Privacy Policy

Last updated: May 16, 2026

Who We Are

neowire GmbH (full contact details in the imprint at https://getflikk.com/imprint) is the entity responsible for personal information collected through Flikk. In US privacy-law terminology, neowire is the "business."

If you have questions about this Privacy Policy or about our handling of your personal information, please contact us by email at legal@neowire.ai or by post at the address in the "Contact" section below.

Geographic Availability

Flikk is offered only to residents of the United States. We do not direct, market, or make Flikk available to users outside of the United States. If you are located outside the United States, please do not register for or use the App. If you become aware that a person located outside the United States has registered for Flikk, please contact us at legal@neowire.ai so that we can close the account.

Although Flikk is offered only to US residents, our infrastructure is operated by neowire GmbH from Germany, and personal information collected through Flikk is stored and processed on servers located in the European Union — see "Where Your Personal Information Is Processed" below.

Personal Information We Collect

We collect the following personal information when you use Flikk. Where relevant, the corresponding category under the California Consumer Privacy Act ("CCPA") is shown in parentheses.

Authentication. We use Firebase Authentication (provided by Google Ireland Limited) to authenticate you. Where you register via email, your password is collected and stored by Firebase Authentication, not by us; we never see, store or have access to your password.

You provide directly when you register or use the App:

• Email address, nickname, date of birth, gender, profile picture if you register via social login and one is available (CCPA: identifiers; customer records information).
• If you contact us or use the AI support chat: the content of your message (CCPA: contents of communications between you and us as the intended recipient).
• If applicable, the email address used by you to receive payouts via Tremendous (CCPA: identifiers; commercial information).

Collected automatically when you use the App:

• Device identifiers including Firebase UID, Firebase App Instance ID and the Advertising ID (GAID/IDFA); push token (CCPA: identifiers).
• Technical information about your device: model and product name, operating system version, general device specifications, carrier name and country, platform (web, Android, iOS), language and currency settings (CCPA: internet or other electronic network activity).
• IP address allocated to your device (CCPA: identifiers; internet activity).
• Country (United States) and postal code, but not precise geolocation (CCPA: approximate geolocation).
• Information about your use of the App, such as which videos you have watched, which offers you participate in, the rewards you have earned and your interactions with marketing communications (CCPA: internet activity; commercial information).
• Campaign attribution data (source, campaign name) when you install Flikk from a marketing channel (CCPA: internet activity).

We do not collect, and Flikk is not designed to collect, the following: precise geolocation; government identification numbers; financial-account numbers, debit-card or credit-card numbers; racial or ethnic origin; religious or philosophical beliefs; union membership; genetic or biometric data; health information; data concerning sex life or sexual orientation; or other sensitive personal information beyond what is described under "Sensitive Personal Information" below. Where the offers our partner Prodege makes available to you ask for information of that kind, the data is collected by Prodege or by the offer provider rather than by us — see "Data from Offers (Prodege)" below.

How We Use Your Personal Information

We use your personal information for the following purposes:

• To provide and operate Flikk — set up and maintain your account, identify you, deliver the AI-generated videos and offers available to you, calculate and pay out your rewards, process your support requests.
• To prevent fraud and protect Flikk — detect and prevent fraudulent activity, enforce our Terms of Service, ensure the technical security of Flikk (see "Automated Decision-Making and Fraud Prevention" below).
• To improve Flikk — analyse pseudonymous use of the App to understand how it is used and to improve our services. We do this only where you have given the relevant consent or where local law otherwise permits.
• To display advertising within the App — serve ads between videos through AppLovin MAX (see "Advertising" below).
• To send you marketing communications — send you marketing emails and push notifications and track your interactions with them, where you have given the relevant consent or where local law otherwise permits.
• To comply with our legal obligations — including tax retention obligations, and responses to lawful requests from authorities.
• To establish, exercise or defend legal claims.

AI-Generated Videos

The videos you watch in Flikk are generated in advance by neowire using AI-based video-generation tools, stored on our servers, and streamed to you on demand. We do not transmit your personal information to any third-party AI video-generation service in connection with the videos you watch, and no AI provider receives information about which videos you watch or interact with. The selection of which videos to present to you is performed by our own systems.

