Privacy Policy · MASS App

⚖️ The Terms of Use are provided in English. This privacy policy was last changed on February 26, 2026.

📋 Contents

1. Who We Are
2. How, for what reason and on what legal basis we collect your data
3. How we use your data
4. How we share or disclose your data
5. How we keep your data
6. International transfers of personal data
7. Your rights to your data
8. How we protect your data
9. How we process information about minors
10. Third-Party Links and Services
11. Update of Privacy Policy
12. Contact us

Welcome to use MASS App ("App"), which is designated and operated by MASS Technologies, Inc. (hereinafter referred to as "MASS Technologies", "we" or "us"). App provides users (hereinafter "you") a virtual platform to create and experience 3D interactive content with other users, such as to create, play, hangout and explore 3D experiences built by the community, use your imagination to create something cool to share with the community, create and list your NFT, and create your MASS Wallet (hereinafter "Services"). We respect your privacy. We will take security protection measures according to the requirements under the applicable laws and regulations and try our best to protect your personal data.

1. Who We Are

MASS Technologies, Inc is the data controller for all users' personal data.

2. How, for what reason and on what legal basis we collect your data

"Personal data" is any information recorded electronically or by other means about users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them, but not include anonymized information. Information such as a username and password, an email address, a real name, an Internet protocol (IP) address, and a photograph are examples of "personal data."

To the extent that our processing of your personal data is subject to certain data privacy protection laws (including, but not limited to, Personal Data Protection Act ("PDPA"), the European Union's General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act of 2018 ("CCPA"), together hereafter "applicable laws"), we will also notify you about the legal basis on which we process your personal data and your rights under such laws.

Our legal basis for collecting and using the personal data described in this Policy depends on the personal data we collect and the specific context in which we collect the information:

We need to perform a contract with you;
You have given us consent to do so;
Processing your personal data is in our legitimate interests;
We need to comply with the applicable laws; and/or
Other legal basis permitted by applicable laws.

We use various methods to collect your personal data, including:

2.1 Personal data we collect directly from you

Log in: To log in the App, you need to submit mobile number, gender and username. Your gender information will be used to generate your virtual social avatar. You may also log in the App with a third-party account, e.g. WeChat account, QQ account or Tik Tok account, where we will collect your public information, including user ID, profile, username, region and gender under such third-party account. If you refuse to provide the corresponding information, you will not be able to log in the App. We process such information on the basis of performing our contract (MASS Service Agreement) with you and your consent.
Refine basic user information: In order to refine your basic user information, you can choose to provide the date of your birthday. If you refuse to provide the corresponding information, the functions of App will not be impacted. We process such information on the basis of performing our contract (MASS Service Agreement) with you and your consent.
Create your MASS Wallet: To create your account for MASS Wallet through which you can create and list your NFT, we will collect your wallet address, password, bank account number, email address and application programming interface (API)-key. We may also collect the transaction information about the transactions you make via MASS Wallet, such as the name of the recipient, your name, the amount, and/or timestamp. However, we will never collect or ask you to share your private key, wallet seed, or recovery phrase. Never trust anyone or any site that asks you to enter your private keys, wallet seed or recovery phrase.
Public Posting: You can post comments and leave feedback through our App. Any content, including such comments, feedback, and notes that you choose to post through our App is available to the public by default. Please remember that any information that is disclosed in these areas becomes public information for both us and other users to use and share. Take care not to share personal data unless you intend for that data to become public. Please also be considerate and respectful of others while using the community to share your opinions. We reserve the right, but do not have the obligation, to review and retain monitor such posting or any other content on our App, and to delete postings or content that may be viewed as inappropriate or offensive to others.
Communications to us: You may contact us via email or by other means (for example, with questions about our Services, for customer support, or to let us know your ideas for new products or modifications to existing products). When you do so, we collect the information you choose to provide us, such as your contact details, any images you choose to upload and the contents and nature of your message. You should not send sensitive personal data to us through our chat services or other means, unless we explicitly request that data as part of providing our Services to you. When you provide such information to us directly, you consent to the processing of this data by us and/or our Service providers. We process such information on the basis of performing our contract (MASS Service Agreement) with you and your consent.
Creating and listing your NFT: You ("Creator") can mint your User Generated Content ("User Content") into Non-Fungible Token ("NFT" or "Digital Asset") via our Services, which is done by the public blockchain. As a result, the User Content would be available to the public by default. During the creation and listing, you may voluntarily embed personal data in the Metadata of any minted NFT(s) or in the User Content referenced by the NFT. All personal data embedded in the metadata of NFT will not be available for deletion and there is no reasonable expectation of privacy for any personal data put in the Metadata or the User Content referenced by the NFT. You should exercise cautions before including any personal data in the user generated content that you intend to create and list as NFT, unless you intend for that personal data to become public. You are solely responsible for ensuring their personal data or other sensitive data are properly protected during the minting and exhibition of NFT. For more information about NFT creation and listing, please refer to our NFT Terms.

