APP Privacy Policy – Hotmoon

APP Privacy Policy

Last updated: June 18, 2026

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

We value Your privacy. This Privacy Policy is written in plain and clear language to help You understand clearly how We handle Your Personal Data. If You have any questions, please contact Us through the contact information provided at the end of this document.

This Privacy Policy is intended to comply with applicable requirements of U.S. federal and state laws (including the California Consumer Privacy Act [CCPA/CPRA], the Delaware Consumer Data Privacy Act [DCDPA], etc.) and the EU General Data Protection Regulation (GDPR).

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.

Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.

Application means the software program provided by the Company downloaded by You on any electronic device, named Hotmoon.

Business, for the purpose of the CCPA (California Consumer Privacy Act), refers to the Company as the legal entity that collects Consumers' personal information and determines the purposes and means of the processing of Consumers' personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of consumers' personal information, that does business in the State of California.

Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to Ustellar Technology Inc. , with its address at 919 North Market Street, Suite 950, Wilmington, DE 19801, USA.

Consumer, for the purpose of the CCPA (California Consumer Privacy Act), means a natural person who is a California resident. A resident, as defined in the law, includes (1) every individual who is in the USA for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the USA who is outside the USA for a temporary or transitory purpose.

Country refers to: United States of America.

Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.

Do Not Track (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.

Personal Data is any information that relates to an identified or identifiable individual. For the purposes of the CCPA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.

Sale, for the purpose of the CCPA (California Consumer Privacy Act), means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Consumer's personal information to another business or a third party for monetary or other valuable consideration.

"Share" or "Sharing", for the purpose of the CCPA as amended by CPRA, means providing personal information to a third party for cross-context behavioral advertising (i.e., targeted advertising based on a consumer's activities across different websites, applications, or services), regardless of whether monetary consideration is involved.

Service refers to the Application.

Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.

Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

l Email address (including when you voluntarily provide it to participate in our redemption code campaigns )

l Usage Data

l Profile photo (only when You voluntarily upload it)

l Subscription information – such as your subscription status, transaction ID, and purchase history (collected via Apple App Store or Google Play Store) 

We do not collect your full credit card or other direct payment details; these are handled entirely by Apple/Google.

Usage Data

Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

Information Collected while Using the Application

While using Our Application, We may request certain permissions on Your Device:

l Camera / Photo Library: We access Your device's camera or photo library only when You actively choose to upload or change Your profile avatar. This access is used solely for the purpose of updating Your account avatar. We do not automatically collect, store, or process any images without Your explicit action. The images are stored on our servers or third-party service providers’ servers while you use the avatar feature. You may delete or replace your avatar at any time, and you may also request deletion of your images. Upon deletion, we will remove them from active systems within a reasonable timeframe, and residual copies may remain in backups for a limited period as required for security and disaster recovery purposes.

l Location permission (Android Bluetooth compatibility only): On certain Android devices and system versions, the operating system requires location permission in order to enable Bluetooth scanning functionality. This permission is requested solely for this system-level requirement. We do not access, collect, store, or process any precise or approximate geolocation data, and the permission is not used for location tracking or analytics purposes.You can enable or disable access to these permissions at any time through Your Device settings. Disabling a permission may affect the corresponding functionality (e.g., you may not be able to change your avatar or use Bluetooth features).

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

To provide and maintain our Service, including to monitor the usage of our Service.

To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.

For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.

To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.

To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.

To manage Your requests: To attend and manage Your requests to Us.

For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.

For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.

To manage subscriptions: To verify your subscription status, process automatic renewals, and provide you with subscription-based features. We receive transaction and subscription data from Apple/Google, which we use solely for providing the subscribed service and for customer support.

 

To process redemption code campaigns: To verify the redemption code you have entered, validate your eligibility, and grant you the corresponding service entitlements or in-app benefits. We will notify you of the redemption result via an in-app pop-up message only, and we do not send separate email communications for this purpose.

