifications, clarify employee data security responsibilities, and conduct regular privacy training and security audits to restrain internal data operation behaviors.
- Emergency Mechanism: A data security emergency response plan is formulated. Once data leakage, tampering and other security incidents occur, we will take remedial measures immediately, complete risk assessment and actively notify users and regulatory authorities in accordance with legal requirements.
5. Information Sharing, Transfer and Public Disclosure
We will never sell, rent or trade your personal data for commercial profits. Without your explicit written consent, we will not actively share or transfer your personal information to third parties, except for the compliant scenarios below:
5.1 Authorized Third-Party Service Providers
To improve AI computing efficiency, we may entrust qualified third-party algorithm service providers to complete image rendering and video synthesis. All cooperative institutions shall sign confidentiality agreements, process data only within the authorized business scope, and delete user materials immediately after task completion. We strictly audit the data security qualification of third-party suppliers. It is explicitly stipulated that facial biometric data shall not be delivered to any external third-party institutions.
5.2 Legal Mandatory Requirements
When required by national laws, administrative regulations, judicial summons or official regulatory orders, we shall legally submit user data to complete statutory compliance obligations.
5.3 Emergency Right Protection Scenarios
To protect the personal safety, property rights and legitimate legal interests of you, other users and our platform, we may disclose necessary data under reasonable emergency circumstances, including fraud prevention, risk disposal and illegal content governance.
6. User Personal Data Rights
You enjoy legal rights including inquiry, correction, deletion, authorization withdrawal and account cancellation. We provide simple and convenient operation channels to ensure you can exercise your rights freely:
6.1 Inquiry and Correction Right
You can check your uploaded materials, AI generated works and community interaction records on the personal homepage of Ravelys. If you find incorrect personal display information, you can contact our official customer service to apply for information correction.
6.2 Data Deletion Right
You may delete local uploaded materials and cloud published works independently at any time. For all residual personal data, you can submit a deletion application via email. We will complete identity verification and data cleaning within 15 working days. Facial data is automatically cleared by the system without manual deletion operation.
6.3 Authorization Withdrawal Right
You can withdraw system permissions such as photo album access through Apple device settings. You can also modify the content visibility authority in the App to cancel public display authorization. After authorization withdrawal, we will stop collecting and using corresponding data, without affecting the legality of historical compliant data processing behaviors.
6.4 Account Cancellation Right
You can apply for account cancellation by contacting our official email. After successful cancellation, we will completely erase your personal reserved data (except data retained by legal mandatory requirements), and you will permanently lose the usage authority of all Ravelys functions and community services.
For any difficulties in exercising the above rights, please contact us via the official email address. We will reply and handle your application within 15 working days.
7. Minor Protection Clause
Ravelys is positioned as an adult-oriented AI creative tool. We do not actively collect personal information of users under 18 years old. Minors shall use this App under the supervision and consent of legal guardians. Minors are prohibited from uploading portrait materials and publishing community content without guardian permission.
If guardians find that minors illegally use our services and upload private information, please contact us via email in a timely manner. We will delete minor-related data and restrict the usage authority in accordance with regulations.
8. Policy Update & Notification
We reserve the right to revise this Privacy Policy irregularly based on legal updates, product function iteration (including community template optimization and dual-image video algorithm upgrade) and service adjustment. The revised clauses will be notified to users through in-app announcements or pop-up prompts. The updated policy shall take effect immediately after publication.
Your continuous use of the App after policy update means that you accept the revised terms. If you disagree with the updated clauses, you shall stop using the service and apply for account cancellation.
9. Contact Information
If you have any questions, feedback, complaints or right application demands regarding this Privacy Policy and data processing behaviors, please contact our official customer service through the email below:
Official Contact Email: adeedy@tombowusa.com
We will respond to your feedback and complete relevant processing within 15 working days.
10. Supplementary Terms
This Privacy Policy is only applicable to the Ravelys App itself, not to third-party links, advertisements and external services embedded in the platform. We shall not be liable for the data processing behaviors of third-party platforms. You are advised to carefully check the privacy clauses of third-party services.
All contents generated by users using Ravelys shall comply with public order, good customs and national laws. Users shall not use AI generation technology to produce vulgar, infringing, illegal and harmful content. Any illegal behavior shall be borne by the user independently. We have the right to limit functions, shield content and terminate service qualification for non-compliant accounts.