Legal

Ezloop Privacy Policy

Effective date: May 2026
Last updated: May 2026

This Privacy Policy explains how AIunseen, Inc. (“AIunseen,” “we,” “us,” or “our”) collects, uses, discloses, stores, and protects information when you use the Ezloop digital signage offerings. Throughout this Policy, consumer-facing branding may say “Ezloop”; legally, those Services are operated by AIunseen. Our services include, as applicable, the Ezloop Controller mobile application, the Ezloop Display application, websites (such as ezloop.app and related subdomains), hosted APIs, and related cloud functionality (collectively, the “Services”).

This Policy applies whether you access the Services as an individual user, as an authorized representative of an organization, or as someone interacting with paired display devices managed through an Ezloop account.

This Policy is not legal advice. Laws vary by country and region. If you need guidance about your specific situation, consult a qualified attorney.

Summary of key data practices

We collect account information, device and pairing information, uploaded media and playlist data, usage diagnostics, crash logs, subscription entitlement data, and support communications. We use this information to provide Ezloop, sync displays, manage subscriptions, secure the service, improve reliability, provide support, and operate advertising or sponsored content where enabled. We do not sell personal information for money. Some advertising or measurement partners may receive network and device signals when ad-supported features are enabled.

1. Who we are & how to contact us

Controller: AIunseen, Inc., a corporation incorporated in Delaware, United States (hereinafter “AIunseen”), operates the Ezloop Services and is generally the data controller responsible for processing described in this Policy (unless a section states otherwise). Ezloop is AIunseen’s trade name / brand for these Services.

Privacy & data requests: privacy@ezloop.app (subject line: “Privacy request”).

General customer support: support@ezloop.app.

If we appoint a representative or data-protection contact in the European Economic Area or United Kingdom where required by law, we will publish updated contact details on ezloop.app.

2. Scope & relationship to other documents

This Policy describes privacy practices—what we collect, why, how we share it, retention, security at a high level, and many of your statutory privacy rights. It does not replace or silently override your contract with AIunseen relating to Ezloop (Terms linked below).

Terms & Conditions: Our Terms are published at https://ezloop.app/terms-conditions (our “Terms”). The Terms govern use of the Services, subscriptions and billing mechanics, acceptable use, your content and intellectual property, indemnities (where provided), disclaimers of warranties, limitations or exclusions of liability to the extent permitted by applicable law, dispute resolution—which may, only if and as expressly written there, include requirements such as informal resolution, binding arbitration, venue or choice of law, class‑action or jury‑trial waivers, or similar provisions—and other commercial/legal terms.

How to read these together: Whenever this Policy and the Terms touch the same facts, rules that mandatory law forbids contracting away prevail. For risk allocation unrelated to statutory privacy disclosures—examples include contractual limitations on damages, your indemnity obligations concerning your content, or forum / arbitration clauses —the Terms control unless a regulator or court forbids enforcing them. Nothing in this Policy is meant to weaken statutory protections you retain against AIunseen where the law forbids waiver.

California / US consumers: CPRA-style “notice at collection,” sales/sharing opt-outs, authorized agents, and similar rights coexist with the Terms; read both documents.

Nothing in this Policy is intended to waive any non-waivable statutory rights.

Accuracy of this Policy. We work to keep this Privacy Policy and our App Store / Google Play privacy disclosures accurate and up to date. If our data practices materially change, we will update this Policy and, where required, our store disclosures or in-product notices.

3. Roles: account data vs content you publish

a) AIunseen / Ezloop as controller (typical)
For most information needed to run the Services—such as account registration, authentication, billing, security, customer support, and core service operation—AIunseen generally acts as a data controller (or similar role under your local law) for the Ezloop Services and decides how and why that information is processed, subject to your rights described below.

b) Customer as controller for signage content (typical)
When you upload or otherwise submit media, playlists, titles, descriptions, configuration, links, and other materials that are distributed to Display devices for playback or shown in interfaces you control, you typically act as the controller of any personal data contained in that material (for example: photos or videos identifying people, employee names on slides, CCTV-style footage, QR codes linking to pages that identify individuals).

In those situations, AIunseen generally processes such content only to provide the Services you instruct us to provide (for example: storage, encoding or transcoding where applicable, delivery to paired devices, playback scheduling, and related technical operations). As between you and AIunseen, you are responsible for having a lawful basis and any required notices/consents for your use of personal data in your content, and for honoring your own users’ or subjects’ rights to the extent required by law.

