language
Simplified Chinese
English

Last updated: April 9, 2024

Effective date of updated version: April 9, 2024

Version update prompt:

Based on business adjustment, we updated the Aurora Privacy Policy in accordance with relevant laws, regulations and technical specifications, which mainly includes the following contents: The push SDK extension function has been supplemented, clearly listing the use and purpose of each SDK service permission of Evoque.

In order to better protect your personal information, it is recommended that you carefully read the updated privacy policy, especially the terms bold in black. If you have any objection or question to the terms of this privacy policy, you can communicate with us through the contact information published in Article 10 "How to Contact Us" of this privacy policy.

introduction

Welcome to use the products and/or services provided by Shenzhen Hexunhuagu Information Technology Co., Ltd. (hereinafter referred to as "Aurora" or "us") and its affiliated companies on the Aurora platform (hereinafter referred to as "the platform"). Our registered address is [14/F, Zhongjian Building, No. 006, Keji South 12th Road, High tech District Community, Yuehai Street, Nanshan District, Shenzhen].

The personal information security of you and your end users is very important to us. We will try our best to provide you and/or your end users with a secure network environment. At the same time, we will strictly abide by the following principles to protect your and/or your end users' personal information: the principle of consistent rights and responsibilities, the principle of clear purpose, the principle of selective consent, the principle of minimum sufficiency, the principle of ensuring security The principle of subject participation and openness and transparency. In accordance with the Cyber Security Law of the People's Republic of China, the Data Security Law of the People's Republic of China, the Personal Information Protection Law of the People's Republic of China and the laws and regulations of the Internet industry on information protection, and with reference to the Personal Information Security Specification of Information Security Technology (GB/T 35273-2020).

The Aurora Privacy Policy (hereinafter referred to as the "Policy") is applicable to the processing and protection of personal information provided to you by us in the process of providing products and/or services to you. The products and services we provide include but are not limited to developer services (Evoque push, Evoque security certification, Evoque operation growth, Evoque unified messaging system [Evoque UMS], Evoque VaaS, Evoque SMS, Evoque statistics, Evoque IM, Evoque magic chain, Evoque sharing), data services (Yuehu data, financial technology, iAudience, Evoque research) Other products and services that already exist and are innovated and developed from time to time, such as Aurora Alliance.

This policy describes the purpose, method, scope and information security protection measures of collecting, using, storing, sharing and transferring your and/or your end users' personal information in the platform products and/or services we provide to you, as well as the rights and methods of access, correction, deletion and other control of personal information we provide to you. In order to make it easier for you to read and understand, we try to express it in simple and understandable sentences and define key terms, See this policy“ Appendix 1: Keyword Definitions ”。

You know and confirm that you have read and fully understood all the contents of this policy at the time of registration. Remind you that we will give special reminders on personal sensitive information in the form of "blacked and italicized", and on the terms that affect the significant rights and interests of you and your end users in the form of "blacked". If you are involved in the processing of sensitive personal information in the process of using our services, you should obtain the separate authorization and consent of your end users. Before providing us with any personal sensitive information belonging to you and/or your end users, please clearly consider that such provision is appropriate and agree that we can handle your and/or your end users' personal sensitive information according to the purposes and methods described in this policy. We will collect and use your and/or your end users' personal sensitive information with your consent to realize the relevant functions provided by this platform for you. We allow you to choose not to agree on the collection and use of your and/or your end user's personal sensitive information, but refusing to provide such information will affect the platform's ability to provide you with relevant services.

Please read and understand the details of specific products in this policy carefully before using our products or services. We hope that when you use Aurora products (and/or services), you will make a wise decision to provide you and/or your end users with personal information. We added Compliance Guide To help you use Aurora products or services in a more intelligent and private way. If you do not agree with this policy, you should immediately stop using the products and/or services provided by us, including the Evoque platform, website, etc.

It should be noted that when you use our products and services, we will process two categories of personal information:

1. Your personal information as an aurora developer customer (or potential developer customer);

two Personal information of your end user, including device identifier information, device hardware information, operating system information, network information Precise location information, software list information, mobile phone number (Only for aurora SMS and aurora security authentication), push information log.

The way we deal with these categories of personal information will be different, because we have a direct contractual relationship with you, which is different from our indirect relationship with your end users. As our customer, if you use our products or services to provide services for your end users, You should, in accordance with applicable laws and regulations, separately agree with your end users on privacy policies, timely disclose the directory and data processing of the Evoque SDK, and ensure that your end users have agreed to the privacy policies of Evoque; If you do not require your end users to agree to the contents of this privacy policy, you should stop using the products and/or services of Aurora.

This policy helps you understand the following:

  1. 1、 How we collect and use personal information about you and/or your end users
    2、 How do we use cookie and other similar technologies
    3、 Authorization and consent of end users
    4、 How do we share, transfer and publicly disclose your and/or your end users' personal information
    5、 How we store personal information about you and/or your end users
    6、 How do we protect your and/or your end users' personal information
    7、 How do we give you the right to manage personal information
    8、 How we deal with children's personal information
    9、 How do we update and modify this policy
    10、 How to contact us
    11、 Other legal basis for processing personal information (EEA only)
    Appendix 1: Keyword Definitions

1、 How we collect and use personal information about you and/or your end users

We will collect and use the personal information of you and/or your end users provided by you actively in the process of using the platform, generated by your use of the platform and obtained from third parties according to the relevant laws and regulations mentioned in the introduction, following the principles of justice, legality and necessity, and for the following purposes described in this policy.

