Rabbix Privacy Policy
Last updated date: April 17, 2026
This Rabbix Privacy Policy (referred to as “this Policy”) applies to all Rabbix products, applications, websites, and services (referred to as “Products and/or Services”) that reference or link to this Policy, provided by the Rabbix Service Provider (referred to as “we”, “our”, or “us” in this Policy). Please read this Policy carefully before using our Products and/or Services so that you can understand the details of how we handle your personal data. The important contents related to sensitive personal data and your personal data rights and interests in this Policy are highlighted in bold, please pay more attention to these contents.
The Country/Region-Specific Addendum (referred to as “Local Privacy Notice”) is a supplementary explanation of this Policy according to applicable local laws, which constitutes an integral part of this Policy. The Local Privacy Notice shall prevail in the event of any conflict with the main body of this Policy, while anything that is not specifically covered shall be subject to the latter.
If our product or service provides a separate privacy policy, or if we explain to you how specific product or service collect and handle your personal data through instant notification, function update instruction and/or other appropriate approach (collectively, “Product-Specific Privacy Notice”), the Product-Specific Privacy Notice shall prevail, while anything that is not specifically covered shall be subject to this Policy.
In this Policy, “personal information” and “personal data” have the same meaning, referring to various information related to an identified or identifiable natural person recorded electronically or by other means, but do not include anonymized information.
1.About Us
Depending on your location, the entity (referred to as “we”, “our”, or “us” in this Policy) responsible for the handling of your personal data (acting as “Data Controller” or other equivalent concept as defined by applicable laws) is:
For users in Malaysia: GROWONE TECHNOLOGY PTE. LTD. (Registered Address: 10 ANSON ROAD #11-07 INTERNATIONAL PLAZA SINGAPORE(079903), D-U-N-S: 599385380)
For users in other locations (excluding Mainland China): GROWONE TECHNOLOGY PTE. LTD. (Registered Address: 10 ANSON ROAD #11-07 INTERNATIONAL PLAZA SINGAPORE(079903), D-U-N-S: 599385380)·
In order to provide you with Products and/or Services, your personal data may be processed by our affiliates or third parties. You can read more about this in Section 4.
2.How We Collect and Use Your Personal data
How We Collect Your Personal data
When using our Products and/or Services, we may collect your personal data. Depending on the product or service you use, different types of data will be collected. We will handle your personal data according to applicable laws only when necessary to provide you with our Products and/or Services, only with justified reason, and in good faith, and only for the purpose described in this Policy (including Local Privacy Notice) and the Product-Specific Privacy Notice.
When providing you with Products and/or Services, we may also collect and summarize statistics, such as application downloads, product sales, feature usage counts, and specific event trigger counts, to understand how our Products and/or Services are used. For the purposes of this Policy, the preceding statistics are not regarded as personal data. We will endeavor to isolate your personal data from non-personally identifiable information and ensure that the two types of data are used separately. However, if we combine non-personally identifiable information with personal data, such combined information will be treated and protected as personal data for as long as it remains combined.
The types of personal data that we may collect from you are:
Personal Data that You Provide to Us
Account Information. For example, Rabbix Account ID (email address), verification code, and nickname.
Contact Information. For example, your email address provided during registration or when you reach out to us for support.
Communication Information. For example, the interaction and records when you contact us. through our official email “rabbix.service@gmail.com” or other official feedback channels regarding inquiries, suggestions, or complaints.
Other information you provide to us. For example, the images or photos you proactively upload from your device's album to the editor for design purposes, and the textual dialogue or prompt information you input when using our AI image generation services.
If you provide us with other’s personal data, you shall comply with the requirements of applicable laws, including obtaining the prior consent of the data subject or other legal basis stipulated by applicable laws.
Personal Data that We Collect during Your Use of Products and Services
Device Information. For example, operating system, system version, region, telecom operator.
Application Information. For example, Rabbix application name, version number, and software installation/usage status.
