Rictor Personal Information Protection and Privacy Policy
Overview
We take the protection of your personal information very seriously and will take corresponding security protection measures to protect the security of your personal information in accordance with legal and regulatory requirements. In view of this, the operator of
Rictor
(referred to as "
Rictor
" or "We") formulates this
"Rictor Personal Information Protection and Privacy Policy"
(referred to as "this Policy"), and reminds you that:
This Policy applies to all products and services provided by
Rictor
. If our affiliated companies' products or services use products or services provided by
Rictor
but do not yet have an applicable privacy policy, then this Policy also applies to that part of the product or service. If our affiliated companies have separate privacy policies for the products or services they provide to you, then the respective products or services are subject to their respective privacy policies.
It is particularly important to note that
this Policy does not apply to products or services provided to you by other third parties.
For example, when the relevant product or service is provided by a third party, the personal information you provide to the third party does not apply to this Policy.
This Policy is very important for your use of our products and/or services. Please be sure to read all content carefully (especially content marked in bold) before using our products and/or services.
We will try to use easy-to-understand and concise language to describe the relevant content, and for terms that have a significant relationship with your rights and interests, we will use bold or underline to highlight them to draw your attention, so that you can understand the purpose of Rictor's collection of personal information, the personal information collected and used and the methods, and the ways and means for you to manage this information.
We will collect and use your personal information in accordance with this Policy to provide you with relevant products or services. If you have any questions, comments, or suggestions regarding the content of this Policy, you can contact us through the contact methods indicated in this Policy, and we will answer you as soon as possible.
This Privacy Policy will help you understand the following:
Part One: Definitions
Part Two: Privacy Policy Text
1. The purpose, method, and scope of the APP collecting Android ID, OAID, oaid-sdk, MSA Mobile Security Alliance SDK, DCloud SDK obtaining OAID, Gtc obtaining Android ID, IMEI, IMEI, IMSI, device MAC address, SUPI, SUCI, software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information.
2. How We Collect and Use Personal Information
3. How We Use Cookies and Similar Technologies
4. How We Share, Transfer, and Publicly Disclose Personal Information
5. How We Protect Your Information
6. How You Can Access and Control Your Personal Information
7. Protection of Minors' Information
8. Storage Location of Your Information
9. Developer Information
10. How This Policy Is Updated
11. How to Contact Us
Part One
Definitions
Rictor
:
Refers to the platform through which
Rictor
provides Internet services to users, including the
Rictor
client software,
Rictor
mini-programs on third-party platforms, management backend systems, etc.
Rictor
Operator:
Refers to the provider of Internet information and software technology services for
Rictor
. Please refer to the "
Rictor
Service and Software Usage Agreement
" for the specific business operators on the platform.
Personal Information
: Refers to various information recorded electronically or in other ways that can identify a specific natural person alone or in combination with other information, or reflect the activities of a specific natural person.
Personal Sensitive Information
: Refers to personal information including ID card numbers, personal biometric information, bank account numbers, property information, track information, transaction information, information of children under the age of 14 (inclusive), etc. (We will identify specific personal sensitive information in this Privacy Policy by
bold
for prominence).
Personal Information Deletion
: Refers to the act of removing personal information from the systems involved in achieving daily business functions, making it unrecoverable and inaccessible.
Rictor
Account:
Refers to the membership number or account you registered in accordance with the relevant service agreement with
Rictor
.
Device Information:
Including device model, operating system version, device settings, unique device identifier, MAC address, device environment, mobile application list and other software and hardware characteristic information, as well as sensor information related to the device's location such as GPS location, WLAN access points, Bluetooth, and base stations.
Service Log Information:
Information saved as service logs regarding your detailed use of our services, including browsing, click-throughs, search queries, payments, transactions, after-sales, following/sharing information, publishing information, as well as IP address, browser type, telecom operator, language used, access date and time.
Part Two
Privacy Policy Text
1. The purpose, method, and scope of the APP collecting Android ID, OAID, oaid-sdk, MSA Mobile Security Alliance SDK, DCloud SDK obtaining OAID, Gtc obtaining Android ID, IMEI, IMEI, IMSI, device MAC address, SUPI, SUCI, software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information:
We promise that we will only provide your personal information to third-party SDKs with legitimate qualifications and good reputation, and require these third-party SDKs to strictly comply with the following principles:
Minimum Necessity: Only process your personal information within the scope necessary to achieve the functions or services of the APP;
Clear Purpose: The processing purpose is directly related to the specific scenario of your use of the APP, with no extension beyond the necessary scope;
Security and Control: Take technical measures in line with industry standards (such as encrypted transmission, access control, etc.) to protect the security of your information;
Clear Responsibility: The processing activities of third-party SDKs require your separate consent, and their processing rules must be consistent with the rights you enjoy under this agreement (including but not limited to query, deletion, correction, etc.).
After obtaining your consent, some third-party SDKs may process your personal information for the following purposes. To ensure you are fully informed, we explain them category by category as follows:
(1) Device and Network Information
Information Type: IMEI (International Mobile Equipment Identity), IMSI (International Mobile Subscriber Identity), device MAC address, SUPI (5G network user permanent identifier), SUCI (5G network user concealed identifier).