No matter which of the following scenarios is used to collect and use your and/or your end-users' personal information, we usually only collect personal information from you and/or your end-users with your consent, unless in some cases, we collect personal information from you and/or your end-users based on legal obligations or may need to protect your or other people's important interests.

Please understand that in order to better provide technology and services to you and/or your end users, or due to changes in business strategies, the functions of products and/or services on this platform may also be changed and developed. If we want to use your and/or your end user's personal information for other purposes not specified in this policy, or the personal information collected for a specific purpose will be used for other purposes, or our processing method has changed, we will inform you in a reasonable way through this platform, and obtain your consent again before use, Please notify your users and obtain their authorization.

In order to achieve full functionality, the Aurora service may remain open in both the front and rear stages of the application. The purpose, method, types and rules of personal information we collect and process for you and your users are as follows when the Evoque service is on:

(1) Your personal information as an aurora developer customer (or potential developer customer)

In order to realize the basic business functions of this platform, we may need to collect and use your relevant personal information. The following will describe in detail our different business functions and the types of personal information required to achieve this function. If you refuse to provide, you will not be able to use the relevant products and/or services of this platform.

1. Registration and login

When you register/log in to the Aurora account, you need to provide your mobile phone number and verification code to complete the account registration. You may also need to provide us with your name, company name, province and city, and e-mail address, so that we can communicate with you about product use and expense payment. When you are an enterprise user, you are also required to provide Enterprise business license information Used for developer real name authentication.

2. Safety protection

To ensure the security of your account and system operation, and more accurately prevent phishing website fraud, when you visit and browse the Aurora website, we will automatically collect the details of your use of Aurora products and/or services, and save them as web logs, including the Internet Protocol (IP) address, browser type, Internet Service provider (ISP), reference/exit page, operating system, date/time stamp and click data stream to judge your account risk, ensure that Aurora can provide you with normal services, count traffic, troubleshoot abnormal information, and detect, prevent and investigate fraud, abuse or security incidents.

(2) Personal information of your end user


In order to realize the basic business functions of different products/services of the platform, we may need to collect and use the relevant personal information of your end users. The following details our business functions and the types of information necessary to achieve this function. The collection and use of these personal information should be carried out on the premise that you have confirmed that you have obtained the consent of the end user:
1. Aurora push SDK
(1) Function introduction
① Basic function: to give developers the ability to push messages and notifications, and to push messages to your end users.
② Extended functions: In order to improve the service experience of developers, we provide user clustering push, geo fence push, application self start, link regulator, and statistics of active application duration.
(2) Collection of personal information
Product function type Product function name Personal information type and field Required Purpose and purpose
basic function Message push Device identifier (including Android ID, GAID, OAID, UAID, IDFA) yes It is used to generate the unique identification of desensitized end user equipment to ensure accurate message push.
Device hardware information (including device model, device screen resolution, device hardware manufacturer, device product name), operating system information (including operating system version, system name, system language) yes It is used to ensure the compatibility of services on different devices and ensure the accurate distribution of messages.
Network information (including network type, operator name, IP address, WIFI status information) yes It is used to determine the network connection status between the SDK and the server to ensure the stability and continuity of the service.
Push message log yes It is used to query the push service record and understand the delivery of push information.
Device identifier (including IMEI, MAC, IMSI) Optional It is used to supplement the generation of unique identification of end user equipment, improve the accuracy of unique equipment identification, and thus improve the accuracy and reach rate of push.
Network information (including SSID, BSSID, WiFi list information, and base station information) Optional It is used to determine the fuzzy location information, select the nearest push service node to provide push service, and improve the push reach rate.
Extended functions User group push Software list information (including software list and software operation list information) Location related information yes It helps you to gain insight into the interests and preferences of your end users and achieve user push in groups; Through this function, users can be provided with more appropriate push content, so as to minimize the interference of useless push content to users and further improve the user experience.
Geo fence push Location related information yes It is used to provide "push report" and geo fence push function.
Link conditioner Software list information (including software list and software operation list information) yes We use the link consolidation technology to push information. When a device has multiple APP push links active at the same time, we use the link consolidation technology to randomly merge them into one link to save power and traffic for users. When a device has an offline push message to be sent, offline messages can be sent through the association start function, When you turn off this service, the association startup will also be turned off, which will lead to increased power and traffic consumption, and the message access rate will also be reduced.
Application self start Software list information (including software list and software operation list information) yes It mainly focuses on optimizing the SDK connection, improving the push delivery rate and application activity. Developers can configure it on demand.
Apply active duration statistics After receiving the push, the app switches to the active duration data of the background and foreground yes To help developers better analyze the push effect and user behavior, further optimize your push strategy, and improve user participation and conversion rate.
For optional information and extended functions, you can choose to turn off, Developers are requested to make reasonable configuration according to the actual business needs.

