Privacy Policy

Personal Data, Cookies, Soul Match Inputs, AI-Supported Processing, and Cross-Border Processing

Soul Alchemy World Limited

Effective Date: May 13, 2026 | Websites: www.soulalchemyworld.com | www.soulmatch.store

Contact Email: info@soulalchemyworld.com

This Privacy Policy is written as a global baseline privacy notice. Certain rights, disclosures, consent requirements, complaint routes, age restrictions, and transfer rules may apply differently depending on your location, the feature you use, and the law that applies to that feature.

Important non-medical notice. Soul Match and related AI-supported tools are designed for emotional wellness, self-reflection, lifestyle routing, service discovery, and commerce support. They are not medical, psychiatric, psychological diagnosis, emergency, or clinical treatment services.

1. Introduction and Scope

1.1 Purpose. This Privacy Policy explains how Soul Alchemy World Limited collects, uses, stores, discloses, transfers, protects, deletes, and otherwise processes Personal Data when you access or use the Services.

1.2 Covered Services. This Privacy Policy applies to www.soulalchemyworld.com, www.soulmatch.store, Soul Match, Healing Hub, the online shop, user accounts, digital content, service routes, product recommendations, customer support, order processing, fulfillment support, and related online experiences made available by the Company.

1.3 Relationship to Other Terms. This Privacy Policy should be read together with the Terms of Use, Shipping Policy, Return and Refund Policy, AI Emotional Support and Non-Medical Disclaimer, cookie notices, consent banners, service-specific notices, and any product-specific privacy notices displayed through the Services.

1.4 Responsible Party. Unless otherwise stated, the Company acts as the data controller, business, personal information handler, or equivalent responsible party for Personal Data processed under this Privacy Policy.

1.5 Not a Medical Records System. The Services are not designed to collect, store, or process medical records, clinical psychological records, psychiatric records, diagnostic information, biometric health data, emergency records, prescription records, or disease-management records. You should not submit such information unless a lawful purpose is clearly disclosed and you have provided any required consent.

1.6 No Emergency Monitoring. The Services are not designed to monitor emergencies, provide crisis response, replace emergency services, or provide real-time clinical intervention. If you believe you or another person may be in immediate danger, contact local emergency services or an appropriate crisis hotline immediately.

2. Definitions

2.1 SAW, Company, we, us, or our. Soul Alchemy World Limited.

2.2 Soul Alchemy World. The Company's brand and commercial ecosystem integrating emotional wellness, lifestyle aesthetics, digital tools, commerce, content, and service routes.

2.3 Soul Match. The Company's mood-first emotional support, routing, and commerce/service output system, including mood input, path selection, AI-supported prompts, self-reflection features, Healing Hub, digital support tools, and, where applicable, product or service suggestions.

2.4 Healing Hub. The emotional support and digital wellness area within Soul Match that may route users to non-emergency support content, self-care tools, online support resources, journaling-style prompts, breathing support, or other wellness features.

2.5 Shop or Commerce Layer. The e-commerce layer that displays and sells lifestyle products, wearable wellness products, home ambiance objects, art pieces, giftable objects, digital products, and related goods.

2.6 Services. The websites, online shop, Soul Match system, Healing Hub, digital tools, content, accounts, customer support, ordering functions, checkout, fulfillment support, and related online experiences made available by the Company.

2.7 User, you, or your. Any person who accesses, browses, purchases from, registers for, submits information to, or otherwise uses the Services.

2.8 Personal Data or Personal Information. Information that identifies, relates to, describes, can reasonably be linked to, or is capable of identifying an individual, as defined by applicable privacy law.

2.9 Mood Input Data. Voluntary mood selections, path selections, intent signals, time-of-day preferences, quick-support choices, self-reflection prompts, journaling-style inputs, contextual preferences, and related non-clinical preference signals submitted through Soul Match.