Processing Purpose: Used for device identity recognition, network connection stability assurance, personalized service push (such as function adaptation based on the device) or anti-fraud risk control (such as identifying abnormal device logins).
Processing Method: Only transmitted to the third-party SDK through the APP backend interface, not shared with other unrelated parties; the SDK will not store it beyond the period necessary to achieve the purpose.
Impact Description: If you refuse such information processing, it may cause some functions that rely on device identification (such as device binding, cross-device synchronization) to be unavailable.
(2) Software and Application Information
Information Type: Software installation list (i.e., the names and versions of other applications installed on your device).
Processing Purpose: Used to analyze user common application scenarios, optimize APP function recommendations (such as recommending collaborative tools based on office applications you have installed) or evaluate the suitability of partner services.
Processing Method: Only provided to the third-party SDK in an anonymized, de-identified manner, cannot be linked to your personal identity; the SDK will not use it for other purposes.
(3) Location and Trajectory Information
Information Type: Real-time location (latitude and longitude), approximate location (city/region).
Processing Purpose: Used for location-based local services (such as nearby merchant recommendations, location check-in), transportation route planning (such as calls by map SDKs) or security verification (such as location verification during remote logins).
Processing Method: Only temporarily obtained when you trigger relevant functions (such as opening the "People Nearby" module), the SDK will not store location data for a long time; we require the SDK to blur the location information (e.g., reduce accuracy to a 500-meter range).
(4) Social and Communication Information
Information Type: Contact list, call history, calendar schedule, SMS content, local phone number.
Processing Purpose: Used for social relationship chain synchronization (such as matching friends from the address book), call/SMS record backup (such as cloud service functions), schedule reminder synchronization (such as cross-device calendar synchronization) or operator service integration (such as one-click login with local number).
Processing Method: Only transmitted after your active authorization (such as checking "Sync Contacts"), and only necessary fields are transmitted (such as contact name + mobile number, excluding sensitive content like remarks); the SDK must cooperate with us to provide a data deletion interface, and you can turn off relevant permissions independently within the APP.
(5) Media and File Information
Information Type: Pictures, audio/video (such as avatars you upload, videos you record).
Processing Purpose: Used for content review (such as filtering illegal information), intelligent recommendation (such as recommending content of similar style based on pictures you upload) or third-party service calls (such as image compression, audio/video transcoding).
Processing Method: The SDK can only obtain specific files authorized by you (such as pictures you actively select), and will delete the original data as required by us after processing is completed; will not use your media content for non-agreed purposes such as advertising marketing.
Message Push Service Provider: Provided by Zhejiang Daily Interactive Network Technology Co., Ltd. (Getui). We may provide your device platform, device manufacturer, device brand, device identification code and other device information, application list information, network information, and location-related information to Zhejiang Daily Interactive Network Technology Co., Ltd. to provide you with message push technical services. When pushing messages to you, we may authorize Zhejiang Daily Interactive Network Technology Co., Ltd. to perform link adjustment and mutually activate the closed SDK push process to ensure you can receive the messages we push to you in a timely manner. For details, please visit the "Getui User Privacy Policy".
Explanation of Third-party SDKs Integrated in the UniPush Module
| SDK Name |
Package Name Info |
Purpose of Use |
Permissions Used |
Personal Information Involved |
Privacy Policy Link |
| Getui Message Push |
com.igexin |
Message Push |
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.READ_PHONE_STATE
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.VIBRATE
android.permission.GET_TASKS
android.permission.QUERY_ALL_PACKAGES
|
Stored personal files, device information (IMEI, MAC, ANDROID_ID, DEVICE_ID, IMSI, SUPI, SUCI, OAID, Android ID, AAID, SSID, BSSID), software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information |
http://docs.getui.com/privacy |
HMS push
Push Kit is a message push platform provided by Huawei, establishing a message push channel from the cloud to the device. By integrating the push service, you can push messages to client applications in real time. Therefore, it is necessary to add relevant descriptions about "HMS push" in the "Privacy Policy".
| SDK Name |
Package Name Info |
Purpose of Use |
Permissions Used |
Personal Information Involved |
Privacy Policy Link |
| Huawei HMS push |
com.huawei.hms |
Huawei Phone Manufacturer Push |
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.FOREGROUND_SERVICE
android.permission.READ_PHONE_STATE
|
Stored personal files, device information (IMEI, MAC, ANDROID_ID, DEVICE_ID, IMSI, SUPI, SUCI, OAID, Android ID, AAID, SSID, BSSID), software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information |
Push Privacy Statement |
Meizu Flyme push
Meizu Push Service is a message push service provided by Meizu Company for developers. Developers can push notifications or messages in real time to clients integrated with Meizu Push SDK, interact with users, and improve activity rates. Therefore, it is necessary to add relevant descriptions about "Flyme push" in the "Privacy Policy".