2. Aurora security certification SDK

(1) Function introduction
① Basic function: provide one click login function for developers to realize one click login of end user accounts.
② Extension function: provide number verification and user account security verification functions for development, realize end user number verification, and verify user account and behavior security.
(1) Collection of personal information
The personal information of your end users that we collect and use here includes:
① Required information:
phone number: It is used to complete one click login and number authentication, and identify the risks of your end users;
Device identifier (including IMEI, MAC, IMSI, IDFA, Android ID, GAID, OAID, UAID, ICCID): used to generate the unique identification of desensitized end user devices to prevent user account security risks;
Network information (including network type, operator name, base station information, IP address, WiFi information, SSID, BSSID): used to determine whether the user is connected to the mobile network, lock the service mobile phone number, obtain the prefetch number and token information of the current network card, so as to achieve one click login service in the mobile network state; It is used to send the SMS verification code to the corresponding number to realize the SMS verification function; At the same time, it is used to analyze the risk level of current devices, which can effectively identify cheating behaviors, eliminate cheating devices, identify malicious swipes, malicious programs, and protect user account security.
② Optional information:
Device hardware information (including device model, device screen resolution, device hardware manufacturer, device product name): used to ensure the compatibility of the products and/or services provided on different devices, and detect the malicious forgery of devices;
Operating system information (including operating system version, system name, system language): used to ensure the compatibility of the products and/or services provided on different devices;
Precise location information: It is used to provide login reports and calibrate the regional distribution of data by region; Identification of abnormal equipment and other gang attacks/identification of geographical location forgery, protection of user account security, etc;
Software list information (including software list and software running list information): used to identify the user's application environment and determine the installed APP information, help you identify abnormal software and intercept the batch automatic operation of machine programs, protect the security of user accounts, etc.
For optional information, you can choose to close, Developers are requested to make reasonable configuration according to the actual business needs

  • In order to ensure the stable operation and function realization of the Evoque security certification service, the software development kit (SDK) and application program interface (API) provided by the partner will be accessed in the Evoque security certification service, and you/your end users will understand and approve. We will carry out strict security inspection on the software development kit (SDK) and application program interface (API) of the information obtained by the partners, and agree with the partners on strict data protection measures, so that they can handle personal information in accordance with this policy and any other relevant confidentiality and security measures. The details of the partners we access are as follows, and we suggest you read the relevant privacy policy (please note that the privacy policy of the following partners may be updated irregularly due to changes in circumstances, please follow and check):
  • (1) Volcano engine API
  • Information user: Beijing Volcano Engine Technology Co., Ltd
  • Processing method: delegated processing
  • Usage information: mobile phone number, IP address
  • Purpose: provide end-user risk identification service
  • Volcano Engine Privacy Policy Link: https://www.volcengine.com/docs/6256/64902

    • 3. Aurora operation growth SDK
    (1) Function introduction
    ① Basic function: provide the developer with user behavior analysis function, and realize the statistics and analysis of user behavior.
    ② Extension function: provide developers with the ability to generate user profiles and help improve your user operation ability.
    (2) Collection of personal information
    The personal information of your end users that we collect and use here includes:
    ① Required information:
    Device identifier (including IMEI, MAC, IMSI, Android ID, GAID, OAID, UAID, IDFA): used to generate the unique identifier of desensitized end user devices to ensure accurate device statistics;
    Device hardware information (including device model, device screen resolution, device hardware manufacturer, and device product name): used to ensure the compatibility of services on different devices, provide statistical reports according to the dimension of device conditions, conduct refined behavioral data analysis for your end users, and help you generate richer user profiles for your precise marketing;
    Operating system information (including system name, system version, and system language): used to ensure the compatibility of services on different devices, conduct refined behavioral data analysis for your end users, and help you generate richer user profiles for your precise marketing;
    Network information (including network type, operator name, IP address): used to determine the network connection status between the SDK and the server, ensure the stability and continuity of the service, and analyze user behavior.
    ② Optional information:
    Network information (including base station information, WiFi information, SSID, BSSID): it is used to analyze the refined behavior data of your end users and help you generate richer user profiles for your precise marketing;
    Precise location information: It is used to provide "statistical reports" based on geographical location. At the same time, in order to improve the marketing effect and save traffic costs, you can form user profiles based on location information to provide different marketing content;
    Software list information (including software list and software running list information): used for application installation and uninstallation statistics; At the same time, it can help you understand your end users' interests and hobbies, carry out precision marketing, and avoid other unnecessary content to disturb your users.
    For optional information, you can choose to close, Developers are requested to make reasonable configuration according to the actual business needs When you use the Evoque operation growth service, to improve the operation effect, you can decide whether to provide us with other information about your end users, You know and agree that when using the Evoque operation growth service, you have obtained the legal authorization of users to allow the Evoque operation growth SDK to collect and report your end user's personal information to us.

  • 4. Data service:

    Based on the personal information legally collected in this privacy policy, we will process your end user's personal information in accordance with the industry-leading data security technologies such as de identification, anonymization and pseudonym, and form data products (including Yuehu Data, Fintech, Label Service iAudience, Marketing Points, Aurora Alliance, etc.) through data processing and analysis, Provide customers in vertical industries with feedback analysis results and data solutions. We will take technical measures and other necessary measures to deal with it, and conduct aggregated and anonymous group analysis and research in the form of unable to identify or reverse personal information; In the marketing scenario, based on the authorization between your end users and the organization, we predict the crowd preference through the de identification algorithm model to help the organization improve the marketing effect; In the anti fraud and risk control audit scenario, based on the authorization between your end users and credit bureaus (such as Baihang Credit, Park Road Credit) and licensed financial institutions, we conduct convergence, integration and analysis through de identified machine learning and algorithm model training, to identify the risks of your end users and provide prediction services for licensed institutions.

