Immersive Translate Privacy Policy

Last Updated: 2026-02-03

Introduction

This Immersive Translate Privacy Policy (the “Policy”) applies to the Immersive Translate service (the “Service”) provided by Funstory.ai Limited (Hong Kong) and its affiliates (the “Company”, “we”, “us”, or “our”). The Service may contain links to third-party websites. Immersive Translate is not responsible for the privacy practices or content of such third-party websites. We encourage you to carefully review the privacy statements of those websites.

This Policy aims to provide a unified global privacy protection framework and will be adapted and interpreted in accordance with applicable personal data protection laws and regulations in different jurisdictions. Before using the Service, please read this Policy carefully to understand how we process your personal information. We are committed to protecting the personal information and privacy of users who use Immersive Translate’s products and services (collectively, “users” or “you”). Through this Policy, we explain our rules for collecting and using your personal information to better protect your rights and interests.

Data Controller

The data controller of all information provided to, or collected by, the Immersive Translate service is Funstory.ai Limited (Hong Kong). If you have any questions about this Policy or our privacy practices, please contact our data protection officer by email at support@immersivetranslate.com.

1. Data Collection and Usage

Information you provide to us

We collect and use information you directly provide to deliver the services you request. For example, when you register an account, you provide your email address for identification, login, password recovery, and to invite you to participate in market research.
When you link your Immersive Translate account with third-party accounts such as Google, Apple, or WeChat, we collect OpenID and email addresses provided by these third parties to provide a better login experience.
When using the file/image translation functions of Immersive Translate, we collect the content you input during translation (including images and files). Such content will be analyzed and processed by our servers to extract translatable text. The extracted text will only be sent to the translation engine you select, so as to provide convenient, high-quality translation results.
When using the BabelDoc translation functions provided by Immersive Translate, we collect and store the content of files you upload to improve translation quality. Your submitted text or files will not be stored permanently, but will be retained temporarily only to the extent necessary to provide and transmit translations or improvements. After fully performing the contracted services, all submitted text or files and their translations or improvements will be deleted.
To process payments, we may use third-party payment service providers to process your payment information. We do not directly store your full bank or credit card information; such information is processed by payment service providers that meet industry security standards.

Information we automatically collect

We collect information about your use of the application, such as usage frequency and features you use. Such data is aggregated and is not intended to directly identify any individual.
When using webpage translation, your translation content will only be sent to the translation engine you select. We only collect usage statistics (such as translation frequency, feature usage, and other pseudonymized information) to provide a more convenient, high-quality experience and improve our services.
When using Immersive Translate services, we collect and store error logs generated during translation to help us investigate errors and improve the service experience.
We collect your device information (such as device ID, browser type, and version) to improve our services. The device ID is used as a pseudonymous identifier and is not intended to directly identify you.
We may collect and use your IP address to determine your country or region. Such information is used only to provide localized content, optimize products, ensure service security, and prevent abuse.

We use Google Analytics and our self-hosted analytics services (e.g., analytics.immersivetranslate.com) to collect usage information. Such information is typically aggregated and/or pseudonymized (or de-identified where feasible) and is used to understand usage patterns and improve the Service. You may manage or opt out of non-essential analytical cookies through browser settings or related tools. We do not use it to directly identify you.

Data Retention Period

We retain personal information only for as long as necessary to fulfill the purposes described in this Policy. For example:

Account information is generally retained for as long as the account remains active;
Logs and security records are used to ensure system security and will be deleted or pseudonymized after a reasonable period;
Transaction-related information may be retained longer due to legal or accounting obligations.

We may share certain categories of personal information (including translation content you submit, order-related information, and device/usage information) with our affiliates and service providers only to the extent necessary to provide, maintain, secure, and improve the Service, and as otherwise permitted by applicable law. Our partners mainly include:

2.1 Suppliers

When providing PDF document translation services to subscribers, your uploaded PDF files are encrypted and transmitted to our third-party service provider Mathpix for processing to extract document content and generate machine-readable text required for translation. During this process, we follow the data minimization principle and transmit only the necessary files. We require Mathpix, under contractual obligations, to adopt industry-standard security measures to protect your documents. After processing, Mathpix returns the extracted content to us so that we can generate translation results. More information about Mathpix is available in its privacy policy.
We do not sell your personal information to third-party vendors or partners unless required by law.