Legal bases for processing Your Personal Data (under GDPR): In accordance with Article 6(1) of the EU General Data Protection Regulation (GDPR), each of our processing activities is based on one of the following legal bases:

Processing Activity

Legal Basis

Provision and maintenance of the Service

Performance of a contract (Article 6(1)(b))

Management of Your Account

Performance of a contract (Article 6(1)(b))

Fulfillment of purchase contracts

Performance of a contract (Article 6(1)(b))

Contacting You (service-related communications)

Performance of a contract or legitimate interest (Article 6(1)(b) or (f))

Sending You marketing communications

Your consent (Article 6(1)(a)) – You may withdraw at any time

Managing Your requests

Performance of a contract or legitimate interest (Article 6(1)(b) or (f))

Business transfers

Legitimate interest (Article 6(1)(f))

Data analysis and service improvement

Legitimate interest (Article 6(1)(f))

Uploading and displaying Your profile photo

Your consent (Article 6(1)(a)) – You give consent when You actively upload the photo

Managing subscriptions

Performance of a contract (Article 6(1)(b)) – necessary to provide the subscribed service

Processing redemption codes

Performance of a contract (Article 6(1)(b)) and/or Your consent (Article 6(1)(a))

We may share Your personal information in the following situations:

With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You, and to store your profile photo (e.g., cloud storage providers), and to process your subscription or redemption code via third-party platforms (e.g., Apple/Google payment services, code management tools).

For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.

With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.

With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.

With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside (e.g., your avatar may be visible to other users).

With Your consent: We may disclose Your personal information for any other purpose with Your consent.

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

Specific retention periods are as follows:

Data Type

Retention Period

Account information (e.g., email address)

For as long as the account exists and for no more than 3 years after account closure

Usage Data (e.g., IP address, browsing behavior)

36 months

Profile photo

Retained until You delete or change it, or upon account closure. If You delete it, We will remove it from our active systems within 180 days; backup copies may be retained for a limited period for disaster recovery purposes.

Camera/photo library information

Not stored by us; the photos are processed only when you actively upload them and are then stored as your profile photo (see above).

Subscription records (transaction ID, status, purchase date)

Retained for the duration of your active subscription and for 3 years thereafter, to comply with tax and accounting obligations.

edemption records (email address, redemption code, timestamp)

Retained for 36 months from the date of redemption, or longer if required to comply with applicable tax, auditing, or legal obligations.

The above retention periods may be extended where necessary to comply with legal obligations or to resolve disputes.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to --- and maintained on --- computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

Comply with a legal obligation

Protect and defend the rights or property of the Company

Prevent or investigate possible wrongdoing in connection with the Service

Protect the personal safety of Users of the Service or the public

Protect against legal liability

Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

In the event of a data breach involving Your Personal Data, We will:

Report it to the relevant supervisory authority within 72 hours of becoming aware (if applicable);

Notify You without undue delay if the breach is likely to result in a high risk to Your rights and freedoms;

Provide You with information about the nature of the breach, the possible consequences, and the measures We have taken or propose to take.

CCPA Privacy

This privacy notice section for California residents supplements the information contained in Our Privacy Policy and it applies solely to all visitors, users, and others who reside in the State of California.

Categories of Personal Information Collected

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or Device. The following is a list of categories of personal information which we may collect or may have been collected from California residents within the last twelve (12) months.

Please note that the categories and examples provided in the list below are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by Us, but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. For example, certain categories of personal information would only be collected if You provided such personal information directly to Us.

Category A: Identifiers.

Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, driver's license number, passport number, or other similar identifiers.

Collected: Yes (email address, etc.).

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Collected: Yes (name, address if provided, telephone if provided – but we only collect minimal personal data).

Category C: Protected classification characteristics under California or federal law.

Collected: No.

Category D: Commercial information.

Examples: Records and history of products or services purchased or considered.

Collected: Yes (subscription purchase history, redemption codes) .

Category E: Biometric information.

Collected: No.

Category F: Internet or other similar network activity.

Examples: Interaction with our Service or advertisement.

Collected: Yes (usage data, browsing activity).

Category G: Geolocation data.

Collected: No. (On certain Android devices, location permission may be requested due to system-level requirements for Bluetooth functionality. This does not grant us access to or result in the collection of any geolocation data.)

Category H: Sensory data.

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

Collected: Yes – but only visual data (i.e., the profile photo) that You voluntarily upload to change Your avatar. We do not collect audio, thermal, or other sensory data.

Category I: Professional or employment-related information.

Collected: No.

Category J: Non-public education information.

Collected: No.

Category K: Inferences drawn from other personal information.

Collected: No.

Under CCPA, personal information does not include publicly available information from government records, deidentified or aggregated consumer information, or information excluded by other sector-specific laws.

We do not collect any Sensitive Personal Information as defined under the CCPA (such as SSN, driver's license, precise geolocation, racial origin, etc.).

Sources of Personal Information

We obtain the categories of personal information listed above from the following categories of sources:

Directly from You – when you create an account, upload a profile photo, enter a redemption code, or contact us.

Indirectly from You – from observing Your activity on our Service.