  • 5. Permission application

    You can use the Aurora SDK Product Compliance Guidance Notes Click the SDK Compliance Guide corresponding to your use of the SDK to learn about the application and use of system permissions for each of the Evoque SDKs. For optional permissions, you can choose to close them, but they may affect the realization or effect of your SDK business functions. We strongly recommend that you open them.

    Please note that the Aurora SDK collects your end user's "device information", "network information" "Software list information" And/or "Precise location information" The premise is that the end user is authorized to open "Device Information Permission", "Network Access Permission", "Software List Permission" and/or "Location Permission", If your end users do not want to collect the above information, they can do so by turning off "Network Access Rights", "Device Information Rights", "Software List Rights" and/or "Location Rights".

    Use and purpose of service permissions of Evoque SDKs

Android operating system application permission list
Permission name Optional Products involved Function description
INTERNET Mandatory

Aurora push SDK

Aurora security certification SDK

Aurora operation growth SDK

Aurora Statistics SDK

Aurora VaaS SDK

Aurora sharing SDK

Aurora Magic Chain SDK

Aurora Alliance SDK

 Allow SDK networking and data reporting, and realize the most basic permissions of SDK business functions
ACCESS_NETWORK_STATE Mandatory

Aurora push SDK

Aurora security certification SDK

Aurora operation growth SDK

Aurora VaaS SDK

Aurora Magic Chain SDK

Aurora Alliance SDK

 Detect networking mode, avoid data transmission under abnormal network conditions, and save traffic and power
ACCESS_WIFI_STATE Mandatory Aurora security certification SDK Check the wifi status, determine whether to connect to wifi, and detect the security authentication environment
CHANGE_NETWORK_STATE Mandatory

Aurora security certification SDK

Aurora VaaS SDK

 It is used to view the changes of network status, obtain mobile phone numbers under the network status, and achieve one click login and number verification/pause video playback
POST_NOTIFICATIONS Mandatory

Aurora push SDK

Aurora Alliance SDK

 Pop up notification of apps for Android 13 and above devices
QUERY_ALL_PACKAGES Optional For the adaptation of Android 11 and above devices, Deeplink notifies the jump; Determine whether the target application is installed
WRITE_EXTERNAL_STORAGE Optional

Aurora push SDK

Aurora sharing SDK

 In the push scenario, it is used to prevent the same user from generating multiple push IDs, saving push costs; In the sharing scenario, it is used when sharing large images/multiple images or large files with one click between different apps
READ_EXTERNAL_STORAGE Optional
ACCESS_WIFI_STATE Optional

Aurora push SDK

Aurora operation growth SDK

Aurora Alliance SDK

 Check wifi status and select the best networking link for network connection to save traffic and power
READ_PHONE_STATE Optional

Aurora push SDK

Aurora security certification SDK

Aurora operation growth SDK

 Get the status parameters of the mobile phone, and assist in generating the unique device identifier of Aurora
ACCESS_COARSE_LOCATION Optional It is used to obtain location information, realize geographical fence push/user cluster operation/anti cheating function, eliminate cheating devices, and make report data based on geographical location information more accurate
ACCESS_FINE_LOCATION Optional
ACCESS_BACKGROUND_LOCATION Optional
JPUSH_MESSAGE Mandatory Aurora push SDK JPush user-defined permission, used for sending and receiving broadcast permission verification
VIBRATE Optional Vibrator permission, the Evoque push SDK supports notification to enable the vibration function, and Xiaomi push must
JOPERATE_MESSAGE Optional Aurora operation growth SDK SDK user-defined permission, used to send and receive broadcast permission verification
SYSTEM_ALERT_WINDOW Optional Aurora Statistics SDK UI polling function for realizing visual buried points
CHANGE_WIFI_STATE Optional Aurora security certification SDK Allow the acquisition program to change the WIFI connection status, which is used to obtain the user's mobile phone number and realize the security authentication function
REQUEST_INSTALL_PACKAGES Optional Aurora Alliance SDK It is used to launch new advertisements and install advertising promotion applications

IOS operating system application permission list
Permission name Optional Products involved Function description
Network access Mandatory

Aurora push SDK

Aurora security certification SDK

Aurora operation growth SDK

 Allow SDK networking and data reporting, and realize the most basic permissions of SDK business functions
Locate Permissions Optional It is used to obtain location information, realize geographical fence push/user clustering operation/anti cheating function, and eliminate cheating devices/report data formed based on geographical location information is more accurate.
IDFA Optional Used by the idfa package to obtain the unique identifier of the device

We promise that we will never collect or require your end users to provide other personal sensitive information, including but not limited to personal race, political orientation, religion, belief, personal genetic data or biometric data, sexual orientation, etc., unless explicitly agreed in this policy.

6. Cancellation of authorization

If your end user does not want us to do the above processing, you or your end user can contact us through the contact information listed in Article 10 of this policy or through our user exit mechanism( https://www.jiguang.cn/disclaimer )Cancel authorization.

When we want to use personal information for other purposes not specified in this policy, we will notify you in advance, and ask you to notify your end users and ask for their consent. When we want to use the information collected for a specific purpose for other purposes, we will also notify you in advance and ask you to notify your end users and ask for their consent.

