Privacy Policy

Last Updated: July 11, 2026

This Privacy Policy applies to the mobile application "Holos" (the "App"), owned and operated by Yiwu Heluo Network Technology Studio (operating under the trade names "Holos AI" and "Holos Labs", hereinafter "we", "us", or "our"), registered in the People's Republic of China.

1. Information We Collect and How We Use It

A. Android Sensitive Permissions

Because the core functions of this App (AI floating bubbles, smart replies) rely on high-sensitivity system permissions, we strictly follow Google Play developer policies regarding these permissions:

Prominent Disclosure: In addition to this policy, before you grant the above permissions for the first time, the App will explain the use of data in a clear, non-technical language via an independent runtime dialog and request your explicit consent (Opt-in). You may revoke these permissions at any time via system settings or within the App.

B. Account Authentication Data

We provide account services via Firebase Authentication. When using Google Sign-in or email registration, we collect your email address, name, and profile URL, solely for identity verification, membership management, and account security.

C. Payment and Billing Data

This App processes membership subscription fees via Google Play Billing. All transactions are handled directly by the Google Play platform; we do not collect, process, or store your credit card or billing information on our servers.

2. Data Processing, Storage, and AI Integration

Local-First Processing: Chat messages captured via the Accessibility Service or Notification Listener are processed locally on your device first.

Transfer to Third-Party AI Services: To generate smart replies, relevant chat context is transmitted via encrypted API channels to third-party Large Language Model (LLM) service providers (Currently using: Gemini, OpenAI, DeepSeek) for text generation. The data is deleted from the service provider's side immediately after generation and is not retained for training purposes.

Cross-Border Data Transfer: Since we and some service providers are located outside of the People's Republic of China and/or other jurisdictions, your data may be transferred across borders. For EU/EEA users, we commit to using Standard Contractual Clauses (SCCs) or other GDPR-recognized compliance mechanisms.

No Persistent Storage of Chat History: We do not permanently store or archive your chat conversations or personal messages on our servers. Temporary text context is cleared from memory once the reply is generated.

No Data Sales: We never sell, rent, trade, or distribute your personal information or chat content.

3. Third-Party Services

This App integrates the following trusted third-party SDKs, which may collect information to identify you according to their respective privacy policies:

4. International Compliance (GDPR & CCPA)

GDPR (EU Users)

Our legal bases for processing your personal data include: performance of a contract (providing the service), your explicit consent, and our legitimate interests.

You have the rights to access, rectify, erase, restrict processing, data portability, and object to processing.

CCPA (California Users)

Categories of personal information we have collected in the past 12 months include: Identifiers (email, name), account information, and (temporarily processed) communication content.

We do not "sell" or "share" your personal information as defined by the CCPA for monetary consideration.

5. Disclaimer Regarding Third-Party IM Platform Terms

Please Note: This App reads and responds to messages in third-party instant messaging apps via Accessibility Services/Notification Listener. By using this App, you acknowledge that you assume all risks of account restrictions, bans, or other consequences resulting from violations of these third-party platform terms; we bear no responsibility for such actions.

6. Data Security and Retention

We implement industry-standard technical and organizational measures to protect your data. Account data will be deleted from our systems within 30 days after account cancellation, unless otherwise required by law.

7. Children's Privacy

This service is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children.

8. Changes to this Policy

We may update this Privacy Policy periodically. Any changes will be notified to you by posting the new version on this page and updating the "Last Updated" date.

9. Contact Us

If you have any questions, suggestions, or wish to exercise your data rights, please contact us at:

Support Email: support@holos.ing
EU Representative: support@holos.ing