Pop Live Privacy Policy
Effective Date:February 26, 2026
Welcome to Pop Live, a mobile application (hereinafter referred to as the "App") developed and operated by Quantum Ridge Enterprises LLC (hereinafter referred to as "we" or "us"). This Privacy Policy is designed to clearly inform you about how we collect, use, store, share, and protect your personal data, as well as the rights you have regarding your data and how to exercise those rights. The App is only available to users aged 18 and above. We will not intentionally collect or process personal data of minors (under 18 years old). If we discover that we have inadvertently collected personal data of a minor, we will immediately delete the relevant information and terminate the service. You may only use the App's services after checking to agree to this Privacy Policy and the User Terms. Please read and understand this policy carefully. If you do not agree to any provisions herein, do not use the App.
I. Definitions and Interpretations
Refers to various types of information recorded electronically or by other means that can identify a specific natural person individually or in combination with other information, or reflect their activities, including but not limited to images, audio, device information (including Device ID), photos, and operation records generated when you use the App.
Refers to personal data that may cause infringement of your personal dignity or harm to your personal or property safety if disclosed or illegally used, including image and audio data generated through the App's camera and microphone, personal photos obtained through photo permissions, as well as unique device identifiers and Device ID.
Refers to the organization that determines the purposes and methods of personal data processing. The data controller for this app is Quantum Ridge Enterprises LLC.
1.4 Data Protection Officer (DPO)
A dedicated person responsible for supervising the compliance of the App's personal data processing activities, providing data protection consulting services, and acting as a liaison with regulatory authorities. You may contact the DPO through the contact information specified in this Policy.
II. Data Controller and Contact Information
2.1 Data Controller Information
Company Name: Quantum Ridge Enterprises LLC
Company Address: KAUSHER SHAWANDA POWELL SOLE MBR, 212 W TROY ST STE B DOTHAN, AL 36303
Contact Email: elizabethpet20@gmail.com
2.2 Data Protection Officer (DPO)
We have appointed a dedicated Data Protection Officer to supervise the compliance of data processing activities and respond to inquiries related to user data. You may contact the DPO via email at elizabethpet20@gmail.com, with the email subject marked "Data Protection Inquiry".
III. Scope and Methods of Information Collection
3.1 Categories and Purposes of Collected Information
We only collect personal data necessary to fulfill the core functions of the App, adhering to the principle of "data minimization" and not collecting irrelevant information. Details are as follows:
• Camera Permission-Related Data: After you actively enable the camera permission, the App will access image data captured by the camera, which is only used to implement one-on-one video chat and real-time interactive display functions. It will not automatically store or upload images that you have not actively sent.
• Photo Permission-Related Data: After you actively enable the photo permission, the App will only read the photos you actively select to upload and share, which are used for core functions such as chat interaction and personal profile display. It will not batch scan or read all photos in your device, nor store photos that you have not actively uploaded.
• Microphone Permission-Related Data (Recording): After you actively enable the microphone permission, the App will access audio data, which is only used for sound transmission during video chats and voice interactions. It may also temporarily cache recording content to ensure smooth calls. The temporary cache will be automatically cleared after the interaction ends (except as required by laws and regulations).
• Album Permission-Related Data: When you actively enable the album permission and select images/videos to upload, the App will read the selected content for sharing in chat scenarios or personal display. It will not access or read album content that you have not actively selected.
• External Storage Permission-Related Data: Only used to cache necessary resources for App operation (such as chat records, received images and videos) and store content you actively save. Cache files can be manually cleared through the App's settings.
• App Information Access Permission-Related Data: Reads your device model, operating system version, advertising ids, Device ID (such as IMEI, Android ID and other unique device identifiers), App version, and network status. This is used to ensure App compatibility and stability, optimize service experience, and prevent malicious use, account theft, and security risks. Device ID will be stored in an encrypted manner and only used for the above compliance purposes.
• In-App Purchase-Related Data: When you make in-app purchases, order numbers, payment amounts, payment times, and in-app purchase product information will be generated. This data is used to complete transaction settlement, order verification, after-sales services, and prevent payment risks. Such data will be legally shared with payment service providers (only for transaction fulfillment).
