Version:3

Version update date:2022 year 11 month 10 day

Version effective date:2022 year 11 month 17 day

Contact number:400-650-9827

Contact email:mkt@sensorsdata.cn

Registered address: Zhichun Road, Haidian District, Beijing 27 number 3 floor 301 room

Common office address: Zhichun Road, Haidian District, Beijing 27 number 3 floor

1. introduction

Sensors Network Technology (Beijing) Co., LTD and its affiliates (hereinafter referred to assensorswe)as sensors SDK Developers and operators, well aware of the importance of user information, respect and protect the security of user personal information. To help integrate the Sensors plan SDK products/or the developers and operators of the services (hereinafter referred to asdevelopers)Conduct third parties in compliance with relevant laws, regulations, policies and standards SDK Integrated service, Better implement the requirements related to the protection of user personal information, while helping to use the integrated sensors SDK products /or the end user of the service(Hereinafter referred to asthe end user of the service)Fully understand the developer's use of sensors SDK “Collect, use, save, share and transferThe purpose, method, scope and information security protection measures of the end user's personal information are hereby formulated sensors SDK Privacy Statement》(Hereinafter referred to asThe statements). In order to facilitate your reading and understanding, we have used as simple and easy to understand sentences as possible and defined key terms, please refer to Article 11 of this statementNoun interpretation.

This statement applies to us through Sensors Policy SDK Android version、Sensors SDK iOS version and From time to time, we offer or update other versions of the products and services offered to you. If a version has special features or personal information processing activities that are inconsistent with this statement, we will explain them. If our products /or the service has a separate privacy policy/privacy Agreement, separate privacy policy/ privacy Agreement takes precedence over this statement; Separate privacy policy/This statement applies to the contents not mentioned in the Privacy Agreement.

Developers and End Users (abbreviatedyou)access、Before using sensors SDK products/or service, please be sure to read this statement carefully and confirm that you have read and fully understand all contents of this statement, in particular, you should focus on reading usboldface/italics/underlineidentified the important terms related to the protection of personal information rights and interests, ensure that you fully understand and agree before you start to access and use Sensors SDK provided products/or service. If you do not understand part or all of this statement, you are advised to call customer service 400-650-9827 to contact us for inquiries.On the basis of your full understanding of this statement, if you still do not agree to the terms of this statement, it is recommended that you immediately stop accessing and using sensors SDK provided products/or service.

Please make sure that you are18years old or above. If you are under18years old, you should be accompanied by your guardian to read this statement, and through the guardian's consent to this statement, you can use Sensors SDK provided products/or service and provide us with your personal information.

In particular, if you are a developer, you should:

1, comply with laws and regulations and regulatory requirements to collect and use users' personal information, including but not limited to the development App Privacy policy and disclosure policy SDK Such third-party components or code collect and use users' personal information; Sample terms are as follows:

SDKNameSensors AnalyticsSDK

Third party name: Sensors Network Technology (Beijing) Co., LTD

Purpose of use: Basic data collection and modeling to drive business decision analysis (developersFill in according to the specific purpose of use

Collection of Personal Information: Device information (includingIMEIAndroid IDIDFAIDFVOAIDUUIDMacaddress、IMSI information etc.)、log information(includingIPaddress、service-accessingURL、Browser type and language used)、location information, unique application number.Depending on the device and system (Android /iOS) and system version, as well as the permissions determined by the developer when integrating and using the SDK product, the device information collected will vary, so the developer should explain to the user the personal information actually collected.

