Privacy Agreement

We understand the importance of personal information to you. In view of this, we have made this Privacy Agreement. The Privacy Agreement applies to mobile application services (“the Services”) provided by us. We guarantee that user personal information will be collected appropriately and in accordance with laws and regulations. We will do our best to protect your information from disclosure, damage, or missing through reasonable and effective information security techniques and management processes. The Privacy Agreement is updated at least every 12 months. The Privacy Statement was updated on February 8th, 2025.

Please carefully read the Privacy Agreement prior to your use of services within the application. If you have any questions about the Privacy Agreement, please feel free to contact us via the email address provided herein.

By using the services, you acknowledge that you have agreed and consented to the collection, use and disclosure of your personal information as described in this Privacy Agreement. If you do not agree to any of the Privacy Agreement, please stop using our services immediately.

1 Personal Information Collection

1.1 Definition of personal information

Personal information refers to any information relating to an identified or identifiable natural person. In other words, personal information is any information that allows us to identify you directly or indirectly.

In the Privacy Agreement, we also use "data" to represent personal information.

1.2 Circumstances of personal information collection

We will collect your personal information under the following circumstances:

• When you register as our user;

• When you buy our product;

• When you sign up or join our event;

• When you use our services and products;

1.3 Scope of personal information collection

We will handle all types of personal information, including the data clearly provided by you and your device data and personal information generated from the use of our services, specifically:

• When you register or log in, we will collect your email address, password, nickname, and profile photo that you use in registration.

• When you download or use this application, we may read information about your mobile device, including hardware model, software installation list, ISP, USB device list, IMEI number or other unique device identifier, MAC address, IP address, operating system version, and location information. We can also read information about device usage through Internet of Things (IoT) applications, including device model, operating status, frequency of use, and usage of built-in cameras. We can also receive and record information about your conversations, audio, video, and images in voice interaction with IoT devices.

• When you use bonded and controlled devices, we will collect the information of device model, IP address, location, and device status. We collect your current location information, not track your whereabouts, open the location service can directly obtain your location information to provide you with services, such as weather service, intelligent scene service, network function. The device will save WiFi SSID and password when connected to a home WiFi router, and such information will not be uploaded to the cloud.

• When you use an Internet of Things (IoT) device, we may collect information that you communicate during the voice service interaction, including the recordings of your voice commands (such as your questions, requests, and instructions), and information that you receive from the service (such as responses, answers, and content).

• When you use an IoT device, you can view the real-time and historical video footage captured by the camera through the software. You can also save the video locally. In order to enable the said function, we will send all videos captured by the camera to your app in an encrypted manner. We will neither store your video footage on our server nor use it for any other purpose or share it with any third party without your consent.

• When you use a product or service, we will automatically receive and record information about your browser and computer or App client, including your IP address, browser type, language used, and access date and time, hardware and software feature information and web page records you need; when you apply for after-sales service, we may also collect your phone number and address.

• To help us understand the operation of App, we will use the mobile analysis software SDK. We may record information of your frequency of usage data, corrupted data, overall usage data, performance data, etc. We will not associate information stored in the analysis software with any of your personal information.

• It is important to note that separate device information or service log information cannot identify a particular natural person. If we combine such non-personal information with other information to identify a particular natural person or use it in conjunction with personal information, such non-personal information will be treated as personal information during the period combined use, and we will de-identify such information unless we have your authorization or unless otherwise stipulated.

As mentioned above, we will store your account information in the database so that you can get your personal data every time you visit our website and use our App or other services.

Your data will be stored in our server as log files and used for analysis and research. After being processed in the server, your data will be transmitted to the database.

We will back up data on a regular basis to prevent data loss due to server failure or human error, and will delete them immediately at your request.

2 Data Processing

2.1 Our role

We are the processor of your information.

2.2 Legal foundation

We process your data for the following one or more purposes:

• When it requested as per the explicit instructions or requirements of the data controller;

• When we have your consent;

• When it requested for the purpose of marketing;

• When it requested for the purpose of performing the contract we enter into with you;

• When it is legally obligated;

• When it is within our legal rights or interests. For example, to implement our policies, manage day-to-day business, aggregate data for data analysis, maintain information security, or prevent frauds, or, if necessary, we transfer the data to other BUs of our company).