• Usage Behavior Data: Includes your login status (no registered account, only session records), chat interaction records, smart matching preferences, and function usage frequency. This is used to optimize smart matching algorithms, improve service quality, and provide personalized recommendations (non-targeted advertising recommendations).
1. Active Provision by You: Includes content generated through the camera and microphone after enabling permissions, actively uploaded album files, and relevant information submitted during in-app purchase operations;
2. Automatic Collection by the App: Automatically obtains your device information, usage behavior data, and network status through background App technology. Such collection is premised on fulfilling core functions;
3. Third-Party Acquisition: Only obtains necessary data related to in-app purchase transactions from legally compliant third parties (e.g., payment service providers), ensuring that the third party has obtained your legal authorization or complies with legal requirements.
IV. Legal Basis for Data Processing
We process your personal data in strict compliance with global and regional data protection laws and regulations. The core legal bases include:
• EU General Data Protection Regulation (GDPR): Applies to scenarios where services are provided to users in the EU and personal data of EU users is processed. Data is processed based on legal grounds such as your explicit consent, performance of service contracts, and protection of legitimate interests;
• California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) of the United States: Applies to scenarios where personal data of California users is processed, safeguarding users' rights to access, delete, and opt out of data sales;
• Virginia Consumer Data Protection Act (VCDPA) of the United States: Applies to scenarios where we conduct business in Virginia or provide products/services to residents of Virginia and meet the data processing thresholds. We strictly adhere to the principles of data minimization and purpose limitation, and safeguard users' core data rights;
• Local Data Protection Laws Applicable to Other Regions: We will strictly comply with local legal requirements for data processing to ensure compliance with the specific regulations of different countries and regions.
We will clarify the corresponding legal basis for specific data processing scenarios and ensure that processing activities comply with relevant legal requirements. You may contact the DPO to learn about detailed bases.
V. Restrictions on Data Use, Sharing, and Sales
We only use collected personal data for the purposes specified in Section III of this Policy. Without your explicit consent, we will not use the data for other unrelated purposes. If the scope of use needs to be expanded due to business upgrades, we will separately inform you and obtain your consent.
We commit not to arbitrarily share your personal data with third parties. Sharing is only conducted in the following limited scenarios, and we ensure that third parties adopt adequate data protection measures:
• Payment Service Providers: Only share in-app purchase transaction-related data (order numbers, payment amounts, etc.) to complete payment settlement. Third parties are prohibited from using such data for other purposes;
• Service Providers: To ensure stable App operation (e.g., server operation and maintenance, security protection), share necessary device information and network data with legally qualified third-party service providers, and strictly restrict the scope of their data use;
• Legal Mandates: Legally provide necessary personal data to relevant authorities in accordance with legitimate subpoenas and instructions from judicial and regulatory authorities, or to fulfill legal obligations;
• Business Merger and Acquisition Scenarios: In the event of mergers, acquisitions, asset transfers, or other transactions, personal data may be transferred as part of the assets. We will notify you in advance to ensure that the transferee continues to comply with this Privacy Policy; otherwise, the data transfer will be terminated.
5.3 Prohibition of Data Sales and User Choice
We will not sell your personal data to any third party for commercial gain. Meanwhile, for regions where laws such as CCPA/CPRA apply, you have the right to opt out of the "sale" of your personal data (the definition of "sale" herein shall be interpreted in accordance with relevant laws, including the disclosure of data to third parties for consideration).
5.4 Methods to Opt Out of Data Sharing/Sales
You may opt out of data sharing or sales (if applicable) at any time through the following methods:
• For Third-Party Service Sharing: Disable the corresponding sharing permission through "Settings - Privacy Permissions - Third-Party Sharing Management" in the App, or contact us directly at elizabethpet20@gmail.com. We will process and respond within 15 working days;
• For Data Sales in Applicable Regions: Send an opt-out request to the above contact email with the subject marked "Opt Out of Data Sales", and provide your device identifier (available in the App's settings). We will immediately cease any data processing activities that may constitute "sales" and confirm this to you.
