Simpusun Privacy Policy

Update Date: December 9, 2022
Effective Date: January 25, 2021

This Privacy Policy applies to the smart home products provided by Shenzhen Simpusun Information Technology Co., Ltd. and its affiliated companies (hereinafter referred to as "Simpusun" or "we"). This includes products, mobile Internet applications (Simpusun Pro App), websites, and services that display or refer to this statement.

Simpusun is well aware of the importance of personal information to you and will do its utmost to ensure the security and reliability of your personal information. We are committed to maintaining your trust in us and adhere to the following principles to protect your personal information: the principle of consistency between rights and responsibilities, the principle of clear purpose, the principle of voluntary consent, the principle of minimum necessary use, the principle of ensuring security, the principle of subject participation, and the principle of openness and transparency. At the same time, Simpusun promises that we will follow the industry's mature security standards and take corresponding security protection measures to protect your personal information. Please read and understand this "Privacy Policy" carefully before using our products (or services).

This policy will help you understand the following:

1. How we collect and use your personal information
2. How we use Cookies and similar technologies
3. How we share, transfer, and publicly disclose your personal information
4. How to access and manage your personal information
5. How we protect and store your personal information
6. How to protect children's personal information
7. How your personal information is stored and the method for handling beyond the storage period
8. How this policy is updated
9. How to contact us

1. How We Collect and Use Your Personal Information

Personal information refers to various types of information recorded electronically or otherwise that can identify a specific natural person's identity or reflect the activities of a specific natural person when used alone or in combination with other information. Simpusun will only collect and use your personal information for the following purposes stated in this policy.

1. Information You Provide to Us When you register for a Simpusun account and provide information related to the services you use on the Simpusun platform, including your name, gender, date of birth, ID card number, passport name, passport number, phone number, email address, address, postal code, bank account, delivery information, and related additional information.

   Simpusun will display the information you need to submit through the Simpusun page, and the actual information displayed on the page will prevail. If you do not use certain services, you do not need to provide the corresponding information. For specific business functions that you explicitly refuse to use, close, or exit, the App will ask again whether you agree to enable the relevant permissions when you open that business function or related system permissions, and the App will not change the original system permission settings after updating and upgrading.

2. Information Collected During Your Use of the Service To provide and optimize the services you need, we will collect your personal information after obtaining your consent, and the information collected will not exceed the necessary range.

   We will receive and record information related to the smart devices you use based on the specific permissions you grant when installing and using the software, including device model, operating system version, device settings, device unique identifier, and other hardware and software feature information, your use records of the hardware and software, hardware and software failure information data, including but not limited to your IP address, access date and time, language, hardware and software feature information, geographical location; if you download or use Simpusun or its affiliated company client software, Simpusun may read information related to your location and mobile device, including but not limited to device model, operating system, device identification code, resolution, telecommunications operator.

3. We may also collect other information that cannot be used to identify a specific individual (i.e., information that is not personal information), such as statistical data generated when you use a specific service, such as user behavior (including clicks, page transitions, browsing time). The purpose of collecting this type of information is to improve the services we provide to you. The category and amount of information collected depend on how you use our products and/or services. We will aggregate this information to help us provide more useful information to our customers, understand which parts of our website and products or services are of the most interest to our customers. For the purposes of this privacy policy, aggregated data is considered non-personal information. If we combine non-personal information with personal information, such information will be treated as personal information during the period of combination.

4. You are fully aware that in the following circumstances, we collect, use personal information or non-personal information without your consent:

   1. Related to national security, national defense security;
   2. Related to public safety, public health, significant public interest;
   3. Related to criminal investigation, prosecution, trial, and execution of judgment;
   4. To protect the life, property, and other major legitimate rights and interests of the personal information subject or other individuals, but it is difficult to obtain consent;
   5. The collected personal information is publicly disclosed by the personal information subject themselves;
   6. Collected from legally publicly disclosed information about you, such as legal news reports, government information disclosure, etc.;
   7. Necessary to fulfill a contract as per your request;
   8. Necessary to maintain the security and stable operation of the products and/or services provided, such as discovering and dealing with product and/or service failures;
   9. Necessary for legitimate news reporting;

2. How We Use Cookies and Similar Technologies

Our website or mobile application uses Cookies and other similar technologies to distinguish you from other users of our application. This helps us provide a good experience for you when you use the mobile application and allows us to improve our application.

A Cookie is a small file of letters and numbers that we store on your computer or mobile device's memory or hard drive with your consent, which can then be used as a tag to identify the computer or mobile device.