Data from Offers (Prodege)

To recommend rewarded offers (games and other tasks you can complete to earn rewards), we work with our partner Prodege, LLC. The data flows are:

1. Matching data — collected and shared by us. We transmit to Prodege via its API a pseudonymous user identifier, device data (such as model and operating system version) and your IP address. Prodege uses this data to determine which offers are available to you.

2. Offers conducted by Prodege and its offer providers. The offers themselves are run by Prodege or by independent offer providers integrated through Prodege. Once you choose to participate in an offer, the processing of any data you submit to that offer (such as actions you take in a game or fields you complete in a task flow) is performed by Prodege or by the relevant offer provider as independent businesses under their own privacy notices. After you complete an offer, Prodege transmits to us only an offer identifier and the corresponding reward amount, so that we can credit your account.

Participation in any offer is voluntary; you can decline to participate, stop at any time, or simply ignore the offers tab and ads without negative consequences for the rest of your use of Flikk.

For more information about Prodege's processing, see https://www.prodege.com/privacy-policy/.

Advertising

Flikk uses two distinct forms of advertising data flows. Both are described here so you can understand what is shared, with whom, and how to opt out.

In-app advertising (AppLovin MAX)

We use AppLovin MAX (provided by AppLovin Corporation), an ad-mediation platform, to display advertisements between videos. AppLovin MAX connects to a range of advertising networks ("demand partners") that bid to serve ads to you.

When an ad is shown:

• AppLovin MAX and the participating demand partners receive your Advertising ID (GAID/IDFA), IP address, basic device information (model, operating system, language) and app-context information (e.g., that the ad is being shown in Flikk).
• They use this information to select and serve a relevant ad, to measure ad performance and frequency, and — where you have not opted out — for cross-context behavioral advertising (i.e., showing you ads based on your activity across other apps and websites).
• We receive ad revenue in return for ads being shown to you in Flikk.

Because we receive valuable consideration (ad revenue) and demand partners receive personal information (device identifiers) for their own advertising purposes, this constitutes both a "sale" and a "sharing" of personal information under the CCPA. You have the right to opt out — see "Sale and Sharing of Personal Information" below.

The current list of AppLovin MAX demand partners we use is available at https://getflikk.com/partners. The list is updated as partners are added or removed.

AppLovin's privacy policy is available at https://www.applovin.com/privacy/.

Marketing campaign measurement

To measure the performance of our advertising campaigns and to find new users similar to those who already enjoy Flikk, we work with advertising and attribution partners. These partners receive limited information about your install and certain in-app events (such as registration or first reward earned), which they use both on our behalf — to measure the performance of our campaigns — and on their own behalf — to improve their advertising and audience models, including to identify similar audiences for our future campaigns.

The data transmitted is limited to pseudonymous identifiers (such as your Firebase App Instance ID, your Advertising ID, or a hashed installation token) and event names. We do not transmit your email address, account information, or video-viewing history to these partners. The data flows through our analytics provider (Firebase) and our attribution provider (Adjust), which forward conversion events to our advertising partners on our behalf.

Under the CCPA, this also constitutes "sharing" of personal information for cross-context behavioral advertising.

The current list of advertising and attribution partners is available at https://getflikk.com/partners.

How to opt out

You can opt out of both forms of advertising sharing/sale at any time by:

• turning off the "Advertising" toggle in the App's privacy settings (Settings → Your Privacy Choice → Your consents) — this disables AppLovin MAX-mediated ads (you will still see non-personalized ads where required for the App to function) and disables outbound conversion sharing with our marketing partners;
• on iOS, declining or revoking the App Tracking Transparency (ATT) permission for Flikk;
• on Android, enabling "Delete advertising ID" (or the equivalent setting) in your device settings;
• sending a "Do Not Sell or Share" request to legal@neowire.ai;

Who We Share Your Personal Information With

Recipients acting on our behalf (service providers)

We use the following recipients to help us provide Flikk. They process personal information on our behalf under written contracts that require them to process the data only on our instructions, to keep it confidential, to implement appropriate security measures, and to engage sub-processors only with our authorisation. For US users, these recipients are bound by service-provider terms under the CCPA, meaning the disclosure to them is not a "sale" or "share" of personal information.