Opting out of sharing/sales will not affect legal data processing activities completed before the opt-out, nor will it affect data processing necessary to fulfill the core functions of the App.
The invitation code is solely used for screening target users and safeguarding a friendly community atmosphere. To obtain a valid invitation code, you need to complete the official questionnaire via our official website: https://www.qreenterprises.com/. The invitation code is non-transferable and non-resellable under any circumstances. We reserve the right to invalidate any invitation code that is used in violation of this regulation.
VI. Data Storage and Security Protection
We only store your personal data for the minimum period necessary to achieve the purposes of data processing:
• Temporary Cached Data (e.g., temporary call recordings, unsent images): Automatically cleared within 24 hours after the interaction ends or the App is closed;
• Chat Records, Saved Images and Videos: Cleared within 90 days after you actively delete them or the App session is terminated, unless laws and regulations require an extended storage period;
• In-App Purchase Transaction Data: Stored for 3 years after the transaction is completed, for after-sales tracing and compliance filing;
• Device and Usage Behavior Data: Stored for 1 year after your last use of the App, after which it will be anonymized (no longer identifiable to individuals).
6.2 Security Protection Measures
We adopt dual technical and management security measures to ensure that your personal data is not disclosed, tampered with, lost, or illegally accessed:
• Technical Level: Adopt TLS encryption technology for data in transit and encrypted storage for stored data; restrict data access permissions, allowing only authorized personnel to access sensitive data; conduct regular security vulnerability scans and penetration tests to promptly fix risks;
• Management Level: Establish data security management systems, provide data protection training and compliance assessments for employees; clarify data processing responsibilities and impose disciplinary measures for illegal data processing; formulate data breach emergency response plans.
In the event of a personal data breach that may harm your legitimate rights and interests, we will notify you via App pop-up, email (if provided), etc., within 72 hours of becoming aware of the breach, informing you of the breach content, scope of impact, remedial measures taken, and response suggestions. Meanwhile, we will report the breach to the corresponding regional data protection authority in accordance with regulatory requirements.
Pursuant to global data protection laws and regulations, you have the following rights regarding your personal data, and we will provide convenient channels for you to exercise these rights:
• Right to Know: The right to understand the specific circumstances of the collection, use, and sharing of your personal data. You may obtain detailed information by contacting us;
• Right to Access: The right to request a copy of your personal data. We will provide it within 30 working days of receiving the request (may be extended to 60 working days in special cases, with prior notification);
• Right to Rectification: The right to request correction of inaccurate or incomplete personal data. We will process it within 15 working days of verification;
• Right to Erasure: The right to request erasure of your personal data when the purpose of data processing has been achieved, you withdraw consent, the storage period expires, etc. We will complete the erasure within 15 working days (except as required by laws and regulations);
• Right to Withdraw Consent: The right to withdraw consent to data processing at any time (e.g., disabling camera or microphone permissions). After withdrawal, we will cease relevant data collection, but this will not affect data processing based on prior legal consent;
• Right to Restrict Processing: The right to request restriction of the processing of your personal data (e.g., when there is a dispute over the data). We will suspend relevant processing activities after verification;
• Right to Lodge a Complaint: The right to lodge a complaint with the corresponding regional regulatory authority if you believe our data processing activities violate laws, regulations, or this Policy.
You may exercise the above rights via the contact email (elizabethpet20@gmail.com). In the email, please specify the type of request and relevant identity verification information (e.g., device identifier). We will respond to your request promptly without charging any unreasonable fees.
VIII. Additional Rights in Specific Regions
8.1 EU Region (GDPR Applicable Scope)
If you are a user in the EU, in addition to the rights stipulated in Section VII of this Policy, you also have the following additional rights:
• Right to Data Portability: The right to request us to provide your personal data in a structured, commonly used, and machine-readable format for transfer to yourself or another data controller. We will cooperate to facilitate data migration;
• Right to Object to Automated Decision-Making: If we make decisions that have a significant impact on your rights and interests based on automated processing (e.g., smart matching algorithms), you have the right to object, and we will provide a manual review mechanism;
• Right to Object to Data Transfers: If you believe that the transfer of your personal data to a third country by us lacks adequate safeguards, you have the right to object, and we will provide proof of transfer compliance and an explanation of safeguard measures.