Cookies are generally categorized as "session" Cookies or "persistent" Cookies. Session Cookies help you navigate the application effectively, track your progress from page to page, so you do not have to repeatedly provide information during the current visit, such as not clearing your shopping cart when you switch pages. Session Cookies are stored in temporary memory and are deleted when the browser is closed. Persistent Cookies can store user preferences; they are stored on your device and remain effective when you restart the browser. For example, we use persistent Cookies to remember the language and country/region you have chosen, font size, or other settings. This allows you to not reconfigure these settings the next time you visit our website.

You can clear all Cookies saved on your device, or directly delete the Cookies stored on your device, but if you do so, you will need to change the settings every time you visit our application. For more information about Cookies, you can also visit the AboutCookies.org website.

In addition to Cookies, we also use other similar technologies on our website, such as web beacons and pixel tags. For example, the account activation link we send to your email. These technologies can track this click, helping us understand your product and service preferences and improve customer service. A web beacon is usually a transparent image embedded in a website or email. With the pixel tags in the email, we can know whether the email has been opened. If you do not want your activities to be tracked in this way, you can set your email to refuse to receive at any time, or log in to our related service website to unsubscribe from the email service.

If your browser is set to the "Do Not Track" function, our service website will respect your choice. We will not use Cookies for purposes other than those described above.

3. How We Share, Transfer, and Publicly Disclose Your Personal Information

1. Sharing We do not share your personal information with any company, organization, or individual outside of Simpusun, except in the following situations:

   1. Shared with explicit consent: After obtaining your explicit consent, we will share your personal information with other parties.
   2. Shared according to legal regulations or mandatory requirements of government authorities.
   3. Shared with our affiliated companies: Your personal information may be shared with Simpusun's affiliated companies. We will only share the necessary personal information and it will be subject to the purposes stated in this privacy policy. If the affiliated company wants to change the purpose of processing personal information, it will seek your authorization and consent again.
   4. Shared with authorized partners: Only to achieve the purposes stated in this policy, some of our services will be provided by authorized partners. We may share some of your personal information with partners to provide better customer service and user experience. For example, when you purchase our products online, we must share your personal information with the logistics service provider to arrange delivery, or arrange for partners to provide services. We will only share your personal information for legal, legitimate, necessary, specific, and clear purposes, and only the personal information necessary to provide the service. Our partners are not allowed to use the shared personal information for any other purposes. For companies, organizations, and individuals with whom we share personal information, we will sign strict confidentiality agreements with them, requiring them to handle personal information according to our instructions, this privacy policy, and any other relevant confidentiality and security measures.

2. Transfer We will not transfer your personal information to any company, organization, or individual, except in the following situations:

   1. Transferred with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties.
   2. In the event of a merger, acquisition, or bankruptcy liquidation, if personal information transfer is involved, we will require the new company or organization holding your personal information to continue to be bound by this privacy policy, otherwise, we will require the company or organization to seek your authorization and consent again.

3. Public Disclosure We will only publicly disclose your personal information in the following situations:

   1. After obtaining your explicit consent.
   2. Disclosure based on law: In the case of legal, legal procedures, litigation, or mandatory requirements of government authorities, we may publicly disclose your personal information.

App Third-Party Shared Information List The Simpusun Pro app integrates third-party SDKs for specific features. If you refuse the relevant authorization, it may affect the use of some features. The list is as follows:

• Amap SDK
  • Purpose of Use: Smart device intelligent geofencing scene positioning function
  • Type of Function: Location
  • Personal Information Involved: Location information
  • Third-Party Link: link
• Alipay SDK
  • Purpose of Use: Air conditioning billing payment
  • Type of Function: Payment
  • Personal Information Involved: Network services, mobile device ID
  • Third-Party Link: link
• WeChat Pay SDK
  • Purpose of Use: Air conditioning billing payment
  • Type of Function: Payment
  • Personal Information Involved: Network services, mobile device ID
  • Third-Party Link: link

4. Accessing and Managing Your Personal Information

In accordance with the relevant laws, regulations, and standards of China, as well as common practices in other countries and regions, we ensure that you have the following rights over your personal information:

1. Access to Your Personal Information You have the right to access your personal information, except for the exceptions stipulated by laws and regulations. If you wish to exercise your right to access data, you can do so through the following methods:

   • Account Information: If you wish to access or edit your personal profile and payment information, change your password, add security information, or close your account in your account, you can perform such operations by visiting the Simpusun (Simpusun Pro) App. If you cannot access these personal information through the above link, you can submit an access request by sending an email to simpusun@simpusun.com , and we will respond to your access request within 15 days.
   • For other personal information generated during your use of our products or services, as long as we do not need to invest excessively, we will provide it to you.

2. Correcting Your Personal Information When you find that there are errors in the personal information we process about you, you have the right to request that we make corrections. You can apply for correction through the methods listed in "1. Access to Your Personal Information". If you cannot correct this personal information through the above link, you can use the Simpusun (Simpusun Pro) App to feedback issues to us at any time, or send an email to Simpusun. We will respond to your correction request within 15 days.