2.10 Sensitive Data. Information treated as sensitive under applicable law, which may include precise location, government identifiers, financial account data, health data, biometric data, children's data, certain demographic information, or other legally protected categories.

2.11 Processing. Any operation performed on Personal Data, including collection, use, storage, analysis, disclosure, transfer, deletion, de-identification, or other handling.

2.12 Service Provider or Processor. A third party engaged by the Company to process Personal Data on behalf of the Company for authorized business purposes.

3. Categories of Personal Data We May Collect

3.9 Sensitive Data Limitation. We do not require users to provide sensitive medical or clinical data to use Soul Match or the Shop. If you voluntarily provide sensitive information, we will process it only as necessary for the disclosed purpose, with appropriate safeguards, and subject to applicable law.

3.10 Data We Ask You Not to Submit. Unless explicitly requested for a lawful and clearly disclosed purpose, do not submit clinical diagnoses, prescription information, detailed therapy records, psychiatric records, emergency information, government identifiers, children's data, or information about third parties without authorization.

4. Sources of Personal Data

4.1 Information from You. We collect information you provide directly when you create an account, place an order, use Soul Match, use Healing Hub, contact support, subscribe to communications, submit content, complete surveys, or otherwise interact with the Services.

4.2 Information from Your Use of Services. We collect information automatically through cookies, pixels, analytics tools, server logs, device identifiers, and similar technologies when you browse, interact with, or use the Services.

4.3 Information from Third Parties. We may receive information from payment providers, logistics partners, advertising platforms, analytics providers, fraud prevention tools, customer support platforms, social media platforms, and other service providers where permitted by law.

4.4 Information from Integrated Providers. If we display, link to, or integrate with third-party online therapy, wellness, booking, payment, logistics, or content providers, those providers may collect information directly from you under their own policies. We are not responsible for their independent privacy practices.

5. Purposes of Processing

5.1 Service Operation. To provide, operate, maintain, authenticate, secure, debug, and troubleshoot the Services, including accounts, customer support, Soul Match features, Healing Hub, digital content access, checkout, and fulfillment support.

5.2 Soul Match and Healing Hub Functionality. To process Mood Input Data and related preference signals to generate non-clinical routes, self-reflection prompts, content suggestions, service suggestions, product recommendations, commerce outputs, and support pathways.

5.3 Orders and Fulfillment. To confirm orders, coordinate payment processing, arrange shipping, provide tracking, handle customs-related information where required, manage returns and refunds, respond to inquiries, and resolve fulfillment issues.

5.4 Customer Support and Human Handling. To respond to requests, verify orders, investigate complaints, resolve disputes, process quality issue claims, maintain support records, and provide a human handling route for privacy, safety, or AI-output concerns.

5.5 Personalization and Product Improvement. To understand user preferences, improve product structure, optimize recommendations, test features, improve user experience, analyze content performance, and develop new offerings. Where practical, we use aggregated or de-identified data for these purposes.

5.6 Security, Abuse Prevention, and Risk Controls. To detect, prevent, and respond to fraud, abuse, unauthorized access, chargebacks, suspicious transactions, self-harm or emergency-risk signals submitted by users, policy violations, security incidents, and technical failures.

5.7 Marketing Communications. To send marketing emails, messages, or advertising communications where you have provided consent or where otherwise permitted by law. You may opt out of marketing communications at any time.

5.8 Advertising and Measurement. Where consent is provided or where permitted by law, to use cookies, pixels, or similar technologies for advertising measurement, retargeting, audience creation, campaign performance analysis, and cross-platform analytics.

5.9 Legal Compliance. To comply with legal obligations, respond to lawful requests, enforce agreements, protect rights, maintain business records, meet tax, accounting, regulatory, and dispute resolution requirements, and support any required AI-service filings, notices, or risk-management procedures.

6. Legal Bases for Processing

6.1 Consent. Where required, we process Personal Data based on your consent, including for certain cookies, marketing communications, optional Soul Match inputs, optional journaling-style inputs, advertising technologies, and processing of certain sensitive data. You may withdraw consent where applicable.

