Last updated: May 10, 2025
Visto is committed to protecting and respecting your privacy. By this Privacy Policy (the "Policy"), we describe how we might collect, store, use, and/or share ("process") your personal data when visit and use services ("Services") through our website.
When you visit, use, or navigate our Services, we may process your personal data depending on how you interact with us and the Services, the choices you make, and the features you use. We may also collect information from third parties, such as when you use third party accounts to log-in. For more information, please refer to 1. Personal Data We Collect.
We do not process sensitive personal data. For more information, please refer to 1. Personal Data We Collect.
To learn about opportunities to choose not to allow cookies, click here.
We process your personal data to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your personal data for other purposes with your consent. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information at 2. How We Use Your Data and the Legal Bases for These Uses.
We may share your personal data in specific situations and with specific third parties (e.g., technology services and business support). We may also be required to disclose certain personal data about you in response to any legal procedures or requests from regulatory authorities, for audit purposes, in the event of mergers, acquisitions, sale of assets, or transfer of services, and in other circumstances specified under 4. How We Share Your Personal Data.
Due to the international operation of our business, your personal data may be accessed from and transferred to jurisdictions outside of where you are located. In the event of a cross-border transfer of personal data, we take appropriate measures to provide an adequate level of protection for your personal data. For more information, please refer to 6. International Transfers of Personal Data.
We have organizational and technical processes and procedures in place to protect your personal data. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.
We do not knowingly collect personally identifiable information data directed at children under 16.
Depending on where you are, you may have certain rights with respect to your personal data. For more information, please refer to 8. Your Privacy Rights. In particular, if you are a California resident, certain state data privacy legislations may entitle you to additional rights as detailed under 9. Additional U.S. State Disclosures.
We recommend that you regularly check the latest version of this Policy through our Services. If you have any questions or comments regarding this Policy and/or other privacy practices, want to exercise any rights you may have, please contact us by privacy@visto.com.
Depending on the relevant circumstances and applicable local laws and requirements, we will collect some or all the data listed below to enable us to provide our Services to you. To the extent applicable, such information may include:
To better protect your privacy, we do NOT process the following information otherwise specified in the individual privacy policies:
We will only use your personal data when the applicable laws allow us to. Our legal bases for collecting and using the personal data described in this Policy depends on the personal data we collect and the specific context in which we collect the information:
The purposes for which we process personal data, subject to applicable laws, and the legal base on which we perform such processing, are as follows:
| Purpose | Type of Personal Data | Legal Bases |
|---|---|---|
| To provide you with functions related to user account management, such as account registration, account deletion, account login, and modification of account information | - Account Information | Contract |
| To provide and facilitate the Services with you | - Account Information - Feedback Information - Usage data |
Contract |
| To facilitate the membership subscription and process your payment request | - Account Information - Payment Information |
Contract |
| To communicate with you for non-marketing purposes including by sending you Services-related notice, push notifications, and other messages. | - Account Information - Device and network data |
Contract |
| To send you marketing communications, where you have signed up to receive them. | - Account Information - Device and network data |
Consent |
| To identify the abnormal status, ensure the stability and security of our Services, and to meet governmental and institutional policy obligations. | - Account Information - Usage data - Device and network data |
Legitimate interests & Legal obligations |
| To investigate and resolve security issues, and to enforce our Terms of Use | - Account Information - Usage data - Device and network data |
Legitimate interests & Contract |
| To analyze your use of, and any other interaction or interest in our Services, and to improve our Services (not used for AI model training) | - Usage data - Device and network data |
Legitimate interests |
| To respond to your inquiries, comments, feedback or questions | - Account Information - Feedback Information - Usage data - Device and network data |
Contract & Legitimate interests |
Cookies are small text files stored by your web browser when you use websites. You can control how websites use cookies by configuring your Cookie Preferences at the bottom of our Website. Note that if you disable cookies entirely, our Services may not function properly.