Privacy Policy:https://www.sensorsdata.cn/market/privacy_policy.html

2. Collect and use personal information of end users in accordance with the law and regulations, and explicitly inform users to read the privacy policy and collection and usage rules through pop-ups or other obvious means. In principle, no personal information should be collected from users without their consent, unless otherwise required by laws and regulations;

3. Comply with the requirements of this statement.


This statement will help you understand the following:

           1. How we collect and use personal information of end users

           2. How we use Cookies and similar technologies

           3. How we share, transfer, and publicly disclose personal information of end users

           4. How we store personal information of end users

           5. How we ensure the security of personal information of end users

           6. How we enable end users to exercise their rights to manage personal information

           7. How we handle personal information of minors

           8. How we update and revise this statement

           9. Other

         10. How to contact us

           11. Glossary

2. How we collect and use personal information of end users

When end users use products and services integrated with the Sensors Data SDK, we strictly comply with the provisions of laws and regulations. We collect and use the information actively provided by end users or generated through the use of services, in accordance with this statement, to provide services to you. Regardless of the method used to collect and use personal information of end users, we usually require developers to obtain the consent of end users before collecting personal information, unless, in certain cases, personal information is collected based on legal obligations or for the protection of vital interests of end users or others.

2.1. Personal information of end users collected for SDK functionality

In order to comply with laws and regulations, meet the basic requirements for providing products and services, and provide a better service experience for end users, we collect relevant information generated by end users when using the Sensors Data SDK products and services, and transmit this information to the SensData cluster purchased by developers. This information and permissions include but are not limited to:

SDK NamePersonal information typePersonal information contentPurpose of processing personal informationRelated sensitive permissionsData security protection measures
Sensors SDK

Device information

Device attribute information (IMEI/Andriod ID/OAID/IDFA/IDFV/UUID/IMSI/Mac address)

Device connection information (browser type, telecom operator, device brand)
User identificationDevice information permission

1. Support collecting data and encrypting it in the local cache of the client;

2. Support using HTTPS for encrypted data transmission;

3. Support using data encryption methods for data transmission encryption.

For other data security protection measures, please refer to the "How do we ensure the security of end user's personal information" in this statement.

Log informationUsage of integrated Sensors SDK products and/or services by end users, /or services, IP address, URLs of accessed services, browser type and language used, and time of accessing servicesUser behavior analysisNone
Location informationIP address parse the location information、GPS address informationUser behavior analysisLocation authority
Unique application numberApplication unique identification, application name, and application version numberUser behavior analysis
  • When collecting anonymous ID, Sensors SDK will collect Android ID, IDFA and other device ids by default. When collecting location information, Sensors SDK does not collect GPS location information by default. Developers can use the relevant interface provided by Shenze to enable or disable relevant information collection. For details, see Enable/Disable information
  • Please note that depending on the device and system (e.g. Android/iOS) and system version, as well as the permissions determined by the developer when integrating the SDK product, the information collected by the relevant product and/or service may vary, so the developer should explain to the end user the personal information actually collected. For details about the preset events and preset attribute information collection capabilities provided by the SDK, see Preset Events and Preset Attributes

  • Individual equipment information, log information, location information, etc., cannot identify the identity of a specific natural person. If we combine the above information with other personal information to identify a specific natural person, or use it with information that can identify a natural person, during the period of combined use, unless authorized by the end user or otherwise provided by laws and regulations, the developer shall anonymize and de-identify such personal information.

2.2. Device permission invocation description

If the end user needs to disable the function permissions (such as device information permissions, geographical location permissions, etc.) enabled for the use of some of the above specific functions, most mobile devices will support this requirement. For details, please refer to or contact the service provider or manufacturer of the mobile device. Please note that when a user opens any permission, it means that we are authorized to collect and use relevant information to provide corresponding services. Once a user closes any permission, it means that the user has canceled the authorization. We will no longer collect and use relevant information based on the corresponding permission, and we will not be able to provide the services corresponding to the permission.