(3) Your personal information we obtained from a third party

    • one We may collect and use your personal information from a third party (our partner) within your authorization and consent. We promise to process your personal information in strict accordance with the contract signed with the third party and relevant legal provisions. At the same time, please read the privacy policy and user agreement of the third party in detail. If you refuse a third party to collect, use or transfer your personal information when providing services, you may not be able to use the corresponding services of Aurora.
    • two We may obtain and properly use public information about you through public channels such as web pages, or obtain operational information about your enterprise that has been publicized from third-party providers to help us better understand our customer base, such as your industry, your enterprise's size and your enterprise's website URL.

(4) Exceptions to obtaining authorization

  • Please understand that under the following circumstances, according to laws, regulations and relevant national standards, we do not need to obtain your and/or your end user's authorization and consent to collect and use your and/or your end user's personal information:
    • 1. Directly related to public safety, public health and major public interests;
    • 2. In order to protect your or other personal life, property and other major legitimate rights and interests, but it is difficult to obtain my consent;
    • 3. The personal information collected about you and/or your end users is disclosed to the public by you;
    • 4. Personal information of you and/or your end users collected from legally disclosed information, such as legal news reports, government information disclosure and other channels;
    • 5. Necessary for signing or performing the contract according to your requirements;
    • 6. Necessary for maintaining the safe and stable operation of software and related services, such as finding and handling software and related service failures;
    • 7. Other circumstances stipulated by laws and regulations.

Please note that if the information cannot identify your and/or your end user's personal identity alone or in combination with other information, it does not belong to your and/or your end user's personal information in the legal sense; When the relevant information of you and/or your end user can identify your and/or your end user's personal identity alone or in combination with other information, or when we use the data that cannot be connected with any specific personal information in combination with other personal information of you and/or your end user, Personal information that will be treated and protected as you and/or your end users in accordance with this policy.

(5) Notes on self startup and associated startup

  • one We draw your attention to the fact that according to the specific functions provided by its APP, the self start function must be enabled only for the push service when a more stable and efficient push channel and a higher push arrival rate are required. You can refer to our push service Aurora Push SDK Compliance Guidelines Self select to turn on or off self start; At the same time, you should inform your end user of the relevant situation of the self start, and provide your end user with the function of turning on or off the self start independently.
  • two We remind you that according to the specific functions provided by its APP, the association startup function can be enabled only for the push service in the reasonable application scenario of the shared push link. You can refer to our push service Aurora Push SDK Compliance Guidelines Select to enable or disable association startup independently; At the same time, you should inform your end user of the relevant situation of the association startup, and provide your end user with the function of turning on or off the association startup independently.

2、 How do we use cookie and other similar technologies

When you use our service, in order to ensure the normal operation of the website, we will store a small data file named Cookie on your computer or mobile device. Cookie It usually contains identifiers, site names, and some numbers and characters. The main function of cookies is to facilitate your use of the platform's products and/or services, and help the website count the number of independent visitors. Using cookie technology, we can provide you with more considerate personalized services and allow you to set your specific service options. When you use the products and/or services of this platform, cookies will be sent to your device. When you interact with the services we provide to partners, we allow cookies (or other anonymous identifiers) to be sent to our servers.

We will not use cookies for any purpose other than those stated in this policy. You can manage or delete cookies according to your preferences. You can clear all cookies saved on your computer. Most web browsers have the function of blocking cookies. However, if you do so, you need to change the user settings in person every time you visit our website, and you may not be able to log in or use the services or functions provided by Aurora relying on cookies because of such modifications.

For more information about the types of cookies we use, why, and how to control cookies, see AboutCookies.org。

3、 Authorization and consent of end users

As our business partner, you know very well that in order to provide you and/or your end users with the Aurora service you choose, we will collect, store, and process personal information from your application's end users in a de identifiable or anonymous way. Therefore, by accepting this policy and integrating our SDKs, APIs or other statistical analysis tools and developer tools into your products, you confirm and guarantee that:

    • 1. You have informed the end user and obtained the end user's full, necessary and clear authorization, consent and license to allow us to collect and use its information for the purpose of providing services;
    • two Unless otherwise specified by applicable laws, you have informed the end user and obtained the end user's sufficient and necessary authorization, consent and permission to allow us to de identify the collected personal information, and allow us to use the collected and processed information for the service purposes listed in Article 1 of this policy on the premise of complying with relevant laws and regulations;
    • 3. You have complied with and will continue to comply with applicable laws, regulations and regulatory requirements, including but not limited to formulating and publishing relevant policies on personal information protection and privacy protection;
    • four You have provided the end user with an easy to operate user rights implementation mechanism, explaining how and when users can exercise their options, how to access, correct their personal information, exercise the right to delete, change the scope of their authorization and consent, and other operations.

4、 How do we share, transfer and publicly disclose your and/or your end users' personal information

(1) Share

Except as stated in this policy, information about you and/or your end users will not be shared with third parties in an identifiable form. Except for the following cases:

    • 1. Share with explicit consent. After obtaining the explicit consent of you and/or your end-users, we will share your and/or your end-users' information with other parties;
    • 2. We may share information about you and/or your end users according to laws and regulations;
    • three To the extent required or permitted by law, it is necessary to provide your and/or your end user's personal information to a third party (including industry organizations such as consumer protection departments) in order to protect your or the public's interests, property or safety from damage;
    • 4. Personal information disclosed by you and/or your end users or we can obtain from other legal public channels;
    • 5. We may share data with a third party in a way that does not recognize your and/or your end user's personal information (de identification or anonymization).
    • six Share with our affiliated companies: your and/or your end users' information may be shared with the affiliated companies of Aurora. We will only share necessary information and are bound by the purpose stated in this privacy policy. If the affiliated company wants to change the purpose of information processing, it will again ask you and/or your end users for authorization;
    • seven We may employ trusted third-party suppliers, consultants or other service providers (hereinafter referred to as "contract partners") to provide us with necessary maintenance, support and services to provide better customer service and optimize user experience. We will only share information about you and/or your end users for legal, legitimate, necessary, specific and explicit purposes, and only share information necessary for providing services. Our partners are not authorized to use the shared information for any other purpose.
    • If you refuse our partner to collect personal information necessary for providing services when providing services, you may not be able to use the services provided by this platform through the partner.