• Google Cloud Platform (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) — Hosting and storage. Data is stored on Google Cloud servers within the EU. Sub-processors: https://cloud.google.com/terms/subprocessors. Privacy policy: https://cloud.google.com/privacy
• Firebase (Google Ireland Limited) — User authentication (Firebase Authentication), social-login plumbing, app analytics and other app services. Firebase Analytics is linked to our Google Ads account so that conversion events can be reported to Google Ads for campaign measurement and optimization — see "Marketing campaign measurement" above. https://firebase.google.com/support/privacy
• Adjust (Adjust GmbH, Saarbrücker Str. 38a, 10405 Berlin, Germany) — Mobile analytics and attribution. Data is processed within the EU. Adjust forwards conversion events to our advertising partners on our behalf — see "Marketing campaign measurement" above. https://www.adjust.com/terms/privacy-policy/
• Amazon Web Services — Simple Email Service (Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855 Luxembourg) — Sending transactional and marketing emails. https://aws.amazon.com/privacy/
• Verisoul (Verisoul Inc., 1401 Lavaca St. #989, Austin, TX 78701, USA) — Fraud detection and account verification. We transmit your user ID, email address and a session identifier; their response (risk score and underlying fraud signals) is retained alongside your account. https://policies.verisoul.ai/privacy.html
• OpenAI (OpenAI Ireland Ltd., 1st Floor, The Liffey Trust Centre, 117–126 Sheriff Street Upper, Dublin 1, D01 YC43, Ireland) — AI provider for the AI support chat. https://openai.com/policies/privacy-policy
• Google Gemini API (Google Ireland Limited) — AI provider for the AI support chat. https://policies.google.com/privacy

Recipients acting on their own behalf (independent businesses / third parties)

The following recipients process personal information as independent businesses (third parties), typically because they have their own statutory or regulatory obligations governing the processing, or because they use the data for their own advertising or service purposes. For these recipients, you should consult their privacy policies for full information.

• Tremendous (Tremendous Inc., 1 Ferry Building, Suite 201, San Francisco, CA 94111, USA) — Gift card and reward issuance. Email address transmitted. https://www.tremendous.com/privacy
• Prodege (Prodege, LLC, 8605 Santa Monica Blvd., PMB 36227, West Hollywood, CA 90069-4109, USA) — Matching of users with offers, and operation of those offers (including via independent offer providers). https://www.prodege.com/privacy-policy/
• Independent offer providers (various) — Operate the rewarded games and tasks offered through Prodege. Each has its own privacy notice.
• AppLovin and its mediated demand partners — In-app advertising. See "Advertising" above. Current list at https://getflikk.com/partners.
• Marketing and attribution partners — Cross-context behavioral advertising for our user-acquisition campaigns. Current list at https://getflikk.com/partners.
• Social login providers (Google, Apple) — Where you use social login to register. Each provider acts as an independent business for the processing it performs on its own platform.

Other recipients

We may also disclose personal information:

• to public authorities where required by law (for example, law enforcement, regulators, tax authorities);
• to professional advisors (lawyers, accountants, auditors) under confidentiality obligations, where necessary for the establishment, exercise or defence of legal claims;
• in connection with a corporate transaction (sale, merger, restructuring or insolvency), in which case customer information may be transferred with the relevant part of the business.

Where Your Personal Information Is Processed

Flikk's core infrastructure is operated by neowire GmbH from Germany. Personal information about US users is primarily stored and processed on Google Cloud servers located in the European Union.

Some recipients listed above are located in the United States (for example, Verisoul, Tremendous, Prodege, AppLovin and its demand partners, and our marketing partners). Where personal information about you is transmitted to those US recipients, the transmission occurs from our EU-based infrastructure.

Within the European Union, your personal information benefits from the protections of European data-protection law in addition to your rights under US law as set out in this Privacy Policy.

