Hiya Privacy Policy

Update date: October 16, 2025

This Privacy Policy outlines how FUNI PTE. LTD., as the developer of Hiya, collects, protects and uses user information, how users manage their own personal information, how does FUNI PTE. LTD. protects minors' privacy rights through the usage of Hiya, websites and services (Collectively as “Services”), and the application and update of this Privacy Policy. It is recommended that users carefully read and understand all the contents of this policy, especially those with conspicuous marks reminding you to pay special attention.

Content

Please read and understand this privacy policy carefully before using our Services.

I. What data do we collect?

When Hiya provides Services, it may collect, store and use the following information:

• Account Information: Hiya collects, and associates with your account, the information you provide to Hiya when you do things such as sign up for your account or log into your account (like your telephone number, date of birth, gender, and public information on third-party platforms, such as your avatar and nickname on Facebook, Google, and TikTok, etc.).
• Device Information: Hiya collects information from and about the devices you use to access the Services to detect abuse and troubleshoot bugs, which may include without limitation Device model, device serial number, operating system version number, device identifier (Android such as IMEI, AndroidID, OAID, IMSI, ICCID, GAID, MEID, iOS such as IDFV, IDFA; Different identifiers will be different in terms of validity period, whether they can be reset by users and acquisition methods), software version number, login IP address, clipboard, device sensor (acceleration sensor, magnetic field, gyro sensor), access mode, type and status of network, network quality data, operation log, service log, network device hardware address (device MAC address), storage and telephone rights, software list information, WLAN access point (WLAN access point).
• User-Generated Content: Hiya also collects information from and about you when you choose to upload or broadcast your generated content on our Platform, which include without limitation comments, images, photographs, videos, audio, etc, pictures, text content and enjoy live broadcast service by yourself, we will ask users for permission to authorize cameras, photo albums, microphones, precise positioning and clipboard. When users use Android devices to log in and enjoy the live broadcast service, in order to reduce the user's traffic consumption, cache gift special effects and so on, we will obtain the storage rights of the user's devices. In this process, users can choose whether to provide it to us. If they refuse to provide this authorization, they will not be able to use this function, but it will not affect users' use of other functions of Hiya. We will save the photos, audio, video and text uploaded by users according to the needs of providing services to users, and delete them according to users' operations.
• Financial Information: You may choose to pay Hiya for specific services, in such case, Hiya may collect your payment information, which includes Apple Pay information, Google Pay information, recharge history, consumption history, and virtual property information, etc.
• Fraud Prevention Information: Hiya needs to collect your relevant information to help identify and prevent fraud.
• Usage Information: Hiya collects information related to how you use the Services, including actions you take in your account (like sharing, editing, viewing, creating and moving files or folders). Hiya uses this information to provide, improve, and promote our Services, and protect Hiya users. This information will include, log information, browsing history, search history, product interaction, crash data, performance and other diagnostic data, and other usage data.
• Device Storage Space and Album Information: You may choose to allow us to read your device storage space, access your albums to facilitate your use of the album images to publish to our Platform, chat with friends, change your avatar, etc.
• Location Information: To perform security services and location-based services, such as recommending the content of your country, Hiya may collect your geographical location.
• Clipboard Data: In order to help you more quickly save or input the content you are interested in, Hiya may collect and retrieve information in your clipboard. This data is only used for this time and will not be stored.
• Government ID Information: In certain circumstances, Hiya may ask for a government-issued ID for fraud prevention, or as required by law.
• Other Information: You may at your sole discretion to provide other information to Hiya.

II. How do we collect your data?

You directly provide Hiya with most of your personal information Hiya collects. We collect data and process data when you:

• Register as a user or place an order for any of our privileged services.
• Voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
• Use or view our Services via your cookies.

Hiya may also receive your personal information indirectly from the following sources:

• At Your Direction: You may direct other individuals or third parties to share information with Hiya. For example, log in to Hiya through platforms such as Google and Facebook.
• Hiya Partners: We may also validate the information you provide — for example, when creating a Hiya account, with a third party for security, and for fraud-prevention purposes.

III. How will we use your data?

Hiya collects your personal information so that we can:

• Ensure the normal operation of application and Services.
• Provide services to you, such as verification, upgrade, synchronization, and/or advertising services and Services.
• Conduct user authentication.
• Conduct account retrieval.
• Archive and backup purposes.
• Improve the user's information safety and provide customer support.
• Protect security and prevent fraud.
• Provide specific functions of the software or other functions based on your request.
• Research and analyze your use of the Service, provide troubleshooting, maintenance and improvement of our service.
• Send you marketing communications.
• Comply with law, such as content monitoring for User-Generated Content (including comments, images, videos, etc.), to ensure the content submitted by the user does not contain any pornographic, infringing, hate-related, violent, or illegal content.