8.2 California, USA (CCPA/CPRA Applicable Scope)
If you are a resident of California, USA, in addition to the rights stipulated in Section VII of this Policy, you also have the following additional rights:
• Right to Know Data Disclosure: The right to know whether your personal data has been shared, and to request us to disclose the sharing and sales (if any) of your personal data in the past 12 months, including the categories of recipients and data;
• Right to Non-Discrimination: We will not take discriminatory measures against you (e.g., restricting service functions, increasing fees) when you exercise your data rights;
• Right to Authorize Agents: You may authorize a third-party agent to exercise your data rights on your behalf. The agent must provide valid authorization proof, and we will verify and cooperate in accordance with the law.
8.3 Virginia, USA (VCDPA Applicable Scope)
If you are a resident of Virginia, USA, and the App meets the VCDPA applicability thresholds (controlling/processing personal data of at least 100,000 consumers, or personal data of at least 25,000 consumers with more than 50% of revenue derived from data sales), in addition to the rights stipulated in Section VII of this Policy, you also have the following additional rights:
• Right to Confirmation: The right to confirm whether we are processing your personal data and the scope of such processing;
• Right to Opt Out of Targeted Advertising: The right to opt out of personal data processing for targeted advertising purposes, which can be completed through "Settings - Privacy - Opt Out of Targeted Advertising" in the App or by contacting us;
• Right to Opt Out of Data Sharing or Sale:You have the right to opt out of data sharing or sale. If you wish to withdraw your authorization for the use of your personal information for other relevant purposes, you may submit an application by sending an email to our official mailbox at elizabethpet20@gmail.com. Please clearly state your request for "opting out of data sharing or sale" in the email. We will complete the review and processing within 15 working days upon receipt of your application and feed back the result to you.
• Right to Consent to Sensitive Data Processing: For sensitive personal data as defined by VCDPA (including known minor data, biometric data, precise location data, etc.), we will only process it after obtaining your explicit consent;
• Right to Know About Data Protection Assessments: The right to learn about information related to data protection assessments conducted by us for scenarios such as targeted advertising and data sales.
We have established a data protection assessment mechanism in accordance with VCDPA requirements, and implemented reasonable administrative, technical, and physical security safeguards. You may contact the DPO to obtain relevant compliance certificates. We will not take discriminatory measures against you when you exercise the above rights.
8.4 Brazil Region (LGPD Applicable Scope)
If you are a user in Brazil, we will strictly comply with all requirements of Brazil's Lei Geral de Proteção de Dados (LGPD) and its implementing regulations. In addition to the basic data rights stipulated in Section VII of this Policy, you also have the following additional rights:
• Right to Anonymization and Blocking: The right to request us to anonymize your personal data (rendering it unidentifiable to individuals) or block it (suspending data processing activities). We will complete the operation within 15 working days of verifying the request;
• Right to Know Third-Party Sharing: The right to request us to provide detailed information on the names, contact information, scope, and purposes of third parties with whom your personal data is shared. We will provide a written (including electronic) explanation;
• Right to Remedy for Illegal Processing: If you discover that our data processing activities violate LGPD, you have the right to request us to take remedial measures such as erasure, correction, or blocking, and may claim compensation for legitimate losses incurred thereby;
• Right to Object to Specific Processing: Based on legitimate grounds (e.g., protection of personal interests), you have the right to object to specific processing of your personal data. We will suspend relevant processing and review and respond within 10 working days.
In accordance with LGPD requirements, we have appointed a dedicated Encarregado de Proteção de Dados (Data Protection Officer) to oversee the compliance of personal data processing for Brazilian users, and actively cooperate with the Autoridade Nacional de Proteção de Dados (ANPD) in regulatory inspections, investigations, and evidence collection to ensure that all data processing activities fully comply with local Brazilian laws and regulations. You may contact the Data Protection Officer via the contact email specified in this Policy, with the email subject marked "Brazilian Data Protection Inquiry".
