Privacy Policy
Last Updated: July 8, 2026
1. INTRODUCTION
MAVEN INTERNET PTE. LTD. (UEN: 201824205W) ("we," "us," or "our"), operating the product Zeppi.ai, respects the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://zeppi.ai or our company site https://www.maveninternet.com/ (collectively, the "Site") and use our services.
2. COLLECTION OF YOUR INFORMATION
We collect information about you in the following ways:
2.1 Personal Data You Provide
We collect personal data that you voluntarily provide to us when you register for Zeppi.ai or contact us. This includes:
- Identity Data: Name, email address, and username.
- Financial Data: Billing information and payment method details (processed securely via Stripe on the web, and via RevenueCat for in-app purchases and subscriptions on mobile).
- Profile Data: Your account credentials (managed via Supabase Auth), preferences, and feedback.
- Content Data: Photos, videos, and text prompts you submit to use Zeppi's AI-powered editing and generation features, such as background swap, outfit swap, object/product swap, script generation, video generation, and AI chat.
2.2 Data Collected Automatically
When you access the Services, our servers automatically collect information such as your IP address, browser type, operating system, access times, and the pages you have viewed.
2.3 Information from Third Parties
We may obtain information about you from third-party sources when you link your account or sign in using these services.
A. General Social Media Integrations (via Composio) For platforms such as Instagram, Facebook, and YouTube, we may collect basic profile information (User ID, username, avatar) and public content as permitted by your settings and the respective platform's API policies.
B. TikTok Data & Permissions When you link your TikTok account to our Services, we access specific data and permissions to provide our product features. Based on the permissions you grant, this includes:
- Profile & Statistics: We read your basic profile info (Open ID, avatar, display name), extended profile details (bio, verification status, profile links), and account statistics (follower count, following count, likes count, video count).
- Content Access: We access your list of public videos to display or analyze within our Service.
- Content Publishing: We use permissions to upload videos as drafts or publish content directly to your TikTok profile upon your instruction.
- Shop & Local Services: For merchant accounts, we access and manage product listings, local shop details, and voucher redemption validation.
- Artist Certification: We read and update your artist certification status and matched song data.
3. USE OF YOUR INFORMATION
We process your information for purposes including:
- Service Delivery: To provide the Zeppi.ai product features, create and manage your account, and process transactions.
- Authentication: To verify your identity using Supabase Auth.
- Payments: To process payments and prevent fraud using Stripe and RevenueCat.
- Communication: To send you administrative information and notifications, such as updates to terms and policies, and updates on your AI generation jobs (via Firebase Cloud Messaging).
- AI-Powered Editing & Generation: To perform certain AI-powered features, your submitted photos, videos, and/or prompts are sent to the third-party AI service providers described in Section 4 below, solely to generate the output you requested.
- AI Improvement: With your separate, explicit consent, we may use anonymized data to improve our AI models.
3.1 On-Device vs. Cloud AI Processing
Some of Zeppi's AI features run entirely on your device and never transmit your photos, videos, or messages to us or any third party. Others require cloud processing and involve sending your content to a third-party AI provider. Specifically:
- On-device (no data leaves your device): Subject cutout and background segmentation (Apple Vision / Android ML Kit), pro background removal matting (a BiRefNet model run locally via ONNX Runtime), and the on-device AI Chat feature (a local Gemma language model).
- Cloud-based (content is sent to a third-party AI provider for processing): Background swap (cloud/PRO tier), outfit swap, object/product swap, script generation, and video generation (including our "Gemini Omni Flash" video-swap lane). See Section 4 for which providers process this content.
4. DISCLOSURE OF YOUR INFORMATION
We may share information we have collected about you in certain situations:
- Service Providers: We share your data with third-party vendors who perform services for us, specifically:
- Stripe: For web payment processing.
- RevenueCat: For managing in-app purchases and subscriptions on mobile.
- Supabase: For identity management, authentication, and database storage.
- Google Cloud Platform / Google Vertex AI (Gemini models, including "Gemini Omni Flash"): We send the photos, videos, and/or text prompts you submit for AI-powered editing and video generation features to Google's Vertex AI platform so it can generate the output you requested. This is our primary AI processing provider for these features. Under Google's Cloud Platform Service Specific Terms, Google does not use this content to train or fine-tune its AI models. Google may temporarily cache your content in memory (not on disk) for up to 24 hours to improve response speed, and may log prompts for abuse and safety monitoring purposes, in each case solely as permitted under Google's Cloud Platform Terms of Service.
- Firebase Cloud Messaging (Google): To deliver push notifications to your device, such as alerts when your AI generation job is complete.
- Vercel: For app hosting, infrastructure, and temporary storage of your uploaded media while it is in transit to the AI processing providers above.
- These providers process your data solely on our behalf, under contractual terms, and only for the purposes described in this Policy.
- Legal Obligations: If we believe the release of information is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by applicable law.
- Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, or acquisition.
- No AI Training on Your Content: We do not use your photos, videos, or prompts to train or fine-tune our own AI models.
5. INTERNATIONAL DATA TRANSFERS
5.1 Location of Processing
Our servers and third-party service providers (such as Stripe, RevenueCat, Supabase, Google Cloud Platform / Vertex AI, Firebase, and Vercel) may be located in Singapore or other international jurisdictions.
5.2 User Consent to Transfer
By accessing our Services, you acknowledge and explicitly consent to the transfer of your personal data to Singapore and other jurisdictions where our servers or service providers operate. You understand that these jurisdictions may have data protection laws that are different from those of your country of residence.
5.3 Protection Measures
When we transfer your personal data across borders, we ensure that the recipient organization provides a standard of protection to personal data so transferred that is comparable to the protection standards required by our governing jurisdiction.
6. DATA RETENTION
We will retain your personal data only for as long as is necessary for the purposes set out in this Privacy Policy.
- Transaction Data: We retain financial and transaction records for a period of at least 5 years to comply with tax and accounting obligations.
- Account Data: We retain account data for as long as your account is active. Upon deletion, data is removed subject to backup retention policies.
7. YOUR RIGHTS
Depending on your location and applicable laws, you have the following rights regarding your personal data:
- Access: You have the right to request access to the personal data we hold about you.
- Correction: You have the right to request that we correct any errors or omissions in your personal data.
- Withdrawal of Consent: You may withdraw your consent for the collection, use, and disclosure of your personal data at any time by contacting us. Please note that withdrawing consent may affect our ability to provide you with the Services.
To exercise these rights, please contact us at the details below.
8. SECURITY OF YOUR INFORMATION
We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.
9. CONTACT US
If you have questions or comments about this Privacy Policy, or if you wish to exercise your rights, please contact our Data Protection Officer (DPO):
Jerri K. Christiansen (Data Protection Officer) MAVEN INTERNET PTE. LTD. 160 ROBINSON ROAD, #14-04 SINGAPORE 068914 Email: Jerri@maveninternet.com