2.2 Third-party translation services

We use third-party translation services, and translation-related content must be sent to these services for processing. Based on our current knowledge, contractual agreements with relevant providers, and their public statements:
- Free translation service providers (including SophNet, SiliconFlow, Tencent Cloud, and Zhipu);
- Pro membership model providers (including AWS, Azure OpenAI, DeepL, DeepL-Pro, OneRouter, SophNet, Alibaba Cloud, VolcEngine, and Tencent Cloud);
- Max membership model providers (including AWS, Azure OpenAI, OneRouter, and SophNet).

Where applicable, we contractually require our third-party translation providers not to use Customer Content submitted through the Service to train their models or improve their services, except as permitted by our agreements and applicable law.

When providing translation functions, relevant text may be securely transmitted to the above third-party services for translation purposes. Requests initiated directly by you from the client (such as custom APIs) are not part of the translation services described herein. If you configure the Service to send requests directly to a provider using your own credentials (e.g., a custom API key), the provider’s processing of such requests is governed by your agreement with that provider.

We share content only to the extent necessary to provide translation functions, and we do not design translation services for the purpose of collecting personally identifiable information. We implement appropriate technical and organizational measures to protect data security.

2.3 Financial institutions and third-party payment providers

When you purchase services or apply for refunds, we share only the information necessary to complete the transaction (email address only) with financial institutions or third-party payment providers, to the extent permitted by applicable laws. If we reasonably consider it necessary for fraud detection and prevention, we may share additional necessary information with relevant financial institutions (which, in practice, may include your email address).

2.4 Affiliated companies

We share your personal information with affiliated companies to provide you with optimal services and information about other related products and services. All departments of the Company adopt personal data protection measures that are no less stringent than those set out in this Policy.

3. Your Rights

Under applicable personal data protection laws and regulations, you have the following rights regarding the personal information we process. We will respond to your requests in accordance with the law and within a reasonable timeframe.

3.1 Right to access and information

You may request confirmation of whether we process your personal information and, within the scope permitted by applicable laws, obtain relevant information, including:

The type of personal information we hold;
The purpose of use;
The source of information and the types of recipients;
The retention period or the criteria used to determine such period.

3.2 Right to correction and supplementation

If you believe the personal information we process is inaccurate or incomplete, you may request that we correct or supplement it.

3.3 Right to erasure and to stop processing

Under circumstances permitted by applicable laws, you may request that we delete your personal information or stop further processing it, for example:

The information is no longer necessary for the original purpose;
You withdraw consent and no other legal basis for processing exists;
The information is processed unlawfully.

Where we process personal information based on your consent, you may withdraw such consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.

3.5 Right to restrict or object to certain processing

To the extent permitted by applicable laws, you may request to restrict or object to certain processing of your personal information, such as processing for direct marketing or specific analytics purposes.

3.6 Right to data portability (where applicable)

Where technically feasible and required by law, you may request to receive the personal information you provided in a structured, commonly used, and machine-readable format, or transmit it to another service provider where feasible.

3.7 Right to non-discrimination

We will not discriminate against you for exercising the rights set out in this section, including but not limited to refusing services, reducing service quality, or charging unreasonable fees.

3.8 Additional rights for California residents

If you are a resident of California, USA, you may have additional privacy rights under applicable laws (including the California Consumer Privacy Act (“CCPA”) and its amendment, the California Privacy Rights Act (“CPRA”)), such as the right to know, access, deletion, and to opt out of the sale or sharing of personal information. We do not sell your personal information. To exercise such rights, you may contact us using the methods listed in Section 11 of this Policy.

You may submit the above requests through the contact information listed in Section 11 of this Policy. To protect your personal information, we may verify your identity within a reasonable scope.

4. Automated Decision-Making and Profiling

We will not make decisions that produce significant legal effects (or similarly significant effects) on you based solely on automated processing without human involvement. If laws in different jurisdictions impose additional requirements on automated processing or algorithmic decision-making, we will comply accordingly.

Therefore, the Service currently does not apply special rules regarding automated decision-making. We also do not process your personal information solely through automated means in a manner that may adversely affect your rights and interests. If we introduce such processing in specific scenarios in the future, we will provide necessary explanations in accordance with the law and obtain your consent where required.

