Privacy Policy

Last Updated: 25 December 2025

Introductory Notice

Thank you for choosing Whale. We recognise that personal information is extremely important to our customers and users. This Privacy Policy (“Policy”) explains how Whale (“we”, “us”, “our”) collects, uses, stores, shares, transfers and protects your data. Please read it carefully before using any Whale website, application or service. Clauses that materially affect your rights are highlighted in bold. If you decline to provide the personal data required for a specific service we may be unable to supply that product or service.

This Policy covers:

1. Definitions
2. Scope
3. How we collect personal information
4. How we use it
5. How we disclose, transfer or share it
6. How we store it
7. How we protect it
8. Your rights
9. Children’s data
10. Policy updates
11. Contact details

I. Definitions

• Whale Website: https://www.meetwhale.com/ and all sub-domains.
• Whale: Hangzhou Whale Future Technology Co., Ltd., Hangzhou Zuotoujing Technology Co., Ltd. and their respective affiliates.
• Affiliates: Entities that control, are controlled by, or are under common control with Whale.
• Personal Information: Any data relating to an identified or identifiable natural person (excluding anonymised data).

II. Scope

This Policy applies whenever you visit our websites, use our mobile applications, purchase our products, or otherwise interact with our services (“Services”). It does not apply to third-party sites or services that may be linked or embedded; please review their own privacy statements.

III. How we collect personal information

1. Account registration – name, phone, e-mail, password, verification code.
2. Service delivery – on-line behaviour logs, device identifiers, usage statistics.
3. Product technical services – voice recordings, image/video assets, channel permissions, content tags, interaction data (only what is necessary for transcription, analysis, AIGC creation, etc.).
4. Security & anti-fraud – IP address, device brand/model/OS version, service logs.
5. Cookies & similar technologies – to keep you signed in, remember preferences and analyse traffic. You may refuse cookies through browser settings, but some features may then be unavailable.
6. Third-party SDKs – embedded in our apps for functions such as push notifications or analytics. Each SDK is security-reviewed; details are listed in our SDK Information List.

IV. How we use personal information

• To perform the contract we have with you and to deliver the functions described at collection.
• To send service notices, updates or security alerts.
• To comply with legal or regulatory reporting obligations.
• To invite you to participate in surveys or product improvement programmes.

V. How we disclose, transfer or share personal information

1. Disclosure – only with your explicit consent or when required by law, regulation or competent authority.
2. Transfers – only with your prior explicit consent or where necessary to comply with mandatory legal process. In the event of a merger, acquisition or asset sale we will ensure the recipient is subject to equivalent privacy obligations and will seek your fresh consent if the purpose of use changes.
3. Onward sharing to partners – limited to what is strictly necessary to deliver core functionality (e.g., cloud hosting, payment processing, analytics) under confidentiality and security obligations.

VI. Storage & international transfers

Personal data collected in China is stored on servers located in China. We generally do not transfer data abroad unless required for legal compliance or with your explicit consent. When any overseas transfer is necessary we comply with applicable laws and obtain your approval.

We retain personal data only for the period necessary to fulfil the purposes described in this Policy plus any additional period required by contract or law.

VII. Security measures

We implement industry-standard technical and organisational measures to prevent unauthorised access, disclosure, alteration or destruction of personal data, including:

• TLS/SSL encrypted transmission and encrypted storage;
• multi-factor authentication, firewalls and role-based access control;
• regular security audits, vulnerability scanning and penetration testing;
• personal-information-protection impact assessments and an internal incident-response plan;
• ISO 27001, ISO 27017 and Level-3 Information Security Protection certifications.

Despite these measures no internet transmission is 100 % secure. If a data breach occurs we will notify you and the competent regulator without undue delay as required by law.

Please safeguard your login credentials. If you believe they have been compromised contact us immediately so we can help prevent loss.

VIII. Your rights under Chinese law

• Access & correction: You may log in to your account to view or edit most data; for anything else contact us.
• Deletion: You may request deletion when processing is unlawful, unnecessary, incompatible with the original purpose, or when you cancel your account (unless retention is required by law).
• Withdraw consent: Where processing is based on consent you may withdraw it at any time; this will not affect prior lawful processing.
• Account cancellation: You may cancel your account at any time; we will delete associated personal data unless legal retention obligations apply.

We may refuse requests that are unreasonable, repetitive, jeopardise others’ rights, or are impractical to fulfil.

IX. Children’s personal information

Our products are designed for adults and enterprise customers. If we discover that a child under the age of 14 has provided us with personal data without verifiable parental consent we will delete such data. Where parental consent has been obtained we process children’s data only to the extent and for the purposes permitted by law.

X. Changes to this Policy

We may update this Policy from time to time. We will post the revised version on our web site and, for material changes, provide prominent notice or e-mail you. Continued use of the services after any update constitutes acceptance of the new terms.

XI. Contact us

Questions, comments or complaints regarding this Policy may be directed to:

• Phone: +86 400-668-9930
• E-mail: hello@whale.im
• Postal: Personal Information Protection Officer, F14 Building D11, Phase-II, Zhejiang University Alumni Enterprise Headquarters Economic Park, 669 Cangxing Street, Cangqian Sub-district, Yuhang District, Hangzhou, Zhejiang, P. R. China.

We will respond to all inquiries within 15 working days.