6.2 Contract Performance. We process Personal Data where necessary to perform a contract with you, including account access, order processing, payment coordination, shipping, customer support, digital content delivery, and enforcement of applicable terms.

6.3 Legitimate Interests. Where permitted by law, we process Personal Data for legitimate interests such as service improvement, fraud prevention, security, analytics, customer support, product development, and platform integrity, provided such interests are not overridden by your rights and interests.

6.4 Legal Obligations. We process Personal Data where necessary to comply with applicable laws, regulations, tax obligations, accounting rules, consumer protection obligations, regulatory requests, AI-service obligations, and lawful enforcement requests.

6.5 Vital Interests and Public Interest. In rare circumstances, we may process Personal Data where necessary to protect vital interests or where required for a public interest basis recognized by applicable law. The Services are not designed to provide emergency monitoring or crisis response.

7. AI-Supported Processing, Soul Match Outputs, and User Control

7.1 AI-Supported Outputs. Soul Match and related tools may use AI-supported or automated logic to generate self-reflection prompts, service routes, product recommendations, content suggestions, and commerce outputs based on voluntary user inputs and platform signals.

7.2 No Medical, Psychiatric, or Clinical Output. Soul Match outputs, Healing Hub suggestions, product recommendations, rituals, self-reflection prompts, and service routes are not medical diagnosis, psychiatric diagnosis, psychological diagnosis, clinical treatment, disease management, emergency care, or professional advice. They should not be used to decide whether to start, stop, or change any medical or mental-health treatment.

7.3 No Legally Significant Automated Decisions. We do not use Soul Match outputs to make automated decisions that produce legal or similarly significant effects concerning you, such as medical determinations, eligibility for essential services, employment decisions, credit decisions, insurance decisions, or government-benefit decisions.

7.4 User Control. You may ignore, override, decline, or stop using Soul Match outputs. Recommendations are intended to support self-reflection, service discovery, and shopping decisions and are not binding instructions.

7.5 AI Transparency. Where required by law or appropriate for user understanding, we may provide notices indicating that a feature uses AI-supported or automated logic. We may also provide feature-level explanations of the general categories of inputs used for suggestions.

7.6 Output Limitations. AI-supported outputs may be incomplete, inaccurate, inappropriate for your circumstances, or influenced by incomplete user inputs. You are responsible for using judgment and seeking qualified professional support when needed.

7.7 Human Review and Complaint Route. If you believe a Soul Match output is unsafe, inappropriate, discriminatory, privacy-invasive, or otherwise problematic, you may contact us at info@soulalchemyworld.com. We may review the issue, restrict the feature, delete relevant data where required, correct records, escalate internally, or take other reasonable measures.

8. Data Minimization, Consent, and Sensitive Emotional Data

8.1 Minimum Necessary Collection. We seek to collect only the Personal Data reasonably necessary for the feature, order, support function, legal obligation, or user request at issue.

8.2 Optional Mood Inputs. Mood Input Data and self-reflection inputs are voluntary unless a specific feature clearly indicates that an input is required for functionality. Where consent is required, we will request consent before processing such inputs.

8.3 Informed Consent for Sensitive Features. If a feature is likely to involve sensitive emotional, psychological, health-related, or children's data, we will provide clear notice, obtain consent where required, and explain the purpose, data categories, retention approach, and withdrawal method where applicable.

8.4 No Raw Sensitive Data for Model Training Without Consent. We do not use raw user-submitted sensitive emotional, psychological, journaling, or self-reflection data to train or fine-tune AI models unless we have obtained explicit consent where required by law, or unless the data has been lawfully de-identified, aggregated, or otherwise processed in a way that no longer identifies the user.

8.5 De-Identification and Aggregation. Where practical, we use de-identified, pseudonymized, or aggregated data for analytics, product improvement, safety testing, and trend analysis.