5. Amendments to this Privacy Policy

We may revise this Privacy Policy from time to time. We will record the “Last Updated” date, and updates will take effect immediately upon posting. If updates materially affect your rights, we will provide appropriate notice in accordance with applicable laws, and material changes will be posted prominently (for example, via a pop-up notice for certain service changes). You should review this Policy regularly to stay informed of our latest terms.

We use cookies to provide and improve our website and services.

What are cookies?

A “cookie” is a small piece of data generated by a web server and stored on a user’s device.

What cookies do we use?

We use session cookies and persistent cookies. Session cookies are deleted when you close your browser. Persistent cookies remain on your device and are used when you visit our website again; you may also delete them manually. Generally, persistent cookies do not damage or harm your device, programs, or files.

How to manage cookies?

You may refuse all or some cookies by adjusting your browser settings. For instructions, please refer to your specific browser’s guide. However, if you block all cookies (including strictly necessary cookies), you may be unable to access our website or certain content.

Where required by applicable law, we will obtain your consent before placing non-essential cookies or using similar technologies (e.g., analytics cookies). You can withdraw your consent at any time through your browser settings or other available controls.

7. Explanation of Safari Extension Permissions

When you enable the Immersive Translate extension in Safari, you may see a permission notice stating:

“This extension can read and modify sensitive information including bank card details.”

We understand this may cause concern and provide the following background and privacy commitments:

7.1 What does this notice mean?

This notice means our translation extension requires permission to read and modify webpage content in order to provide translation services while you browse. This means the extension will process the text you are viewing and translate it into your selected language.

Regarding “sensitive information”: technically, the extension is capable of reading all content on a webpage, including potentially sensitive data. However, our translation extension focuses on translating text and does not intentionally collect or use your private information (such as bank card details).

7.2 Why does only Safari show this notice, while Chrome, Edge, and other browsers do not?

This is mainly due to different privacy policies and notification mechanisms among browsers. Safari tends to inform users in advance of all possible permissions, even if such permissions are used only to a very limited extent in practice. Chrome may not present similarly prominent notices if the developer has disclosed how the permissions are used. Safari’s approach is intended to ensure users are fully aware of the permissions requested by installed extensions, even if such permissions are used only in extreme cases or not at all.

7.3 How do we use these permissions?

Permission to access and modify webpage content is used only to translate the webpages you view into your target language. Whether on Safari or Chrome, we take privacy seriously and commit to requesting additional permissions only when absolutely necessary. We encourage all users, regardless of browser, to read this Policy to better understand how we collect, use, and protect your data. If you have any questions about this Policy, please contact us at support@immersivetranslate.com.

8. Children’s Information

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information and otherwise comply with applicable law. Parents or legal guardians who believe that a child has provided us with personal information may contact us at support@immersivetranslate.com.

Parents or legal guardians may request that we review, delete, or stop processing a child’s personal information, subject to applicable law and reasonable verification.

9. Data Storage and Cross-Border Transfers

To provide you with the Service and ensure system stability and security, your personal information will be stored or processed in the Republic of Korea. Due to the global nature of our business, we may also process or transfer personal information to other locations where we or our service providers operate, subject to appropriate safeguards and applicable law. We comply with applicable personal data protection laws and regulations and implement appropriate data protection measures in different jurisdictions to ensure your personal information receives a level of protection equivalent to that in the place of collection.

Cross-border data transfer safeguards may vary across different jurisdictions. The following applies only where the GDPR or UK GDPR applies:

If personal information is transferred to a country or territory outside the European Union / European Economic Area, we will ensure adequate protection through one or more of the following mechanisms:

Adequacy decisions adopted by the European Commission and adequacy regulations issued by the UK Information Commissioner’s Office (ICO), confirming that the data protection level of the relevant jurisdictions is adequate. You may obtain further information from the European Commission at: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en and from the UK ICO at: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/international-transfers/international-transfers-a-guide/#Q1
Standard Contractual Clauses approved by EU Implementing Decision (EU) 2021/914 of 4 June 2021 (available at: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D0914), or standard data protection clauses approved by the UK ICO (available at: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/international-transfers/international-data-transfer-agreement-and-guidance/).
Other appropriate mechanisms and technical measures to ensure data security and compliance.