| SDK Name |
Package Name Info |
Purpose of Use |
Permissions Used |
Personal Information Involved |
Privacy Policy Link |
| Meizu Flyme push |
com.meizu.cloud |
Meizu Phone Manufacturer Push |
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.READ_EXTERNAL_STORAGE
android.permission.WRITE_EXTERNAL_STORAGE
|
Stored personal files, device information (IMEI, MAC, ANDROID_ID, DEVICE_ID, IMSI, SUPI, SUCI, OAID, Android ID, AAID, SSID, BSSID), software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information |
Push Privacy Statement |
OPPO push
Push Service (OPPO PUSH) is a message push service provided by OPPO Company to developers. Through a stable and reliable long connection channel established between the server and the OS side, it provides real-time message push services to APP client applications on the OPPO phone system (ColorOS). Whether the application process exists or not, messages can be received normally. Therefore, it is necessary to add relevant descriptions about "OPPO push" in the "Privacy Policy".
| SDK Name |
Package Name Info |
Purpose of Use |
Permissions Used |
Personal Information Involved |
Privacy Policy Link |
| OPPO push |
com.heytap |
OPPO Phone Manufacturer Push |
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
|
Stored personal files, device information (IMEI, MAC, ANDROID_ID, DEVICE_ID, IMSI, SUPI, SUCI, OAID, Android ID, AAID, SSID, BSSID), software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information |
Push Privacy Statement
|
vivo push
vivo Push (Vpush) is a message push service provided by vivo Company to developers. By establishing a stable and reliable long connection between the cloud and the client, it provides developers with real-time message push services to client applications, supporting billions of notifications/message pushes, reaching mobile users in seconds. Therefore, it is necessary to add relevant descriptions about "vivo push" in the "Privacy Policy".
| SDK Name |
Package Name Info |
Purpose of Use |
Permissions Used |
Personal Information Involved |
Privacy Policy Link |
| vivo push |
com.vivo.push |
vivo Phone Manufacturer Push |
android.permission.INTERNET
|
Stored personal files, device information (IMEI, MAC, ANDROID_ID, DEVICE_ID, IMSI, SUPI, SUCI, OAID, Android ID, AAID, SSID, BSSID), software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information |
Push Privacy Statement
|
Xiaomi MiPush
Xiaomi Push (MiPush) is a message push service provided by Xiaomi Company to developers. By establishing a stable and reliable long connection between the cloud and the client, it provides developers with real-time message push services to client applications, effectively helping developers reach users and improve App activity. Therefore, it is necessary to add relevant descriptions about "Xiaomi push" in the "Privacy Policy".
| SDK Name |
Package Name Info |
Purpose of Use |
Permissions Used |
Personal Information Involved |
Privacy Policy Link |
| MiPush |
com.xiaomi.push |
Xiaomi Phone Manufacturer Push |
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.VIBRATE
|
Stored personal files, device information (IMEI, MAC, ANDROID_ID, DEVICE_ID, IMSI, SUPI, SUCI, OAID, Android ID, AAID, SSID, BSSID), software installation list, location, contacts, call history, calendar, SMS, local phone number, pictures, audio/video and other personal information |
Push Privacy Statement |
APP Payment Client
During the process where third-party applications integrate the App Alipay Client SDK and provide services, in order to ensure the security of your account and funds and the safe and stable operation of the payment service, and to fulfill legal obligations such as anti-money laundering, counter-terrorism financing, and anti-telecom network fraud, we need to collect and use the following personal information of yours: mutable device unique identifier, basic device information, software installation list, and network information. In order to select and optimize the network link to improve user experience, we need to collect and use network information.
| SDK Name |
Developer Information |
Purpose of Use |
Permissions Used |
Personal Information Involved |
Privacy Policy Link |
| APP Payment Client SDK |
Alipay (Hangzhou) Information Technology Co., Ltd. |
a. Ensure the security of user accounts and funds and the safe and stable operation of payment services. b. Fulfill legal obligations such as anti-money laundering, counter-terrorism financing, and anti-telecom network fraud. c. Realize the selection and optimization of network links to improve user experience. |
android.permission.INTERNET
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
|
Android ID, OAID, AAID, SSID, BSSID; system settings, system properties, device model, device brand, operating system; IP address, network type, operator information, Wi-Fi status, Wi-Fi parameters, Wi-Fi list. |
Privacy Statement |
Map SDK
AMap SDK is a set of map development call interfaces. Developers can easily add map-related functions to their Android applications, including: map display (including indoor and outdoor maps), interaction with the map, drawing on the map, POI search, geocoding, offline maps and other functions. Therefore, it is necessary to add relevant descriptions about "Map SDK" in the "Privacy Policy".
| SDK Name |
Developer Information |
Purpose of Use |
Personal Information Involved |
Privacy Policy Link |
| Map SDK |
AutoNavi Software Co., Ltd. |
Map Display |
Information in the privacy statement |
Privacy Statement |
Location SDK
The Location SDK is a simple set of LBS service location interfaces. You can use this set of location APIs to obtain location results, reverse geocoding (address text description), and geofencing functions. Therefore, it is necessary to add relevant descriptions about "Location SDK" in the "Privacy Policy".
| SDK Name |
Developer Information |
Purpose of Use |
Personal Information Involved |
Privacy Policy Link |
| Location SDK |
AutoNavi Software Co., Ltd. |
Location Information |
Information in the privacy statement |
Privacy Statement |
2. How We Collect and Use Personal Information
When you use our products and/or services, we need/may need to collect and use your personal information in the following two ways:
1、
In order to provide you with the basic functions of our products and/or services, you must authorize us to collect and use the necessary information. If you refuse to provide the corresponding information, you will not be able to use our products and/or services normally.