3. Changing the Scope of Your Authorized Consent Some basic personal information is required to complete each business function (see "Part One" of this policy). For the collection and use of additional personal information, you can give or withdraw your authorized consent at any time. After you withdraw your consent, we will no longer process the corresponding personal information. However, your decision to withdraw consent will not affect the personal information processing that has been carried out based on your authorization before.

4. Responding to Your Requests For security reasons, you may need to provide a written request or otherwise prove your identity. We may first require you to verify your identity before processing your request. We will respond within 15 days. If you are not satisfied, you can also contact customer service to complain. For your reasonable requests, we will not charge a fee in principle, but for multiple repeated, beyond reasonable limits, we will charge a certain cost fee according to the situation. For those requests that are repeatedly made without reason, require excessive technical means (for example, the development of a new system or a fundamental change in current practices), pose a risk to the legitimate rights and interests of others, or are very impractical (for example, involving information stored on backup tapes), we may refuse. In the following situations, as required by laws and regulations, we will not be able to respond to your request:

   1. Directly related to national security, national defense security.
   2. Directly related to public safety, public health, significant public interest.
   3. Directly related to criminal investigation, prosecution, trial, and execution of judgment.
   4. There is sufficient evidence that you have malicious intent or abuse rights.
   5. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations.
   6. Involving trade secrets.

5. How We Protect and Store Your Personal Information

We take your information security very seriously. We strive to take various reasonable physical, electronic, and managerial security measures to protect your user information, prevent unauthorized access, public disclosure, use, modification, damage, or loss of user information. We use encryption technology to enhance the security of user information; we use trusted protection mechanisms to prevent malicious attacks on user information; we deploy access control mechanisms to ensure that only authorized personnel can access user information; and we conduct security and privacy protection training courses to strengthen employees' understanding of the importance of protecting user information.

We will take reasonable and feasible measures to avoid collecting irrelevant and unnecessary user information as much as possible. We will only retain your user information for the period required to achieve the purposes stated in this policy, unless the retention period needs to be extended by mutual agreement or is permitted by law. After the user information retention period expires, we will delete or anonymize your personal information.

In the event of a user information security incident (leakage, loss, etc.), we will promptly inform you of the basic situation and possible impact of the security incident, the measures we have taken or will take, your suggestions for self-prevention and risk reduction, and your remedies, in accordance with the requirements of laws and regulations. We will promptly inform you of the relevant situation of the incident by email, letter, phone call, push notification, and other means, and if it is difficult to inform each user individually, we will publish an announcement in a reasonable and effective manner. At the same time, we will also report the disposal situation of the user information security incident to the regulatory authorities as required.

If there is a situation where our products and services stop operating, we will take reasonable measures to protect the security of your user information, including promptly stopping the collection of user information activities; the notice of cessation of operation will be notified to users in the form of individual delivery or announcement; and the personal information held will be deleted or anonymized.

If we use user information beyond the purpose claimed at the time of collection or beyond the scope that is directly or reasonably related before using user information, we will inform you again and obtain your explicit consent.

When you set or change your avatar, we will request your authorization for camera and album permissions. If you refuse to authorize, you will not be able to use this feature, but it will not affect your normal use of other features of Simpusun.

Please note that after your personal information exceeds the retention period, we will delete your personal information or anonymize it according to the requirements of applicable laws; in addition, after the account is canceled, we will stop providing products and services to you, and delete your personal information or anonymize it according to your request, unless otherwise stipulated by laws and regulations.

You can refer to the following guide for account cancellation operations:

• Enter Simpusun Pro, click "My";
• Click "Settings";
• Click "Account Cancellation."

6. How to Protect Children's Personal Information

Our products, websites, and services are primarily aimed at adults. Children may not create their own user accounts without the consent of their parents or guardians. In cases where we collect children's personal information with the consent of parents, we will only use or disclose this information when it is allowed by law, explicitly agreed upon by parents or guardians, or necessary to protect the child. Although the definition of a child varies according to local laws and customs, we consider anyone under the age of 14 to be a child. If we find that we have collected children's personal information without verifiable parental consent, we will try to delete the relevant data as soon as possible.

7. How Your Personal Information is Stored and the Method for Handling Beyond the Storage Period

The personal information we collect and generate within the People's Republic of China will be stored within the territory of the People's Republic of China. The storage period of your personal information will be processed according to the minimum legal period.

8. How This Policy is Updated

We may update this privacy policy from time to time. If this privacy policy is revised, we will promptly publish the latest version on our official website. You agree to visit these web pages regularly to understand and review any such revisions. If there are significant changes to this policy,