Automatically from You – through cookies and similar technologies.

From Service Providers – third-party vendors that help us operate the Service (e.g., cloud storage for photos, Apple/Google payment services that provide subscription status and transaction IDs, and code management platforms.).

Use of Personal Information for Business Purposes or Commercial Purposes

We may use or disclose personal information We collect for "business purposes" or "commercial purposes" (as defined under the CCPA), which may include the following examples:

To operate our Service and provide You with our Service, including displaying your profile avatar, managing your subscription, and processing redemption codes.

To provide You with support and to respond to Your inquiries.

To fulfill or meet the reason You provided the information (e.g., to change your avatar, to activate a redemption code).

To respond to law enforcement requests and as required by applicable law.

For internal administrative and auditing purposes.

To detect security incidents and protect against malicious, deceptive, fraudulent or illegal activity.

We do not use your personal information for materially different, unrelated, or incompatible purposes without updating this Privacy Policy.

Disclosure of Personal Information for Business Purposes or Commercial Purposes

We may use or disclose and may have used or disclosed in the last twelve (12) months the following categories of personal information for business or commercial purposes:

Category A: Identifiers

Category B: California Customer Records categories

Category F: Internet/network activity

Category H: Sensory data (only visual – profile photos) – disclosed to our cloud storage service providers to store your avatar.

Category D: Commercial information (subscription and redemption records) – disclosed to payment service providers and redemption code management platforms.

We do not disclose geolocation data or sensitive personal information because we do not collect them.

When We disclose personal information for a business purpose, We enter into a contract that describes the purpose and requires the recipient to keep it confidential and not use it for any other purpose.

Sale of Personal Information

As defined in the CCPA, "sell" and "sale" mean sharing personal information for monetary or other valuable consideration. We do not sell any of your personal information. We have not sold any in the last 12 months.

Under CPRA, "Share" means providing personal information for cross-context behavioral advertising. We do not engage in such sharing. We have not shared any personal information for such purposes.

Therefore, we do not list any categories as sold or shared.

Share of Personal Information

We may share Your personal information with the following categories of third parties:

Service Providers (e.g., cloud storage, analytics, payment processors, redemption code managers)

 

Our affiliates

Business partners (only if you have consented)

Other users (e.g., your avatar is visible to other users)

Sale of Personal Information of Minors Under 16 Years of Age

We do not knowingly collect personal data from individuals under 16 years of age. We do not sell or share any personal information, including that of minors.

Your Rights under the CCPA

If You are a California resident, You have the following rights:

Right to know – the categories and specific pieces of personal information we collect.

Right to delete – request deletion of your personal information, subject to exceptions.

Right to optout – of sale or sharing (we do not sell or share, so this right is not applicable).

Right to correct – inaccuracies in your personal information.

Right to limit – use of sensitive personal information (we do not collect sensitive information).

Right nondiscrimination – you will not be discriminated against for exercising your rights.

To exercise any of these rights, please contact us at support@hotmoon.com or visit www.hotmoon.com. We will respond within 45 days.

Do Not Sell or Share My Personal Information

Since we do not sell or share your personal information for cross-context behavioral advertising, this right is automatically respected. If you still wish to submit an opt-out request, you may do so via our contact information.

"Do Not Track" Policy as Required by CalOPPA

Our Service does not respond to Do Not Track signals. However, we respect Global Privacy Control (GPC) signals as an opt-out of sale/sharing (though we do not engage in such activities).

Children's Privacy

Our Service does not address anyone under the age of 16. We do not knowingly collect personally identifiable information from anyone under 16. If we become aware, we will delete it.

Your California Privacy Rights (Shine the Light)

California residents may request information about our sharing of personal data with third parties for their direct marketing purposes once a year. Please contact us.

California Privacy Rights for Minor Users (Business and Professions Code § 22581)

California residents under 18 may request removal of content they have publicly posted. Contact us with your account email.

Links to Other Websites

We are not responsible for the privacy practices of other websites linked from our Service.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date. We will notify you of material changes via email or in-app notice.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

By email: support@hotmoon.com

By visiting this page on our website: www.hotmoon.com

Sunday,Monday,Tuesday,Wednesday,Thursday,Friday,Saturday
January,February,March,April,May,June,July,August,September,October,November,December
Not enough items available. Only [max] left.
Add to WishlistBrowse WishlistRemove Wishlist
Shopping cart

Your cart is empty.

Return To Shop

Add Order Note Edit Order Note
Add A Coupon

Add A Coupon

Coupon code will work on checkout page