Back to CreativeFly / 返回首页

CreativeFly

Privacy Policy

This policy explains how CreativeFly and CreativeFly AdSignal collect, use, store, protect, and delete information. The English version appears first, followed by the Chinese version.

Last updated: July 16, 2026

Privacy contact: yuki@spacetime.world

1. Scope and controller

This Privacy Policy applies to CreativeFly websites, applications, AI creative-production features, asset and project workspaces, subscriptions, and CreativeFly AdSignal (together, the “Services”). The Services are operated by 上海时创空际科技有限公司 (“CreativeFly,” “we,” “us,” or “our”).

This policy explains our processing of personal information and also describes AdSignal's handling of official public advertising-transparency records. Public business or advertising records are not treated as private account data, but we still preserve their source, permitted use, retention, and deletion boundaries.

2. Information we process

Account and contact information may include your mobile number, email address, verification status, account identifier, invitation information, organization details, and communications with us.

Service and device information may include browser and device type, operating system, IP address, timestamps, page and feature interactions, authentication, security, error, and audit logs, and cookies or similar technologies.

Creative-production information may include images, video, audio, text prompts, templates, configuration, project data, generated results, download history, and other content that you choose to submit or create through the Services.

Transaction information may include order number, subscription or credit plan, amount, currency, payment status, and billing or support information. Payment providers generally process payment credentials; we do not intend to receive your payment password or full card number.

AdSignal processes documented public or licensed advertising data such as platform ad or library identifiers, advertiser or payer identity, creative text and permitted references, disclosed targeting or reach fields, market, observed dates, status, and source evidence. TikTok Commercial Content API credentials are server-side application credentials; AdSignal does not request a user's TikTok password, private account content, or private messages.

3. Why we process information

We process information to provide and secure the Services, authenticate accounts, run requested generation and analysis jobs, store projects and assets, complete purchases, prevent fraud and abuse, provide support, maintain auditability, comply with law, and improve product reliability.

Where applicable, our legal bases may include performing a contract with you, our legitimate interests in operating and securing the Services, compliance with legal obligations, and consent when required. We will provide additional notice or obtain consent if a materially new purpose requires it.

4. CreativeFly AdSignal and platform data

AdSignal combines separately labeled source classes: official public transparency data, advertiser-authorized first-party data, contractually licensed data, permitted public observations, and modeled estimates. It does not convert public competitor records into claims of verified sales, conversions, or return on ad spend.

For TikTok's Commercial Content API, AdSignal uses a read-only server-to-server integration to retrieve public advertising-transparency records in markets supported by TikTok. We retain structured records with source, geography, capture time, rights basis, confidence, and evidence. Access tokens and client secrets are not exposed to users or included in public responses.

Platform audiovisual media remains reference-only unless the applicable API terms or a separate written license permits byte storage. When storage is permitted, approved bytes are written to access-controlled cloud object storage. Otherwise, AdSignal keeps only permitted references, hashes or fingerprints, expiry information, and evidence metadata.

5. Service providers and sharing

We may use providers for cloud hosting and object storage, content delivery, communications, authentication, payment, observability and security, and AI model or compute services. They may process information only as needed to provide their services to us and under applicable contractual and security controls.

We may disclose information when required by law, to protect users or the Services, in connection with a corporate transaction subject to appropriate safeguards, or with your direction or consent. We do not disclose platform credentials or sell raw API dumps that bypass a provider's access controls.

6. International processing and security

CreativeFly is developing Services for users and data sources in multiple regions, including the United States, Europe, Japan, and China. Information may be processed in a country other than the one where you reside. Where required, we use appropriate notices, contractual protections, consent, security assessments, or other lawful transfer mechanisms.

We apply reasonable technical and organizational safeguards, including access control, least-privilege service roles, transport encryption, secret isolation, audit logging, backups, monitoring, and incident response. No method of transmission or storage is completely secure.

7. Retention and deletion

We retain personal information only for as long as reasonably necessary for the purposes described here, our contractual relationship, security and dispute handling, and applicable legal obligations. We then delete, anonymize, or isolate it as required.

AdSignal retention is source-specific. Expiring media URLs are removed after their evidence window; hashes and provenance claims may be kept when permitted. Stored objects have a documented rights basis and retention state. Provider deletion, revocation, or licence requirements take priority over a general product retention period.

8. Your choices and rights

Depending on your jurisdiction, you may have rights to access, obtain a copy of, correct, delete, or restrict processing of your personal information; object to certain processing; withdraw consent; close your account; or complain to a competent authority.

Submit a request by email to yuki@spacetime.world. We may need to verify your identity and authority before acting. Some information may be retained where required by law or necessary for security, fraud prevention, or legal claims.

9. Children

The Services are intended for business users and people able to enter into a binding agreement. They are not directed to children. If we learn that we collected a child's personal information without the authorization required by applicable law, we will take appropriate steps to delete or otherwise address it.

10. Updates and contact

We may update this policy as the Services, providers, or legal requirements change. We will publish the updated version here and provide additional notice when a change materially affects your rights.

Privacy contact: yuki@spacetime.world. You may use this address for questions, complaints, and privacy-rights requests.