2、
In order to provide you with the additional functions of our products and/or services, you can choose to authorize us to collect and use the information. If you refuse to provide it, you will not be able to use the relevant additional functions or achieve the intended functional effects, but it will not affect your normal use of the basic functions of our products and/or services.
You understand and agree that:
1. We are committed to creating diverse products and services to meet your needs. Because the types of products and services we provide to you are numerous, and the specific product/service ranges chosen by different users vary, accordingly, the types and scope of personal information collected and used for basic/additional functions will differ. Please refer to the specific product/service functions.
2. In order to bring you a better product and service experience, we are constantly striving to improve our technology. Subsequently, we may from time to time introduce new or optimized functions, which may require the collection and use of new personal information or changes in the purpose or method of personal information use. In this regard,
we will separately explain to you the purpose, scope, and method of collection of the corresponding information by updating this Policy, pop-ups, page prompts, etc., and provide you with a way to independently choose to consent, and collect and use it only after obtaining your explicit consent.
3. We may obtain
your third-party account information (avatar, nickname, and other information indicated on the page)
from a third party based on your authorization, and bind it with your
Rictor
account, so that you can directly log in and use our products and/or services through the third-party account. We will use your relevant information within the scope of your authorization and consent.
We will collect and use your personal information to achieve the various functions described below in this Policy.
If you refuse to provide the corresponding information, you will not be able to use the corresponding functions and/or products and/or services:
(I)
Helping You Become a
Rictor
User
1. When you register and log in to
Rictor
, we will obtain your
mobile phone number
based on your authorization.
2. When you use certain services of
Rictor
, real-name authentication is required according to the requirements of the Cybersecurity Law. We need to collect your
ID card information, age, and name.
3. If you are a college student user, when creating an account,
we will also collect your student ID information.
4. You can choose to provide us with photos, gender, industry, company, occupation information, nickname, and avatar information so that we can provide you with better user services.
5. You can choose whether to provide frequently used addresses (including home address and company address). After setting frequently used addresses, you can more conveniently fill in the trip start and end point information, improving service efficiency. If you refuse to set frequently used addresses, you will need to manually enter the trip start and end point information.
(II) Providing You with Goods or Services
1
. When you use
Rictor
services, we will collect the following information from you:
(1) When you use the electric vehicle service, in order to meet legal and regulatory requirements and ensure your safety, Rictor will collect your
identity information (name, ID number, age), mobile phone number,
location information
to verify your
eligibility for using the vehicle
.
If you refuse or are unable to provide the above information,
Rictor
will not be able to provide you with the corresponding service.
(2) As the services or activities configured in each city are different, when you choose the
vehicle usage
service, we will also collect your
location information
. To ensure your riding safety and vehicle safety, we will also collect your
riding trajectory and latitude and longitude information
.
(III) Helping You Complete Payment Transactions
To ensure accurate and timely withdrawal to your account,
we will share your registered
Rictor
account
name, mobile phone number, resident ID number, bank card number for withdrawals, order payment-related information, order security-related device information, and other necessary information required by anti-money laundering laws with the payment institution.
(IV) Customer Service and Dispute Handling
In order to allow you to conveniently use the products and services we provide, promptly answer questions you may have during use, and promptly intervene in disputes between you and product and service providers within
Rictor
, we will provide you with customer service. During your use of customer service,
we will collect the mobile phone number you use when contacting us or other contact methods you actively fill in, relevant order information, and text and call records formed during the contact or transaction process. This information is necessary to locate the service issues you report. If you refuse to provide relevant information, we may not be able to provide you with customer service.
(V) Providing You with Security Assurance
In order to improve the security of the services provided by us and our affiliated companies and partners, protect the personal and property safety of you, other users, or the public from infringement, better prevent security risks such as phishing websites, fraud, network vulnerabilities, computer viruses, network attacks, and network intrusion, and more accurately identify violations of laws and regulations or relevant Rictor agreement rules, we embed application security SDKs in the application to collect your
device information and service log information
, and may use or integrate your
member information
,
transaction information
, and information obtained from our affiliated companies and partners with your authorization or based on law, to comprehensively judge your account and transaction risks, conduct identity verification, detect and prevent security incidents, and take necessary recording, auditing, analysis, and disposal measures in accordance with the law.
(VI) Providing You with Other Additional Services
In order to provide you with more convenient and high-quality products and/or services and strive to improve your experience, we may collect and use your personal information in the following additional services provided to you.
If you do not provide this information, it will not affect your use of basic services such as browsing on
Rictor
,
but you may not be able to obtain the user experience brought by these additional services. These additional services include:
(1) Location-based user services: We will access and obtain your
location information
after you enable the location permission to display the current user's location on the map.
