Mero Privacy Policy.
Mero's Commitment to Protecting Your Information
We want you to understand how Mero processes your personal data and protects your images, as well as what options you have for managing them. Below, you will find information on how we handle your privacy.
At Mero, we prioritize safeguarding your images and personal data. Here are key details about our app and the security measures we employ:
- Mero is a photo- and video-editing app that enhances your media content by improving aspects like image resolution and colors. It also offers AI-based image generation capabilities.
- Our photo- and video-editing, enhancing, and generative technologies do not perform facial recognition activities. We neither attempt nor allow the identification or authentication of individuals in your images.
- You maintain full control over the images you upload, enhance, or generate using Mero. We do not sell, trade, or claim ownership of any of your images, whether you use Mero for editing existing ones or creating new ones.
- Your images are not used to train our AI technologies unless you explicitly opt in for such purposes.
- We have implemented robust security measures to protect your images, following privacy and data protection laws and industry standards. These measures include encryption and secure cloud storage.
For a detailed explanation of how we process your personal data when using Mero, please refer to our full Privacy Policy.
Privacy Policy
This Privacy Policy (“Privacy Policy”) governs the processing of personal data belonging to users (“user” or “you”) by Sago S.p.A. (“we” or “us”), the parent company of Splice Video Editor S.r.l., concerning the use of the Mero mobile application (“app”) and any other interactions with us. We present this Privacy Policy in compliance with Regulation (EU) 2016/679 – General Data Protection Regulation (“GDPR”), the Italian Legislative Decree 196/2003 (as amended), and other applicable local laws, as amended or replaced (collectively, “Applicable Privacy Laws”).
1. Data Controller and Data Protection Officer
The Data Controller is SAGOLAB S.p.A., with its registered office at Seoul(서울 서초구 서초대로 275 2F 202호/Busan) 부산 해운대구 마린시티2로 2 1506-105호 (Korea). For any queries concerning the processing of your personal data, please contact us at privacy@sagolab.com.
Our Data Protection Officer can be reached by sending an email to dpo@sagolab.com for any inquiries related to the processing of your personal data or this Privacy Policy.
2. Categories of Personal Data that We Collect, Purposes and Legal Bases for Our Processing
Provision of the Service
To enable you to use the app and to provide you with its functionalities. For example, we may process your data to enable you to edit or enhance your photos and videos, and generate AI images of yourself. Additionally, we may process your data to show you information about the app and your editing or enhancing process and suggest the best images to edit with Mero.
Legal Basis: Contractual Relationship Our contractual relationship provides the legal grounds for processing this data for this purpose (article 6(1)(b) of the GDPR).
Categories of Processed Data: Identifiers, Internet and network activity information, and more
- Identifiers (such as IP address, device model, device type, OS version, device language, device name, country set in the device settings, information about your interactions with the app, and unique identifiers), and other information necessary to enable you to use the app.
Processing Images and Videos
The app processes the images, videos, and audio recordings that you upload, including images containing faces, as well as the images generated by the app (enhanced photos and videos and AI images). When images contain faces, we process certain information about them, such as information that estimates the location of parts and areas of the faces (“Facial Data”). Note that in some jurisdictions outside of Europe, Facial Data may be considered biometric data. The photo-video editing, enhancing, and generative technologies implemented in the app do not allow unique identification or authentication of people in the images, nor are we training the technologies to do so. This means that we only use the app to create the requested AI images based on the images containing faces shared by the user.
Access to Photo and Video Library
To edit photos and videos or generate AI images, the app needs access to your photo and video library and your camera. The app requires that you expressly allow this access, through a request appearing on your mobile device.