Where Japan’s Act on the Protection of Personal Information (APPI) applies, we will implement necessary and appropriate supervision over overseas recipients and require them to continuously adopt security measures meeting industry standards.

By using our Service, you acknowledge that your personal information may be stored or processed in accordance with this Policy and provided to our entrusted third-party service providers lawfully and compliantly.

10. Data Security Incident Handling

We have established incident handling procedures, including an Information Security Incident Management Procedure and an Emergency Response Management System. In the event of a data breach, alteration, or loss that may affect the security of your personal information, we will take remedial measures in accordance with applicable laws and regulations and notify the relevant regulatory authorities and affected users promptly where required by law.

We highly respect and care about user privacy concerns and strive to resolve issues. If you believe your personal information has been handled in a manner inconsistent with this Policy, or you have other related inquiries or questions, please email us at support@immersivetranslate.com. We will process complaints or inquiries promptly after receipt and will respond within one month. If we cannot fully or partially comply within the required period, we will notify you by email within that period and explain the reasons.

Appendix

Immersive Translate: refers to the website, application, browser extension, or mini-program of Immersive Translate (domain: immersivetranslate.com).
Service Provider: Funstory.ai Limited (Hong Kong).
Personal Information: refers to information that can be used to identify an identified or identifiable natural person, as defined under applicable laws.

Regional Annexes

This Regional Annex explains how Funstory.ai Limited complies with applicable personal data protection laws and regulations in different jurisdictions. This Annex applies only where relevant laws are in force and does not affect the overall applicability of the main body of this Policy.

A.1 Legal Basis

Where GDPR or UK GDPR applies, we process personal information based on the following lawful grounds (as applicable):

Performance of a contract with you;
Compliance with a legal obligation;
Your consent;
The pursuit of our legitimate interests, provided they do not unduly affect your fundamental rights and freedoms.

A.2 Additional User Rights

Where GDPR / UK GDPR applies, in addition to the rights in Section 3, you also have:

Right to data portability: to receive your personal information in a structured, commonly used, and machine-readable format to the extent provided by law;
Right to object: to processing based on our legitimate interests in certain circumstances;
Right to lodge a complaint: with a supervisory authority in your place of habitual residence, workplace, or where an alleged infringement occurred.

A.3 Automated Decision-Making

We do not make decisions based solely on automated processing that significantly affects your legal or similarly significant status within the meaning of Article 22 GDPR.

A.4 Cross-Border Data Transfers

If personal information is transferred outside the EU/UK, we ensure adequate protection through:

Adequacy decisions by the European Commission or the UK ICO (as applicable);
Approved Standard Contractual Clauses (SCCs) and/or the UK International Data Transfer Agreement / Addendum (IDTA), as applicable;
Other appropriate legal mechanisms and technical safeguards.

Annex B: Japan (Act on the Protection of Personal Information, APPI)

B.1 Purpose of Use

Where APPI applies, we clearly inform you or publicly disclose the purpose of use of personal information and process it only within that scope.

B.2 User Rights

You may, under APPI, request:

Disclosure of your personal information held by us;
Correction, supplementation, or deletion of inaccurate personal information;
Suspension of use or suspension of provision to third parties (where permitted by law).

B.3 Provision to Overseas Third Parties

If we provide personal information to overseas third parties, we will take necessary measures to supervise their data processing and ensure they continuously adopt security measures compliant with APPI.

Annex C: California, USA (CCPA / CPRA)

C.1 Application

This Annex applies where the California Consumer Privacy Act (“CCPA”) and its amendment, the California Privacy Rights Act (“CPRA”), apply.

C.2 Rights of California Residents

California residents may have the right to:

Know: what categories of personal information we collect, use, and disclose;
Access: request access to personal information we hold;
Delete: request deletion of personal information we collect (to the extent permitted by law);
Opt out: of the sale or sharing of personal information.

We do not sell the personal information of California residents, nor share it for cross-context behavioral advertising.

C.4 Right to Non-Discrimination

We will not discriminate against you for exercising any rights under the CCPA/CPRA.