Android SDK Product permission description

In order to support the normal development of customer data collection, Android SDK need the following system permissions:

permission

use

is or not required

INTERNET

Allows applications to send statistics

Required permission, theSDK send buried data need permission

ACCESS_NETWORK_STATE

Allow the application to detect the network state

Required permission, the SDK will choose whether to send data based on the network state

READ_PHONE_STATE

Allow the application to retrieve the device's IMEI, MEID

Optional permission, used for app promotion and collection of $carrier attributes

ACCESS_WIFI_STATE

Allow the application to access the MAC address

Optional permission, used for app promotion

iOS SDK Product Permission Description

To ensure the normal collection of customer data, the iOS SDK requires the following system permissions:

Permission

Usage

Required

Network (specific to the CN server)

Allow the application to send data

Required permission, the SDK needs this permission to send event data

Location

Allow the application to obtain GPS data

Optional permission, used by the SDK for collecting GPS data

IDFA

Allow application to obtain IDFA

Optional permission, use App , this permission will be used for internal promotion

2.3. Exceptions based on consent

According to the provisions of relevant laws and regulations, in the following circumstances, we may collect and use some necessary user personal information without your authorization and consent:

  1. Related to the performance of obligations stipulated by laws and regulations;
  2. Directly related to national security and national defense security;
  3. Directly related to public safety, public health or major public interests;
  4. Directly related to criminal investigation, prosecution, trial and execution of judgments;
  5. In order to protect the life, property and other major legal rights and interests of you or other individuals, but it is difficult to get the consent of the person;
  6. The personal information involved is disclosed to the public by you;
  7. Necessary for the conclusion and performance of the contract at your request;
  8. Collect your personal information from legally publicly disclosed information, such as from legitimate news reports, government information disclosure and other channels;
  9. Other circumstances stipulated by laws and regulations.

3. How do we use Cookie and similar technology

 

When end users use products or services integrated with the SDK through the Internet, including but not limited to various devices of mobile terminals, in order to ensure the normal operation of the system, we will store small data files called cookies on the devices of end users. Cookies typically contain an identifier, a site name, and some numbers and characters. The main function of cookies is to facilitate more thoughtful personalized services for end users and allow users to set specific service options.

When an end user uses a product or service that integrates the Sungame SDK, we send cookies to the end user's device. Cookies (or other anonymous identifiers) and send the said cookies directly to the developer's purchased Magic cluster.

We will not use Cookie for any purpose other than those described in this statement. End users can manage or delete according to their preferences Cookie. End users can erase everything saved on their computer, and most web browsers have a feature to block cookies. However, if the end user does so, it will need to personally change the end user's Settings each time it accesses the products and services that integrate the SDK, but the end user may not be able to log in or use the services or functions provided by the Developer that rely on cookies because of such modifications.

4. How do we share, transfer, and publicly disclose end-user personal information

End users use the integration Sensors SDK products/or service, Use sensors SDK collected information is stored in the developer purchased Godplan cluster (including private deployments and SaaS version), we have no right to access users' personal data, and do not involve the sharing, transfer or public disclosure of end users' personal information.

5. How do we store personal information about end users

We strictly abide by relevant laws and regulations, take reasonable and feasible measures recognized by the industry, and provide developers with the ability to protect end user personal information, prevent unauthorized access, disclosure, use, modification of information, and avoid damage or loss of information.

5.1.  Shelf life

End users are using the integration Sensors SDK products/or service, The Sensors Cluster purchased by the developer and its associated servers are responsible for storing end user personal information. The developer shall store the information in accordance with the requirements of laws and regulations, and please ensure that the end user's personal information is deleted or anonymized after the retention period.

5.2.  Preservation area

Personal end-user information collected by the developer is stored on the Shenze cluster purchased by the developer and its associated servers.The developer shall store personal information in strict accordance with the requirements of laws and regulations (such as storing personal information collected in China in China).

6. How do we ensure the security of end users' personal information

6.1.  Product safety measures

  1. In the product development process, we strictly follow the security development life cycle process management, embed security and privacy requirements in every stage of product development, and effectively reduce the number of product security vulnerabilities and reduce the actual security risks as much as possible through the implementation of various security control means, so as to build more secure products.
  2. In addition to regular security testing of products, we also invite professional security manufacturers in the industry to conduct mass testing and actual offensive and defensive drills to find potential security vulnerabilities of products from multiple perspectives, improve the overall security of products, and bring value to customers.