If you use Ezloop to manage screens in a workplace, school, venue, store, vehicle, or public/commercial environment, you are responsible for providing any notices and obtaining any permissions required for the people who may appear in, interact with, or be affected by the content you display.

c) Joint or overlapping roles
Some processing may involve overlapping responsibilities depending on how you configure the Services and applicable law. If you are uncertain about your role, seek legal advice.

d) Organizational & administrator visibility
If you participate in Ezloop through or for an organization (for example your employer deploys Displays and invites you into an account), authorized administrators, billing contacts, or support agents that organization designates may be able to view or manage playlists, uploads, assigned devices, pairing status, manifests, operational logs pertinent to troubleshooting, ticketing threads opened for that tenant, entitlement features you purchased—or other organization-scoped dashboards we ship under the Ezloop brand. Workplace or commercial policies imposed by your organization—which AIunseen generally does not draft—may also govern workplace devices and identifiers.

4. Personal data we collect

We collect information in the following broad categories. Not every item applies to every user or device.

4.1 Information you provide directly

Account & profile: email address, display name (if you set one or your sign-in provider supplies one), authentication identifiers, and similar account attributes.
Organization & billing (if applicable): subscription status, transaction references, invoices or billing communications as processed by payment providers, and information you submit for tax or invoicing where required.
Uploads & library content: videos, images, documents, playlist structure, playlist item metadata (titles, durations, ordering), and integration inputs you supply (such as URLs for external media).
Device & deployment data you provide: human-readable device names, grouping labels, assignment rules, and similar configuration.
Communications: messages you send us (for example through in-app Contact us or Advertise with us forms, email, or support tickets), including the content of those messages and basic metadata needed to respond.
Feedback & surveys (if offered): responses you choose to provide.

4.2 Information collected automatically

Technical & usage data: IP address, approximate location derived from IP (such as region-level), device identifiers, operating system, app version, language settings, network status signals, timestamps, diagnostic events, crash reports, performance metrics, and logs needed to operate and secure the Services.
Pairing & device operations: pairing codes or tokens, device registration identifiers, device online/offline signals, “heartbeat” or sync events, and security-related records used to prevent abuse.
Service configuration delivery: data required to build manifests or schedules for Display devices to retrieve the content you authorized.
Advertising & promo delivery signals: identifiers and events used to operate ad slots—for example account and device IDs associated with entitlement or playback context, campaign or creative IDs, impression/completion/skip style delivery records, playback events, and approximate region used to match house, direct, or programmatic campaigns.
Third-party ad measurement: when programmatic or partner-measured advertising is enabled, Ezloop Display may request tracking or verification URLs directly from your device to ad or measurement partners (see Section 6). Those requests necessarily expose ordinary HTTP metadata the partner’s servers log—commonly including IP address, User-Agent, timing, and any parameters embedded in the URL—for counting, fraud prevention, and revenue settlement.

If you authenticate with Google, Apple, or similar providers (as available in your app build), we may receive identifiers and profile elements those providers disclose to us according to your settings and their policies.

If you purchase subscriptions, in‑app upgrades, or other paid Ezloop offerings, those charges are ordinarily processed through the Apple App Store or Google Play (plus any analogous storefronts hosting our apps according to territory). Subject to rollout, certain commercial or direct‑advertiser relationships billed outside the stores may additionally use payment processors we designate. Regardless of rails, processors handle payment credentials under their own terms. AIunseen does not receive your full payment card number when stores or PCI‑compliant processors tokenize methods, but we may receive limited billing metadata (subscription status, transaction IDs, receipt validation outcomes, invoice contact details for B2B spend) needed to deliver entitlements and operate finance.

4.4 Derived & aggregated information

We may derive or aggregate information that does not reasonably identify you (for example, aggregated usage statistics) to improve reliability, plan capacity, and understand product usage at a high level.

4.5 Device permissions & on-device capabilities

Our apps ask for access only where needed for the features you use. Typical cases include:

Camera: scanning a QR code to pair devices (for example on Ezloop Controller). We use the camera to read pairing codes locally; we do not operate a facial-recognition or biometric-identification feature.
Photos / files: choosing images, videos, or documents from your library or storage when you optionally upload media through the Controller. We access only what you select.
Network & device signals: detecting connectivity status, retrieving device/OS/app version identifiers useful for diagnosing issues and enforcing security controls.

Operating systems may revoke or granularly restrict permissions through their Settings.

