Legal

Terms of Service

Effective Date: 2026

Part 1. Privacy Policy Incorporation

By using DevVisionLab applications, you acknowledge and agree that our Privacy Policy forms an integral part of these Terms of Service. If there is any conflict between privacy disclosures and service operation clauses, mandatory law shall prevail and we will apply the stricter user-protective interpretation where possible.

Part 2. Terms of Service

Section 1. Account Ownership and License Scope

• DevVisionLab grants users a limited, revocable, non-exclusive, non-transferable license to use apps and digital content in accordance with these Terms.
• The app software, source code, branding, design assets, and service logic remain the property of DevVisionLab and/or its licensors.
• User accounts and entitlement records are for access management only and do not create ownership rights over service infrastructure.
• Where an account remains inactive for 180 consecutive days and the law permits, we may reclaim, deactivate, or recycle unused service identifiers to maintain operational security and resource integrity.
• Any automated scraping, reverse engineering, unauthorized API calling, or resale of service access is prohibited.

Section 2. IAA Advertising and Reward Policy

• IAA (in-app advertising) flows may include rewarded ads, interstitials, app-open ads, banners, and native units.
• Rewards are granted only after verified ad completion callbacks from supported ad networks.
• Ad quality and category controls are continuously tuned, but ad content is partly supplied by third-party demand partners.

IAA Fraud and Abuse Rules (Three-Strike Policy)

• Strike 1: Warning and temporary reward suspension for suspicious repeat-click or scripted behavior.
• Strike 2: Longer reward lock and advertising privilege limitation, including possible ad-event invalidation.
• Strike 3: Permanent ban of advertising rewards, account-level restrictions, and fraud report escalation to ad partners.
• Severe abuse (bot farms, emulator clusters, MITM tampering) may trigger immediate permanent enforcement without staged strikes.

Section 3. IAP Payment, Refund, and Dispute Handling

• IAP pricing, renewal frequency, and trial terms are displayed before purchase confirmation.
• Billing is processed by Apple App Store or Google Play billing systems.
• Refund approvals are subject to platform policies and applicable consumer law.
• For subscription products, users remain responsible for cancellation before next renewal if they do not wish to continue.

IAP Fraud Rules (Three-Strike Policy)

• Strike 1: Purchase risk review and temporary entitlement hold.
• Strike 2: Entitlement revocation for high-risk transactions and restricted access to paid features.
• Strike 3: Permanent commerce ban and account-level suspension for confirmed payment abuse (chargeback fraud, receipt tampering, stolen instrument abuse).
• Critical fraud signals may result in immediate termination and legal escalation.

Section 4. Anti-Cheat and Security Protocol

• We may deploy anti-tamper, anti-debug, integrity validation, and environment risk scoring.
• Compromised runtime conditions (root/jailbreak abuse patterns, binary injection, memory patching) may trigger restricted service mode.
• Security controls are designed to protect users, preserve fair usage, and reduce ecosystem abuse.

Section 5. Content Moderation and Platform Safety

• Where user-generated or user-shared content exists, moderation may combine AI classifiers and human review.
• Notice-and-takedown channels are available for legal complaints and rights-holder claims.
• Prohibited content includes unlawful content, harassment, hate, fraud schemes, non-consensual sexual material, child abuse content, violent extremism, and malware distribution.
• DSA-aligned transparency and complaint handling pathways are applied where legally required.

Part 3. 2026 Technical Compliance Guide

Section 1. Apple App Store (iOS) Compliance

• Privacy Nutrition Labels must match actual SDK and runtime data behavior.
• ATT (App Tracking Transparency) enforcement under iOS 18 requires accurate prompt timing, purpose text clarity, and consistent post-consent behavior.
• All declared tracking categories must be auditable and reflected in privacy disclosures.
• Subscription presentation must include price, period, trial conditions, and cancellation path before confirmation.

Section 2. Google Play (Android) Compliance

• Data Safety form disclosures must remain synchronized with actual app behavior and SDK updates.
• Android 15 SDK transparency expectations require updated disclosure for sensitive permissions and third-party SDK processing roles.
• Privacy Sandbox transitions require careful implementation for ad measurement and targeting alternatives.
• Subscription and billing disclosures must remain clear, localized where required, and policy-compliant.

Section 3. 2026 Data Residency Compliance

• China: localization and transfer assessment controls considered where regional laws require.
• India: lawful handling and grievance pathways aligned with DPDP implementation evolution.
• Saudi Arabia: PDPL-driven governance and localization constraints assessed where applicable.
• Brazil: LGPD lawful basis and transfer safeguards applied.
• European Union: GDPR transfer tools and supplementary safeguards used as needed.
• Canada and Japan: local legal frameworks (PIPEDA/APPI) integrated into governance controls.
• Other markets: region-specific controls applied according to enacted law and regulator guidance.

Section 4. Interaction Design Recommendations

• Large-value IAP transactions (for example >= USD 50 equivalent) should use double-confirmation steps.
• Privacy Policy links should be exposed in at least three touchpoints: onboarding, settings/legal center, and store listing/legal metadata.
• Permission requests should be contextual, purpose-specific, and deferred until feature use is clear.
• Ad interactions must avoid deceptive patterns, accidental clicks, or reward misrepresentation.
• Complaint and appeal channels should be accessible in-app and via public legal contact email.
• Transparency displays should clearly identify ads, subscriptions, data handling purpose, and consent state.
• If screen-share or sensitive-view overlays are supported, include visible user indicators and user-controlled exit paths.

Part 4. Compliance Risk Prevention and Regular Review

• Policy, SDK inventory, and legal-disclosure alignment are reviewed on a recurring basis.
• High-risk releases may require pre-launch compliance checklist sign-off.
• We reserve the right to update these Terms to maintain legal compliance, platform compatibility, and user safety.
• Material changes will be communicated through in-app notice, website publication, or other appropriate channels.

Part 5. Contact Information

For legal, compliance, and policy inquiries:

• Email: contact@devvisionlab.com
• Support: support@devvisionlab.com
• Address: Hoa Lac Hi-Tech Park, Hanoi, Vietnam