At present, our partners include the following types:

-Advertising and promotion partners: In order to more accurately target the crowd and launch advertisements, we may provide your end user IMEI number to the advertising and promotion service provider.

- Information service partners: In order to provide offline storage of large files for Aurora IM users, we may provide information service providers with real-time chat content (pictures, videos, files) of your end users.

-Social media partners: In order to realize the cross platform sharing function of Aurora share, we may provide end users' shared content to social media partners.

- Push, authentication and sharing service partners: In order to better realize push, authentication and sharing services, we have integrated the service capabilities of our partners. Some service developer customers can choose whether they need to integrate these services provided by partners according to their own actual conditions, and the final choice of developer customers shall prevail. (Access Partner SDK Catalog)

(2) Assignment

We will not transfer your and/or your end-user information to any company, organization or individual, except for the following circumstances:

    • 1. After obtaining the explicit consent of you and/or your end users;
    • 2. Personal information disclosed by you and/or your end users or we can obtain from other legal public channels.

In case of merger, acquisition or bankruptcy liquidation, it may involve the transfer of personal information. In this case, we will require new companies and organizations holding your personal information to continue to be bound by this statement. If there is any change in the collection and processing of personal information agreed in this statement, the company or organization will ask you for authorization again.

(3) Public disclosure

Under the constraints of applicable laws and regulations, we will not publicly disclose your and/or your end-users' personal information unless expressly agreed by you and/or your end-users.

5、 How we store personal information about you and/or your end users

(1) Storage location

In principle, we only collect personal information generated in the People's Republic of China, and store the collected personal information in the People's Republic of China. This service is not available in any other countries/regions except China. You shall independently choose the scope of use of the service and be responsible for complying with any applicable laws, including but not limited to any local laws.

(2) Storage life

We only store your and/or end user's personal information for the purpose described in this policy and the shortest period specified by laws and regulations. After the storage period expires, we will delete or anonymize your personal information. However, in order to comply with the corresponding laws and regulations, we may extend the storage period of your and/or your end users' personal information for the purpose of litigation defense, maintaining public interests, protecting personal property security or legal rights.

6、 How do we protect your and/or your end users' personal information

one We have used industry standard security measures to protect the information you provide from unauthorized access, disclosure, abuse, tampering, damage or loss. We will take all reasonable and feasible measures to protect the data security of you and/or your end users. For example, when exchanging data between your browser and the Service SSL encryption protection; We also provide https for jiguang.cn website Safe browsing mode; We will use encryption technology to ensure the confidentiality of data; We will use a trusted protection mechanism to prevent data from being attacked maliciously; We will deploy an access control mechanism to ensure that only authorized personnel can access personal information; And we will regularly hold security and privacy protection training courses to enhance employees' awareness of the importance of protecting personal information.

2. We have obtained the following certifications: Information System Level 3 Protection, ISO 27001 Information Security Management System Certification, and SDK Information Security Certificate

3. Our data security capability: build security defense around the data life cycle, covering data acquisition, transmission, storage, use, circulation, archiving, deletion and other data processing stages.

four We will take all reasonable and feasible measures to ensure that irrelevant personal information is not collected. We will only retain your and/or your end-user information for the period necessary to achieve the purposes described in this privacy policy, unless the retention period needs to be extended or permitted by law.

five The Internet is not an absolutely secure environment, and email, instant messaging, and communication with other users are not encrypted. We strongly recommend that you do not send personal information through such methods. Please use complex passwords and change them regularly to help us ensure the security of your account.

6. We will regularly update and disclose the relevant contents of security risks, personal information security impact assessment and other reports. You can also consult support@jiguang.cn To get relevant content.

seven The Internet environment is not 100% secure. We will try our best to ensure or guarantee the security of any information you send us. Although we have made necessary and reasonable efforts, we may still be stolen, illegally owned or abused, which may cause personal, property and reputation losses to you and your users. You have understood the above risks and are willing to take them.

eight In case of an unfortunate personal information security incident, we will timely inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, the suggestions you can independently prevent and reduce risks, and the remedial measures for you in accordance with the requirements of laws and regulations. We will inform you of the event in a timely manner by email, push notification, etc. When it is difficult to inform the personal information subject one by one, we will take a reasonable and effective way to publish an announcement.

9. At the same time, we will also actively report the disposal of personal information security incidents according to the requirements of the regulatory authorities.

7、 How do we give you the right to manage personal information

We attach great importance to the management of your and/or your end users' personal information, and do our best to protect your rights to query, access, modify, delete, complain and report your personal information, and set privacy functions, so as to protect your and/or your end users' privacy and information security.