(2) Additional services based on camera: You can use this function to scan codes for login and vehicle use after enabling the camera permission, and take
photos or videos
for evaluation and sharing,
and strictly use it within the scope authorized by you.
(3) Additional services for photo/video access and upload based on the album (photo library/video library): You can use this function to upload your
photos/pictures/videos
after enabling the album permission to achieve functions such as changing avatars, posting comments/sharing, or providing proof to customer service.
(
4
) Additional services based on contact information: We will collect your
contact information
after you enable the contact permission so that you can more conveniently access the contact information in your address book when using Rictor products and/or services without having to enter it manually.
(
5
) Additional services based on calendar: After you enable the permission for us to read/write your calendar, we will collect your
calendar information
to provide you with check-in or claim benefit-related records and reminders.
(
6
) Additional services based on phone state: You need to authorize us to read the
device identifier, for the purpose of
protecting the security of your account and usage.
You understand and agree that the above additional services may require you to enable access to your
location information (geographical location), camera (camera), album (photo library), microphone (voice), contacts, calendar, and/or phone state
in your device to achieve the information collection and use involved in these permissions.
Please note that enabling any permission means you authorize us to collect and use relevant personal information to provide you with the corresponding service. Once you disable any permission, it means you have canceled the authorization, and we will no longer continue to collect and use relevant personal information based on that permission, and we will not be able to provide you with the service corresponding to that permission. However, your decision to close the permission will not affect the information collection and use previously based on your authorization.
(VII) Others
(1) If the information you provide contains personal information of other users, before providing this personal information to
Rictor
, you need to ensure that you have obtained legal authorization.
(2) If we use the information for other purposes not stated in this Policy, or use the information collected for a specific purpose for other purposes, or if we actively obtain your personal information from a third party, we will obtain your consent in advance.
If we indirectly obtain your information from a third party, we will clearly require the third party in writing before collection to have obtained your consent in accordance with the law for the collection of personal information and to inform you of the content of the shared information. For sensitive information, your explicit confirmation is required before providing it to us for use. We require the third party to promise the legality and compliance of the source of personal information. If the third party violates this, we will clearly require the other party to bear corresponding legal responsibilities. At the same time, our professional security team will strengthen the security of personal information (including sensitive information reporting, encrypted storage of sensitive information, access control, etc.). We will use protection methods and measures no less than those we use for our own users' personal information to protect indirectly obtained personal information.
(3) Exceptions to obtaining authorization and consent
You fully understand and agree that we may collect and use your personal information without your authorization and consent in the following circumstances, and we may not respond to your requests for correction/modification, deletion, cancellation, withdrawal of consent, or access to information:
① Related to national security and national defense security;
② Related to public security, public health, and major public interests;
③ Related to criminal investigation, prosecution, trial, and execution of judgments, etc., in judicial or administrative law enforcement;
④ Where it is necessary to protect the life, property, and other major legitimate rights and interests of you or other individuals, but it is difficult to obtain the consent of the person;
⑤ Personal information that you have disclosed to the public on your own;
⑥ Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels.
⑦ Necessary for the conclusion and performance of relevant agreements or other written documents with you;
⑧ Necessary for maintaining the safe and stable operation of the provided products and/or services, for example, discovering and handling failures of products and/or services;
⑨ Necessary for legal news reporting;
⑩ Where academic research institutions are necessary for conducting statistics or academic research based on public interests, and when providing the results of academic research or descriptions to the outside world, the personal information contained in the results is de-identified;
Other circumstances stipulated by laws and regulations.
Please note that, according to applicable laws, if we
process personal information with technical measures and other necessary measures so that the data recipient cannot re-identify a specific individual and cannot restore it, or we may conduct de-identified research, statistical analysis, and prediction on the collected information to support business decisions and improve our products and services (including using anonymous data for machine learning or model algorithm training), then the use of such processed data does not require separate notification to you or obtaining your consent.
(4) If we stop operating the
Rictor
product or service, we will promptly stop continuing to collect your personal information, notify you of the suspension of operations by individual delivery or announcement, and delete or anonymize the personal information we hold related to the discontinued business.
3. How We Use Cookies and Similar Technologies
(I) Cookies
To ensure the normal operation of the application and to provide you with a easier access experience, we will store
Cookies, Flash Cookies, or other local storage provided by the browser (or associated applications) that usually contain identifiers, site names, and some numbers and characters (collectively referred to as "Cookies") on your mobile device. With the help of Cookies, the application can store your preferences and other data.
If your browser or browser additional services allow, you can modify the acceptance level of Cookies or refuse our
Cookies.
But if you do this, it may affect your secure access to our website in some cases, and you may need to change user settings every time you visit our website.
(II) Cookie Similar Technologies
In addition to
Cookies
, we also use website beacons, pixel tags, ETags and other similar technologies on the website.
For example, the emails we send to you may contain links to our website content. If you click the link, we will track this click to help us understand your product or service preferences so that we can proactively improve the customer service experience. Website beacons are usually transparent images embedded in websites or emails. With the help of pixel tags in emails, we can know whether the email has been opened. If you do not want your activities to be tracked in this way, you can unsubscribe from our mailing list at any time.