8.6 User Deletion. You may request deletion of Personal Data as described in Section 14. Deletion may be subject to lawful retention exceptions, including order records, fraud prevention, security logs, tax records, chargeback records, and legal obligations.

9. Cookies, Pixels, and Analytics

9.1 Use of Cookies. We use cookies and similar technologies to maintain site functionality, remember preferences, support checkout, analyze platform usage, improve user experience, secure the Services, and measure marketing effectiveness.

9.2 Essential Technologies. Certain cookies or similar technologies may be necessary for site functionality, security, account access, checkout, order processing, or fraud prevention.

9.3 Analytics and Advertising Technologies. Analytics and advertising technologies may be used where permitted by law and, where required, only after you provide consent. Such technologies may help us understand platform performance, optimize campaigns, and measure advertising effectiveness.

9.4 Cookie Controls. You may manage or disable cookies through browser settings, cookie banners, consent management tools, or device settings. Disabling certain technologies may affect platform functionality.

9.5 Global Privacy Control. Where legally required and technically feasible, we honor valid Global Privacy Control or similar browser-based opt-out signals as required by applicable law.

10. Disclosure of Personal Data

10.1 No Sale for Money. We do not sell Personal Data for monetary payment. Where applicable law defines certain advertising or analytics disclosures as sale, sharing, or targeted advertising, we will provide required notices and opt-out mechanisms.

10.2 Service Providers. We may disclose Personal Data to service providers and processors that support hosting, cloud infrastructure, payment processing, fraud prevention, logistics, shipping, analytics, advertising, email delivery, customer support, tax, accounting, legal, compliance, and technical operations.

10.3 Logistics and Fulfillment Partners. For order fulfillment, we may share limited information necessary to ship products, such as recipient name, shipping address, phone number where required by the carrier, product details, order identifiers, and delivery instructions. We do not share customer marketing data with suppliers unless required for a disclosed and lawful purpose.

10.4 Advertising and Analytics Partners. Where permitted and, where required, with consent, we may disclose limited identifiers, usage data, and event data to analytics or advertising partners to measure campaigns, optimize ads, and understand platform performance.

10.5 Online Support or Booking Partners. If you choose to interact with a third-party online support, therapy, booking, telehealth, or wellness provider through or after a route from Healing Hub, we may disclose only the data necessary to enable the selected action, or you may provide data directly to that provider. The provider's own terms and privacy notice may apply.

10.6 Legal and Safety Disclosures. We may disclose Personal Data where necessary to comply with law, respond to lawful requests, enforce agreements, protect rights, prevent fraud, address security issues, resolve disputes, or protect users, the Company, or the public.

10.7 Business Transactions. We may disclose or transfer Personal Data in connection with a merger, acquisition, financing, restructuring, sale of assets, bankruptcy, or similar corporate transaction, subject to appropriate safeguards and applicable law.

11. International Transfers

11.1 Cross-Border Processing. Because the Company operates across borders, Personal Data may be transferred to or processed in Hong Kong, the United States, the European Economic Area, the United Kingdom, mainland China, or other jurisdictions where the Company, service providers, processors, logistics partners, or technology vendors operate.

11.2 Transfer Safeguards. Where required by law, we rely on appropriate transfer mechanisms, such as standard contractual clauses, data processing agreements, adequacy decisions, consent, contractual necessity, security assessments, certifications, or other lawful transfer mechanisms.

11.3 Different Legal Standards. Privacy laws in the jurisdictions where Personal Data is processed may differ from those in your jurisdiction. We take reasonable steps to protect Personal Data in accordance with this Privacy Policy and applicable law.

11.4 Mainland China Data. Where mainland China privacy, data security, cybersecurity, or generative-AI service rules apply, we will implement applicable consent, minimization, cross-border transfer, security, content safety, algorithm filing, user complaint, and minor-protection measures as required by law.