Service Improvement
To improve and develop our products and services. For example, we process your data by conducting statistical analysis or other research activities to optimize our features and provide you with new ones. Identifiers (such as name, social media handle, or email address, when requested), Internet and network activity information (such as IP address), inferences we generate, your gender (if you choose to share this information), and other related information about your usage of and experience with the app. For the purpose of statistical analysis, we may also collect information and metadata related to your images, videos, and audio recordings. In such cases, we will only process anonymized data. See below for details about how we use the images, videos, and audio recordings you upload, as well as Facial Data to improve our photo-video editing, enhancing, and generative features, and train our photo-video editing, enhancing, and generative algorithms.
Legal Basis: Legitimate Interest
- Our legitimate interest to improve our products and services provides the legal grounds for processing this data for this purpose (article 6(1)(f) of the GDPR).
Categories of Processed Data: Inferences and more
- For the purpose of statistical analysis, we may also collect information and metadata related to your images, videos, and audio recordings. In such cases, we will only process anonymized data.
Editing and Enhancement Improvement
To improve our photo-video editing, enhancing, and generative features in Mero and in other photo-video editing apps provided by us and our subsidiary companies, and to offer a better service for editing, enhancing, and generating your images and videos. Your consent provides the legal grounds for processing this data for this purpose. If you haven’t explicitly granted this consent, we do not perform these actions. You can check and update the permissions you have granted via the app’s privacy settings. The images, videos, and audio recordings you upload, as well as Facial Data, if you expressly give your consent for this specific purpose. As described above, while Facial Data may be considered biometric data in some jurisdictions outside of Europe, the technologies implemented in the app do not allow or aim at performing a unique identification or authentication of people in the images, nor are we training the technologies to do so. We do not collect or use Facial Data of US-based users to improve our photo-video editing, enhancing, and generative features nor to train our photo-video editor algorithms.
Legal Basis: Consent
- Your consent provides the legal grounds for processing this data for this purpose (article 6(1)(a) of the GDPR).
Troubleshooting
To ensure the quality and the proper functioning of the services, by analyzing, preventing or correcting failures and bugs, as well as by conducting the manual or other review of
3. Data Storage and Protection
Personal data may be processed by both automated and non-automated means and may be stored at our premises and on our service providers’ servers. We adopt appropriate technical and organizational measures designed to prevent the loss, improper use, and alteration of your personal data. For example, we adopt measures to protect your images. However, transmissions of data over the Internet are never 100% secure.
Personal data processed for the purposes of Provision of the Service, Service Improvement, Customer Support, and Profiling will be kept for no more than three (3) years from the date of your last interaction with the app or from the date of the expiration of your subscription. If you access the app after your subscription expires, the retention period starts from the date of this most recent interaction with the app.
With specific reference to images, videos, audio recordings that you upload, as well as Facial Data processed to generate AI images, the following retention policy applies:
-
For Provision of the Service purposes, they will be kept for no more than twenty (20) days from the most recent between the upload and your last usage of the AI feature if you have a subscription and no more than seven (7) days from the most recent between the upload and your last usage of the AI feature if you don’t have a subscription.
-
For Editing and Enhancement Improvement purposes, subject to your consent, they will be kept for no more than one (1) year from the upload or generation of the AI images, regardless of whether you have a subscription or not.
With reference to AI images, the following retention policy applies:
- For provision of the Service purposes, they will be kept for no more than seven (7) days from their generation, regardless of whether you have a subscription or not.
- For Editing and Enhancement Improvement purposes, subject to your consent, they will be kept for no more than one (1) year from the upload or generation of the AI images, regardless of whether you have a subscription or not.
Upon the expiration date, images, videos, audio recordings, as well as Facial Data processed to generate AI images and AI images themselves, are automatically deleted from our servers and those of our service providers.
Personal data processed for Troubleshooting purposes will be kept only as long as necessary to fulfill said purposes, and in any case for no more than one (1) year from the date of your last interaction with the app or from the date of the expiration of your subscription. If you access the app after your subscription expires, the retention period starts from the date of this most recent interaction with the app.
Personal data processed for Compliance purposes will be kept up to five (5) years from the date of your last interaction with the app or from the date of the expiration of your subscription. If you access the app after your subscription expires, the retention period starts from the date of this most recent interaction with the app.