隐私政策(中文版)

更新日期:2026年7月16日

一、适用范围

本《隐私政策》适用于上海时创空际科技有限公司的 CreativeFly 网站、应用程序及相关产品服务(统称“本平台”)。当您访问营销页面、注册或登录账号、上传素材、使用 AI 视频生成能力、订阅付费服务或与我们联系时,本政策将说明我们如何处理您的个人信息。

请您在使用本平台前仔细阅读并理解本政策。若您不同意本政策的全部或部分内容,您可能无法注册、登录或继续使用相关功能。

二、我们收集的信息

账号与身份校验信息:当您注册、登录或找回账号时,我们可能收集您的手机号码、短信验证码、邀请码、账号标识以及您主动补充的邮箱等信息。

使用与设备信息:当您访问或使用本平台时,我们可能收集设备型号、操作系统、浏览器类型、IP 地址、访问时间、页面操作日志、错误日志、登录日志以及 Cookie 或同类技术信息,用于保障系统稳定、安全审计与服务优化。

业务内容信息:当您使用 AI 视频生成、参考分析、模板管理、素材管理等功能时,我们会处理您上传的图片、视频、文本提示词、模板配置、生成结果、下载记录及与任务相关的参数信息,以便完成视频生成、存储、展示和历史记录管理。

订单与支付信息:当您购买订阅、充值积分或使用其他付费功能时,我们会处理订单编号、套餐类型、金额、支付状态、交易流水号、开票或售后所需信息。具体支付过程通常由支付宝、微信支付或其他合法支付机构完成,我们不会直接处理您的支付密码、完整银行卡号等敏感支付凭证。

沟通与反馈信息:当您向我们咨询、投诉、提交建议或申请行使个人信息权利时,我们可能收集您提供的联系方式、沟通内容及处理结果。

AdSignal 数据:我们可能处理平台公开的广告透明度记录、经广告主授权的数据、依法获得许可的数据以及允许观察的公开页面信息,并记录来源、地区、采集时间、权利依据、置信度和证据。TikTok 商业内容 API 使用服务端应用凭证,不要求用户提供 TikTok 密码、私密账号内容或私信。

三、我们如何使用您的信息

我们将基于提供服务、履行法定义务、保障交易安全及经您同意等合法基础处理个人信息,主要用于:账号注册与登录验证、向您提供 AI 视频生成及相关功能、保存您的任务与资产记录、完成订阅开通和支付结算、识别并防范欺诈或滥用行为、处理客服与售后、改进产品体验,以及法律法规允许的其他用途。

若我们拟将您的个人信息用于本政策未载明的其他目的,或将信息用于新的处理方式,我们会按照法律法规要求另行向您告知并取得必要授权。

四、我们如何共享、委托处理或披露信息

为实现本平台功能,我们可能在必要范围内委托或共享部分信息给服务提供方,包括短信验证码服务商、云存储与内容分发服务商、支付机构、日志监控与安全服务商,以及为完成视频生成而接入的模型或算力服务商。我们会要求其仅在受托范围内处理您的信息,并采取不低于本平台的安全保护措施。

除以下情形外,我们不会向第三方出售您的个人信息:经您单独同意;为履行法定义务或响应行政、司法机关要求;为保护您、其他用户或社会公众的人身财产安全所必需;或法律法规允许的其他情形。

如发生合并、分立、重组、资产转让或类似交易涉及个人信息转移,我们会依法告知您接收方的名称和联系方式,并要求其继续受本政策约束;若接收方变更原处理目的、处理方式,我们将依法重新取得授权。

五、信息存储与安全

我们将在实现本政策所述目的所必需的最短期限内保存您的个人信息,但法律法规另有规定或监管机关另有要求的除外。超过保存期限后,我们会依法删除或匿名化处理相关信息。

我们采取合理可行的安全措施保护您的信息,包括访问控制、权限隔离、传输加密、日志审计、备份恢复及安全监测等。但请您理解,互联网传输和存储环境并非绝对安全,如发生或可能发生个人信息安全事件,我们将按照法律法规要求及时采取补救措施,并在必要时向您告知相关情况。

CreativeFly 正在为包括美国、欧洲、日本和中国在内的多个地区提供或开发服务。信息可能在您所在国家或地区之外处理;如适用法律要求,我们将采取相应告知、合同保护、同意、安全评估或其他合法跨境机制。

AdSignal 对不同来源采用独立保留规则。平台视听素材默认仅保留引用,除非相关 API 条款或书面许可明确允许存储;允许存储的对象进入受访问控制的云对象存储。到期引用将被清理,平台撤回、删除或许可要求优先于一般产品保留期限。

六、您的权利

在法律法规规定的范围内,您有权查阅、复制、更正、补充、删除您的个人信息,有权撤回同意、注销账号、限制或拒绝部分处理活动,并有权要求我们解释个人信息处理规则。

如您希望行使上述权利,可以发送邮件至 yuki@spacetime.world 与我们联系。为保障账户与信息安全,我们可能要求您提供必要的身份核验信息。对于符合法律法规要求的请求,我们会在合理期限内处理并答复。

七、未成年人保护

本平台主要面向具备完全民事行为能力的用户提供服务。若您为未成年人,请在监护人阅读并同意本政策后使用本平台。若我们发现未经监护人同意收集了未成年人的个人信息,我们将依法尽快删除或作其他适当处理。

八、政策更新与联系我们

我们可能根据业务变化、法律法规更新或监管要求适时修订本政策。更新后的政策将在本页面公布,并自公布或载明的生效日期起生效。若变更会实质性影响您的权利义务,我们会通过页面提示、站内通知等合理方式向您说明。

隐私联系邮箱:yuki@spacetime.world。您可以通过该邮箱提出与本政策有关的疑问、意见、投诉或个人信息权利请求。