2.3 Reasons for providing your personal information

Generally, your consent constitutes the legal foundation for us to handle your information. It is therefore necessary for you to agree with our user agreement and Privacy Agreement for our agreement to be formulated and performed and our legal rights and interests to be protected.

You have the right to choose whether to provide the relevant data. We may not be able to undertake part or all of the obligations according to the service terms or provide our services without some of your information. If you wish to learn more, please contact our data protection office using the contact details under the last section of this PrivacyAgreement.

2.4 Purposes and methods

We will use information provided by you and collected by us in the process of services to offer you our services. We will not use your data for any other purposes that do not fit the purposes for data collection that are detailed below.

We will use your information for the following purposes expressly stated by the data controller in the following manners:

• To verify your identity to prevent unauthorized access;

• To offer our services or products according to the contract we enter into;

• To offer other services you request according to the requirements stated during data collection;

• To process transactions and communicate with you regarding the details of such transactions;

• To help track and fix any fault or error in the application;

• To conduct internal audit, data analysis or research to the end of improving our products and services through evaluating our efficiency;

• To share your information with our partners so that they can assist us in offering our products and services to you;

• To share your information with other branch institutions for internal management and background support;

• To maintain the integrity and security of the information system where we store and process your information;

• To scrutinize and investigate data leaks, illegal activities and fraudulent behaviors;

• To comply with applicable laws and regulations or the demand for your information requested for litigation and other legal proceedings or imposed by governmental authorities.

3 Device authorizations

When providing services we may occasionally require authorizations to access, including but not limited to, your storage, contacts, notifications, GPS locations, cameras, Bluetooth, and NFC. You may choose to switch off part of or all authorizations in device settings at any time to refuse the collection of corresponding personal information. In different devices, the relevant authorization display method and switch-off method may be different. For details, please refer to the device and the system developer instructions or guides.

4 Sharing, transfer and disclosure of personal information

4.1 Sharing of personal information

Your personal information will be kept strictly confidential and will not be shared with any other company, organization, or individual, except in the following circumstances:

• When we have obtained your explicit consent to share your information with a third party.

• When we share your information with our staff members and global branches generally in order to: provide further services; carry out internal management; scrutinize for or handle data leaks, illegal activities, or frauds; or maintain the integrity of the company’s IT system. We share only necessary information with our staff members within the minimal scope, and are subject to this Privacy Agreement. We sign non-disclosure agreements (NDAs) with the authorized staff members.

• When we share your personal information with a third-party service provider (or partner) for the benefit of offering or improving our services including but not limited to cloud services, video surveillance services, IT supports, and providing customer services. We sign rigorous data handling agreements with all relevant third-party service providers (or partners) which require them to take certain security measures in handling your information pursuant to the relevant laws and regulations and our requirements to safeguard your data security.

• We will disclose your information under the demands of laws and regulations or government authorities.

• The SDKs of our connected partners and other third parties are as follows:

(1) NetEase QiYu

Organization: Hangzhou NetEase Quality Cloud Technology Co.

Purpose of SDK: Provide smart customer service

Type of personal information collected by SDK: Personal commonly used device information

Official website link: https://b.163.com/

(2) Facebook

Organization: Meta Platforms

Purpose of SDK: Provide users with third-party login function

Type of personal information collected by the SDK: Personal profile account name, ISP,login IP address, method of accessing the network, and service log information.

Official website link: https://www.facebook.com/

(3) Google

Organization: Google

Purpose of SDK: Provide users with third-party login function

Type of personal information collected by the SDK: Personal profile account name, login IP address, method of accessing the network, and service log information,SSID,USB device list.

Official website link: https://www.google.com/

(4) Twitter

Organization: Twitter

Purpose of SDK: Provide users with third-party login function

Type of personal information collected by the SDK: Personal profile account name, login IP address, method of accessing the network, and service log information.

Official website link: https://twitter.com/

4.2 Transfer of your information

We will not transfer your information to any other company, organization, or individual except under any of the following circumstances:

• Transfer under clear consent: when we have obtained your clear consent, we will transfer your information to a third party.

• In the case of merger, acquisition, or bankrupt clearance, we will demand the new company or organization now in possession of your personal information to continue to be bound by this Privacy Agreement. We will demand the company or organization to obtain your new consent otherwise.

4.3 Disclosure of your information

We will only disclose your information under the following circumstances:

• When we have obtained your clear consent;

• When the law, legal proceedings including litigation, or government authorities, demand so.