6.2.  Vulnerability management practices

We have a sound vulnerability management strategy through a variety of means internally/Monitor external security vulnerabilities and threat intelligence, investigate and dispose of product vulnerabilities and threat intelligence involved, and manage vulnerabilities throughout their life cycle in strict accordance with the process mechanism of "responsibility to the person, timeliness, and process visualization" to ensure that all vulnerabilities can be solved in time.

6.3.  Personal information security

Focusing on the life cycle of personal information processing such as collection, transmission, storage, use, and deletion, Sensors products provide a series of technical means such as collection delay initialization, data encryption, data watermarking, and data desensitization to ensure the security and compliance of personal information. Developers can choose appropriate protection means to ensure the security of end customers' personal information when integrating Shence SDK. See: Our Security Practices.

6.4.  Security incident handling

  1. We will do our best to ensure the security of our products and the security of end-user personal information collected using our SDK , but please understand that due to technical limitations and various malicious means that may exist in the Internet industry, It is not always possible to guarantee 100% security of information. In order to prevent the occurrence of security accidents, we will develop network security incident emergency plan, timely assist developers to deal with system vulnerabilities, computer viruses, network attacks, network intrusion and other security risks, take appropriate remedial measures, and strive to minimize losses.
  2. In the event of an unfortunate personal information security incident, we recommend that the developer, in accordance with the requirements of laws and regulations, inform the end user in a timely manner of the basic situation and possible impact of the security incident, the measures taken or to be taken by the developer, the suggestions for the risk that the end user can independently prevent and reduce, and the remedial measures for the end user. The developer shall timely inform the user of the relevant information of the event through the website notification, short message notification, phone call, email and other contact information reserved by the end user. If it is difficult to inform the user one by one, the developer shall take a reasonable and effective way to publish the announcement.
  3. At the same time, developers should take the initiative to report the disposal of personal information security incidents in accordance with the requirements of regulatory authorities, and closely cooperate with the work of government agencies.

7. How do we empower end users to manage their personal information

We take the personal information concerns of developers and end users very seriously, and here:

7.1.  For developers

Whereas the Developer is directly obligated to respond to the User's request for personal information, the Developer shall: According to its integration policy SDK Actual situation , Provide and clarify the functions and ways for users to access, copy, modify, delete personal information, withdraw consent, transfer personal information, restrict the processing of personal information, obtain copies of personal information and cancel accounts.

7.2.  For end users

Since the end user is not our direct user, and there is no direct interactive functional interface between the SDK , in order to protect your rights implementation, we have asked third-party developers to promise to provide user-friendly user rights implementation functions and ways. If you need to access, copy, modify, delete their relevant personal information, withdraw consent, restrict the processing of personal information, obtain a copy of personal information and cancel the account, you can meet the needs of personal information through the above functions provided by third-party developers.

Please note that it is difficult for us to control the behavior of third-party developers, if the developer does not provide as promised, you can contact us through the way in Article 10 of this statement, we will do our best to coordinate, support and protect the realization of the rights of end users.

8. How do we handle minors' personal information

We attach great importance to the protection of minors' personal information. Our SDK products or services are primarily aimed at businesses and adults. We have asked developers to ensure that the product or service is intended for use by persons 18 years of age or older. If you are a minor under the age of 18, you should ensure that your guardian has accompanied you to read and agree to this Statement before you use the products and/or services of the Integrated SDK and provide your personal information.

In cases where personal information of minors is collected with the consent of parents or legal guardians, we will only use or publicly disclose this information when permitted by law, with the express consent of parents or guardians, or when necessary to protect minors.