Hiya may share personal information with service providers who act on our behalf, our partners, or others at your direction. Further, Hiya does not share personal data with third parties for their own marketing purposes.

• Affiliate: Hiya may share your information with any member or affiliate of our group, which includes our subsidiaries, our ultimate holding company and its subsidiaries, and companies that we control, are controlled by or under common control, and our strategic business partners, and their subsidiaries, in each case in or outside your country, for the purpose set out above.
• Third-Party Service Providers: Hiya may engage third parties to act as its service providers and perform certain tasks on our behalf, such as processing or storing information, performing fraud prevention, and conducting payment processing services. Hiya’s service providers are obligated to handle personal information consistent with this Privacy Policy and according to our instructions. They cannot use the personal information we share for their own purposes and must delete or return the personal information once they've fulfilled our request.
• Public Agency: Hiya may share your information with law enforcement agencies, public or tax authorities, or other organizations if legally required to do so, or if Hiya determines that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
• Successor: Hiya may share your information with our successor if we sell, buy, merge, or partner with other companies or other businesses, or sell some or all of our assets. In such transactions, user personal data may be among the transferred assets.
• Others: Hiya may share personal information with others at your direction or with your consent. Hiya may also disclose information about you if Hiya determines that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. Hiya may also disclose information about you where there is a lawful basis for doing so, if Hiya determines that disclosure is reasonably necessary to enforce Hiya’s terms of services or to protect Hiya’s operations or users.

IV. How do we store and protect your data?

We securely store your personal information at Singapore.

The duration of the storage of personal information is determined by the respective legal retention period (e.g., commercial and tax retention periods). After expiry of this period, the corresponding information will be routinely deleted, provided they are no longer necessary for the performance or initiation of the contract and/or there is no longer any legitimate interest on our part in the further storage.

Hiya will protect the personal information provided by you with safety protection measures conforming to industry standards to prevent unauthorized access, unauthorized public disclosure, unauthorized use, unauthorized modification, damage or loss of data.

The Internet is not absolutely safe, and e-mail, instant messaging, and communication with other users are not encrypted. We strongly recommend that you should not send personal information through such means. Please use a complex password to help us ensure the security of your account.

After an unfortunate personal information security incident occurs, we will inform you in a timely manner in accordance with the requirements of laws and regulations about: the basic situation and possible impacts of the security incident, the disposal measures we have taken or will take, suggestions that you can independently prevent and reduce risks, remedial measures for you, etc.

Hiya only keeps user information in accordance with this policy. When our products or services are ceased, we will notify you in the form of notification, announcement, etc., and delete your personal information or anonymize it within 90 days, unless otherwise required by relevant law.

Hiya strives to provide security for users' information to prevent loss, improper use, unauthorized access or disclosure of information. Hiya will comprehensively use various security protection measures within a reasonable security level to ensure information security.

V. The device licenses we may apply for

When providing services to you, we may need to apply for certain device permissions on the device to collect the above information and enable related functions. These permissions are not allowed by default and will only be activated through your explicit authorization to enable specific features or services. You can also withdraw your consent and deny these permissions. Especially, even if we have obtained the consent of these sensitive permissions in the past, we will not collect your information when relevant functions or services are not needed. Additionally, please note that we may use certain third-party SDKs to implement the security of our business operations and products. You can also use third-party developed H5 pages or mini programs, which may also apply to relevant operating system permissions when using our products.

The permissions that may be required are listed below:

The application permission list of Android:

1. Read the contents of the SD card (read storage space/photo permission) android.permission.read _ external _ storage.

• Description of permission function: provides the function of reading data in the storage space of the mobile phone.
• Usage scenario and purpose: App is allowed to read pictures, videos and other contents stored, which is mainly used to help users publish information, upload avatars and other functions.

2. Write/delete the content in the SD card (write/delete/storage space/photo permission) android.permission.write _ external _ storage.

• Description of permission function: Provides the function of writing to external storage.
• Usage scenario and purpose: allow the App to write/download/save/cache/modify/delete information such as pictures and videos.

3. Read the mobile phone status and identity (phone rights and device rights) android.permission.read _ phone _ state.

• Description of permission function: it provides information such as reading the mobile phone device identification, and this authority cannot monitor and obtain any call content and information of the user.
• Permission fields: device identifier (such as IMEI/MEID, IMSI, SIM card information such as (ICCID), hardware serial number (SN); Different identifiers will be different in terms of validity, whether they can be reset by users and how to obtain them)
• Usage scenario and purpose: In the process of using the App, read the call status and identification code of the device, identify the device ID, and ensure the network service of the operator, which is used to complete the main functions such as information display, account login and security guarantee.