ETag (entity tag) is an HTTP protocol header transmitted between the internet browser and the internet server, which can replace Cookies. ETag can help us avoid unnecessary server load, improve service efficiency, and save resources and energy. At the same time, we may use ETag to record your identity so that we can understand and improve our products or services more deeply.
Most browsers provide users with the function to clear browser cache data. You can perform corresponding data clearing operations in the browser settings function.
But please note that if you disable ETag, you may not be able to enjoy a relatively better product or service experience.
4. How We Share, Transfer, and Publicly Disclose Personal Information
(I) Sharing
Usually we do not share your personal information with entities other than
Rictor
.
However, in the following circumstances, in order to complete the service you requested, optimize our service, or meet regulatory or judicial needs, we will share your personal information with other entities:
1. Sharing under statutory circumstances: In accordance with relevant laws and regulations, for the needs of litigation activities, or to meet the requirements put forward by administrative or judicial organs, we will share your personal information externally.
2. Sharing when you actively choose or explicitly consent:
We may share your account information with third parties after obtaining your consent, so that you can conveniently register or log in to third-party accounts.
For example, if you actively purchase goods or services through
Rictor
, we will share your order information and transaction-related necessary information with the relevant goods or service providers according to your choice to realize your demand for purchasing goods or services from them and enable them to complete subsequent after-sales services. For example:
"When you purchase an electric vehicle on the
Rictor
electric vehicle platform, we will provide your order information to the merchant you designate to provide services for you, so that the merchant can provide you with services in a timely manner".
3. Sharing with affiliated companies:
In order to facilitate our affiliated companies to provide you with services based on the
Rictor
account, and to protect the personal and property safety of
Rictor
affiliated companies, other users, or the public from infringement, your personal information may be shared with
Rictor
affiliated companies and/or their designated service providers.
We will only share necessary personal information,
and it is subject to the purposes stated in this Policy.
If
Rictor
affiliated companies change the purpose of use and processing of personal information, we will obtain your consent again by push notification or similar means before sharing.
In order to improve information processing efficiency, reduce information processing costs, or improve information processing accuracy,
we may entrust capable affiliated companies to process user information on our behalf.
However, we will require the entrusted company to comply with strict confidentiality obligations and take effective confidentiality measures through written agreements, on-site audits, etc., and prohibit them from using this information for purposes not authorized by you. When the entrustment relationship is terminated, the entrusted company will no longer retain your personal information.
4. Sharing with authorized partners:
We will entrust partners to perform some functions or provide you with certain services
to achieve the personal information collection and use purposes stated in this Policy. We will only share your information for legal, legitimate, necessary, specific, and clear purposes.
Authorized partners can only access the personal information necessary to provide the service and cannot use this information for any other purpose.
We will agree on strict data protection measures with authorized partners, requiring them to process personal information in accordance with our entrustment purposes, service descriptions, this Privacy Policy, and any other relevant confidentiality and security measures.
Our partners include the following categories:
(1) Financial, credit services and other partners. According to the agreements or documents you sign with such partners, or based on the requirements of laws and regulations, legal procedures, or mandatory requirements of government departments, judicial judgments, or legitimate requirements of financial and credit review institutions, we will comprehensively statistics, analyze or process your personal information, and share the processing results with partners to determine your credit status, screen high-quality users, or reduce credit bad debts, etc.
(2) Third-party system service providers. Such partners provide application plug-in services through
Rictor
. When you use such plug-in services, we will provide the information you authorized or the information necessary to provide the service to such partners. For example, when you use the booking plug-in, a booking order will be generated, and we need to synchronize your contact information, booking information, etc. with the service provider so that you can book the services you need from the merchant.
(3) Tool software providers. In order to enable you to receive information push, share information on third-party platforms, use map services, play videos and other necessary functional purposes,
our applications will embed SDKs or similar applications of authorized partners.
For example, when you use Huawei/Xiaomi/Meizu phones, Huawei/Xiaomi/Meizu Push SDK needs to read your device identifier and network-related information to push/send notification bar messages; if you use the function of sharing information to third-party platforms such as WeChat, the relevant SDK will collect your device identifier and network-related information; if you use the map service provided by AutoNavi, the AutoNavi SDK requires you to turn on the device location permission and collects information related to the device's location, device identifier, and network-related information. We will conduct strict security detection on the application programming interfaces (APIs) and software development kits (SDKs) used by authorized partners to obtain relevant information.
(II) Transfer
We will not transfer your personal information,
but when you explicitly agree to the transfer, or when
Rictor
undergoes business restructuring, merger, division, acquisition, bankruptcy, etc., if personal information transfer is involved, we will require the new company or organization holding your personal information to continue to be bound by this Policy. Otherwise, we will require the new entity to obtain your consent again.
(III) Public Disclosure
We will not publicly disclose your personal information, except in the following circumstances:
1. Personal information that you explicitly agree or require to be disclosed.
2.
If we determine that you have violated laws and regulations or seriously violated
Rictor
's relevant agreements and rules, or to protect the personal and property safety of
Rictor
users or the public from infringement, we may disclose your personal information in accordance with the law or with your consent,
including relevant violations and the measures
Rictor
has taken against you.
