This Privacy Policy (hereinafter referred to as “This Policy”) is designed to clarify the relevant rules for SoakPlay video player software (hereinafter referred to as “This Software”) for collecting, using, storing, transmitting, and disclosing users‘ personal data, to protect users‘ personal data rights and interests, and to comply with international general data protection standards (including, but not limited to, the European Union‘s General Data Protection Regulation (GDPR), the W3C P3P 1.1 standards), applicable to all users who use this Software. By using this Software, you are deemed to have read, understood, and agreed to all the terms of this Policy. If you have any questions, complaints, or data-related requests, please contact us via email at ruzicic@pejicagrar.com.
1. Definition and scope
1.1 Core Definitions
1.1.1 Personal Data: Means any information that can directly or indirectly identify a specific natural person, including but not limited to names, email addresses, device identifiers, IP addresses, usage records, playback preferences, etc., in accordance with the requirements defined by the GDPR and the International General Privacy Standards for Personal Data.
1.1.2 Users: Means all individuals, corporations, or other organizations who download, install, register, and use the Software, whether for personal entertainment or commercial use (commercial use requires separate written authorization).
1.1.3 Data Processing: Means any operation performed on personal data, including collection, recording, storage, use, transmission, encryption, anonymization, deletion, etc., strictly in compliance with the relevant requirements of the International Data Protection Regulations and the P3P 1.1 standard.
1.2 Applicability Scope
1.2.1 This Policy applies to all functional modules of this Software, including but not limited to all service scenarios such as video playback, local video management, playback settings, cloud synchronization (if applicable), plugin extensions, etc.
1.2.2 This Policy does not apply to links, plug-ins, advertisements or services provided by third parties through this Software. The privacy policies for third-party services are determined solely by the third parties and are independent of this Software and the operators. Users use third-party services at their own risk.
2. Collection of Personal Data
2.1 Collecting Principles
2.1.1 Legitimacy Principles: We collect user personal data only where it is necessary to obtain the user‘s explicit consent, fulfill legal obligations, or realize the core functionality of the software. We do not illegally collect, steal, or coerce users to provide any data.
2.1.2 Minimum necessary principle: Collect only the personal data necessary to implement the software functionality, do not collect redundant data that is not related to the core functionality of the software, strictly control the scope of data collection, and comply with the international data minimization principle.
2.1.3 Transparency Principle: Before collecting user data, clearly inform the user of the purpose, scope, method, and purpose of the collection of user data, ensure that the user is aware and can voluntarily choose whether to provide it, and ensure the user‘s right to knowledge and choice.
2.2 Scope and method of collection
2.2.1 Registration and Login Data: Information such as the name, email address, and password (encrypted storage) that users voluntarily provide when registering and logging into this Software is used for authentication, account management, and security verification, and is not mandatory for providing non-personal information.
2.2.2 Usage Behavior Data: Playback records, playback progress, volume settings, subtitle preferences, local video scanning records (stored only on the local device, not uploaded to the server), device information (device model, operating system, IP address, device identifier), etc. generated during the user‘s use of this Software are used to optimize the playback experience and fix software vulnerabilities.
2.2.3 Third-party association data: If users log in to this Software through third-party platforms (such as Google, Apple, Facebook, etc.), we will obtain user-authorized basic information (such as username, profile picture) through third-party interfaces, use it for account association, do not collect additional other data from third-party platforms, and strictly comply with the privacy rules of third-party platforms.
2.2.4 Voluntary Data Provision: Users voluntarily submit feedback, complaint information, technical support requests, etc., for the purpose of responding to user needs and solving software usage problems. Users can choose not to provide such information without affecting the use of the core functionality of the software.
3. Use of Personal Data
3.1 Purpose of Use
3.1.1 Implement core functionality: Used for user authentication, account login, video playback, playback progress synchronization, local video management, playback settings saving, etc., ensuring the software runs properly and provides users with smooth video playback services.
3.1.2 Optimize the service experience: Analyze user usage behavior data and playback preferences, optimize the software interface, improve playback performance, adapt to more video formats, and recommend plugins with features that meet user preferences to improve the user experience.