Personal data processed for Defense purposes will be kept up to ten (10) years from the date of your last interaction with the app or from the date of the expiration of your subscription. If you access the app after your subscription expires, the retention period starts from the date of this most recent interaction with the app.
Personal data processed for Marketing purposes will be kept up to two (2) years from the date of your last interaction with the app or from the date of the expiration of your subscription. If you access the app after your subscription expires, the retention period starts from the date of this most recent interaction with the app.
Regarding personal data processed for Targeted Advertising purposes, you can find more information about the retention period of your data by visiting the third parties’ privacy policies linked in Section 12 (In-app Tracking Technologies).
At the end of these specified periods, unless any legal obligations require a longer data retention, the processed personal data will be either deleted or anonymized.
4. Your Choices with Regard to the Use of Your Personal Data
To access the services and features of the app, it is mandatory for you to provide your personal data for the purposes of Provision of the Service, Compliance, and Customer Support. If you choose not to provide your personal data, you will not be able to enjoy the app’s services and features.
Where we rely on your consent to process your personal data for the purposes of Editing and Enhancement Improvement, Marketing, and Targeted Advertising, providing your personal data is optional, and you have the right to withdraw your consent at any time. If you choose not to provide your personal data, you will still be able to enjoy the app’s services and features.
Where we rely on our legitimate interest as the legal grounds to process your personal data for the purposes of Service Improvement, Troubleshooting, Defense, Profiling, and Marketing, you may, at any time, exercise your right to object to such processing as explained in Section 7 (Your Rights) below.
For data processing for the purposes of Targeted Advertising, you can manage how you share your IDFA (on iPhone or iPad) and AAID (on Android devices), which are unique device identifiers provided by the operating system of your device that allow advertisers to track and identify a user for advertising purposes. To disable this tracking, do as follows:
- From iOS and iPadOS 14.5, go to Settings > Privacy & Security > Tracking and tap to turn off or turn on Allow Apps to Request to Track or permission to track for a specific app. On previous iOS or iPadOS versions, go to Settings > Privacy > Advertising and turn on Limit Ad Tracking.
- On Android devices, you can go to your device's Settings app or Google Settings app (differs depending on your device) > Services > Ads and turn on Opt out of Ads Personalization.
5. Recipients of Your Personal Data
We may disclose your personal data to the following categories of recipients:
- Vendors carrying out activities related or instrumental to our business and operations, either as outsourced data processors appointed in writing in accordance with Applicable Privacy Laws (such as IT or storage service providers) or as autonomous data controllers (such as advertising networks and platforms).
- If we carry out a corporate transaction or operation (for example, in case of merger, acquisition, reorganization, sale of assets or assignments, and due diligence related to any such transactions), personal data may be transferred to another owner, and disclosed to our advisers and any prospective purchaser's advisers, as part of such transaction or operation.
- Public, judicial or police authorities, within the limits established by applicable laws.
- Other parties as necessary, in the event we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect our rights, property, and safety or that of our users, the public, or others.
- Professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.
- Our corporate affiliates under common control and ownership.
Personal data will not be disclosed for any reason other than those stated above, unless such disclosure is deemed necessary for the fulfillment of a legal obligation or if we request your consent.
As explained in Section 2.j), if you give your consent to install tracking technologies, you will allow third parties mentioned therein to collect personal data about you in order to show you customized and personalized advertising. If you want to learn more about their processing activities, please see the third parties’ Privacy Policies linked in Section 12 (In-app Tracking Technologies).
6. Transfers of Personal Data Outside the European Economic Area
We may transfer personal data from the European Economic Area (“EEA”), the UK or Switzerland to other countries outside the EEA. Such data transfers are based on appropriate safeguards in accordance with Applicable Privacy Laws, including (a) the standard contractual clauses developed by the European Commission; (b) the decisions of adequacy of the European Commission; or (c) binding corporate rules.