4.6 Sensitive categories & “special categories” of data

We do not ask you—as part of signup or profiling—to submit government IDs, biometric templates, health information, genetic data, racial/ethnic origin, religion, precise GPS coordinates, payment card primary account numbers, or similar sensitive categories solely for Ezloop account fields operated by AIunseen.

Because you choose what to upload, your libraries, playlists, and playback might still incidentally contain information about identifiable people or sensitive scenarios (for example a photo of staff, CCTV-style footage loaded as content). Section 3 clarifies that your content is your responsibility regarding notices, consents, and compliance for that material.

5. Purposes & legal bases (including EEA/UK framing)

We use personal data for purposes that typically include:

Typical purpose	Examples
Provide & maintain the Services	account creation/log-in; pairing displays; syncing content; enforcing plan limits
Security & fraud prevention	detecting abuse; rate limiting; investigating suspicious activity
Customer support	responding to inquiries; diagnosing issues
Billing & entitlements	verifying purchases; activating features
Improvement & troubleshooting	understanding crashes/errors; usability improvements
Legal compliance	responding to lawful requests; preserving records where required
Monetization & ad operations	filling ad slots with house, direct, or programmatic inventory; auditing delivery; enforcing caps; targeting by region where configured

EEA / UK: Where GDPR or UK GDPR applies, we rely on one or more of the following lawful bases depending on context: contract (processing necessary to deliver the Services you request), legitimate interests (for example securing the Services, preventing misuse, improving stability—balanced against your rights), legal obligation, and consent where required (for example certain optional marketing communications or non-essential cookies on our websites, if used).

Where consent is the basis, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal, except where otherwise required by law.

6. Advertising, sponsored items & measurement

Ezloop Controller does not show Ezloop advertising inventory in its interface. Ezloop Display is the app that plays commercial slots when your account’s entitlements allow ads (typically users on the default free consumer plan); paid consumer plans ordinarily have those slots off, and custom or enterprise configurations may differ.

6.1 What can appear in ad slots

Depending on your plan, entitlements, and admin configuration, we may insert short-form commercial breaks into manifests shown on Display devices. Inventory types include:

House (“in-house”) ads: promotional creatives AIunseen operates for its Ezloop-branded programs, including cross-promotions. Media is usually served from Ezloop-controlled systems.
Direct ads: creatives sold or configured for specific advertisers or partners; may include click-through destinations and first-party or partner impression pixels you or the advertiser supply.
Programmatic ads: where enabled, ad candidates may be resolved through third-party ad platforms or measurement partners. Those partners may provide playable media and measurement URLs used to count delivery, fraud prevention, and settlement.

The ad mix may vary by plan, region, inventory availability, campaign rules, and product configuration.

6.2 How measurement works

Ezloop systems: campaign selection, entitlement checks, ad delivery auditing, analytics, budgeting/caps, and fraud heuristics AIunseen operates—all subject to retention described in Section 10.
Partner measurement URLs: industry-standard ad measurement can require Ezloop Display to request third-party tracking or verification URLs directly. This means those partners may receive ordinary network signals such as IP address, User-Agent, timing, and URL parameters for counting, fraud prevention, and settlement.

6.3 Free or subsidized tiers

If you use a free or limited offering, the Services commonly include sponsored, house, or promotional playlist items. Paid tiers may reduce or remove some promotional inventory depending on product configuration—see plan descriptions.

6.4 Platform rules & “tracking” disclosures

Apple Privacy Nutrition Labels, Google Play Data Safety, ATT, GAID/Ad IDs, WebView rules, and regulator guidance distinguish application tracking SDKs from HTTP measurement beacons fired during streaming ad playback. AIunseen aims for App Store privacy labels / Play Data Safety answers that match Ezloop builds; whenever ad logic, SDKs, or WebView usage changes, disclosure should move in lockstep with this Policy. That aim / lockstep language states an operational objective—not an independent contractual guarantee from AIunseen of perfect, real‑time parity between storefront labels/questionnaires and any sentence in this Policy, any particular build or channel—or third‑party beacon URLs you approve—beyond obligations expressly imposed by enforceable storefront rules or mandatory law.

Broad US laws may treat monetized measurement—including IP-derived signals emitted through VAST beacons—as a sale or sharing. Sections 12–13 describe rights, agents, and opt-out mechanics when they apply.

7. Cookies & similar technologies

Websites: If our websites use cookies, pixels, or similar technologies, we will provide additional information (for example a cookie notice or settings) where required by law.