We and our third-party partners, such as analytics and advertising partners, may collect information about you via cookies. The information collected may include information such as unique identifies, system information, IP address, web browser, device type, your system preferences, and the web pages that you visit, and where you have clicked.
We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Services. We or our third-party partners may place the cookies under one of the following purposes:
Function cookies: these cookies are essential for the core functionality of the site and related services. Without them, the site cannot function properly, so they cannot be disabled.
Marketing cookies: these cookies allow us and our partners to deliver ads that are more relevant to your interests for marketing purposes. Without them, you will still see ads, but they may not be as tailored to your preferences.
Measurement cookies: these cookies are used to analyze site usage, helping us measure and improve site performance. Without these cookies, we wouldn't be able to understand which content is most valued or track how often unique visitors return, making it difficult to enhance the information we provide to you.
We will only share your personal data for lawful, legitimate, necessary, specific, and explicit purposes, and we will only share the personal data required to provide the Services. We require our partners and services providers, through agreements, to retain your personal data only for the necessary period and to implement adequate security measures to protect data security.
We disclose the categories of personal data described above in Section 1 between and among our affiliates and related entities, for legitimate business purposes and the operation of the Services, in accordance with applicable laws.
We may share any personal data listed in Section 1 with our Service Providers. These parties help us provide the Services or perform business functions on our behalf. They include:
We disclose personal data if we are legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
If we are involved in a merger, acquisition, bankruptcy, reorganization, partnership, asset sale or other transaction, we may disclose your personal data as part of that transaction. Should one of these events occur, we will make reasonable efforts to notify you before your personal data becomes subject to different privacy and security policies and practices.
We have implemented appropriate technical and organizational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access, and other unlawful or unauthorized processing, in accordance with applicable laws.
Your account is protected by a password for your privacy and security. You must prevent unauthorized access to your account and personal data by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account. If you have any concerns that your account or personal data has been put at risk, for example if someone could have found out your password, please contact us by using the contact details provided in the Section "Contact Us".
While we use reasonable commercial efforts to protect the data, no technology, data transmission, or system can be guaranteed to be 100% secure. In the event of a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your data, we will notify you according to the applicable laws.
We adhere to retention policies for the personal data we collect to ensure that it is not retained longer than necessary for the intended purpose. If you deactivate your account, delete personal data, or the retention period is expired, we will delete or anonymize your personal data, except in the following cases:
When assessing how long your personal data is retained, we consider criteria such as: (i) the nature of the personal data and the activities involved; (ii) when and for how long you use the Services; and (iii) our legitimate interests and our legal obligations.
We use global cloud services to process and back up your Personal Data. Currently, we use the data centers that are in Singapore, the United States and EU. Based on where you are, we will store your Personal Data in the nearest data center. For example, if you are within the European Economic Area, your Personal Data will be processed and stored on the server in EU; if you are located in the U.S., your Personal Data will be processed and stored within the U.S. We also rely on service providers around the globe to support our operations. Consequently, your personal data may be accessed by our affiliates or transferred to third-party service providers and business partners in various locations, to fulfill the purposes set forth in this Policy.
In the event of an international transfer of personal data, when required by applicable laws, we will provide an adequate level of protection for your personal data using various means, including implementing Standard Contractual Clauses or data transfer agreements that comply with applicable laws between our affiliates and third parties or any other lawful approach that permits the lawful transfer of personal data from those countries.
Please find below the relevant information on transfer across national borders:
You can obtain more details of the protection given to your personal data when it is transferred outside of your country by contacting us as referred to in the Section 13 below.
Our Services are not intended for children under the age of 16. We do not knowingly solicit data from or market to children under 16 years of age. If you do not meet applicable age requirements, please do not use our Services.
If we learn that personal data from users less than 16 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 16, please contact us.
Subject to applicable law and depending on where you reside, you may have some rights regarding your personal data, as described below. If you have any other requests relating to the access of your personal data, please contact us using the contact details listed in the Section "Contact Us".
