CYCPLUS User Privacy Policy

Version Update Date: October 21, 2024

Version Effective Date: September 10, 2024

This policy applies only to the CYCPLUS App products or services of Chengdu Morning Electric Intelligent Technology Co., Ltd. (hereinafter referred to as 'Morning Electric' or 'we')

The contents of this policy are as follows:
1. How we collect and use user information 2. How we share, transfer, and publicly disclose user information 3. How we protect user information 4. User rights 5. How we handle children's personal information 6. How user information is stored and transferred globally 7. How this policy is updated 8. How to contact us. To ensure the security of user information, we adhere to the following principles to protect your user information: principle of responsibility consistency, principle of clear purpose, principle of choice and consent, principle of minimum necessity, principle of ensuring security, principle of subject participation, principle of openness and transparency, etc. At the same time, we commit to taking appropriate security protection measures in accordance with mature industry security standards to protect your user information.
Please read and understand this privacy policy carefully before using our products (or services).

1. How We Collect and Use User Information
   1.1. The information we collect and use during your use of our products or services will only be for the business functions described in this policy. The purpose of collecting user information is to provide you with products or services. You have the right to choose whether to provide this information, but in most cases, if you do not provide it, we may not be able to provide you with the corresponding services or respond to the issues you encounter: When you use our services, you allow us to collect the information you provide to us or that is necessary for providing you with services, including: 1. Android ID collection: Users copy androidId to provide feedback to customer service and inquire about the progress of issues. 2. Bluetooth Permission: Obtained for connecting device products with the App. 3. Mobile Information Permission: Obtained for uploading log files. 4.Clipboard Function: Allows s to quickly copy their User ID for feedback submission.

The user information we collect is used to help you connect to smart hardware and analyze issues related to abnormal App usage. The information you provide above will continue to authorize us to use during your use of this service. When you stop using the push service, we will cease to use and delete the above information. We guarantee that we will legally de-identify or anonymize the collected user information. Information that cannot be used alone or in combination with other information to identify an individual's personal identity does not constitute personal information in the legal sense. If we combine non-personal information with other information that identifies your personal identity, or use it in conjunction with your personal information, we will treat and protect such information as your personal information in accordance with this privacy policy during the period of combined use. In order to better operate and improve our technology and services, or due to changes in business strategies, when the collection, use, or processing of user information required for the products or services we provide exceeds the aforementioned scope, or when we intend to use the collected user information for purposes not stated in this Privacy Policy, or when we intend to use information collected for specific purposes for other purposes, we will notify you within a reasonable period after obtaining user information or before processing user information, and obtain your authorization and consent.

1.2. Exceptions for Obtaining Authorization and Consent Please understand that, according to laws, regulations, and relevant national standards, in the following circumstances, we do not need to obtain your authorization and consent to collect and use your user information:

1. Directly related to national security and defense security;

2. Directly related to public safety, public health, and significant public interest;

3. Directly related to criminal investigation, prosecution, trial, and judgment enforcement;

4. Necessary for safeguarding significant legal rights and interests of you or other individuals, but difficult to obtain consent;

5. The user information collected is publicly disclosed by you;

6. User information collected from legally publicly disclosed information, such as legitimate news reports, government information disclosures, etc.;

7. Necessary for signing or performing contracts at your request;

8. Necessary for maintaining the secure and stable operation of software and related services, such as discovering and addressing software and service failures; 9. The personal information controller is the news organization, and it is necessary for conducting legitimate news reporting;

10. Academic research institutions may conduct statistical or academic research based on public interest, and when providing external academic research or descriptive results, they shall de-identify the personal information contained in the results.

11. Other circumstances as stipulated by laws and regulations.

1.3. Instructions on the use of third-party SDK permissions
•Com.tencent.bugly (Bugly; Tencent Bugly) is used for logging severe errors that occur during the use of this product's functions; please read the 'Tencent Bugly Privacy Policy Agreement' carefully.

https://static.bugly.qq.com/bugly-sdk-privacy-statement.pdf

•AppCenter is used to detect crash data of this product's functions, facilitating subsequent optimization;

https://appcenter.ms/sign-in?original_url=%2Fapps

• WeChat Open Platform SDK is used for quickly jumping to WeChat to send fault information, enhancing user experience ;

https://support.weixin.qq.com/cgi-bin/mmsupportacctnodeweb-bin/pages/RYiYJkLOrQwu0nb8

•TalkingData SDK

Purpose of use: We collect your information for personalized services, data analysis, product improvement, security assurance, and compliance with legal requirements.

Usage Scenarios: We collect and use information in the following situations: device connection results, firmware upgrades, and click upgrade results, etc.

Sharing Method: SDK collects data locally, without involving data sharing

Third Party Name: Beijing Tengyun Tianxia Technology Co., Ltd.