Mobile applications: Mobile apps may use local storage and platform APIs for session management, security, and essential functionality. Third-party SDKs integrated into the apps have their own privacy practices; we select and configure SDKs to match the Service’s needs and platform requirements.

Fonts & remote assets: To render typography reliably, Controller may retrieve font files via network requests (platform CDNs/providers). Those requests normally send minimal technical metadata usual for HTTPS traffic rather than dossiers keyed to your Ezloop account—but they are nevertheless internet requests governed by providers’ connectivity logging.

Web content & embedded players: Ezloop Display (and occasional in-app previews) may use embedded browsers or media components to fetch and show content at URLs or embeds that you approve. Embedded pages can set cookies, trackers, pixels, local storage, scripts, analytics, fingerprinting behaviors, autoplay/audio, redirects, credential prompts—beyond AIunseen’s full control. See Section 16.

We disclose personal data only as described here or at the time of collection.

8.1 Service providers

We use trusted third parties to host, authenticate, troubleshoot, analyze problems, relay messages, settle subscriptions, process support communications, operate infrastructure, and support advertising or measurement features where enabled. Providers process applicable personal data only on AIunseen’s documented instructions (except partners reached directly by your Displays purely through beacon URLs they host, described in Section 6), subject to contractual safeguards appropriate to the risk.

Provider categories are summarized at https://ezloop.app/subprocessors.

Separate authentication, storefront, payment, content delivery, email, support, analytics, diagnostics, security monitoring, and advertising or measurement interfaces may apply those providers’ own notices to information observed during their sessions, including device-initiated beacon traffic routed straight to advertising partners.

For questions about service providers that process personal data for Ezloop, email privacy@ezloop.app with the subject “Service provider request”.

8.2 Legal & safety requests

We may disclose information if we reasonably believe disclosure is necessary to: comply with applicable law, regulation, lawful requests, legal process; enforce our Terms; detect, prevent, or address fraud or security issues; protect the rights, property, or safety of AIunseen, users, or the public; or establish/exercise/defend legal claims.

8.3 Business transfers

If we undergo a merger, acquisition, financing due diligence, reorganization, bankruptcy, asset sale, or similar event, personal data may be transferred as part of that transaction as permitted by law. We will require the successor to honor materially similar protections unless law permits otherwise.

8.4 Aggregated/de-identified data

We may share statistics that do not identify you.

We may share information when you connect integrations, invite collaborators within an organization, or otherwise instruct us.

9. International transfers

We may process and store personal data in countries other than where you live, including countries that may have different data-protection rules.

Where required, we implement appropriate safeguards such as Standard Contractual Clauses approved by regulators, other lawful transfer mechanisms, or reliance on adequacy decisions, together with supplementary measures where appropriate.

10. Retention

We retain personal data as long as needed for the purposes described in this Policy, including:

Active accounts: profile, device, entitlement, playlist, upload, operational logs, security logs, support records—as needed to operate your account and secure the Services.
After deletion / closure: We delete or anonymize personal data within a reasonable period unless a longer period is required to: comply with law; resolve disputes; enforce agreements; maintain security backups with controlled access; or meet accounting/tax obligations for transactions.
Backups: Residual copies may persist for a limited time in backup systems before automatic rotation.

Exact retention can depend on product configuration, legal holds, and technical systems. You may request more detail for your account by contacting privacy@ezloop.app.

11. Security

We implement technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, or alteration. These measures may include access controls, encryption in transit for network communications where supported, monitoring, and vendor security requirements.

No method of transmission or storage is 100% secure. You are responsible for protecting your account credentials and devices. If you believe your account is compromised, contact us immediately.

11.1 Security incidents & notifications

We operate incident-response practices intended to identify, contain, and remediate unauthorized access or suspected loss of confidentiality concerning personal data. Where applicable law requires notification to regulators, impacted individuals, or others, we work to comply with those requirements (including timelines, content thresholds, exemptions for law-enforcement sensitivities—or ongoing investigations—as permitted).

These practices are descriptive—not a guarantee of detection, attribution, containment timing, successful recovery, or that every incident will qualify for or receive any particular notice.