3.1.3 Security Assurance: Used to prevent account theft, fraud, malicious attacks, etc., detect abnormal software use behavior, fulfill international data protection laws and regulations, and ensure the security of user accounts and data.
3.2 Usage Restrictions
3.2.1 Use of data not exceeding the scope authorized by the user. If the data needs to be used for purposes not specified in this Policy, the user must again obtain written consent. Processing of personal data beyond the scope authorized is strictly prohibited.
3.2.2 User personal data will not be used for any commercial advertising push, unless expressly authorized by the user, and the user can withdraw that authorization at any time, immediately stopping the relevant push activity upon withdrawal.
3.2.3 After anonymizing the user‘s personal data, it can be used for non-identifying purposes such as software performance analysis, industry data analysis, AI playback optimization, etc. The anonymized data does not contain any information that can identify the user and cannot be restored as identifiable data.
4. Storage and security of personal data
4.1 Storage Specifications
4.1.1 Location of storage: User personal data is stored on servers that comply with international data protection standards, located within the European Union, and is not stored in any region that does not comply with data protection requirements, ensuring that data storage complies with the GDPR cross-border data storage rules.
4.1.2 Storage Period: User Personal Data will be stored only for the period necessary to fulfill the purposes of use stipulated in this Policy. After the period is exceeded, anonymization processing or complete deletion measures will be taken according to law to ensure that the data cannot be recovered. Those that need to be retained in special circumstances will strictly comply with the requirements of relevant laws and regulations.
4.1.3 Local Storage Description: User playback progress, playback preferences, local video scanning records, and other data are primarily stored on the user‘s local device and are only uploaded to server storage after the user turns on the cloud sync feature and authorizes it. Users can turn off cloud sync and delete server-side related data at any time.
4.2 Security Measures
4.2.1 Technology Assurance: Industry-leading security technologies such as transmission encryption (SSL/TLS), storage encryption (AES-256), access control, firewalls, intrusion detection, and more are used to prevent user data from being leaked, tampered with, stolen, or lost, and security checks and vulnerability fixes are regularly performed on servers.
4.2.2 Employee Security: Conduct strict permissions management and privacy training for employees who access user data, clarify job responsibilities, sign confidentiality agreements, prohibit unauthorized access, use, and disclosure of user data, and conduct regular privacy awareness training and audits.
4.2.3 Emergency Handling: Establish a well-established data security emergency response mechanism. If security events such as data leakage or loss occur, emergency plans will be immediately initiated, remedial measures will be taken to reduce user losses, and users and relevant regulatory bodies will be promptly notified according to the requirements of relevant international laws and regulations (unless prohibited by law). At the same time, investigations will be conducted in coordination with regulatory bodies.
5. Transfer and disclosure of personal data
5.1 Data Transfer
5.1.1 Data transfer is carried out only in the context of implementing software functionality, fulfilling legal obligations, or obtaining explicit consent from the user. Encryption techniques are used during the transfer to ensure the security of the data transfer and comply with the relevant requirements for data transfer in the P3P 1.1 specification.
5.1.2 If the transfer of user data to a region outside the EU is required, it will ensure that the region has the same level of data protection as the EU GDPR, or obtain the explicit written consent of the user and sign a data transfer agreement, take the necessary security measures to ensure compliance with the data transfer.
5.2 Data Disclosure
5.2.1 Do not disclose the user‘s personal data to any third party at will, unless obtained with the explicit written consent of the user, and strictly prohibit the sale, rental, or loan of the user‘s data to any third party.
5.2.2 Those who need to disclose user data due to the requirements of laws, regulations, judicial authorities or regulatory bodies will comply with disclosure obligations according to law and, to the extent permitted by law, promptly notify users and provide relevant disclosure grounds.
5.2.3 When disclosing data to a third-party partner providing technical support, server hosting, cloud storage, etc. services for this Software, a strict Privacy Protection Agreement and Data Processing Agreement (DPA) will be signed, requiring the third party to comply with this Policy and international data protection rules, not to use, disclose, or alter user data without authorization, and to regularly audit the compliance of the third party.