Log Information. For example, IP address, URLs of accessed services, network request information, access dates and times, duration of visit, and browsing/interaction records (including history, download records, and click records) used to ensure service stability and security.
Personal Data from Third-Party Sources
When permitted by applicable laws, we may obtain your personal data from third-party sources. For example, information about you that others provide to us.
- Sharing Service Data: Information shared by third-party platforms when you use the "Share" function (e.g., sharing images to external apps), which may include device parameters and system information necessary for the integration.
How We Use Your Personal data
We use your personal data only on a legal basis. According to applicable laws, we may use your personal data under one of the legal bases: your consent, necessary to perform/enter into a contract between you and us, necessary to fulfill legal obligations, necessary to protect the vital interests of you or others, necessary to protect the legitimate interests of enterprises. Without limiting the foregoing, we may use your personal data to:
Deliver the product or service you have requested, such as delivery, activation, verification, speech recognition, speech synthesis, machine translation, device synchronization, pre-sales consultation, technical support, and after-sales service.
Notify you of operating system or application updates and installations.
Conduct promotional activities to the extent permitted by applicable laws. For example, send you information about Products and/or Services that you may be interested in, invite you to our promotional activities or market surveys. If you no longer wish to receive certain types of promotional materials, you may opt out by the method provided in the message (such as the unsubscribe link at the bottom of the email), unless otherwise specified under applicable laws.
Carry out internal audit, data analysis, and research. Analyze business operation efficiency and measure market shares, and improve our Products and/or Services.
Fulfill obligations stipulated by applicable laws.
Other purposes disclosed in the Product-Specific Privacy Notice.
Here are more detailed examples on how we use your information (which may include personal data):
Rabbix Account Registration/Login: When registering or logging in to the Rabbix Account, in order to verify your identity and protect your personal space, you provide us your email address (as Rabbix Account ID) and the verification code.
Image Editing: When you use the image editor to create designs, we request access to your album/photos to add images to the editor and save the finished work. We may also request camera permission if you choose to take a photo directly for editing. If you refuse these permissions, you will not be able to use the upload or capture functions, but other functions remain unaffected.
AI Image Generation Service:
We provide you with AI content (text, image) generation and other services based on generative artificial intelligence (hereinafter referred to as "AI") model technology. To deliver the services to you, we will collect the original materials such as text and images that you actively select or input, and transmit them back to the server for processing. The original materials you upload will only be used for generating the effect images this time. We will not store or extract identification information, nor will we use such information for identification purposes. Upon completion of the service, the system will automatically delete the aforementioned information without retention.
When you use AI content generation (including but not limited to importing materials, exporting generated content, etc.), we will request your authorization for access to the camera, photo album, and storage permissions according to the specific functions and service types you use. If you decline or cancel the authorization, you will be unable to use the corresponding functions, but this will not affect your normal use of other functions.
Operational Statistics and Analysis: To improve product interaction and optimize your experience, we automatically collect details of your usage as network logs. This includes IP address, URLs of accessed services, browser type/language, access date, time, and duration, and browsing information (such as browsing records, download records, and click records).
User Feedback: When you contact GROWONE TECHNOLOGY PTE. LTD. (DUNS: 599385380) to provide feedback, we collect information based on the specific channel used:
1.Via Email: When you contact us at rabbix.service@gmail.com, we collect your email address to facilitate communication.
2.Via In-App Feedback: When you use the feedback function within the Application, we collect your device information (OS, region) and application version to diagnose technical issues. We use this data to verify your identity, follow up on your requests, and maintain interaction records to troubleshoot problems and improve our services.
Security Maintenance: To maintain a safe operation and troubleshoot issues, we may record your device information according to specific permissions granted during installation. This includes browser information (type, plugins, language, fonts, image rendering hash, domain cache) and operating terminal information (OS, region, and telecom operator).