(IV) Exceptions to Obtaining Authorization and Consent for Sharing, Transferring, and Publicly Disclosing Personal Information
In the following circumstances, sharing, transferring, and publicly disclosing your personal information does not require prior authorization and consent from you:
1. Related to national security and national defense security;
2. Related to public security, public health, and major public interests;
3. Related to criminal investigation, prosecution, trial, and execution of judgments, etc.;
4. Where it is necessary to protect the life, property, and other major legitimate rights and interests of you or other individuals, but it is difficult to obtain the consent of the person;
5. Personal information that you have disclosed to the public on your own;
6. Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels.
Please note that, according to applicable laws, if we
process personal information with technical measures and other necessary measures so that the data recipient cannot re-identify a specific individual and cannot restore it, then the sharing, transfer, and public disclosure of such processed data does not require separate notification to you or obtaining your consent.
5. How We Protect Your Information
(I) We have adopted reasonable and feasible security protection measures in line with industry standards to protect your information and prevent personal information from unauthorized access, public disclosure, use, modification, damage, or loss. We use encryption technology to improve the security of personal information; we use trusted protection mechanisms to prevent personal information from malicious attacks; we deploy access control mechanisms to try to ensure that only authorized personnel can access personal information; we hold security and privacy protection training courses to strengthen employees' awareness of the importance of protecting personal information.
(II) We have an industry-leading data security management system centered on data and surrounding the data lifecycle, improving the security of the entire system from multiple dimensions such as organizational construction, system design, personnel management, and product technology.
(III) We will take reasonable and feasible measures to try to avoid collecting irrelevant personal information.
We will only retain your personal information for the period necessary to achieve the purposes described in this Policy, unless there is a mandatory storage requirement by law,
such as the "E-Commerce Law of the People's Republic of China" requiring that commodity and service information and transaction information be saved for not less than three years from the date of transaction completion. The criteria we use to determine the aforementioned period include:
1. Completing the transaction purpose related to you, maintaining corresponding transaction and business records, and responding to your possible queries or complaints;
2. Ensuring the security and quality of the services we provide to you;
3. Whether you agree to a longer retention period;
4. Whether there are other special agreements on the retention period.
After the retention period of your personal information expires, we will delete your personal information as required by applicable laws or anonymize it.
(IV) The Internet is not an absolutely secure environment. When using
Rictor
services,
we strongly recommend that you do not use non-
Rictor
-recommended communication methods to send your information.
You can establish contacts and share with each other through our services. When you create communication, transactions, or sharing through our services, you can independently choose the object of communication, transaction, or sharing. As a third party who can see your transaction content, contact information, communication information, or sharing content and other related information.
When using
Rictor
services for online transactions, you will inevitably disclose your personal information to the transaction counterparty or potential transaction counterparty, such as
contact information
. Please protect your personal information properly and only provide it to others when necessary. If you find that your personal information, especially your account or password, has been leaked, please contact the
Rictor
Security Service Center immediately so that we can take corresponding measures according to your application.
Please note that the information you voluntarily share or even publicly share when using our services may involve your or others' personal information or even personal sensitive information. Please consider more carefully whether to share or even publicly share relevant information when using our services.
Please use complex passwords to help us ensure the security of your account. We will do our best to ensure the security of any information you send to us. If our physical, technical, or management protection facilities are damaged, resulting in information being unauthorized accessed, publicly disclosed, tampered with, or destroyed, causing damage to your legitimate rights and interests, we will bear corresponding legal responsibilities.
(V) We will update and publicly disclose security risks, personal information security impact assessment reports and other relevant content from time to time. You can obtain them through
Rictor
announcements.
(VI) In the unfortunate event of a personal information security incident, we will inform you in accordance with the requirements of laws and regulations: the basic situation of the security incident and its possible impact, the measures we have taken or will take, suggestions for you to prevent and reduce risks on your own, and remedies for you. We will inform you of the relevant situation of the incident by email, letter, phone, push notification, etc. If it is difficult to inform each personal information subject individually, we will issue an announcement in a reasonable and effective manner.
At the same time, we will also report the handling of personal information security incidents to the regulatory authorities as required.
6. How You Can Access and Control Your Personal Information
To facilitate your access and control of your personal information, and to protect your right to withdraw your consent, we have set up corresponding functions in the products or services provided by
Rictor
. You can use the following functions to access and control your personal information:
(I) Access Your Personal Information
Unless otherwise provided by laws and regulations, you have the right to access your personal information:
1. Account information: Since
Rictor
currently only supports
Rictor
account login, if you wish to correct, supplement, or delete account information, you can do so in the
Rictor
APP
or mini-program;
2. Order information: You can view your order information in "Me - Orders", but to protect your legitimate rights and interests, you cannot delete unused orders;
3. Evaluation information: You can view or delete your evaluation information in "Me - Evaluations" or "Personal Homepage".
Please note that after you delete relevant information, we will not display the information you have deleted on your platform interface. We will save the information until the statutory period expires as required by applicable laws and then delete it as soon as possible or de-identify it.