4. Access the approximate geographic information android.permission.access _ course _ location.

• Description of permission function: Obtain approximate geographical location information through network location information (such as base station and WLAN).
• Usage scenario and purpose: used to complete security services and location-based services (LBS), such as recommending the content of the user's country, etc.

5. Access the precise geographic information android.permission.access _ fine _ location.

• Description of permission function: Obtain accurate geographical location information through global positioning system (GPS) and network location information (such as base station and WLAN).
• Usage scenario and purpose: used to complete security services and location-based services (LBS), such as recommending the content of the user's country, etc.

6. Recording android.permission.record _ audio

• Description of permission function: Use microphone to record audio.
• Usage scenario and purpose: it is used to help users complete the related functions that need to use this permission, such as audio and video information publishing, uploading, and private message interaction.

7. Take photos and videos android.permission.CAMERA

• Description of permission function: use to take photos and videos.
• Usage scenario and purpose: used to help users shoot and publish audio and video, chat with private messages and other related functions that need to use this permission.

8. Visit the list of all application software android.permission.query _ all _ packages.

• Description of permission function: read the user's application software list.
• Usage scenario and purpose: it is used to maintain the normal operation of services and ensure the security of users' accounts.

IOS operating system application permission list:

1.NSPhotoLibraryAddUsageDescription

• Description of permission function: Provides the function of writing to external storage.
• usage scenario and purpose: allow the App to write/download/save/cache/modify/delete information such as pictures and videos.

2.NSPhotoLibraryUsageDescription

• Description of permission function: Read the contents in the photo album.
• Usage scenario and purpose: App is allowed to read pictures, videos and other contents stored, which is mainly used to help users publish information, upload avatars and other functions.

3.NSCameraUsageDescription

• Description of permission function: Use the camera
• Usage scene and purpose: used to help users shoot and publish audio and video, chat with private messages and other related functions that need to use this permission.

4.NSLocationWhenInUseUsageDescription

• Description of permission function: only when the App is used, the geographical location is obtained.
• Usage scenario and purpose: used to complete security services and location-based services (LBS), such as recommending the content of the user's country, etc.

5.NSMicrophoneUsageDescription

• Description of permission function: Use microphone.
• Usage scenario and purpose: it is used to help users complete the related functions that need to use this permission, such as audio and video information publishing, uploading, and private message interaction.

6.NSUserTrackingUsageDescription

• Description of permission function: Obtain equipment identification to identify equipment information.
• Usage scenario and purpose: It is only used to identify equipment, ensure service safety and enhance the use experience.

7.NSLocalNetworkUsageDescription

• Description of permission function: Obtain the local network authority of users.
• Usage scenario and purpose: In order to ensure and optimize content loading and playback.

8.NSLocationTemporaryUsageDescriptionDictionary

• Description of permission function: Allow temporary access to accurate geographical location information.
• Usage scenario and purpose: used to complete security services and location-based services (LBS), such as recommending the content of the user's country, etc.

VI. Marketing

Hiya would like to send you information about our Services that Hiya think you might like, as well as those of our partner companies.

If you have agreed to receive marketing, you may always opt out at a later date.

You have the right at any time to stop Hiya from contacting you for marketing purpose. If you no longer wish to be contacted for marketing purposes, please contact us at:

Our email: [support@mehiya.com]

VII. What are your data protection rights?

• Right of Access: You have the right to obtain a confirmation about whether personal information concerning you are being processed; if that is the case, you have a right of access to the personal information.
• Right to Rectification: You have the right to obtain from us without undue delay the rectification of inaccurate personal information concerning you and, if applicable, to have incomplete information completed.
• Right to Erasure: You have the right to demand from us the erasure of personal information concerning you without undue delay.
• Right to Restriction of Processing: You have the right for the duration of the verification by the controller to demand the restriction of processing if one of the conditions applies, e.g. if you have objected to the processing.
• Right to Data Portability: You have the right to receive the personal information concerning you in a structured, commonly used and machine-readable format and to have these information transmitted to a third party, as long as the processing is based on consent or on a contract and the processing is carried out by means of automated procedures.
• Right to Object: If personal information are collected for the purposes of legitimate interests or in the public interest or in the exercise of official authority, you have the right to object to this processing, on grounds relating to your particular situation, at any time. We will no longer process the personal information unless there are demonstrable compelling legitimate grounds for this processing which override your interests, rights and freedoms or which serve in the establishment, exercise or defense of legal claims.

Users can query or correct the user information and authorization after logging in to the personal center. When you withdraw your account, because there are high-value properties such as members and game equipment in the account and the cancellation is irreversible, in order to avoid the cancellation without the user's permission, such as robot operation or malicious cancellation, causing losses to the user, you need to provide ID number. The user information provided during account cancellation is only used to verify the security of the cancelled account. Hiya will keep it desensitized and confidential.