Sharing: When you use the sharing feature to post images to external platforms, the third-party SDKs involved (such as WeChat Open SDK )may collect your device parameters and system information to complete the sharing process.
3.How We Use Cookies and Similar Technologies
Our Products and/or Services do not involve the use of cookies or similar technologies.
4.How We Entrust, Share, Transfer, and Disclose Your Personal Data
Entrusting
We may entrust other companies to handle your personal data on our behalf. For example, we may entrust another company for hotline support, sending emails, and/or providing technical support. Such companies may only use your personal data to provide services on our behalf.
We will enter into strict data processing agreements with the entrusted party as stipulated by applicable laws. The entrusted party is obligated to handle your personal data in accordance with such agreements and shall take necessary measures to ensure the security of the personal data entrusted.
Sharing
Sharing refers to the process in which we provide personal data to other controllers, and both parties can independently determine the purposes and means of personal data processing. We will not share your personal data with external parties, except in the following cases:
Sharing with consent: After obtaining your consent in accordance with applicable laws, we will share your personal data within the scope of your authorization with third parties designated by you;
Sharing under statutory circumstances: We may share your personal data in accordance with applicable laws, litigation resolution requirements and/or legal requirements of administrative and/or judicial authorities;
Sharing with our affiliates and/or business partners: To provide you with the Products and/or Services you have requested, we may, where necessary, share your personal data with our affiliates and/or our business partners. We will only share your personal data for legitimate, appropriate, necessary, specific, and definite purposes. Before sharing, we will conduct security assessment on the sharing behavior and recipient according to applicable laws, and sign strict data sharing agreements with them.
Transfer
In the event of a merger, division, dissolution, bankruptcy, or other reasons requiring transfer of your personal data, we will inform you of the name and contact information of the recipient of the transferred personal data according to applicable laws, and require the recipient to continue to protect your personal data according to this Policy. Any change of the original purposes or means of processing by the recipient shall be subject to your consent in accordance with applicable laws.
Public Disclosure
We may publicly disclose your personal data only in the following cases:
After obtaining your consent;
To comply with the obligations, procedures, or requirements as stipulated by applicable laws;
Other circumstances permitted by applicable laws.
5.How We Protect Your Personal data
We take security measures to protect your information, including but not limited to administrative, technical and physical measures. However, please note that although we have implemented these measures, there is no security measure that can guarantee the absolute safety and security of your information. If you believe that your information has been compromised, please contact us at once. Below are some examples of data security measures we undertake:
Ensuring the security of the premises where the information systems used to process personal data are located. Such security shall prevent any uncontrolled access to such premises by persons having no rights to access such premises.
Using technical means to protect the information including but not limited to encryption and anonymization techniques.
Limiting the list of persons who are authorized to access the information systems where the personal data are processed.
Identifying threats to the security of personal data while they are being processed in our information systems. ·Assessing the effectiveness of measures taken to ensure the security of personal data.
Detecting instances of unauthorized access to personal data and taking appropriate measures to mitigate the effects of such unauthorized access.
Taking all practicable measures to restore personal data which have been modified or destroyed as a result of unauthorized access.
Establish an emergency plan for personal data leakage, including notification and disclosure mechanisms.
Monitoring measures taken to ensure the security of personal data and the level of protection of personal data information systems.
Establishing rules for access to personal data being processed in our information systems and recording all processing actions performed on personal data contained in our information systems.
Execute data processing activity records and regularly maintain and update.
6.How We Store Your Personal data
We retain your personal data only for the period necessary to fulfill the purposes described in this Policy and/or Product-Specific Privacy Notice, unless otherwise stipulated by applicable laws. We will cease to retain and delete or anonymize personal data once the purpose of collection is fulfilled, or after we confirm your request for erasure or account cancellation, or after we terminate the operation of the corresponding product or service. When deciding on these retention periods, we may take into account the following criteria:
The purpose for which we handle personal data;
The volume, nature, and sensitivity of personal data;
The risk of harm from unauthorized use or disclosure;
Our legal obligations to retain records;
Our legitimate interests in retaining records;
The minimum retention periods stipulated by applicable laws and/or regulatory requirements.