(1) For direct users of Aurora

    • 1. Query and change your personal information
      You have the right to access your personal information, except for exceptions stipulated by laws and regulations. If you want to exercise the data access right, for example, you want to access or edit the enterprise/personal information and payment information in your account, change your password, add security information or close your account, you can access Aurora User Center Perform such operations.
      If you cannot access these personal information through the above link, you can send an email to support@jiguang.cn Exercise data access. When accessing relevant information, we may require you to verify your identity to ensure the security of your account.
      Please understand that some of your requests may not be responded to due to technical limitations and legal and regulatory requirements. Some of your information may not be accessible due to legal and regulatory requirements, information security and other legitimate reasons.
    • 2. Delete your personal information
      You can send an email to support@jiguang.cn Contact customer service and request to delete your personal information:
      • (1) We collect and use personal information in violation of laws and regulations;
      • (2) We collect and use personal information in violation of the agreement with you;
      • (3) If we share and transfer personal information to a third party in violation of laws and regulations or the agreement with you, we will immediately stop sharing and transferring, and notify the third party to delete it in a timely manner;
      • (4) If we publicly disclose personal information in violation of laws and regulations or the agreement with you, we will immediately stop the public disclosure and issue a notice requiring the relevant recipient to delete the corresponding information.
      When deleting relevant information, we may require you to verify your identity to ensure the security of your account. Once the above deletion request is responded, your personal information will be deleted, except for the information required to be retained by laws and regulations.
    • 3. Change the scope of your authorization and consent
      Each business function often needs to collect some basic personal information to operate. For the collection and use of your personal information, you can send an email to support@jiguang.cn Contact customer service to request withdrawal of consent. When you withdraw your consent, we will not collect and use your corresponding personal information in the future, but please understand that when you withdraw your consent or authorization, we cannot continue to provide you with specific functions and/or services corresponding to the withdrawal of consent or authorization. Your decision to withdraw your consent will not affect the previous personal information processing based on your authorization.
    • 4. Account cancellation
      You can cancel your previously registered account at any time by sending an email to support@jiguang.cn Contact customer service. You should know that canceling your Aurora account will cause you to permanently lose access to your account and the data in your account. We will provide you with account cancellation service after verifying your identity and negotiating with you to process the assets in your account. In order to provide you with a more convenient way to log out, we will continue to optimize our products and inform you through the page announcement. After the cancellation of the aurora account, we will stop providing you with products or services, and delete your personal information or anonymize it as soon as possible according to your requirements, unless otherwise specified by laws and regulations.
    • 5. Obtain a copy of personal information
      You have the right to obtain a copy of your personal information. You can send an email to support@jiguang.cn Contact customer service. On the premise of technical feasibility, such as data interface matching, we can also directly transfer your copy of personal information to the third party designated by you according to your requirements.
    • 6. Reject directed push
      You can choose not to receive promotional emails from Aurora by following the unsubscribe/exit instructions in these emails. You can also send an email to support@jiguang.cn Contact customer service to opt out. Please note that even if you opt out of the promotional communication, we may still send you non promotional information related to our terms of service or privacy notice updates, security alerts, and other notices related to your access to or use of our products and services.
    • 7. Respond to your above request
      To ensure security, we may require you to verify your identity before processing your request. You may need to provide a written request or prove your identity in other ways. For all your requests under this section, we will, in principle, give feedback within 15 days after receiving your request and verifying your user identity.

(2) If you are an end user of applications using Aurora products or services, rather than a direct customer of Aurora, we recommend that you:

    • According to the privacy policy of the application provider, please send the request related to your personal information directly to the relevant application provider for processing and help. After receiving the relevant request from you and the application provider and verifying the authenticity and legitimacy of the request, Evoque will actively cooperate and respond to the request.

(III) In principle, we do not charge for the above reasonable requests from you and/or your end users. We may reject those requests that are unprovoked and repetitive, require too many technical means (for example, need to develop new systems or fundamentally change the current practices), bring risks to the legitimate rights and interests of others, or are very impractical (for example, involving information stored on backup tapes).

We will not be able to respond to your and/or your end users' requests in the following circumstances:

    • 1. Related to our performance of our obligations under laws and regulations;
    • 2. Directly related to public safety, public health and major public interests;
    • 3. We have sufficient evidence to show that you have subjective malice or abuse of rights;
    • 4. In order to protect your or other personal life, property and other major legitimate rights and interests, but it is difficult to obtain my consent;
    • 5. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals and organizations;
    • 6. Involving trade secrets.

(4) If you and/or your end users have questions about the realization of the above rights, you can contact us according to the relevant contact information in the ways described in Article 10 of this policy.

8、 How we deal with children's personal information

We have made it clear in the service premise that children are not allowed to register as our users, and in principle, we do not accept your provision of personal information for end-users under the age of 14. Please pay attention and carefully provide it. Although local laws and customs have different definitions of children, we will be dissatisfied Anyone who is 14 years old is regarded as a child. If we unknowingly If a child aged one has collected personal information, we will delete the relevant information in a timely manner, unless we are required by law to retain such information.

If you think we have collected information from children under the age of 14 by mistake or accident, please contact us in time: support@jiguang.cn

If your app is designed and developed for children under the age of 14, please make sure that your end user is the guardian, has read and agreed to the privacy policy of the app, and is authorized to agree to provide children's personal information to us to realize the relevant functions of the app.

9、 How do we update and modify this policy

In order to provide you with better services, this platform and related services will be updated and changed from time to time, and we will revise this policy from time to time. These revisions constitute a part of this policy and have the same effect as this policy. Without your explicit consent, we will not reduce the rights that you and/or your end users should enjoy according to this privacy policy.