You may have the right to know what personal data we process about you, including the categories of personal data, the business or commercial purposes for collection, the categories of third parties to whom we disclose it and other information according to the applicable law.
You may have the right to access and obtain a copy of your personal data in accordance with the applicable laws. Where applicable, we will provide the information in a portable, machine-readable, readily usable format.
You may have the right to request that we correct inaccurate personal data that we retain about you, subject to certain exceptions.
You have the right to delete your account and erase your personal data. Upon deleting your account, all your personal data will be deleted. Additionally, you may also request deletion of the personal data you provide by contacting us. If some of your personal data cannot be deleted, we will inform you of the reasons for not taking action.
Please note that we reserve the right to retain some of your personal data where there are valid grounds for us to do so under applicable laws.
Where we process your personal data on the basis of your consent, you may withdraw your consent by contacting us. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Subject to applicable laws, you may object to the processing of your personal data based on our legitimate interests where there are grounds relating to your particular situation by contacting us. Please note that we may have an overriding legitimate interest to keep processing your personal data, but we will let you know where this is the case.
If you would like to restrict our processing of your personal data, you may contact us. You have the right to restrict the processing of your data where one of the following applies:
Subject to applicable data protection laws, you may have the right to submit your complaint to the local data protection authority where you reside if you consider that the processing of your personal data infringes any applicable data protection laws.
Depending on your jurisdiction, you may be entitled to additional rights in relation to your personal data. If you would like to contact us to exercise one or more of these rights, to ask a question about these rights or any other provision of this Policy or about our processing of your personal data, or to file a complaint about how we process your personal data, you may use the contact details provided in Section "Contact Us" below.
When submitting a right request, please specify the scope and basis of your request and provide us with the necessary information to verify your identity. We may contact you to confirm your identity in order to handle your request. We will respond to your request or complaint in due course under the applicable laws.
We collect personal data from and about you in the preceding 12 months as described in Section 1 above.
We disclose personal data with third parties for business purposes in the preceding 12 months as below:
| Categories of personal data | Disclosed to which categories of third parties |
|---|---|
| Device and Network Data Usage Data |
Growth analysis provider Advertising service provider |
| Payment Information | Payment processors |
| Account Information Feedback Information |
Customer service vendor |
To the extent provided for by local law and subject to applicable exceptions, you may have the following rights:
Opt-out of marketing communications. We provide marketing information through in-app notifications. If you do not wish to receive these notifications, you can disable them in your device settings.
Limit the Use of Sensitive Personal Data. You also have the right to request limitation of use and disclosure of your sensitive personal data, subject to certain exceptions. For sensitive personal data, please review the individual privacy policies associated with certain Services.
Do Not Sell or Share My Personal Data. As defined by relevant state laws, we "sell" or "share" your Device and Network Data and Usage Data for purposes of serving you advertisements based on your activity across other sites and services ("cross-context behavioral advertising" or "targeted advertising"). If you would like to opt out of the sale or sharing of your personal data, please navigating to "Do not sell or share my personal information" at the bottom of our website or contact us by details provided in Section "Contact Us" below.
Appeal. You may appeal our refusal to take action on a request by contacting us using the contact details provided in Section "Contact Us" below.
Direct Marketing. We do not disclose personal data to third parties for their direct marketing purposes.
Our Services incorporate services and functions provided by third parties. When you choose to enable such third-party services, Wondershare may share your information with such third-party services, including your text, images and other information. Third-Party Services are not owned or controlled by Wondershare and may have their own policies and practices for its collection, use, and sharing of your personal information. Please check the permissions, privacy settings and privacy notices of these third-party services or contact the provider for any questions.
The Services and our business may change from time to time. We recommend checking this page to stay up to date with the latest changes. If there are any substantial changes to this Policy, depending on the nature of such changes, we will notify you in advance through pop-ups, push notifications, and other appropriate means.
For more information about your data subject rights, or how we process your personal data, please contact us by the information below.
Contact Person: Visto Privacy Team
Contact Details: privacy@visto.com