12. Your rights & choices

Depending on your location, you may have rights such as:

Access to personal data we hold about you
Correction of inaccurate data
Deletion of personal data, subject to legal exceptions
Restriction or objection to certain processing
Data portability (where applicable)
Withdrawal of consent where processing is consent-based
Opt-out of certain marketing communications (you can also use unsubscribe links in emails)
Lodge a complaint with a supervisory authority (EEA/UK users), or exercise rights under US state laws where available

How to submit a request: Email privacy@ezloop.app with “Privacy request” in the subject. We may need to verify your identity before fulfilling requests (for example by confirming control of your account email). We will respond within timelines required by applicable law.

Agents and authorized representatives. Where your jurisdiction allows another person or service to submit rights requests for you, we accept those requests once we reasonably verify authorization—including, when appropriate, confirming with you directly—to reduce spoofing or account takeover.

Unfounded, excessive, or abusive requests. Where applicable law permits (including refusal or charging a reasonable fee for certain manifestly unfounded or excessively repetitive requests, as under GDPR Article 12(5) and analogous rules), we may decline or postpone action and explain the basis when we are legally required to do so.

12.1 Account deletion

If you created an Ezloop account, you can request deletion inside the Ezloop Controller app by going to Settings → Account → Delete Account. You may also use our account deletion page at https://ezloop.app/delete-account or email privacy@ezloop.app from the email address associated with your account.

Deleting your account deletes or deactivates your account profile, revokes active sessions, removes paired displays and device groups, revokes display credentials, deletes playlists and related playlist data, and removes uploaded media files from storage on a best-effort basis while marking related media records as deleted. We may retain certain information where required or permitted for legal, tax, fraud-prevention, security, dispute-resolution, backup, audit, billing, or compliance purposes.

13. United States — additional notice (summary)

If you are a US resident, state laws (including California, Colorado, Virginia, and others) may grant additional rights such as access, deletion, correction, opt-out of certain “sales” or “sharing” for cross-context behavioral advertising, and appeal rights. We do not “sell” personal data for money in the traditional sense; however, some laws define “sale” or “sharing” broadly—including scenarios where programmatic ad partners receive IP addresses, device/browser fingerprints, or other identifiers through VAST tracking beacons initiated by Ezloop Display (see Section 6). If that applies, we will provide any legally required links or settings (for example a “Do Not Sell or Share” mechanism) on our website or in-product.

We do not discriminate against consumers for exercising privacy choices that US state laws grant solely on that basis, except where those laws expressly permit differences (such as permissible loyalty‑program economics). Stopping a feature because you asked us to erase data that feature requires is not retaliation—it reflects technical inability to deliver something without the underlying records.

If AIunseen adopts a lawful financial incentive program conditioned on retaining or collecting personal information beyond what minimally serves the subscribed service, conspicuous terms explaining how to join or quit will appear compliant with prevailing regulations before such incentives materially control pricing tiers.

California residents may request, where California Civil Code § 1798.83 (“Shine the Light”) applies, annual information regarding certain categories of personal information disclosed to third parties for their direct marketing purposes. Submit via privacy@ezloop.app with California Shine the Light in the subject line.

We may use deidentified or aggregated information where permitted.

14. Automated decision-making

We do not use fully automated decision-making that produces legal or similarly significant effects about you as a defining feature of the Services. Routine technical operations (for example spam/risk scoring or abuse detection) may use automated signals as part of security.

15. Children

The Services are not directed to children under 13 (or the higher minimum age required in your jurisdiction). We do not knowingly collect personal data from children below that age.

If you believe a child provided personal data, contact privacy@ezloop.app and we will take appropriate steps.

16. Third-party links, embedded media & customer integrations

The Services may open links to third-party sites or retrieve content based on URLs you provide (including third-party APIs or webpages). Third parties’ privacy practices govern their collections. AIunseen does not control third-party sites or services.

If you integrate or display third-party platforms (such as videos via platform APIs), you agree to comply with those platforms’ developer and user policies as applicable.

17. Changes to this Policy

We may update this Policy periodically. If changes are material, we will provide notice as required by law (which may include posting an updated Policy, updating the “Last updated” date, in-product notice, or email where appropriate). Continued use of the Services after the effective date of changes constitutes your acknowledgment of the updated Policy unless law requires explicit consent.

18. Limitation relating to this Policy (read with our Terms)

This Privacy Policy explains our privacy practices. Commercial terms, disclaimers, limitations of liability, dispute terms, and user responsibilities are governed by our Terms & Conditions, except where applicable law provides otherwise.

19. Regulatory complaints

If you reside in the EEA or UK and believe we unlawfully processed personal data, you may contact privacy@ezloop.app. You may also lodge a complaint with your local supervisory authority.