How Long We Keep Your Personal Information

We store personal information only for as long as we need it for the purposes for which it was collected, or for as long as we are permitted or required to by law. The following retention periods apply:

| Data category | Retention period | |

If you request the deletion of your account, the deletion is scheduled for execution after a 30-day grace period during which you may cancel the request. After that period your personal information will be permanently erased from our systems and from those of our service providers, with the exception of data subject to the statutory retention obligations above (which is then restricted from further processing).

How We Protect Your Personal Information

We implement appropriate technical and organisational measures to protect your personal information against loss, unauthorised access, alteration and misuse — including modern encryption in transit and at rest, access controls, logging, and regular review of our security posture. These measures are regularly tested and adapted to technological developments.

Where we use service providers to process your data, we contractually require them to maintain at least equivalent security measures. Authentication credentials (passwords) are managed by Firebase Authentication, not by us. No system can guarantee absolute security; we encourage you to use a strong, unique password and to protect your device against unauthorised access.

Automated Decision-Making and Fraud Prevention

We use the fraud-prevention service Verisoul to assess login and payout attempts for indicators of fraudulent activity. Your user ID, email address and a session identifier are transmitted to Verisoul, which returns a risk score and a set of underlying fraud signals. We retain this output alongside your account.

The score is treated as an input to our review, not as a final decision. No payout or account decision that produces legal effects concerning you, or similarly significantly affects you, is made solely on the basis of automated processing. Where the score indicates an elevated risk, a member of our staff reviews the case before any restrictive measure (such as suspension or refusal of a payout) is taken. You can ask us for human review, express your point of view and contest any decision in this context by contacting legal@neowire.ai.

AI Support Chat

In the contact section of the App, you can use our AI support chat to get assistance with your questions. When you use the AI support chat, the content of your message is transmitted to our AI provider in order to generate a response. Your email address is not transmitted to the AI provider. The chat is powered by large-language-model providers (OpenAI and Google Gemini API) acting as our service providers under contracts that prohibit them from using your data for their own purposes. If necessary, a human support agent may contact you via email to follow up on your issue.

Marketing Communications

We may send you marketing emails and push notifications, where you have given the relevant consent or where local law otherwise permits, and we may track your interactions with those communications to improve their relevance. You can unsubscribe from marketing communications at any time using the link in any marketing email, or in the App settings, or by contacting us at legal@neowire.ai. Even after unsubscribing, we may still send you transactional messages (such as payout confirmations) that you cannot opt out of while you have an active account.

Children's Privacy

Flikk is intended for users aged 18 or over. We do not knowingly collect personal information from anyone under 18. If you believe that a person under 18 has provided us with personal information, please contact us at legal@neowire.ai so that we can delete it.

We do not knowingly sell or share the personal information of US users under the age of 16 within the meaning of the CCPA.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The most current version is always available at https://getflikk.com/privacy and via the "Privacy" heading within the App. If we make material changes, we will inform you through a notification in the App or via email. Where the changes require new consent, we will ask you to consent to the amended Privacy Policy again.

Contact

For any questions or to exercise your rights under this Privacy Policy, contact us at:

• Email: legal@neowire.ai
• Post: neowire GmbH, Rheinpromenade 13, 40789 Monheim am Rhein, Germany

Notices and Rights Under US Privacy Laws

This section sets out additional information for US users. Depending on your state of residence, your rights and our obligations are governed by one or more of the following laws: the California Consumer Privacy Act, as amended by the California Privacy Rights Act ("CCPA"); the Virginia Consumer Data Protection Act (VCDPA); the Colorado Privacy Act (CPA); the Connecticut Data Privacy Act (CTDPA); the Utah Consumer Privacy Act (UCPA); the Texas Data Privacy and Security Act (TDPSA); the Oregon Consumer Privacy Act (OCPA); the Montana Consumer Data Privacy Act; the Iowa Consumer Data Protection Act; the Tennessee Information Protection Act; the Indiana Consumer Data Protection Act; the Delaware Personal Data Privacy Act; the New Hampshire Privacy Act; the New Jersey Data Privacy Act; the Maryland Online Data Privacy Act; the Minnesota Consumer Data Privacy Act; the Rhode Island Data Transparency and Privacy Protection Act; the Kentucky Consumer Data Protection Act; or other applicable state laws.

