Privacy Policy

Last Updated: January 11, 2025

Welcome to Bulk Media (hereinafter referred to as "we" or "this website"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information.

By using this website, you consent to the collection and use of information as described in this Privacy Policy.

1. Information Collection

1.1 Automatically Collected Information

When you visit bulkmedia.online, we may automatically collect the following information:

  • Log Data: IP address, browser type and version, access time, pages visited, referral source
  • Device Information: Device type, operating system, screen resolution, language settings
  • Cookies and Similar Technologies: Used to improve user experience and website functionality (see Section 5)
  • Usage Data: How you interact with our services, including click behavior, feature usage, session duration

1.2 Information You Provide

  • Activation Code Information: When you use an activation code, we record its usage and credit balance
  • Feedback Information: Information you send through the feedback feature, including your comments and suggestions
  • Uploaded Content: Image/video links and editing instructions you enter (see Section 1.3)
  • Transaction Records: Credit consumption history and service usage records

1.3 AI Image Generation Data

  • Input Data: Text prompts, reference image links, and editing parameters you provide
  • Generated Content: AI-generated images are not stored on our servers and are directly returned to your browser
  • Processing Methods:
    • Image/video downloads are processed locally in your browser and not uploaded to our servers
    • AI editing features require sending your input to our servers and third-party AI service providers
    • Generated images and downloaded content are managed by you; we do not store them

2. Information Use

We use the collected information for the following purposes:

2.1 Service Provision and Management

  • Provide Core Features: Batch image/video download, AI image editing, and other services
  • Account Management: Manage activation codes, credit balances, and usage history
  • Personalized Experience: Optimize services based on your preferences and usage habits
  • Service Notifications: Send you important notices about service status, updates, or maintenance

2.2 Service Improvement and Analysis

  • Performance Optimization: Analyze usage patterns to improve website performance and responsiveness
  • Feature Development: Develop new features based on user feedback and usage data
  • Error Diagnosis: Identify and fix technical issues
  • Statistical Analysis: Understand service usage and user preference trends

2.3 Security and Compliance

  • Security Protection: Detect, prevent, and resolve technical issues and abusive behavior
  • Fraud Prevention: Identify and prevent fraud, abuse, or illegal activities
  • Legal Compliance: Comply with applicable laws and government requirements
  • Rights Protection: Protect our and users' legitimate rights and interests

3. Data Storage and Security

3.1 Data Storage

  • Local Processing: Image and video downloads are processed locally in your browser and not uploaded to our servers
  • AI Generated Content: AI-generated images are not stored on our servers; all content is managed by you
  • Server Data: Only activation code information and usage records are stored
  • Data Location: We use Supabase and Vercel services; data may be stored in their global data centers
  • Retention Period: See Section 9 for data retention policy

3.2 Security Measures

We implement industry-standard technical and organizational measures to protect your information:

Technical Measures

  • Transmission Encryption: Use HTTPS/TLS to encrypt all data transmission
  • Storage Encryption: Sensitive data is encrypted at rest
  • Access Control: Implement strict database access permission controls
  • Security Audits: Conduct regular security assessments and penetration testing
  • Protection Systems: Deploy firewalls, intrusion detection, and anti-DDoS systems

Organizational Measures

  • Employee Training: Provide security training to employees with data access
  • Least Privilege Principle: Grant only necessary data access permissions
  • Security Incident Response: Establish data breach emergency response mechanisms
  • Third-Party Review: Regularly review security measures of third-party service providers

3.3 Data Security Limitations

Despite our reasonable security measures, please note:

  • Internet transmission cannot be 100% secure
  • You are responsible for protecting sensitive information such as activation codes
  • If you discover any security vulnerabilities, please contact us immediately

4. Information Sharing and Disclosure

4.1 We Do Not Sell Your Information

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4.2 Sharing Circumstances

We may share your information in the following circumstances:

4.2.1 Service Providers

We share necessary information with the following types of third-party service providers:

  • Hosting Services: Vercel (website hosting)
  • Database Services: Supabase (data storage and management)
  • AI Services: Seedream 4.0 (image generation and editing)
  • Analytics Services: Website analytics and performance monitoring tools
  • Payment Processing: For processing activation code-related payment transactions (if applicable)

These service providers access your information only to the extent necessary and are contractually bound to protect your data.