More information on the appropriate warranties are available for consultation by sending an email to privacy@sagolab.com.
7. Your Rights
Depending on where you are located, you may have certain rights in relation to your personal data. At any time and free of charge, you may exercise those rights, as specified and subject to certain limitations and exceptions under Applicable Privacy Laws. These rights may include:
-
Right of access. You have the right to obtain information about the processing of your personal data and to access it.
-
Right to rectification. You have the right to ask for the updating, rectification or integration of your personal data.
-
Right to erasure. You have the right to request the deletion of your personal data.
-
Right to restriction of processing. You have the right to request the restriction of the processing of your personal data.
-
Right to data portability. You have the right to obtain a portable electronic copy of your personal data.
-
Right to object. Where we rely on our legitimate interest to process your personal data, you have the right to object to such processing, wholly or partly, on grounds related to your situation. In particular, you are entitled to object to the processing of your personal data for direct marketing purposes, including profiling.
-
Right to withdraw consent. Where we or third parties rely on your consent to process your personal data, you have the right to withdraw your consent, although the processing carried out before your withdrawal of consent will remain valid.
You also have the right to lodge a complaint before the competent national Data Protection Authority, or other applicable regulator in the jurisdiction where you reside.
To exercise your rights, you can submit a request following these steps:
-
Access the app from your device (if you do not have it on your device any longer, you can download it again and then access it without the need to purchase a subscription).
-
Long press four fingers on any screen within the app until a menu opens up.
-
Tap Send a Privacy Request and follow the instructions.
-
After you have sent your request through Send a Privacy Request, you may uninstall the app if you do not want to use it anymore.
If you would like to submit a request by email or if you have any other questions about privacy or data protection at Sago, you can contact us at privacy@sagolab.com. We may take reasonable steps to verify your identity prior to responding to your request, such as by asking you for information that matches information we have on file about you. If you are submitting a rights request as an authorized agent, we may ask you to provide proof of your authorization to make the request, or we may contact the individual who is the subject of the request for confirmation, in accordance with Applicable Privacy Laws.
We will not discriminate against you for exercising your privacy rights.
8. Children’s Personal Data
The app is not intended for anyone under the age of 16. We do not knowingly collect personal data from children. If you believe we have received personal data from children under the age of 16, please email us at privacy@sagolab.com. If we learn that a user is under the age of 16, we will take reasonable steps to delete any processed data and close such user’s account.
9. Third-party Websites and Services
The app may include links to other websites or services operated by third parties. The activities described in this Privacy Policy do not apply to data processed by such third-party websites and services. We have no control over, and we are not responsible for, the actions and privacy policies of third parties and other websites and services.
10. Additional Information for Users Residing in Certain U.S. States
Additional Information for Users in California
California has enacted consumer privacy laws that grant their residents certain rights and require additional disclosures (“State Laws”). If you are a resident of California, this section applies to you.
We collect personal information from several sources: directly from you (for example, when you make purchases within the app or participate in a survey); automatically when you use the app (for example, device information); and from other sources (for example, mobile measurement partners). We also generate inferences about you based on your use of the app and other information we collect.
In the preceding 12 months, we have collected the following categories of personal information: identifiers; Internet or other electronic network activity information; characteristics of protected classifications under California or U.S. federal law (such as gender if you participate in a survey); commercial information (such as purchases you make in the app); approximate geolocation information (such as country); audio and visual information (such as photos and videos you share with us); inferences; and other information that relates to or is reasonably capable of being associated with you. For details about the personal information we collect, please see Section 2 (Categories of Personal Data that We Collect, Purposes and Legal Bases for Our Processing). We collect personal information for the business and commercial purposes listed in the chart in Section 2.
We may disclose your personal information with the categories of third parties as described in Section 5 (Recipients of Your Personal Data). In the preceding 12 months, we have disclosed the following categories of personal information for business purposes: identifiers, Internet and electronic network activity information, characteristics of protected classifications under California or U.S. federal law; commercial information; approximate geolocation information; audio and visual information and other information that we have inferred about you or that relates to or is reasonably capable of being associated with you.
