MgoShort Privacy Policy

We collect only the personal information necessary to provide this service, following the principle of “minimum necessity”, which specifically includes the following two categories:

1.1 Information you actively provide

• Registration information: that which you provide when registering an account, such as your mobile phone number and third-party account information (username and avatar authorized when signing in with Google, Apple ID, Facebook, etc.); if the regulations of your region (such as Colombia or Argentina) require real-name registration, this also includes identification information that meets the requirements (identity document number, passport).
• Payment information: transaction records generated during your in-app purchases (amount, time, and payment channel). We do not store complete sensitive payment information, such as bank card numbers.
• Customer service inquiry information: descriptions and contact information that you provide when reporting a problem.
• Other information: user-generated content that you actively post, such as comments and danmu (real-time overlaid comments), as well as the information submitted when participating in platform activities.

1.2 Information we collect automatically

• Device information: model, operating system version, device identifiers (IMEI, Android ID, IDFA, subject to de-identification), IP address, and network type (Wi-Fi / mobile network).
• Usage behavior information: viewing history and time spent watching short series, pages visited, search keywords, saved content, “likes” on comments, and ad clicks.
• Location information: only after your explicit authorization may we collect your approximate geographic location (based on IP) to provide localized recommendations. You may withdraw this authorization at any time in the app settings (in Peru and Argentina, after withdrawal we will immediately delete the location already collected).
• Advertising-related information: with your explicit consent, we collect advertising identifiers of the device (GAID, IDFA) and the list of installed applications, for the delivery of personalized advertisements and effectiveness statistics (in Peru, the list of applications unrelated to advertising is not collected).

The personal information we collect is used solely for the following purposes. If a use beyond these is required, your explicit authorization will be obtained again:

• Provide and maintain the service: account management, content distribution, payment settlement, and customer service response.
• Optimize the user experience: personalized content recommendations based on your behavior, feature improvement, and bug fixing.
• Ensure the security of the service: detect and prevent fraud, account theft, and misuse.
• Send advertising and marketing information: activity notifications, offers, and personalized advertisements (with your explicit consent). You may disable them at any time in the settings.
• Comply with laws and regulations: respond to regulatory requirements and cooperate with judicial investigations.
• Other: additional legitimate uses with your explicit consent.

3.1 Sharing information

We will not share your personal information with third parties, except in any of these circumstances:

• Having obtained your explicit written authorization.
• Being necessary for the provision of the service, in which case the third party must sign a strict confidentiality agreement (payment providers, cloud storage), obtain only the minimum necessary information, and hold the regulatory authorization of the corresponding region.
• Complying with laws, regulations, or regulatory requirements, and cooperating with investigations by judicial or administrative bodies.
• Protecting your rights or those of others, or the normal operation of the service.

3.2 Transfer of information

In the event of mergers, acquisitions, restructurings, or sale of assets, your personal information may be transferred to a new entity. We will notify you before the transfer through announcements or pop-up windows in the app (with 30 days' notice in Argentina and 15 days in Bolivia), and we will require the new entity to continue complying with this Policy. If you do not agree, you may request the cancellation of your account.

4.1 Retention period

We retain your personal information only within the scope necessary for the purposes described:

• EU, Brazil, and Mexico: up to 1 year after the termination of the service, or the longer period required by law.
• Argentina: shall not exceed 2 years (exceptional extensions require approval from the local authority).
• Colombia, Peru, and Bolivia: up to 6 months after the termination of the service, unless different legal requirements apply.
• Once the period has elapsed, your information will be deleted or anonymized in accordance with local regulations.

4.2 Storage location

Your information will preferably be stored on servers in your region. That of Colombia and Argentina must be stored on local servers (data localization); that of the EU, Brazil, Mexico, Peru, and Bolivia is preferably stored on local servers or in regions with an adequacy decision. Cross-border transfer is carried out only through recognized scenarios: remote backup in regions with an adequacy decision, technical collaboration with EU Standard Contractual Clauses (SCC), or other processing necessary for the contract and permitted by the target region, always with your separate consent.

In the event of a cross-border transfer, the requirements of the GDPR and of each region are strictly followed, with safeguard measures in conformity with the standards (EU SCC, adequacy decision, etc.) that ensure a level of protection substantially equivalent to the national one.

Before the transfer, you will be informed separately, by means of a pop-up window, about the purpose, the country/region of the recipient, the security measures, and the certification number of the protection level, obtaining your explicit consent and completing a Data Protection Impact Assessment (PIA).

4.3 Security protection

We apply technical and administrative measures (HTTPS encrypted transmission, access permission control, security audits, antivirus protection, etc.) to prevent the disclosure, alteration, or loss of information. Even so, no network transmission is free of risk. In the event of a leak, we will notify you within the local legal deadline (72 hours in the EU, 48 hours in Argentina and Colombia, 7 days in Brazil and Mexico) and will cooperate with the authorities.

In accordance with the applicable laws of each region, you have the following rights over your personal information, exercisable through the “Privacy Center” in the app settings or through the customer service channels:

5.1 Specific rights and rules for exercising them

• Right of access: to consult and obtain your personal information. Response deadlines: 1 month in the EU; 45 days in Colombia, Peru, and Bolivia; 30 days in Brazil, Mexico, and Argentina.
• Right of rectification: to correct inaccurate or incomplete information, with the same deadline as the right of access.
• Right of erasure: to request the deletion of your information (unless otherwise provided by law). In Argentina and Peru you may request written confirmation after the deletion.
• Right to withdraw consent: to withdraw specific authorizations at any time (location, marketing). We will stop processing the information based on that authorization.
• Right of cancellation: to request the cancellation of the account; afterwards, we will delete or anonymize your information (in Colombia, within the following 15 days).
• Right to portability: to export your information in a structured and common format (CSV, JSON), with the same deadline as the right of access.
• Right to complain: to file a complaint with the data protection authority of your region (EDPB in the EU, DNPDPC in Argentina, SDDP in Colombia, INDECOPI in Peru).

5.2 Notes on exercising the rights

• To verify your identity, information such as the registered phone number or the account ID may be required; if a legal guardian acts, they must prove the guardianship relationship and their identity. We will complete the verification within 15 business days.
• If you are the legal guardian of a minor, you may exercise these rights on their behalf, including the deletion of the minor's information.
• We will not discriminate against you or limit the main functions of the service for exercising these rights.

• In the EU, a “minor” is a person under 16 years of age; in Brazil, Mexico, Colombia, Bolivia, Peru, and Argentina, a person under 18 years of age (according to local law).
• We do not actively collect information from minors. If we detect that it was collected by mistake, we will delete it immediately and terminate the related account.
• If you are the legal guardian of a minor who used the service and provided information, you may contact us to request its deletion or that of records of unauthorized purchases; we will cancel the account and delete the data within 30 days following the request, informing you of the result by email.

We reserve the right to modify this Policy in accordance with legal updates or commercial needs. The modified version will be notified by means of a pop-up window in the app and the registered email. You may submit objections through customer service within 15 days following the notification (10 days in Argentina, 20 days in Bolivia). Continued use will be deemed acceptance. If you do not agree, you must stop using the service immediately.

If you have questions, complaints, or suggestions about this Policy, or need to exercise rights over your personal information, you may contact us:

• Customer service email: servicio@ntzmon.com
• Customer service phone: please refer to the latest announcement in “Settings – About us” within the app.
• Company address: Calle Esparragal 7, Quismondo, 45514 Toledo, Castilla-La Mancha, Spain.
• Data protection officer: name and contact information available in the app announcement.

Note: the above contact information will be updated through announcements in the app. The latest published version shall prevail.