2.2 Personal data collected by automated means

Services Security: In order to provide continuous services and guarantee service quality and personalized services, we will record and save the information of your login and use of the services, including IP address, version, access date and time. We process this information on the basis of performing our contract (MASS Service Agreement) with you and our legitimate interests.
Access to your device: Specific personal data collected through the above functions may need to enable us on your device to access your device permissions. You can view the state of your above permissions in your device through "Settings" (such as "Settings-Privacy" in iOS and "Settings-App Permissions" in Android) and turned on or off certain permission at any time. Please note that if you choose to enable these permissions, you expressly agree to authorize us to collect and use the personal data to achieve the above functions. When you turn off the permissions, you cancel these authorizations, and we will no longer collect and use your personal data, but the corresponding functions will be disabled.

3. How we use your data

Your personal data may be used for the following purposes including to:

Provide you with the App, create your account and manage our relationship with you;
Improve and develop our products and services by analyzing how they are used and interacted with, as well as by assessing the use of and interactions with our App and certain content our customers send or display through the App, including by conducting data analytics to develop insights about you, your needs and preferences so we can make more informed predictions, recommendations and products for our customers;
Run and manage our business, including resolving billing and financial disputes;
Provide features to you;
Connect you with other users;
Communicate with you, such as sending you electronic notifications;
Protect against misuse or abuse of our services and ensure compliance with our terms, including in relation to content our customers send or display through the App;
Market our services, products and experiences, including to deliver gifts and promotional materials, product recommendations and other non-transactional communications via email, post, telephone, SMS or push notifications, in accordance with your marketing preferences;
Personalize your experience and tailor recommendations, advertising and offers presented to you, including through the development of insights about you and your needs based on your interactions with the products, services and offerings of our App;
Combine and anonymize information about your interactions with MASS Technology to create aggregate, anonymized statistics for use in research and for marketing, promoting, improving and developing our platform;
Provide you with support and resolve disputes;
Comply with our legal and regulatory requirements;
Protect the rights, property, safety or security of MASS Technology, our customers, employees or others and prevent fraudulent or illegal activity;
Exercise our rights in the course of judicial, administrative or arbitration proceedings;
Enforce, remedy or apply our Terms of Service or other agreements and/or;
Process your data for other purposes that are compatible with the disclosed purposes if and where this is permitted by applicable law.

We may share your personal data with third parties under one of the following circumstances:

With your consent: We share your personal data, if you consent, after letting you know what information will be shared, with whom, and why.
With service providers and partners: We use third parties to help us operate and improve our Service. These third parties assist us with various tasks, including data hosting and maintenance, analytics, customer care, marketing, advertising, and security operations. We may also share information with partners who distribute and assist us in advertising our Services. For instance, we may share limited information on you in hashed, non-human readable form to advertising partners.
For legal disclosure: We strive for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify you of any legally compelled or required disclosure of your data. We may disclose personal data or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.
Change in control or sale: We may share personal data if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of personal data, and we will notify you on our App or by email before any transfer of your personal data. The organization receiving any personal data will have to honor any promises we made in our Privacy Policy or Service Agreement.

5. How we keep your data

We will retain your personal data only for a limited period of time needed to fulfil the purposes of processing mentioned above, and will erase your personal data thereafter.