We disclose the following categories of personal information to third parties for the purpose of engaging in targeted advertising (these disclosures may be considered “sales” or “sharing” under certain State Laws):
Categories of Personal Information “Shared,” “Sold,” or used for Targeted Advertising Categories of Third Parties
Identifiers Internet and electronic network activity App usage and diagnostic information Inferences Advertising and marketing partners
We do not knowingly collect, sell, or share personal data about users under the age of 16.
We generally do not collect information that is considered “sensitive” under State Laws. In the limited circumstances that we do, we do not use or disclose sensitive personal information for the purpose of inferring characteristics about you.
We retain personal data as described in Section 3 (Data Storage and Protection).
Right to Opt Out of Sales, Sharing, Targeted Advertising
Some of the activities described in this Privacy Policy may be considered “sales” or “sharing” of your personal information or use of your information for “targeted advertising” under the law that applies to you. You or your authorized agent may opt out of these activities by following the instructions in Section 12 (In-app Tracking Technologies).
Access, Correction, and Deletion
You have the right to request (1) to know more about and access your personal information, including in a portable format, (2) deletion of your personal information, and (3) correction (rectification) of inaccurate personal information. For details about how to exercise your rights, please see Section 7 (Your Rights).
Additional Information for Users in Illinois
In accordance with Illinois law, this section provides additional disclosures related to Facial Data. As described in Section 2, we collect and process Facial Data to enhance your photos and generate AI avatars and AI images. We do not collect or use Facial Data to improve our photo-video editing, enhancing and generative features nor to train our photo-video editor algorithms. We retain personal data as described in Section 3 (Data Storage and Protection). We use cloud storage providers to store Facial Data. We will never sell, lease, or trade Facial Data to third parties. As described above, Facial Data may be considered biometric data in some jurisdictions; however, Facial Data is not used for identification or authentication purposes.
11. Changes to this Privacy Policy
We may modify, integrate or update, in whole or in part, this Privacy Policy, and we will notify users of any modification, integration or update in accordance with Applicable Privacy Laws. If we make modifications, we will notify you by revising the date at the bottom of this Privacy Policy and, under certain circumstances, we may also notify you by additional means such as pop-up or push notifications within the app or our website, or email.
12. In-App Tracking Technologies
When we refer to “tracking technology/technologies” in this Policy, we mean any technology that stores or accesses information on the user’s device, including SDKs, tracking pixels, HTML5 local storage, local shared objects, and fingerprinting techniques.
Tracking technologies are usually classified by purpose (Technical, Analytics, Profiling) and by publisher (First-party, Third-party).
Applicable legal requirements vary based on how the tracking technologies are classified.
Below you will find the types of tracking technologies by classification along with some practical examples.
By purpose
Technical tracking technologies
Technical tracking technologies are used for the purpose of transmitting messages over an electronic communication network or to provide a service specifically requested by the user.
Thus, technical tracking technologies are essential for the correct functioning of the app and to provide the service offered to and requested by the user.
For example, technical tracking technologies can be used to monitor sessions, store specific server access information related to the user configuration, facilitate the use of online content, or keep track of items in a shopping cart or information used to fill in a form.
Technical tracking technologies do not need your consent.
Analytics tracking technologies
Analytics tracking technologies may be used to assess the effectiveness of an information society service provided by a publisher, evaluate and improve the design of an app, or help measure traffic.
In other words, analytics tracking technologies may be used to track the traffic and performance of an app by collecting aggregate data on the number of users and how they interact with the app to improve its services.
For example, analytics tracking technologies may collect information about how users access an app, including the number of users, possibly grouped by geographical area, time zone, how long users stay on the app, which parts of the app they interact with, or the number of users who used a particular feature.