5 Limitation period for saving your information

5.1 Use of Cookies

To ensure the normal and efficient operation of our website, a more relaxing visiting experience, and to recommend content that may be of interest to you, we will store small data files called cookies on your device terminal/system, which will help you to call up your information on subsequent visits to our website, simplify the process of filling out your personal information (e.g.log-in, etc.), provide you with preferences for your device settings, protect your data security, etc. We do not use cookies for any purpose other than those described in this Privacy Policy. You can manage or delete cookies according to your preferences, you can clear all cookies stored on your computer or mobile device, and you have the right to accept or reject cookies (most browsers automatically accept cookies, but you can usually modify your browser's settings to reject cookies if you wish); and you can clear all cookies stored in your software. However, you may not be able to fully experience some of the convenience and security features of our services.Use of Web Beacons and Similar Technologies

In addition to cookies, our web pages often contain electronic images (known as single Pixel GIF files or "web beacons") and other similar technologies that help websites to count users browsing their pages or accessing certain cookies. We use Web Beacons in the following ways:

• To count the number of user visits and to recognize registered users by accessing cookies.

• To provide personalized services on our website through the information we get from the cookies.

6 Limitation period for saving personal information

We will continue to save your personal information so long as required for purposes specified in this Privacy Agreement, and within any additional period as required or permitted by law, until you withdraw the consent.

Whereas, we may postpone the retention of your information for the purpose of research or statistics, but we will desensitize your information to ensure the relevant information will not be able to identify you.

At the same time, in accordance with the law of the country in which you live, we may retain your personal information to assist in any government and judicial investigations for the purpose of submitting or maintaining legal requests or civil, criminal or administrative procedures. If the above reasons fail to apply to the data we preserve, we shall delete and destroy your data securely in accordance with relevant requirements.

7 Protection of information of minors

Our products and services are primarily for adults, yet, we are aware of the importance of taking extra precautions to guarantee the privacy and security of minors who may use our products and services. We consider anyone under the age of 16 (or the age as required by local law) to be a minor.

We will only use or disclose the personal information of minors collected with the consent of their guardian on the condition that the law permits, the guardian expressly consents or for the necessary protection of the minor. At any time, the guardian may request access to, modify or delete personal information of the minor by contacting us as described in Section 13.

If we are found to collect personal information of minors without the consent of a verifiable guardian, we shall attempt to remove the relevant content as soon as possible.

8 Measures for protection of personal information

We adhere to recognized key data protection principles (fairness, purpose limitation, data quality, data retention, compliance with individual rights, and security), and take reasonable measures to guarantee the security of your personal information. We have applied a range of techniques to guarantee the security of your personal information and done the utmost to minimize the risk of misuse, unauthorized access, unauthorized disclosure and inaccessibility. Security measures we have adopted include but are not limited to: data desensitization, data encryption, firewall, and authorization control of data access.

In addition, we shall regularly check and update the security mechanisms used to protect data in order to provide effective protection against data misuse. If you believe that the security of your data has been compromised, or you would like to know more information about the measures we adopt to protect data, please contact the Data Protection Office using the contact details under the last section of the Privacy Agreement.

9 Storage of personal information

As we provide services globally, based on data storage security considerations, all of your data we collect, regardless of the country you are located in, the above outlined information will be stored synchronously on servers in Germany and the United States.

10 Cross-border transmission of personal information

We are a multinational company and the responsibility range of our teams responsible for data processing may cover the world or a variety of countries/regions. Therefore, these teams may be located anywhere in the world where we conduct business, including countries outside the EU that may not pursue the same standards for personal information protection as your country. We may also transmit data outside the EU, including China. By using or joining our services and/or providing us with your information, you agree that we will collect, transmit, store and process your information outside the country/region you live in accordance with this Privacy Policy. We will make every effort to ensure that they comply with applicable legal requirements to the extent permitted by existing technology, for example, by executing standard contract terms. All of your data that we collect is used for user and product analysis after necessary confidential processing to provide you with better services. But in this case, we will take steps to protect your information appropriately.

11 User portraits and automated decision

To provide you with more convenient and personalized information display, search, and push services when you use our services, we may extract your preferences based on your purchase information and service log information, and produce an indirect portrait based on feature labels for display, information push, and possible commercial advertising.

We may analyze processed data that fail to identify you to improve our products and services.