Where we enter into a contract with you, we will keep your data for the duration of the contractual relationship you have with us, and, to the extent permitted, after the end of that relationship for as long as necessary to perform the purposes set out in this notice. The criteria to determine the storage period are statutory and contractual requirements, the nature of our relationship with you, the nature of the data concerned and the technical requirements. Laws may require us to hold certain information for specific periods.

Where we process personal data for marketing purposes or with your consent, we process the data until you withdraw your consent and for a short period thereafter (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in future.

We will also delete your personal data when you object to the processing in accordance with your rights to your data (see below) or when we are obliged to delete it in accordance with an obligation under applicable law.

In other cases, we may retain data for an appropriate period after any relationship with you ends, to protect ourselves from legal claims, to administer our business, or to the extent permitted by applicable law, which may require us to hold your personal data for specific periods.

For further information about our approach to data retention, please contact us as set out in Section "Contact Us".

6. International transfers of personal data

As MASS Technologies provides a global service, we may transfer personal data to our affiliates, suppliers, law enforcement agencies or other organizations, including the organizations that are located outside the United States for the purposes described in this Privacy Policy. Although the data protection laws of various countries may differ from those in your own country, we will take reasonable steps (for example, entering into the model clauses required by the relevant data protection authorities), in the circumstances, when your personal data is transferred to an overseas recipient, to ensure that the overseas recipient provides a standard of protection to personal data so transferred that is comparable to the protection under the applicable laws.

7. Your rights to your data

We list the rights in relation to your data and how you can use them below. However, please note that the rights may vary from users according to the personal data protection laws in different countries or regions and may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data or where it is needed for proper performance of a contract. In some instances, this may mean that we are able to retain data even if you withdraw your consent.

The details of your NFT-related activities, including without limitation details of your NFT and MASS Wallet address (collectively,"On-chain Data"), are public information and stored on the publicly searchable blockchain that we do not control. If you use the Services, you are consenting to allow your On-chain Data to be cryptographically transmitted and stored on that public blockchain, and any deletion or modification of that On-chain Data (to the extent possible on a blockchain) is governed by the terms of the relevant Smart Contract, instead of us.

7.1 You may exercise the rights including:

Access: You have the right to ask us to confirm whether we are processing your personal data, receive information on how your data is processed and ask us to provide a copy of your personal data in a common format. You can access and edit your personal data through [Personal Home-Settings] in the App. If you are a resident in California, You also have the right to ask us to disclose to you the categories of personal data collected about you, the categories of sources from which the personal data is collected, the categories of personal data sold or disclosed, the business or commercial purpose for collecting and selling the personal data, the categories of third parties with whom we share the personal data, and the specific pieces of personal data collected about you over the past 12 months.
Rectification: This enables you to have any incomplete or inaccurate information we hold about you correct, though we may need to verify the accuracy of the new information you provide to us. You can correct your account information through [Personal Home-Settings] in the App.
Erase: This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your data unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Cancel Your Account: You may cancel the account registered before at any time. After you cancel your account, we will stop providing you with products or services. You can cancel your account in the "MASS" App via the following path: [Homepage - Settings - Logout Account] or contact us via the contact details listed in this Policy, and we will assist you with cancelation of your account after verifying your identity. Your personal data will be deleted or anonymized according to your request and the provisions of this Policy except as otherwise provided by laws and regulations.
Object to processing: You have the right to request us to cease processing of your personal data where we are relying on a legitimate interest (or those of a third party). In some cases, we may demonstrate that we have compelling legitimate grounds to process your data which override your rights and freedoms.
Restrict the processing: This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the information's accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Withdraw consent: you have the right to withdraw your consent where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
Data portability: You have the right to request that we provide you or a third party that you designate with certain of your personal data in a commonly used, machine readable format. Please note, however, that data portability rights apply only to personal data that we have obtained directly from you and only where our processing is based on consent or the performance of a contract.
Explanation: You have the right to request us to make explanations with respect to the rules on processing personal data. You can contact us via the contact details listed in this Policy.
Request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Lodge a complaint with your local data protection authority: You have the right to submit your request and complain at any time to your local supervisory authority in particular in the member state of your habitual residence, place of work or of an alleged infringement of the GDPR. We would, however, appreciate the chance to deal with your concerns before you approach the data protection authority, so please contact us in the first instance.
Right to non-discrimination of service or price if you exercise your privacy rights: we will not discriminate against you because you exercised any of these rights, such as denying goods or services, charging different prices or rates for goods or services, providing a different level or quality of goods or services.