4.2.2 Legal Requirements

We may disclose your information in the following circumstances:

  • Compliance with laws, regulations, court orders, or government requirements
  • Response to lawful requests from law enforcement
  • Protection of our legitimate rights, property, or safety
  • Prevention of fraud, abuse, or illegal activities
  • Protection of user and public safety

4.2.3 Business Transfers

If we undergo a merger, acquisition, asset sale, or bankruptcy proceeding, your information may be transferred as part of business assets. We will notify you before the transfer and ensure your information continues to be protected.

4.2.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Cookies and Tracking Technologies

5.1 Technologies We Use

We use cookies, local storage, and similar technologies to improve your experience:

Essential Cookies

  • Session Management: Maintain your login status and activation code session
  • Security Protection: Prevent fraud and abuse
  • Functionality: Ensure core website features work properly

Analytics Cookies

  • Usage Statistics: Understand how users use our services
  • Performance Monitoring: Identify and resolve technical issues
  • Traffic Analysis: Analyze website access patterns and trends

Preference Cookies

  • Language Settings: Remember your chosen language
  • Theme Preferences: Save your interface settings
  • Feature Preferences: Remember your usage habits

5.2 Third-Party Cookies

We may use cookies from third-party services:

  • Google Analytics: Website traffic analysis
  • Vercel Analytics: Performance monitoring

These third parties have their own privacy policies, and we recommend reviewing them.

5.3 Cookie Management

You can manage cookies through the following methods:

  • Browser Settings: Most browsers allow you to reject or delete cookies
  • Opt-Out Analytics: Use browser plugins or third-party tools to opt out of tracking
  • Do Not Track: We respect browser DNT signals

Please note: Disabling certain cookies may affect website functionality and user experience.

6. Third-Party Services

Our website may contain links to or integrations with third-party services:

  • Supabase: Database and authentication services
  • Vercel: Website hosting services
  • AI Services: Seedream 4.0 image editing services

These third-party services have their own privacy policies, and we recommend reviewing their policies.

7. Your Data Rights

Under applicable data protection laws (including GDPR, CCPA, etc.), you have the following rights:

7.1 Access and Knowledge

  • Right of Access: Request a copy of your personal information we hold
  • Right to Know: Understand how we collect, use, and share your information

7.2 Modification and Control

  • Right to Correction: Request correction of inaccurate or incomplete information
  • Right to Deletion (Right to be Forgotten): Request deletion of your personal information
  • Right to Restrict Processing: Request restriction on our processing of your information
  • Right to Object: Object to our processing of your information for specific purposes

7.3 Data Portability

  • Right to Data Portability: Request to receive your data in a structured, commonly used, machine-readable format
  • Right to Transfer: Request direct transfer of your data to other service providers (when technically feasible)

7.4 Withdrawal of Consent

  • If we process information based on your consent, you have the right to withdraw consent at any time
  • Withdrawal of consent does not affect the lawfulness of processing based on consent before withdrawal

7.5 Right to Complain

  • You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal information

7.6 Exercising Rights

To exercise these rights, please contact us:

  • Email: [email protected]
  • Subject Line: Please indicate "Data Rights Request" in the email subject

We will respond to your request within 30 days. To protect your privacy, we may need to verify your identity.

7.7 Automated Decision-Making

We do not use fully automated decision-making or profiling techniques that produce legal or similarly significant effects on you.

8. Children's Privacy

8.1 Age Restriction

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16.

8.2 Parental Notice

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. We will take steps to remove that information from our systems.

8.3 Age Verification

If we discover that we have collected personal information from a child under 16 without verifiable parental consent, we will delete that information as soon as possible.

9. Data Retention

9.1 Retention Principles

We retain your information only for as long as necessary to fulfill the purposes for which it was collected or as required by law.