(II) Correct or Supplement Your Account Information
The account information you use to log in to
Rictor
all comes from your
Rictor
APP & mini-program
account. Therefore, if you need to correct or supplement relevant personal information in your account, you can do so in the
Rictor
APP & mini-program.
(III) Delete Your Other Personal Information
You can clear your product or service order information, search information, visited store information, and evaluation information, etc., according to the methods listed in "Access Your Personal Information".
In the following circumstances, you can request us to delete personal information:
1. If our collection and use of personal information violates legal provisions;
2. If our collection and use of personal information has not obtained your explicit consent;
3. If our collection and use of personal information seriously violates the agreement with you;
4. If you no longer use our products or services, or you actively cancel your account;
5. If we permanently no longer provide you with products or services.
After verifying your identity, we will delete your personal information within a reasonable time limit, and we will do our best to notify the entities that obtained your personal information from
Rictor
to delete the relevant information in a timely manner.
After you or we assist you in deleting relevant information, due to applicable legal and security technical limitations, we may not be able to immediately delete the corresponding information from the backup system. We will securely store your personal information and further isolate it until the backup can be cleared or anonymized.
(IV) Withdraw or Change Your Authorization
You can set and modify the mobile phone permissions allowed to be accessed by the
Rictor
client through your phone's own permission settings.
Your withdrawal or change of your authorization will not affect the previous personal information collection and use activities based on your authorization.
(V) Cancel Your Account
Rictor
uses the
Rictor
account to provide you with services.
If you need to cancel your account, you can log in to the
Rictor
client and follow the
Rictor
account cancellation process to cancel your
Rictor
account. You can also call the
Rictor
customer service phone number for consultation.
(VI) Restrict Automated Decision-Making by Information Systems
In some business functions, we may make decisions solely based on non-human automated decision-making mechanisms, including information systems and algorithms. If these decisions significantly affect your legitimate rights and interests, you have the right to request an explanation from us, and we will also provide a method for appeal without infringing
Rictor
's trade secrets or the rights and interests of other users or the public interest.
(VII) Responding to Your Above Requests
To ensure security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request.
We will respond within 15 days. If you are not satisfied, you can also file a complaint through
Rictor
customer service.
For your reasonable requests, In principle, we do not charge fees, but for repeated requests that exceed a reasonable limit, we will charge a certain fee at our discretion. For information not directly related to your identity, unreasonably repeated information, or requests that require excessive technical means (for example, requiring the development of new systems or fundamental changes to current practices), pose risks to the legitimate rights and interests of others, or are impractical, we may refuse.
In the following circumstances, in accordance with legal and regulatory requirements, we will be unable to respond to your request:
1. Related to national security and national defense security;
2. Related to public security, public health, and major public interests;
3. Related to criminal investigation, prosecution, trial, and execution of judgments, etc.;
4. There is sufficient evidence that the personal information subject has subjective malice or abuses rights;
5. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations;
6. Involving trade secrets.
7. Protection of Minors' Information
We only accept users with corresponding capacity for civil conduct to register and use our services, so we presume that you have the corresponding capacity for civil conduct. If you are a minor, we require you to ask your parents or guardians to read this Privacy Policy carefully and use our services or provide information to us only with the consent of your parents or guardians.
If you are the parent or other guardian of a child, please pay attention to whether the child under your guardianship is using our services after obtaining your authorization and consent. If you have any questions about the personal information of the child under your guardianship, please contact us through the contact methods in this Privacy Policy.
8. Storage Location of Your Information
The personal information collected and generated during our operations within the territory of the People's Republic of China is stored within China.
9. Developer Information
Developer Name (Nanjing Kuailun Intelligent Technology Co., Ltd.)
10. How This Policy Is Updated
This Privacy Policy may be changed from time to time.
Without your explicit consent, we will not restrict the rights you should enjoy under this Privacy Policy. We will publish changes to the Privacy Policy on a dedicated page.
For major changes, we will also provide more prominent notice (including we will notify you through
Rictor
announcements or even provide you with pop-up prompts).
Major changes referred to in this Policy include but are not limited to:
1. Major changes in our service model. Such as the purpose of processing personal information, the type of personal information processed, the way personal information is used, etc.;
2. Major changes in our control rights, etc. Such as changes in information controllers due to mergers and acquisitions, restructuring, etc.;
3. The main objects of personal information sharing, transfer, or public disclosure change;
4. Your rights regarding personal information processing and how you exercise them undergo major changes;
5. The department responsible for processing personal information security, contact information, and complaint channels change;
6. The personal information security impact assessment report indicates high risks.
11. How to Contact Us
You can contact us in the following ways, and we will reply to your request within 15 days:
1. If you have any suggestions for us or other questions related to privacy protection, you can contact us by sending an email to service@xiaoyi-tech.com
or by calling the
Rictor
customer service hotline
400-186-1968
.
2. You can also mail your questions directly to the following address:
2nd Floor, Building B4, Hongfeng Science and Technology Park, Nanjing Economic and Technological Development Zone
Rictor
(Recipient)
Postal Code: 210000
After receiving your question, we will process the issue you reported after verifying your identity and reply to you promptly.
Policy Effective Date: January 1, 2024