After the policy is updated, we will issue an updated version on the official website and remind you of the updated content in an appropriate way before the updated terms take effect, so that you can know the latest version of the policy in time.

For major changes, we will also provide more significant notices (including for some services, we will send notices in the form of email or website letters or announcements to explain the specific changes to the privacy policy). Therefore, please check and understand your privacy policy at any time. If you do not agree to accept this privacy policy, please stop accessing and using our services.

Major changes referred to in this policy include but are not limited to:

  • 1. Our service model has changed significantly. For example, the purpose of processing personal information, the type of personal information processed, and the use mode of personal information;
  • 2. Significant changes have taken place in our ownership structure and organizational structure. Such as business adjustment, bankruptcy M&A, etc;
  • 3. The main objects of personal information sharing, transfer or public disclosure have changed;
  • 4. Your right to participate in personal information processing and the way you exercise it have changed significantly;
  • 5. When the responsible department, contact information and complaint channel for handling personal information security change;
  • 6. When the personal information security impact assessment report indicates that there is a high risk.

This policy is an important part of the Aurora service agreement. All rights not expressly granted in this privacy policy are reserved by Aurora.

10、 How to contact us

We hope to be able to resolve any disputes related to our data protection practices. Aurora has set up a dedicated privacy protection team. You can send an email to our privacy team compliance@jiguang.cn Or contact us by letter or other means (recipient: Compliance Group, address: 14F, Zhongjian Building, Keji South 12th Road, Nanshan District, Shenzhen, contact number: 0755-83881462) to raise your questions or ask for help.

If you have questions, suggestions or complaints about your account information, personal information or other document technology or exercise your rights, you can send an email to support@jiguang.cn Or other special ways to contact us. Generally, we will reply within 15 working days.

For individuals in the EEA, you have the right to file a complaint with the competent data protection authority or file a lawsuit in a court of competent jurisdiction in accordance with applicable data protection laws.

11、 Other legal basis for processing personal information (EEA only)

We ask you to pay special attention: when you process personal information, if you meet any of the following conditions, please pay attention to comply with the General Data Protection Regulations of the European Union Protection Regulation (hereinafter referred to as "GDPR"):

  • (1) You are in the European Economic Area ("EEA"), whether or not the processing activity is carried out in the EU;
  • (2) Providing goods or services (whether paid or not) to individuals in the EEA, or monitoring their actions in the EEA;
  • (3) Not within the EEA, but according to public international law, the laws of EU member states apply (such as embassies or consulates of EEA member states).

If you and/or your end users are from the EEA, the legal basis for our collection and use of the above personal information will depend on the relevant personal information and the specific background of the information we collect.

However, we usually do this only when we need personal information to perform the contract with you, or when the processing is in line with our legitimate interests and is not covered by your data protection interests or basic rights and freedoms, or when we obtain your consent. In some cases, we may also have a legal obligation to collect personal information from you and/or your end users, or we may need personal information to protect your or other people's vital interests. For example, for the purpose of maintaining public security, we may provide your personal information at the request of relevant departments, or respond to the requirements of law enforcement departments.

If you have questions about the legal basis for us to collect and use your and/or your end user's personal information or need further information, please contact us using the contact information provided in the introduction of this privacy policy.

Appendix 1: Keyword Definitions

Specific words used in this policy have the following meanings:

  • 1. We or Aurora: Shenzhen Hexunhuagu Information Technology Co., Ltd.
  • two Associated companies: refer to the subsidiaries or other associated enterprises within the scope of consolidated statements with Shenzhen Hexunhuagu Information Technology Co., Ltd. Any of the above companies is or will be controlled, controlled or under common control with them.
  • 3. Control: refers to the ability to directly or indirectly influence the management of the mentioned company, whether through ownership, voting shares, contracts or other legally recognized ways.
  • 4. You refer to the registered users who use our products and/or services and the purchasers of charging services.
  • 5. Your end user: refers to the end user of the application of the products or services of the Evoque platform.
  • 6. Aurora or this platform: refers to the aurora platform.
  • seven Personal information: refers to various information recorded electronically or in other ways that can identify the identity of a specific natural person or reflect the activities of a specific natural person, either alone or in combination with other information. Personal information includes personal basic information, personal identity information, personal biometric information, network identity information, personal health physiological information, personal education work information, personal property information, personal communication information, contact information, personal Internet access records, personal common equipment information, personal location information, etc. For the avoidance of doubt, personal information includes but is not limited to personal sensitive information.
  • 8. Personal information subject: refers to the natural person identified by personal information.
  • nine Personal sensitive information: refers to personal information that, once disclosed, illegally provided or abused, may endanger personal and property safety, and may easily lead to damage to personal reputation, physical and mental health or discriminatory treatment. Personal sensitive information includes personal property information, personal health physiological information, personal biometric information, personal identity information, network identity information, etc.
  • 10. De identification: refers to the process of making it impossible to identify the subject of personal information without using additional information through the technical processing of personal information.
  • 11. Anonymization: refers to the process of making the subject of personal information unrecognized and the processed information unrecoverable through the technical processing of personal information.
  • 12. China: refers to the mainland of the People's Republic of China, which is only for the purpose of this policy, excluding Hong Kong Special Administrative Region, Macao Special Administrative Region and Taiwan.