12. Data Retention

12.1 Retention Periods. We retain Personal Data for as long as reasonably necessary to provide the Services, fulfill orders, maintain accounts, support Soul Match features, provide customer support, comply with legal obligations, resolve disputes, enforce agreements, prevent fraud, and maintain business records.

12.2 Soul Match and Mood Input Data. We retain Mood Input Data and related preference signals only as long as reasonably necessary for the feature, user account, personalization setting, security need, legal obligation, or consented improvement purpose. Where practical, we aggregate, de-identify, or delete older data.

12.3 Order Records. Order, payment, tax, fulfillment, refund, dispute, and customer support records may be retained for longer periods where required for accounting, tax, audit, legal, warranty, chargeback, or dispute purposes.

12.4 Security and High-Risk Logs. Security logs, abuse-prevention logs, high-risk content flags, complaint records, and incident response records may be retained for a limited and lawful period needed to investigate, protect users, prevent abuse, comply with law, or defend legal claims.

12.5 Deletion or De-Identification. When Personal Data is no longer needed, we will delete, de-identify, aggregate, or otherwise handle it in accordance with applicable law and our operational practices.

13. Data Security and Access Controls

13.1 Security Measures. We implement reasonable technical and organizational measures designed to protect Personal Data against unauthorized access, accidental loss, misuse, alteration, disclosure, or destruction.

13.2 Encryption and Secure Transmission. We use commercially reasonable safeguards, which may include encryption in transit, encryption at rest where appropriate, secure authentication, access logging, backup controls, vulnerability management, and secure development practices.

13.3 Role-Based Access Control. Access to Personal Data is limited to personnel and service providers who need access for authorized business purposes. Sensitive Soul Match inputs, support records, complaint records, and high-risk logs should be subject to stricter access permissions where operationally feasible.

13.4 Separate Handling of High-Risk Logs. Where users submit content indicating potential self-harm, harm to others, exploitation, abuse, or other safety-sensitive circumstances, we may separately flag, restrict access to, and review relevant records for safety, compliance, and incident-handling purposes.

13.5 No Absolute Security. No online platform, transmission method, or storage system can be guaranteed to be completely secure. You use the Services with the understanding that security risks cannot be eliminated entirely.

13.6 User Responsibilities. You are responsible for maintaining the confidentiality of your account credentials, using secure devices, and notifying us if you suspect unauthorized access to your account.

14. Your Privacy Rights

14.1 Rights Depending on Jurisdiction. Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, object to, port, or receive a copy of your Personal Data, withdraw consent, opt out of marketing, opt out of sale or sharing where applicable, limit certain uses of sensitive information where applicable, and lodge a complaint with a supervisory authority.

14.2 European, UK, and Similar Rights. Where GDPR, UK GDPR, or similar laws apply, you may have rights to access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and complaint to a supervisory authority.

14.3 California and Other U.S. State Rights. Where the California Consumer Privacy Act, as amended, or other U.S. state privacy laws apply, residents may have rights to know, access, delete, correct, opt out of sale, sharing, or targeted advertising, limit certain uses of sensitive personal information, and not be discriminated against for exercising privacy rights.

14.4 Hong Kong Rights. Where the Hong Kong Personal Data (Privacy) Ordinance applies, data subjects may have rights of access and correction and other protections relating to collection, accuracy, retention, use, security, openness, and data access or correction.

14.5 Mainland China Rights. Where mainland China privacy law applies, you may have rights to know, decide, restrict or refuse processing, access, copy, correct, supplement, delete, withdraw consent, request account cancellation, and request explanation of processing rules, subject to applicable legal limits.

14.6 Exercising Rights. You may exercise applicable rights by contacting us at info@soulalchemyworld.com. We may request information reasonably necessary to verify your identity and process your request.

14.7 Authorized Agents. Where permitted by law, you may use an authorized agent to submit a privacy request. We may require proof of authorization and verification of identity.