6. Users‘ rights
6.1 Data Access Rights: Users have the right to access their personal data at any time, inquire about the collection, use, storage, and disclosure of the data, and can submit access requests through in-software features or by contacting our email address ruzicic@pejicagrar.com.
6.1.1 After a user submits an access request, we will respond within 15 business days by providing the user with the required copy of personal data (compliant with international data protection regulations), without charging any unreasonable fees.
6.2 Data Correction Right: If users discover that their personal data is incorrect or incomplete and have the right to request correction, we will complete the correction within 3 working days after verification and notify users through the contact details reserved by users.
6.3 Data deletion right: Users have the right to request the deletion of their personal data, and we will complete the deletion within 15 working days if the following conditions are met: the data is no longer needed for use, the user withdraws consent, the software stops providing related services, the user signs out of the account, etc.
6.3.1 Upon data deletion, the associated backup data will be completely deleted within 30 business days and cannot be recovered; anonymized data is not subject to deletion rights, and deletion behavior does not affect the legitimacy of data processing that was completed before withdrawal.
6.4 Right to withdraw consent: Users have the right to withdraw their consent to data collection, use, and disclosure at any time, and upon withdrawal of consent, we will stop the related data processing activities without affecting the use of the core functionality of the software, nor without affecting the legality of the data processing that was completed before withdrawal.
6.5 Complaints and Claims Rights: Users who believe their data rights have been infringed can lodge complaints and complaints through the contact email stipulated in this Policy. We will process and report the results within 10 working days. Users who are dissatisfied with the processing results can lodge a complaint with the relevant international data protection regulator.
7. Third-party service descriptions
7.1 Relation to Third-Party Services
7.1.1 The Software may contain links, plug-ins, or services provided by third parties (such as third-party logins, video decoding plug-ins, advertising services, etc.), and the privacy policies and usage rules for third-party services are set independently by the third parties, independent of the Software and its operators.
7.1.2 When users use third-party services, they must comply with the third-party‘s privacy policies and usage rules. The third-party is solely responsible for the collection and use of user data by the third-party, and this Software does not assume any related responsibility, nor does it intervene in privacy disputes between the third-party and users.
7.2 Third-party data management
7.2.1 We provide to third parties only the minimum amount of data necessary to realize the Services, do not provide user data beyond the needs of the Services, and sign strict privacy protection agreements with third parties, making clear the data protection responsibilities of both parties.
7.2.2 If third parties engage in unlawful collection and use of user data, users may complain to the third parties, and may notify us that we will urge the third parties to make corrections in accordance with the agreement agreement and terminate cooperation with that third party if necessary.
8. Policy Updates and Dispute Resolution
8.1 Policy Updates
8.1.1 This Policy will be updated on a timely basis based on changes in international data protection laws and regulations, upgrades to software functionality, and updates to industry standards (such as the P3P 1.1 specification revisions). Updates will then be published in prominent locations of the software (such as the login page, settings page), and will take effect upon expiration of the publication period.
8.1.2 If a Policy update involves changes to users‘ core interests, we will notify users through email, software push, etc., that users continue to use this Software, which is considered to agree to the updated Policy; if users do not agree to the updated Policy, they can stop using this Software and apply to sign out their account.
8.2 Dispute Resolution
8.2.1 Disputes arising from or related to this Policy should first be resolved through friendly negotiation; if negotiation fails, either party has the right to file a lawsuit in the courts with jurisdiction where the software operating body resides, and the international common law guidelines apply.
8.2.2 The interpretation and enforcement of this Policy are governed by the International Common Data Protection Code, and if a provision of this Policy is deemed invalid or unenforceable, it does not affect the legal validity of other provisions.
8.3 Contact information
8.3.1 If you have any questions, complaints, complaints about this Policy, or need to exercise data-related rights (access, correction, deletion of data), or to sign out of your account, please email us at ruzicic@pejicagrar.com and we will respond to you within 10 business days.