This section serves as our notice at collection for the purposes of the CCPA.

Categories of Personal Information We Collect

In the past twelve months, we have collected the following categories of personal information about US users:

• Identifiers — email address, nickname, device identifiers (Firebase UID, Firebase App Instance ID, Advertising ID), push token, IP address, pseudonymous user identifier.
• Customer records information — date of birth, gender.
• Commercial information — rewards earned, payouts requested and received, videos watched, offers completed.
• Internet or other electronic network activity information — interactions with Flikk, technical device information, language and currency settings, campaign attribution data, ad-interaction data.
• Geolocation data — country (United States) and postal code (not precise geolocation).
• Sensory information — none.
• Professional or employment-related information — none.
• Education information — none.
• Inferences drawn from the above — limited, for the purpose of selecting offers and detecting fraud.

Sensitive Personal Information

The CCPA's category of "sensitive personal information" includes specific data types such as government IDs, account log-in credentials, precise geolocation, racial or ethnic origin, religious beliefs, health information, contents of certain communications, and data concerning sex life or sexual orientation. Of these, we collect only:

• Contents of communications between you and us where we are the intended recipient — the messages you send to our AI support chat or to our human support agents. Used solely to handle your support request.

We do not collect or store account log-in credentials, since authentication is performed by Firebase Authentication and your password is not visible to us.

We do not collect government IDs, financial-account numbers, precise geolocation, racial or ethnic origin, religious beliefs, union membership, genetic or biometric data, health information, or data concerning sex life or sexual orientation. Where offers operated by Prodege or independent offer providers may involve such categories, they are collected by those third parties under their own privacy notices.

Sources of Personal Information

We collect personal information from:

• You directly (when you register, set preferences, or contact us);
• Your device automatically (when you use the App);
• Social login providers (Google, Apple) where you choose to register via social login;
• Our service providers (Prodege, Adjust, Verisoul, Tremendous — for the purpose of operating Flikk).

Purposes of Collection and Use

We use personal information for the purposes set out above and, in the language of US privacy laws, for the following business purposes: providing Flikk; auditing related to consumer interactions; detecting security incidents and protecting against fraudulent or illegal activity; debugging and repair; performing services on our behalf; serving and measuring advertising; internal research and quality assurance; complying with legal obligations.

Categories of Recipients

We disclose personal information to the categories of recipients listed in the section "Who We Share Your Personal Information With" above, consisting of:

• Service providers and contractors under the CCPA — listed under "Recipients acting on our behalf";
• Third parties / other businesses — Tremendous; Prodege and independent offer providers; AppLovin and its mediated demand partners; our marketing and attribution partners; social login providers; public authorities where required by law; and parties to a corporate transaction.

Sale and Sharing of Personal Information

For the purposes of the CCPA and equivalent state laws:

We "sell" and "share" personal information for advertising purposes. Specifically:

• In-app advertising through AppLovin MAX. AppLovin and its mediated demand partners receive your Advertising ID, IP address and basic device information when ads are shown to you in Flikk, and we receive ad revenue in return. This constitutes both a "sale" (because we receive monetary consideration) and a "sharing" (because the data is used for cross-context behavioral advertising) of personal information under the CCPA.
• Marketing campaign measurement. We share limited install and conversion data (pseudonymous identifiers and event names) with our marketing and attribution partners for cross-context behavioral advertising as defined by the CCPA. We do not share your email address, account information, or video-viewing history with these partners.

The categories of personal information involved are: identifiers (Advertising ID, Firebase App Instance ID, hashed installation token, IP address) and internet or other electronic network activity information (ad-interaction events, install and conversion events).

The categories of third parties to whom personal information is sold or shared are: advertising networks, ad-mediation platforms, mobile measurement and attribution providers, and marketing analytics providers. The current list is at https://getflikk.com/partners.