For users in regions not separately listed above, we will strictly comply with the applicable local personal data protection laws and regulations, and safeguard your legitimate data rights in light of regional legislative characteristics. Details are as follows:
Countries in Southeast Asia (Singapore, Malaysia, Thailand, Indonesia, Vietnam, etc.) have established personal data protection legislative frameworks, which generally reference EU GDPR principles while incorporating regional characteristics. We will fulfill compliance obligations in accordance with the laws of the corresponding countries and provide the following rights protection for you:
• Singapore: In compliance with the Personal Data Protection Act (PDPA), you have the right to consent to cross-border data transfers. Before transferring your data outside Singapore, we will notify you in advance and obtain your explicit consent, or ensure data security by signing compliant data processing agreements;
• Vietnam: In compliance with the Cybersecurity Law and Decree No. 53, for data types requiring local storage, we will store the data legally within Vietnam. You have the right to inquire about the data storage location and security measures, and also have the right to receive prompt notification of data breaches (within 72 hours of the breach);
• Other ASEAN Countries: All safeguard your core data rights and require us to adopt security measures such as encrypted storage and access control. Some countries (e.g., Malaysia, the Philippines) allow cross-border data flows within the region through ASEAN Model Contract Clauses (MCCs), and we will regulate data transfer activities accordingly.
The African region is framed by the African Union Convention on Cyber Security and Personal Data Protection, and many countries (e.g., South Africa, Nigeria, Kenya) have issued local data protection laws. We will strictly comply with the requirements of relevant laws and safeguard your rights, including the right to confirm the legality of personal data processing, the right to request correction of inaccurate data, and the right to request erasure of data when the processing purpose ceases. In response to specific requirements such as South Africa's Protection of Personal Information Act (POPIA) and Nigeria's National Information Technology Development Agency Act, we will fulfill obligations such as appointing a Data Protection Officer and notifying data breaches to ensure compliance.
For users in other countries/regions outside the above areas, we will clarify the additional data rights you enjoy and the exercise channels in accordance with applicable local data protection laws and regulations. Regardless of your location, you may contact the App's Data Protection Officer (DPO) to obtain detailed explanations of data rights, exercise methods, and compliance bases in the corresponding region. We will fully cooperate with you in exercising your legitimate data rights within the scope permitted by laws and regulations, ensuring that data processing activities comply with local regulatory requirements.
If you have objections to our data processing activities or believe we have violated this Privacy Policy and relevant laws and regulations, you may lodge a complaint through the following channels:
• Contact Us First: Send a complaint email to elizabethpet20@gmail.com. We will provide a handling result within 30 working days;
• Lodge a Complaint with Regulatory Authorities: If you are dissatisfied with our handling result, you may lodge a complaint with the data protection regulatory authority in your region. For example, users in the EU may complain to the local Data Protection Authority (DPA), users in California, USA may complain to the California Attorney General's Office, and users in Virginia, USA may complain to the Virginia Attorney General's Office.
X. Policy Updates and Notifications
We may revise this Privacy Policy in response to legal updates, business adjustments, or technological upgrades. The revised Policy will be published in the App for a public notice period of no less than 7 days, taking effect upon the expiration of the notice period. If the revised content involves your core rights, we will separately notify you via App pop-up, email, etc. Your continued use of the App after the revision constitutes acceptance of the revised Policy.
You may review the latest version of this Privacy Policy at any time through "Settings - Privacy Policy" in the App.
1. This Privacy Policy and the App's User Terms form an integrated whole, jointly governing the rights and obligations between you and us. In case of any conflict between the two, this Privacy Policy shall prevail (in relation to data protection matters);
2. If any provision of this Policy is deemed invalid or unenforceable, it shall not affect the validity of other provisions, and the invalid provision shall be replaced by a legal provision closest to the original intent;
3. Disputes arising from this Policy shall first be resolved through friendly negotiation between the parties; if negotiation fails, either party may initiate legal proceedings with the competent court where the data controller is located.
Data Controller: Quantum Ridge Enterprises LLC