This Privacy Policy explains how Ad&Vi TV may collect, use, store, disclose and otherwise process personal data when users access the website, mobile applications, Smart TV applications, live-channel features, account areas, billing flows and support interfaces.

This policy is a product-ready draft for the prototype. Before public launch, it should be completed with the actual legal entity name, contact details, jurisdictions, processor list, transfer mechanisms and market-specific notices.

Depending on the feature used, the service may process account and identity data, such as email address, display name, password hash, language choice and verification status.

The service may also process technical and usage data, including device identifiers, app version, IP address, approximate region, login history, playback events, entitlement status, error logs, support tickets and fraud-prevention signals.

When paid features are enabled, billing-related records may include selected plan, renewal status, payment method token status, invoice metadata, anti-chargeback evidence and tax-related records. The prototype currently uses demo payment states and does not implement a real processor.

Personal data may be used to create and secure accounts, deliver streams and catalog access, manage trials and subscriptions, prevent abuse, process support requests, monitor product performance and comply with contractual, legal or rights-holder obligations.

The service may also use limited operational analytics to understand crashes, playback failures, region issues, feature adoption and service quality, provided the final implementation follows the privacy controls required in the target market.

Data may be shared with hosting providers, CDN and DRM vendors, identity or fraud services, analytics tools, billing providers, customer-support systems and legal advisers strictly to the extent needed to operate or protect the service.

The service may also disclose information where required by law, court order, valid regulator request or a rights-holder enforcement process that is legally justified. Cross-border transfers should be documented with the proper safeguards before launch.

The service should keep personal data only for as long as necessary for the stated purpose, active account operations, dispute handling, fraud prevention, billing reconciliation, legal retention or evidentiary needs.

Reasonable technical and organizational safeguards should be applied, including access control, logging, encryption in transit, credential protection, role-based access, incident handling and secure deletion or anonymization where appropriate.

Subject to the applicable law, users may have rights to access, correct, delete, export or restrict certain personal data, object to some processing, withdraw consent where consent is the legal basis, and complain to a competent supervisory authority.

Users should also be able to manage account-profile details, session security, marketing preferences, auto-renew settings and support communications through the account area or designated support workflow.

The service is not intended for unlawful use by minors and may impose age-related restrictions depending on content ratings, parental controls and local law. Where required, consent from a parent or guardian should be obtained.

If the service uses cookies, SDK identifiers or similar technologies, the final launch version should include a separate cookie notice and preference controls where legally required.

This policy may be updated as the product, vendors, jurisdictions or legal requirements change. The latest version should remain available in the legal center, footer and onboarding flow.