We will not use your data to conduct any fully automated decision.

12 Personal information rights and their exercising

12.1 The personal information rights you have include

• Access: request to provide a copy of the personal information we hold about you;

• Rectification: request to correct the information containing errors or the expired information;

• Erasure: request to cancel your account or delete your personal information we hold;

• Data Portability: request to provide your data and, if possible, to transfer the data directly to data controller;

• Restriction of Processing: request to restrict processing should you dispute the accuracy or legality of our processing of personal information; however, your right to restrict processing may cause you to be unable to use our services as normal;

• Refusal: refuse the use of your personal information for user portraits and automatic decision-making, and refuse the use of your personal information to send commercial information for direct marketing;

• Complaint Filing: file a complaint on the processing of your data with the competent authority of your place residence or the member state that processes your data;

• Consent Withdrawal: withdraw consent at any time on which we rely to process the data.

12.2 Methods of exercising personal information rights

We will protect your right to access and rectify your personal information. If you wish to exercise any of the rights described in Article 11.1, you may e-mail to our Data Protection Office for processing.

As we receive a large amount of commercial promotion e-mails every day, we shall not respond if we believe that your e-mails are not related to personal information.

12.3 Results of request

After the request is made by the subject of personal information, the following results may occur:

(1) Request denied

In some cases, requests from personal information subjects shall be rejected, including but not limited to:

• The subject of personal information is not granted relevant rights by laws of where you are located;

• The identity of the person making the request fails to be verified;

• The request made by the subject of personal information fails to be verified or is beyond scope, especially when the request is repeated;

• The disclosure of information is prone to harm the interests of the relevant parties if the information involved is related to the damage or compensation received in the dispute;

• The information shall only be retained for statistics and research, and the results of statistics and research shall not reveal personal identities;

• Other legally prescribed circumstances.

If the access request of the subject of personal information is rejected, we shall formally explain the reason to the requester.

(2) Request accepted

If there is no circumstance as specified in (1), we shall process the request. In order to better ensure the successful acceptance of requests, please provide us with as much detailed information as possible when requesting, such as the request type and specific content, information about the holder (such as the name of the product and service you used), and time range of information generation or processing (where the time range is as exact as possible, the request has a larger chance of acceptance).

12.4 Consent Withdrawal

You may change the scope of your authorization to continue to collect personal information or withdraw your authorization by deleting the configuration information, unbinding the associated device, or canceling the account number.

Please understand that the service of business function shall require some basic personal information (registration e-mail), so if you withdraw your consent or authorization, we will stop providing the service corresponding to the withdrawal of consent or authorization. Yet, your decision to withdraw your consent or authorization shall not affect the processing of personal information previously based on your authorization.

13 Change of Privacy Agreement

We shall reserve the right to modify the Privacy Agreement. Without your express consent, we shall not reduce your rights in accordance with the Privacy Agreement. Any change to the Privacy Agreement shall be posted on this page. For major changes, we shall provide more obvious notice (for certain services, we shall send an e-mail notification to state the specific changes to the Privacy Agreement).

Major changes referred to herein include but are not limited to:

• Major change of our service model, such as the purpose of processing personal information, and the type of personal information under processing, the way of using personal information;

• Major change of our ownership structure, organizational structure, etc., such as owner change caused by business adjustments, bankruptcy mergers, etc.;

• Major subject change of public disclosure of personal information;

• Major change of your right to participate in the processing of personal information and the corresponding exercising methods;

• Change of the department responsible for processing the security of personal information, or change of contact information and complaint receiving channels;

• A high risk shown in the assessment report of personal information security impact.

At the same time, we shall archive the former version of this Privacy Agreement for your reference.

14 Contact Us

If you have any questions about this Privacy Agreement or you wish to exercise any right, please send an email to our Data Protection Office at the following address: app.overseasservice@gmail.com.Upon receiving your request, we shall make every effort to respond within one month of the request from the subject of personal information access request. Your patience and understanding are highly appreciated. Given the complexity and quantity of requirements, the period may be extended for another 45 days as necessary. In case of deferred response, we shall inform the subject of the personal information and the reasons for the delay. If the limitation period set in this paragraph conflicts with the local laws, the local laws shall prevail. If you disagree with us about our processing of your personal information, you may submit a mediation request or other requests to data protection regulator where you are located.

Update Date: February 8th, 2025

Effective Date: February 8th, 2025