If you are the guardian of a minor, please contact us if you have any questions about the use of our products or /services by a minor under your custody or the user information they provide to us. We will protect the confidentiality and security of minor user information in accordance with relevant national laws and regulations and the provisions of this statement. If we discover that we have collected personal information from a minor without the prior consent of a verifiable parent or legal guardian, we will delete the data as soon as possible.

9. How can we update and revise this Statement

We reserve the right to update this statement at any time. We will not change your rights under this Statement without your express consent. As if by Sensors analytics SDK has been updated due to functional reasons, we will notify you by means of announcements on the website, etc., so that you can keep abreast of any changes made to this Statement.

If you are a third-party developer, when the updated statement has significant changes in the processing of end user personal information, you should timely update the privacy policy, and inform the App and other end users through pop-ups and other ways. If end users do not agree to accept the revised Privacy Policy, end users should stop using products or services that integrate the SDK. If end users continue to use products or services that integrate the SDK, they will be deemed to accept the changes we have made to the relevant terms of this Statement.

10. Others

《Sensors Policy Privacy Policy》 is a general privacy policy applicable to our products and services, in which the user rights and information security protection measures specified are applicable to Sensors SDK user, when you use Sensors SDK offer products/or service, For example, 《Sensors Policy Privacy Policy》In the event of any inconsistency or contradiction with this Statement, this statement shall prevail.

11. How to contact us

We have set up a special privacy protection agency and privacy protection person in charge, if you have any comments or suggestions on this statement, or even any disputes arising from this statement, you can pass mkt@sensorsdata.cnContact the privacy protection agency of Sensors, we will arrange a specialist to provide you with consultation in time or coordinate to solve your complaints and complaints. Under normal circumstances, we will reply within 15 working days.

In order to ensure that we can efficiently handle your questions and respond to you in a timely manner, you need to submit a valid identity proof, valid contact information, written request and relevant evidence to us, and we will process your request after verifying your identity.

 If you are not satisfied with our response or processing suggestions, you hereby agree toBeijing Arbitration Commission applied for arbitration, the arbitration excludes the jurisdiction of the court.

12. Noun interpretation

The specific terms used in this statement have the following meanings:

    (1) Related companies: Any corporate entity within the consolidated financial statements of Sensors Data Technology Co., Ltd., whether currently or in the future controlled, controlled by, or under common control with any of the aforementioned companies.

    (2) Control: Refers to the direct or indirect ability to influence the management of the mentioned company, whether through ownership, voting rights shares, contracts, or other legally recognized means.

    (3) You: Refers to registered users who use our products and/or services, including developers and operators of products and/or services integrated with the Sensors Data SDK, as well as end-users of products and/or services that use the Sensors Data SDK.

    (4) Personal Information: Refers to various information recorded in electronic or other forms that can identify the identity of a specific natural person individually or in combination with other information, or reflect the activities of a specific natural person. Personal information includes personal basic information, personal identity information, personal biometric information, network identity information, personal health and physiological information, personal education and work information, personal property information, personal communication information, contact information, personal internet access records, personal frequently used device information, personal location information, etc. For the avoidance of doubt, personal information includes but is not limited to personal sensitive information.

    (5) Personal Information Subject: Refers to the natural person identified by the personal information.

    (6) Personal Sensitive Information: Refers to personal information that, once leaked, provided illegally, or abused, may endanger personal and property safety, cause damage to personal reputation and physical and mental health, or result in discriminatory treatment, etc. Personal sensitive information includes personal property information, personal health and physiological information, personal biometric information, personal identity information, network identity information, etc.

    (7) De-identification: Refers to the technical processing of personal information, which makes it impossible to identify the subject of personal information without additional information.

    (8) Anonymization: Refers to the technical processing of personal information that renders the personal information subject unidentifiable and the processed information irreversible.

    (9) China or Mainland China: Refers to the mainland area of the People's Republic of China and is solely for the purpose of this statement and does not include the Hong Kong Special Administrative Region, the Macao Special Administrative Region, and Taiwan.