7.Your Rights
Legislations in certain countries and regions may stipulate that data subjects have certain rights on personal data, such as rights to be informed and to make decisions on the handling of personal data, and rights to access, duplicate, transfer, rectify, supplement, and delete personal data. We fully respect your data subject rights. Generally, you may manage your personal data directly through the functions of our Products and/or Services. According to applicable laws, you can submit requests for exercising data subject rights (referred to as “requests”) to us. You may read more about the data subject rights in your jurisdiction and the country/region-specific channels to submit requests in Local Privacy Notice.
Data subjects’ requests must be submitted in writing, and through the channels specified in this Policy and/or Product-Specific Privacy Notice, unless otherwise provided by applicable laws. Requests made through other channels may not be accepted.
After receiving your request, we may ask you to provide additional information to enable us to verify your identity. If you refuse to provide the information needed to verify your identity, or the information provided is insufficient to verify your identity, we may not be able to respond to your request.
Generally, we will make an initial response within 15 working days after receiving your request and fulfill your request within the period stipulated by applicable laws. We may refuse to process your request or only partially respond to your request where an exemption applies or we are otherwise entitled to do so under applicable laws, such as for requests that are manifestly unfounded, manifestly excessive, may cause us to violate contractual or legal obligations, or may cause disproportionate damage to us or third parties. In some circumstances, we may charge a fee for some requests, where permitted under applicable laws.
8.How We Handle Personal Data of Minors
We do not target our Products and/or Services to minors.
If you are a guardian and you believe that the person under guardianship has provided us with personal data, please contact us via the channels specified in Section 12 of this Policy to ensure that such personal data is deleted immediately.
9.Links to Third-Party Products and/or Services
Our Products and/or Services may contain links to third-party websites, products, and/or services. We do not have control over these third parties, and they are not subject to this Policy. Before submitting personal data to third parties, please read and refer to their privacy policies.
10.How Your Personal Data is Transferred Globally
To provide you with the Products and/or Services you have requested, we may need to transfer your personal data to our affiliates or business partners located in other countries/regions. The jurisdiction in which these global facilities are located may not protect personal data to the same standards as in your jurisdiction, but we will meet the requirements for cross-border data transfer stipulated by applicable laws through methods such as signing data transfer agreements with the recipient and conducting risk assessments accordingly, to ensure that the level of protection of your personal data, as stipulated by applicable laws and guaranteed by this Policy, is not undermined.
In particular:
For users in Malaysia, GROWONE TECHNOLOGY PTE. LTD. will act as the data controller to handle your personal data. Your personal data will be stored in data centers located in Singapore, except for cross-border transfer as permitted by applicable laws. Specifically, all images will be stored exclusively in data centers located in Singapore. While such images may be transferred to servers in Malaysia and/or Mainland China for the purpose of invoking LLM-based AI services, they will be deleted from those servers without undue delay upon the completion of processing.
For users in other regions (excluding Mainland China), GROWONE TECHNOLOGY PTE. LTD. will act as the data controller to handle your personal data. Your personal data will be stored in data centers located in Singapore, except for cross-border transfer as permitted by applicable laws. Specifically, all images will be stored exclusively in data centers located in Singapore. While such images may be transferred to servers in Malaysia and/or Mainland China for the purpose of invoking LLM-based AI services, they will be deleted from those servers without undue delay upon the completion of processing.
11.How We Update this Policy
We review this Policy periodically based on changes in applicable laws, business, and technology, and we may update this Policy. If we make a material change to this Policy, we will notify you via device and/or application and/or other suitable ways, so that you can learn about the information we collect and how we use it. Such changes to this Policy will apply from the effective date specified in the notice. We encourage you to check this page regularly for the latest information on our privacy practices. Your continued use of the products and/or services will be deemed acknowledgement of the updated version of this Policy. We will ask for your explicit consent when we collect additional personal data from you or when we use or disclose your personal data for new purposes.