9.2 Specific Retention Periods

  • Activation Code Records:

    • Active codes: Duration of validity + 1 year after expiration
    • Depleted codes: 1 year after last use

  • Transaction Records: 3 years after the last transaction (for accounting and tax purposes)

  • Log Data:

    • Access logs: 90 days
    • Security logs: 1 year
    • Error logs: 180 days

  • AI Generated Content: Not stored on servers; managed by users themselves

  • Feedback Information: 6 months after issue resolution or upon your request for deletion

  • Cookie Data: Varies from session end to 2 years depending on cookie type

9.3 Data Deletion

After retention periods expire, we will:

  • Permanently delete or anonymize your personal information
  • Ensure deleted data cannot be recovered
  • Retain necessary aggregated statistical data (anonymized)

9.4 Exceptions

We may extend retention periods in the following circumstances:

  • Legal, regulatory, or government requirements
  • Ongoing litigation or investigations
  • Fraud and abuse prevention

10. International Data Transfers

10.1 Cross-Border Transfers

Your information may be transferred to and stored and processed in locations outside your country/region. These regions may have different data protection laws than your region.

10.2 Protection Measures

When we transfer your information across borders, we take the following measures to ensure adequate data protection:

  • Use Standard Contractual Clauses (SCC)
  • Select service providers that comply with international data protection standards
  • Implement technical and organizational security measures
  • Comply with applicable data protection laws

10.3 Data Processing Locations

Our service providers may process data in the following regions:

  • United States (Vercel, Supabase)
  • European Union (Supabase optional data centers)
  • Asia-Pacific (depending on service configuration)

11. California Resident Privacy Rights (CCPA)

11.1 Applicability

If you are a California resident, you have additional privacy rights under the California Consumer Privacy Act (CCPA).

11.2 Categories of Personal Information We Collect

  • Identifiers (IP address, device ID)
  • Internet activity information (browsing history, interaction data)
  • Geolocation data (approximate location)
  • Inferred information (preferences and interests)

11.3 CCPA Rights

  • Right to Know: Know what personal information we collect and use
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of "sale" of personal information (we do not sell personal information)
  • Right to Non-Discrimination: Not be discriminated against for exercising CCPA rights

11.4 Exercising Rights

Please email [email protected] with "CCPA Rights Request" in the subject line.

12. European Union Resident Privacy Rights (GDPR)

12.1 Applicability

If you are a resident of the European Union (EU) or European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR).

12.2 Legal Basis for Processing

We process your personal data based on the following legal bases:

  • Contract Performance: Provide services you request
  • Legitimate Interests: Service improvement, security protection, fraud prevention
  • Legal Obligation: Comply with legal requirements
  • Consent: Specific processing activities you explicitly consent to

12.3 GDPR Rights

In addition to the rights listed in Section 7, you also have:

  • Right to Data Portability: Receive data in machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Restriction on Automated Decision-Making: Not be subject to decisions based solely on automated processing

12.4 Supervisory Authority

You have the right to lodge a complaint with an EU data protection supervisory authority.

13. Data Breach Notification

13.1 Notification Obligations

If a data breach occurs that may pose a risk to your rights and freedoms, we will:

  • Notify relevant supervisory authorities within 72 hours of discovering the breach (if applicable)
  • Promptly notify affected users (if the breach may result in high risk)

13.2 Notification Content

Our notification will include:

  • Nature and scope of the data breach
  • Potential consequences
  • Remedial measures we have taken
  • Protective measures you can take
  • Contact information for more information

14. Privacy Policy Changes

14.1 Update Notification

We may update this Privacy Policy from time to time. When updating, we will:

  • Update the "Last Updated" date at the top of the page
  • Post prominent notices on the website for significant changes
  • Notify you by email if necessary (if we have your contact information)

14.2 Effective Date

  • Non-Substantial Changes: Effective immediately upon update
  • Substantial Changes: Effective 30 days after posting notice

14.3 Continued Use

Continued use of this website after updates indicates your acceptance of the revised Privacy Policy. If you do not agree with the changes, please stop using our services.

15. Contact Us

15.1 General Inquiries

If you have any questions or concerns about this Privacy Policy, please contact us:

  • Email: [email protected]
  • Website: https://bulkmedia.online
  • Response Time: We will respond within 5 business days

15.2 Data Protection Officer

To contact our data protection team, please email: [email protected]

15.3 Complaints

If you are not satisfied with how we handle your privacy concerns, you have the right to lodge a complaint with a data protection supervisory authority.

Last Updated: October 11, 2025

Thank you for trusting Bulk Media. We are committed to protecting your privacy and data security. We value your trust and will continue to work hard to ensure your personal information is properly protected.