14.8 Limitations. Privacy rights may be subject to legal limitations, exceptions, verification requirements, retention obligations, fraud prevention needs, security needs, and other lawful grounds for declining or limiting a request.

15. Children, Minors, and Vulnerable Users

15.1 Not Intended for Minors. The Services are not intended for individuals under 18 years old or under the age of majority in their jurisdiction, unless a specific feature is expressly designed for minors and complies with applicable law.

15.2 No Knowing Collection. We do not knowingly collect Personal Data from minors. If you believe a minor has provided Personal Data to us, please contact us so we can take appropriate steps.

15.3 Minor Protection Measures. If we later make any feature available to minors, we will implement appropriate age-screening, parental or guardian consent, content safety, advertising restrictions, data minimization, retention limits, complaint routes, and additional safeguards required by applicable law.

15.4 Emotional Dependence and Safety. Where applicable law requires additional controls for AI-supported emotional or interactive services, we may implement usage reminders, time limits, safety prompts, feature restrictions, content moderation, emergency-resource notices, and human review channels to reduce the risk of over-reliance, confusion, or unsafe use.

15.5 Vulnerable Users. Where required by law or where safety considerations apply, we may provide additional notices, crisis-resource prompts, or support routes for vulnerable users, while limiting collection and disclosure to what is necessary and lawful.

16. Marketing Choices

16.1 Email Marketing. You may opt out of marketing emails by using the unsubscribe link in the email or by contacting us. Even if you opt out of marketing, we may still send service-related communications such as order confirmations, shipping notices, policy updates, security alerts, or customer support messages.

16.2 Advertising Choices. You may be able to manage advertising preferences through cookie tools, browser settings, platform settings, device settings, or applicable opt-out mechanisms.

16.3 Consent Withdrawal. Where processing is based on consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

17. AI Emotional Support, Non-Medical Status, and Regulated Software Boundary

17.1 Emotional Wellness Scope. Soul Match, Healing Hub, and related tools are intended for emotional wellness, lifestyle reflection, shopping support, service discovery, and non-clinical self-support. They are not intended to diagnose, treat, cure, mitigate, prevent, or manage any disease, disorder, medical condition, psychiatric condition, psychological condition, or emergency.

17.2 No Medical Device or Clinical Decision Support Intent. Unless a specific product or feature is separately labeled and legally cleared, authorized, registered, or otherwise handled as required, the Company does not intend Soul Match, Healing Hub, or related lifestyle tools to function as medical device software, clinical decision support software, telemedicine, psychotherapy, or medical treatment.

17.3 U.S. Medical Software Boundary. If a future feature is intended for diagnosis, treatment recommendations, disease management, clinical decision support, or medical-device functionality, we will conduct a separate regulatory assessment before launch and implement required notices, quality controls, validation, provider oversight, clearance, registration, or other obligations where applicable.

17.4 Online Support Providers. Any online therapy, counseling, coaching, or professional support provider displayed or linked through the Services may be subject to separate licensing, professional, contractual, privacy, and consent requirements. Users should review the provider's terms and privacy notice before using such services.

17.5 Crisis and Emergency Disclaimer. The Services are not a crisis hotline, emergency response service, suicide prevention service, or substitute for immediate professional help. If you may harm yourself or others, or if you are experiencing an emergency, contact local emergency services or a qualified crisis resource immediately.

18. China-Facing Generative AI and Public-Service Compliance

18.1 Applicability. If the Company offers generative-AI features to the public in mainland China or otherwise becomes subject to mainland China generative-AI, algorithm, cybersecurity, data security, personal-information, or internet-service rules, the Company will implement required measures according to the applicable scope of the feature.

18.2 Clear Service Notices. Where required, we will provide clear notices about the AI-supported nature, applicable user group, service purpose, service limitations, non-medical status, complaint channels, and user obligations.

18.3 Personal Information Protection. We will not collect unnecessary Personal Data for AI-supported features and will implement personal-information protection obligations, including consent, minimization, purpose limitation, security safeguards, deletion rights, and lawful cross-border transfer mechanisms where applicable.