Analytics tracking technologies need your explicit consent. However, analytics tracking technologies are equated to technical trackers and, thus, do not need your consent if:
they are only used to produce aggregated statistics that are performed by way of the controller’s own resources and do not turn into activities that go beyond statistical counting and enable business-related decision-making; or the third parties do not match the analytics trackers' data with any other information and do not forward such data to other third parties.
Profiling tracking technologies
Profiling tracking technologies may be used to evaluate certain personal aspects relating to users and trace specific actions or recurring behavioral patterns in the use of the offered functionalities back to specific, identified or identifiable individuals for the purpose of grouping them within homogeneous, multi-sized clusters. This is aimed at enabling the company to analyze and predict personal aspects concerning the users, provide them with increasingly customized services beyond what is strictly necessary for the delivery of the service, and send targeted advertising messages in line with the preferences expressed by the user during their in-app activities.
In other words, profiling tracking technologies may be used to convey behavioral advertising, measure the effectiveness of ads, or customize the services offered in line with the user’s monitored behavior.
For example, profiling tracking technologies can be used to create user profiles and offer content in line with the user’s interests, send targeted ads or messages, or conduct statistical analysis or other research activities to improve our products and services and measure the effectiveness of our campaigns.
Profiling tracking technologies need your explicit consent.
By publisher
First-party tracking technologies
First-party tracking technologies are installed and managed directly by the owner of the app which will process the collected data for its own purposes.
Third-party tracking technologies
Third-party tracking technologies are installed and managed by different apps or developers either for our purposes or for the third party’s own purposes.
The data collected by these third parties is governed by their own specific privacy policies and terms and conditions over which we have no control. Thus, for further information about these data processing activities, please refer to the privacy policy of such third parties as indicated in the following section ("Types of tracking technologies used by the app”).
Third-party non-anonymized analytics and/or profiling trackers need your consent. You can manage this consent at any time by accessing the “Privacy Settings” within the app.
Types of tracking technologies used in the app
Name | Purpose | Retention period | Publisher (i.e., first-party or third-party) | Description | Third-party Privacy Policy (where applicable) |
---|---|---|---|---|---|
Replicate SDK (technical) | Technical | AI models hosted (Data storage and protection) for more details. | Third-party | External software development kit (SDK). It is essential for the app to function AI models. | https://replicate.com/privacy |
Firebase Crashlytics | Technical | 3 years. See Section 3 (Data storage and protection) for more details. | Third-party | A tool provided by Google that is essential for the app to correctly interact with the backend and provide the user with key features. | https://policies.google.com/privacy |
Firebase Dynamic Links | Technical | 3 years. See Section 3 (Data storage and protection) for more details. | Third-party | A tool provided by Google that is essential for the app to correctly interact with the backend and provide the user with key features. | https://policies.google.com/privacy |
FirebaseAuth | Technical | 3 years. See Section 3 (Data storage and protection) for more details. | Third-party | A tool provided by Google that is essential for the app to correctly interact with the backend and provide the user with the key features. | https://policies.google.com/privacy |
Firebase Analytics | Technical | 3 years | Third-party | A tool provided by Google that is essential for the app to work properly. When analytics features are enabled, it can help us to improve app traffic and performance. | https://policies.google.com/privacy |
Firebase Profiling | Profiling | 3 years | Third-party | A tool provided by Google that is essential for the app to work properly. When profiling features are enabled, it can help us to measure the effectiveness of our ads. | https://policies.google.com/privacy |
Tracking technologies settings
You can activate or disable (in whole or in part) profiling and third-party analytics tracking technologies at any time through the “Privacy Settings” within the app.
When you withdraw your consent, your data will no longer be collected through those trackers but we will continue processing the data collected before the withdrawal.
You cannot deactivate first-party analytics tracking technologies since they are equated to technical trackers and, thus, are not based on your consent. However, you can opt out of the further processing of your data collected by means of such trackers by sending an email to privacy@sagolab.com.
With regards to your rights under applicable Data Protection Laws, please refer to Section 7 (Your Rights) above.
Last updated: September 21, 2023