12.How to Contact Us
If you have any comments or questions about this Policy, or any questions about our collection, use, or disclosure of your personal data, please contact us via rabbix.service@gmail.com, the "Feedback" function on your device and/or the methods listed in Local Privacy Notice (if any).
We will fulfill your request within the period stipulated by applicable laws. Generally, we will make an initial response within 15 working days after receiving your request, unless otherwise provided by applicable laws.
If your question itself involves a significant issue, we may ask you for more information. If you are not satisfied with the response you received from us in relation to your personal data, you can hand over the complaint to the relevant data protection regulatory authorities in your jurisdiction.
COUNTRY/REGION-SPECIFIC ADDENDUM FOR SINGAPORE
For the purpose of this Policy, for Singapore, “personal data” includes data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or is likely to have access.
Accuracy
Where you provide personal data to us (whether personal data of yourself or which relate to another person), you acknowledge that we are entitled to regard such personal data as being complete, accurate, and up to date. You also undertake to let us know without undue delay if there are changes to the personal data that you have provided us so that the personal data in our possession remains complete, accurate and up to date.
How We Use Your Personal Data
You further acknowledge and consent to our collection, use, disclosure and/or processing of your personal data for the following purposes:
(a)to verify your identity;
(b)to provide you with any services that you may request from us from time to time and to communicate with you in relation to those services;
(c)to deliver to you any notices, updates, notifications, alerts and communications relevant to your use of our Products and/or Services;
(d)to manage your relationship with us;
(e)to store, host and/or back up (whether for disaster recovery or otherwise) your personal data;
(f)to respond to any legal Processes, pursue legal rights and remedies, and manage any complaints, claims, feedback and fault reporting;
(g)to respond to requests for information from public and governmental/ regulatory authorities, statutory boards, whether within or outside Singapore, for audit, compliance, investigation and inspection purposes;
(h)to comply with any applicable law, regulation, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority, whether within or outside Singapore; and
(i)to achieve any other incidental business purposes related to or in connection with the above.
Your rights
The last paragraph of Section 7 (Your Rights) is replaced with the following:
You may withdraw your consent for us to use your personal data for one or more of the purposes set out in the Policy by writing to us using the contact details in the Policy. Upon receipt of your written request to withdraw your consent, we may require a reasonable period of time to process and respond to your request. However, please note that (i) your failure to supply certain personal data to us, or (ii) your request to withdraw your consent (depending on its nature and scope) may result in us being unable to continue providing you with access to our Products and/or Services. We may also continue to retain and use your personal data where required or permitted to do so by applicable laws.
You may request to access and/or correct the Personal Data currently in our possession by writing to us using the contact details in the Policy. Please note that we may charge you a reasonable fee for the handling and processing of your requests to access your personal data. If so, we will inform you of the applicable fee and obtain your consent before processing your access request.
We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days after receiving your request of the time by which we will be able to respond to your request.
We may refuse to process your request or only partially respond to your request where an exemption applies or we are otherwise entitled to do so under applicable laws, such as for requests that are manifestly unfounded, manifestly excessive, may cause us to violate contractual or legal obligations, or may cause disproportionate expenses or damage to us or third parties.
Links to Third-Party Products and/or Services
Replace Section 9 (Links to Third-Party Products and/or Services) with the following:
Our Products and/or Services may contain links to third-party websites, products (including apps), and/or services. We do not have control over these third parties, and they are not subject to this Policy. Such third parties may collect personal data from you or require you to provide them with your personal data. Before submitting personal data to third parties, please read and refer to their terms of use and privacy policies. You shall not hold us liable for any liabilities, losses or damages that you may incur as a result of your use of any third-party websites, products (including apps), and/or services, or the collection, use, disclosure and/or processing of your personal data by any third parties.