Annex D: Republic of Korea (Personal Information Protection Act, PIPA)

This Annex applies where the Personal Information Protection Act of the Republic of Korea (“PIPA”) applies to services provided within, or to users located in, the Republic of Korea.

D.1 Purpose and Lawfulness of Processing

We process personal information only for specific, explicit, and lawful purposes and obtain necessary user consent or other lawful bases under PIPA. Unless otherwise required by law, we will not use personal information beyond the purposes disclosed at the time of collection.

D.2 Outsourcing and Third-Party Disclosure

Where we entrust third parties with personal information processing (including cloud services, translation, payment, technical support, etc.), we will, in accordance with applicable laws:

Sign written agreements with entrusted parties;
Specify purposes, scope, and technical and organizational security measures;
Continuously supervise the personal information processing of entrusted parties.

If we provide personal information to third parties as permitted by law, we will inform you in advance and obtain separate consent where required.

D.3 Cross-Border Transfers

If personal information is transferred outside the Republic of Korea, we will, in accordance with PIPA:

Inform you in advance of the purpose, recipient, items, and retention period of cross-border transfer;
Obtain separate consent where required by law;
Require overseas recipients to continuously adopt PIPA-compliant security measures.

D.4 User Rights

Where PIPA applies, users may legally request:

Access to their personal information;
Correction or deletion of inaccurate or unnecessary personal information;
Suspension of personal information processing;
Withdrawal of previously given consent.

We will process such requests in accordance with the law and within a reasonable timeframe.

D.5 Security Measures

We implement appropriate technical, managerial, and physical security measures under PIPA and related regulations, including but not limited to:

Access control and authority management;
Encryption or de-identification;
Internal management systems and staff training;
Security incident response and record-keeping.

D.6 Notification of Personal Information Breach

In the event of a breach, alteration, or loss of personal information that may affect its security, we will promptly take remedial measures in accordance with PIPA and, where required:

Report to the Personal Information Protection Commission (PIPC) of Korea;
Notify affected users.

This Regional Annex is not exhaustive. We may add new regional annexes as laws or business needs change.

Introduction​

Data Controller​

1. Data Collection and Usage​

Information you provide to us​

Information we automatically collect​

Data Retention Period​

2. Data Sharing​

2.1 Suppliers​

2.2 Third-party translation services​

2.3 Financial institutions and third-party payment providers​

2.4 Affiliated companies​

3. Your Rights​

3.1 Right to access and information​

3.2 Right to correction and supplementation​

3.3 Right to erasure and to stop processing​

3.4 Right to withdraw consent​

3.5 Right to restrict or object to certain processing​

3.6 Right to data portability (where applicable)​

3.7 Right to non-discrimination​

3.8 Additional rights for California residents​

4. Automated Decision-Making and Profiling​

5. Amendments to this Privacy Policy​

6. Cookie Terms​

What are cookies?​

What cookies do we use?​

How to manage cookies?​

7. Explanation of Safari Extension Permissions​

7.1 What does this notice mean?​

7.2 Why does only Safari show this notice, while Chrome, Edge, and other browsers do not?​

7.3 How do we use these permissions?​

8. Children’s Information​

9. Data Storage and Cross-Border Transfers​

10. Data Security Incident Handling​

11. Privacy-Related Inquiries and Complaints​

Appendix​

Regional Annexes​

Annex A: EU / EEA / United Kingdom (GDPR / UK GDPR)​

A.1 Legal Basis​

A.2 Additional User Rights​

A.3 Automated Decision-Making​

A.4 Cross-Border Data Transfers​

Annex B: Japan (Act on the Protection of Personal Information, APPI)​

B.1 Purpose of Use​

B.2 User Rights​

B.3 Provision to Overseas Third Parties​

Annex C: California, USA (CCPA / CPRA)​

C.1 Application​

C.2 Rights of California Residents​

C.3 No Sale or Sharing of Personal Information​

C.4 Right to Non-Discrimination​

Annex D: Republic of Korea (Personal Information Protection Act, PIPA)​

D.1 Purpose and Lawfulness of Processing​

D.2 Outsourcing and Third-Party Disclosure​

D.3 Cross-Border Transfers​

D.4 User Rights​

D.5 Security Measures​

D.6 Notification of Personal Information Breach​