If you make a request, Hiya will respond to you as soon as possible. If you would like to exercise any of these rights, please contact us at:

Our email: [support@mehiya.com]

VIII. Cookies and similar technologies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you use Hiya Services, Hiya may collect information from you automatically through cookies or similar technology.

Hiya uses cookies and similar technologies in a range of ways to improve your experience when you use our Services, including:

• Keeping you signed in.
• Understanding how you use Hiya Services.
• Conduct relevant data statistics

Hiya uses cookies and similar technologies for below purpose:

• Functionality – Hiya uses these cookies or similar technologies so that we recognize you when you use Hiya Services and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies or similar technologies are used.

Please note that cookie-based opt-outs are not effective on mobile applications. However, you may opt out on some mobile applications by following the instructions for Android, iOS, and others.

Please note you must separately opt out in each browser and on each device.

IX. Third-party sdk list

When providing services to users, Hiya also uses the following SDK technologies. When you view web pages created by third parties or use applications developed by third parties, these third parties may place their own cookies or use other technical means. These Cookies or other technological means are not controlled by us, and their use is not governed by this policy. In order to protect your information security to the greatest extent, we recommend that you check the privacy terms of any third-party SDK services before using them. To protect your legitimate rights and interests, if you find that these SDKs or other similar applications are at risk, we recommend that you immediately terminate the relevant operations and contact us in a timely manner.

In order to provide you with more services, continue to optimize the stability of the services we provide, improve service quality, or upgrade related functions, we may adjust the third-party SDKs we access and update the SDK directory. We will strictly abide by relevant laws, regulations and regulatory requirements, and evaluate the legality, legitimacy and necessity of third-party SDKs collecting your personal information before accessing the SDK to protect your personal information. You can view the third party's data use and protection rules through the relevant links. Please note that third-party SDKs may change their personal information processing types due to version upgrades, policy adjustments, etc. Please check the specific information of third-party SDKs for Android and IOS through the "Third-Party SDK List"

Privacy Advice for Shumei SDK

We suggest that you should add the following contents to the relevant sections of your app's privacy policy, such as third-party information collection details, advertising or data analysis:

X. Privacy policy for minors

Hiya does not knowingly collect or solicit personal information from anyone under the age of 13 or order (or equivalent minimum age in the relevant jurisdiction) (“Minor”) or knowingly allow such persons to use our Services. If you are a Minor, please do not send any information about yourself to Hiya, including your name, address, telephone number, or email address. No Minor may provide any personal information to Hiya. In the event that Hiya learns that it has collected personal information from Minor, Hiya will delete that information as quickly as possible. If you believe that Hiya might have any information from or about Minor, please contact us at:

Our email: [support@mehiya.com]

XI. Do not sell your personal information

Hiya herein makes the following additional commitments to you. Hiya will retain, use, or disclose personal information for any purpose other than for the purposes set out in this Privacy Policy, in no event will Hiya sell any such personal information.

XII. Transfer of personal information outside of your country

Hiya Services connect you to the world. To make that possible, your personal information may be transferred to or accessed by entities around the world. Hiya complies with laws on the transfer of personal data between countries to help ensure your information is protected, wherever it may be.

If you are a user from the European Economic Area (EEA), British, or Swiss, we would like to let you know the processing of your personal data may involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• We adopt the Standard Contractual Clause approved by the European Commission or other relevant departments which gives personal data the same protection it has in Europe.
• We adopt the equivalent mechanism stipulated in the laws applicable to data transmission to the United States and other relevant countries/regions.

XIII. Privacy policies of other websites

Hiya Services contains links to other websites or application. This Privacy Policy applies only to Hiya Services, so if you click on a link to another website or application, you should read their privacy policy.

XIV. Application and Renewal of this Policy

Hiya keeps its Privacy Policy under regular review and places any updates on this web page to ensure that this Policy is consistent with future developments, industry trends, and/or any changes in legal or regulatory requirements. We will use commercially reasonable efforts to generally notify all users of any material changes to this Policy, such as by updating the “Last Updated” date at the top of this Policy, which reflects the effective date of such Policy, or through a notice on our website or software applications.

You hereby waive any right to receive specific notice of each such change and agree to be bound by the prevailing terms of the Privacy Policy as updated from time to time. Please ensure that you visit our Policy regularly to obtain updated information on the handling of your personal information.

XV. How to contact us

If you have any questions about Hiya’s Privacy Policy, the information we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us at:

Email us at: [support@mehiya.com]

If Hiya could not response your question, you may refer your complaint to the applicable regulator.