18.4 Algorithm Filing and Security Assessment. Where required for services with public-opinion attributes, social-mobilization capacity, recommendation algorithms, deep synthesis, or generative AI features, we may complete applicable algorithm filing, security assessment, change filing, public disclosure, or other regulatory steps before or after launch as required.

18.5 Content and Output Governance. Where required, we may implement prompt/output moderation, labeling of AI-generated content, illegal-content handling, user reporting, complaint resolution, audit logs, provider review, and other controls intended to reduce harmful, misleading, illegal, or unsafe outputs.

18.6 Minor Protection. If any China-facing feature could be used by minors, we may implement age screening, parental consent where required, minor mode, anti-addiction or over-reliance controls, recharge/payment restrictions, time reminders, content restrictions, and complaint or appeal mechanisms.

19. Third-Party Websites and Services

19.1 Third-Party Practices. The Services may contain links to or integrations with third-party websites, platforms, payment providers, logistics providers, social media platforms, online support providers, or other services. We are not responsible for third-party privacy practices, and you should review their privacy notices.

19.2 Third-Party Accounts. If you interact with the Services through a third-party account or platform, that third party may collect or process information according to its own policies.

19.3 No Third-Party Medical Control. If third-party services provide therapy, coaching, counseling, clinical care, medical content, or regulated services, those providers are responsible for their own professional, regulatory, consent, and privacy obligations unless otherwise stated in a written agreement.

20. Complaints, Safety Reports, and Human Review

20.1 Privacy Requests and Complaints. You may contact us at info@soulalchemyworld.com for privacy requests, consent withdrawal, deletion requests, access requests, correction requests, cookie concerns, or complaints about data handling.

20.2 AI Output or Safety Complaints. You may contact us if an AI-supported output appears unsafe, discriminatory, misleading, privacy-invasive, inappropriate for minors, overly dependent, or inconsistent with the stated non-medical scope of the Services.

20.3 Human Handling. We will make reasonable efforts to route privacy, safety, and AI-output complaints to appropriate human personnel or designated service providers for review, subject to verification, applicable law, operational limits, and safety considerations.

20.4 Escalation and Records. We may maintain limited complaint, support, safety, and incident records for accountability, legal compliance, security, and service improvement. Access to such records should be restricted based on role and need.

21. Changes to this Privacy Policy

21.1 Updates. We may update this Privacy Policy from time to time to reflect changes in law, technology, business operations, service features, AI-processing practices, or data practices.

21.2 Notice. We will post the updated Privacy Policy through the Services and update the effective date. Where required by law, we will provide additional notice or obtain consent.

22. Contact Information

22.1 Contact Email. Questions, privacy requests, deletion requests, complaints, or AI-output safety reports may be directed to Soul Alchemy World Limited at info@soulalchemyworld.com.

22.2 Company Name. The responsible company is Soul Alchemy World Limited.

22.3 Reservation of Rights. The Company reserves all rights not expressly granted in this document, subject to applicable law.

Annex A. Public-Facing Compliance Commitments for Soul Match

· Clear informed consent for optional mood, self-reflection, advertising, and sensitive processing where required.

· Clear statement that Soul Match and Healing Hub are not medical diagnosis, psychiatric diagnosis, or treatment services.

· User ability to request access, correction, deletion, consent withdrawal, and complaint handling where applicable.

· Reasonable encryption, access control, logging, and secure transmission for user data.

· Data minimization for mood inputs, journaling-style inputs, and recommendation signals.

· Separate and restricted handling of high-risk safety logs and complaint records.

· Role-based administrative permissions and need-to-know access to sensitive records.

· No use of raw sensitive emotional or psychological user inputs for AI model training without explicit consent where required.

· Minor-protection strategy before any feature is made available to minors.

· Complaint, reporting, and human review channels for privacy, safety, and AI-output issues.