You have the right to opt out of this sale and sharing at any time by:

• turning off the "Advertising" toggle in the App's privacy settings (Settings → Privacy & data → Your consents);
• on iOS, declining or revoking the App Tracking Transparency (ATT) permission for Flikk;
• on Android, enabling "Delete advertising ID" in your device settings;
• sending a "Do Not Sell or Share" request to legal@neowire.ai;

We do not knowingly sell or share the personal information of US users under the age of 16.

Retention

We retain personal information for the periods set out in the section "How Long We Keep Your Personal Information" above.

Your Rights

Subject to the state law that applies to you, you have one or more of the following rights:

• Right to know / right of access — what personal information we have collected about you, the sources, the purposes, and the categories of recipients.
• Right to delete — request deletion of personal information we have collected from you.
• Right to correct — request correction of inaccurate personal information.
• Right to portability — receive a copy of your personal information in a portable format.
• Right to opt out of the sale or sharing of personal information — see "Sale and Sharing of Personal Information" above.
• Right to limit the use and disclosure of sensitive personal information — to direct us to use sensitive personal information only for the limited purposes permitted by law. As explained above, we already use the limited sensitive personal information we hold only for permitted purposes.
• Right to opt out of profiling — that produces legal or similarly significant effects (under VCDPA, CPA, CTDPA and other state laws). We do not engage in such profiling outside the fraud-prevention context described under "Automated Decision-Making and Fraud Prevention" (which includes meaningful human review).
• Right to opt out of targeted advertising — under VCDPA, CPA, CTDPA and similar laws. You may exercise this right by following the opt-out instructions in "Sale and Sharing of Personal Information" above.
• Right to non-discrimination for exercising your privacy rights.
• Right to appeal (under VCDPA, CPA, CTDPA and similar laws) — if we deny a rights request.

How to Exercise Your Rights

To exercise any of the above rights, please email us at legal@neowire.ai with a description of your request, or write to us at the postal address in the "Contact" section. You may also submit a request through the in-app account settings.

We will acknowledge receipt of your request within 10 business days (where required) and respond within the applicable statutory deadline:

• California (CCPA/CPRA): 45 calendar days, with one possible 45-day extension.
• Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Tennessee, Indiana, Delaware, New Hampshire, New Jersey, Maryland, Minnesota, Rhode Island, Kentucky and other applicable states: typically 45 calendar days, with one possible 45-day extension where permitted.

Verification of Your Identity

To protect your information, we will take reasonable steps to verify your identity before acting on rights requests. Verification will typically require you to confirm information already associated with your account (such as your email address) or, for more sensitive requests, to provide additional information matching our records. We will not use information collected for verification for any other purpose.

Authorised Agents

You may designate an authorised agent to make a rights request on your behalf. We will require the agent to provide signed written permission demonstrating their authority, and we may also require you to verify your identity directly or to confirm that you have granted the agent permission.

Right to Appeal

If we deny your request in whole or in part, you may appeal the decision by replying to our response within 60 days. We will respond to your appeal within 45 calendar days (or other period required by your state law). If your appeal is denied, you may contact your state attorney general or — in California — the California Privacy Protection Agency.

Financial Incentives

The reward payments you can earn through Flikk are paid for watching videos and completing offers — that is, for your service usage, not in exchange for the disclosure of personal information itself. Accordingly, we do not consider Flikk to be operating a "financial incentive" program within the meaning of CCPA § 1798.125(b). If you disagree with this characterisation, please contact us at legal@neowire.ai.

Notice for Nevada Residents

Nevada law (NRS 603A.340) gives Nevada residents the right to opt out of the sale of certain covered personal information. To submit a verified request related to this notice, contact legal@neowire.ai.

Notice for Other US Users

If you reside in a US state with a comprehensive privacy law not specifically named above, your rights under that law generally mirror those listed in this section. Please contact us at legal@neowire.ai to exercise any of them.

This Privacy Policy is intended to comply with applicable data-protection laws in the United States. Where any provision of this policy conflicts with mandatory local law, the local law prevails.