7.2 Respond to Your Above-Mentioned Requests

You may exercise the aforementioned rights by contacting us via the contact details listed in this Policy.

In response to your above request, you may be required to provide a written request or otherwise prove your identity. We may ask you to verify your identity before processing your request. We will respond you as soon as possible. If you are not satisfied, you can also complain us via the contact details listed in this Policy.

8. How we protect your data

We strive to protect your data from loss, misuse, unauthorized reading or disclosure.

We use a variety of security technologies to ensure the security of information and prevent information from leakage, damage and loss through various security measures such as multiple server backup and password encryption.

We have established strict management system and procedures to ensure the security of your data. We only provide access rights to a few maintainers for the purpose of work and require them to keep users' information absolutely confidential.

We attach great importance to information security and compliance. We encrypt all sensitive/disclosure information you provide through secure technology, and fully guarantee your data security with industry-leading solutions.

In case of security events such as personal data leakage, we will launch the emergency plan to prevent the deterioration of security events, timely report to the data protection authorities, and inform you of the relevant information in the form of email, push notifications, announcement, etc., and offer you security suggestions.

We are only responsible for the disclosure of your personal data directly caused by us. Therefore, please keep your account number, password information, private keys, and any other authentications or codes that you use to access the Services properly to avoid the disclosure of your personal data, and do not provide above-mentioned information and other personal data to any third party.

9. How we process information about minors

In the process of using the Services, we presume that you have the corresponding civil capacity in the country where you live. If you are a minor under the age of 16, we ask you to ask your parents or guardians to read this Privacy Policy carefully and use our services or provide us with information with the consent of your parents or other guardians. We do not knowingly collect information from or direct any of our content specifically to minors under 13. If we learn or have reason to suspect that you are a user who is under the age of 13, we will have to close your account. In the case of the personal data of minors who use our products or services with the consent of the parents or other guardians, we will only use, share, transfer or disclose this information when permitted by laws and regulations, expressly agreed by the parents or other guardians or necessary for the protection of minors.

If we find that we have collected personal data from a minor under the age of 13 or a minor under the age of 16 without the prior separate consent of a verifiable parent or other guardian, we will try to delete the data as soon as possible. At any time, if the guardian has reason to believe that we have collected personal data from minors, please contact us through the contact information set out in this policy.

10. Third-Party Links and Services

The Service may contain links to other websites not operated or controlled by MASS Technologies, including social media services ("Third Party Sites"). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Policy. We encourage you to review the privacy policies of those third-party sites to learn about their practices or what rights you may have. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

11. Update of Privacy Policy

Our Privacy Policy may be amended. In case of changes in important terms such as the substantial reduction of your rights under this Privacy Policy or the expansion of the collection and use of information, we will notify you by prominently prompting on the home page or sending you an email or other means before the amendment takes effect. At the same time, we will publish any changes to the Privacy Policy on a special page. If you disagree with our revisions to this Policy, you can deactivate your account or discontinue the use of our Services. If you continue to use our services, it means that you agree to be bound by this revised Privacy Policy. We encourage you to review this Privacy Policy from time to time to learn how we are protecting your personal data.

12. Contact us

If you have any questions or comments on this Policy or if you have any requests to exercise your rights, please contact us at the following email address: [email protected]. We will review the issues involved as soon as possible and reply after verifying your user identity as soon as possible.

⚡ Data Deletion Rights — You have the right to request that we delete your personal data. If you wish to have any personal information we hold about you deleted, please contact us via email at [email protected]. To protect your privacy and security, we will take steps to verify your identity before processing your request. We will complete the processing within a reasonable timeframe (typically no more than 30 business days) after receiving your request and confirm that your data has been deleted or anonymized, unless certain information is required or permitted to be retained by law.

Privacy Policy MASS App