Collected Information: Unique device identifiers (OAID and Android ID), IP address, IDFV, IDFA; other basic data related to applications, devices, and networks; MEID, IMEI, Mac information; application list; Network Information (Connection status of WiFi network or mobile network, BSSID or SSID information of connected WiFi); Location Information (Latitude and Longitude, Base Station SystemID, NetworkID, BasestationID)

Information Types: Basic Personal Information, Optional Personal Information

https://www.talkingdata.com/privacy.jsp

2.How We Share, Transfer, and Disclose Your User Information
2.1. Sharing We will not share your user information with any other companies, organizations, or individuals, except in the following situations:

1.Sharing with explicit consent: After obtaining your explicit consent, we will share your user information with other parties.

2.We may share your user information externally in accordance with legal regulations or mandatory requirements from government authorities.

3. Sharing with our affiliated companies: Your user information may be shared with our affiliated companies. We will only share necessary user information, and it will be subject to the purposes stated in this privacy policy. If affiliated companies wish to change the purpose of processing user information, they will seek your authorization and consent again.

4. Sharing with authorized partners: Certain services will be provided by authorized partners solely to achieve the purposes stated in this policy. We may share some of your user information with partners to provide better customer service and user experience. We will only share your user information for legitimate, lawful, necessary, specific, and clear purposes, and we will only share the user information necessary to provide the service. To better operate and improve technology and services, you agree that we and authorized partners may use the collected information for other services and purposes in compliance with relevant laws and regulations.

2.2. Transfer We will not transfer your user information to any company, organization, or individual, except in the following circumstances:

1. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your user information to other parties;

2. In the event of mergers, acquisitions, or bankruptcy liquidation, if user information transfer is involved, we will require the new company or organization holding your user information to continue to be bound by this privacy policy; otherwise, we will require that company or organization to seek your authorization consent again.

2.3. We will only disclose your user information in the following circumstances:

1. After obtaining your explicit consent;

2. Based on legal disclosure: We may disclose your user information in cases where required by law, legal proceedings, litigation, or mandatory requests from government authorities.

2.4. Exceptions to obtaining prior authorization consent for sharing, transferring, or publicly disclosing information: Please understand that according to laws, regulations, and relevant national standards, we do not need to obtain your authorization consent in the following situations when sharing, transferring, or publicly disclosing your user information:

1. Directly related to national security and defense security;

2. Directly related to public safety, public health, and significant public interest;

3. Directly related to criminal investigation, prosecution, trial, and judgment enforcement;

4. To maintain your or other individuals' significant legal rights and interests related to life, property, etc., but where it is difficult to obtain consent;

5. Information that you have publicly disclosed to the public;

6. Information collected from legally publicly disclosed sources, such as legitimate news reports, government information disclosures, and other channels.

3. How We Protect Your User Information
1. We have implemented security measures that meet industry standards to protect the user information you provide, preventing unauthorized access, public disclosure, use, modification, damage, or loss of data. We will take all reasonable and feasible measures to protect your user information. For example, data exchanged between your browser and the 'Service' is protected by SSL encryption; we also provide HTTPS secure browsing for the website; we will use encryption technology to ensure the confidentiality of data; we will employ trusted protection mechanisms to prevent data from malicious attacks; We will deploy access control mechanisms to ensure that only authorized personnel can access user information; Additionally, we will conduct security and privacy protection training courses to enhance employees' awareness of the importance of protecting user information.

2. We will use encryption technology to ensure the confidentiality of data transmission and storage. We will use trusted protection mechanisms to prevent data and the servers storing data from malicious attacks.

3. We will implement access control mechanisms to ensure that only authorized personnel can access personal information; and based on business needs and personnel hierarchy, control the number of authorized personnel and implement tiered permission management for authorized personnel; Access to personal data will be logged and regularly audited by administrators.

4. We will rigorously select business partners and service providers, ensuring that requirements for personal information protection are incorporated into both parties' business contracts or audits, assessments, and other activities.

5. We will conduct training courses, tests, and promotional activities on security and privacy protection to enhance employees' awareness of the importance of protecting personal information. In summary, we will do our utmost to protect your personal information. Nevertheless, no measures can be foolproof, and no product or service, website, data transmission, computer system, or network connection is absolutely secure. In the unfortunate event of a personal information security incident, we will inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the measures we have taken or will take, suggestions for you to autonomously prevent and mitigate risks, and remedies available to you. We will inform you of the relevant circumstances of the incident via email, text message, push notification, etc. If it is difficult to inform each individual information subject, we will take reasonable and effective measures to publish an announcement. At the same time, we will report the handling of personal information security incidents as required by regulatory authorities.

4. Your Rights
In accordance with relevant laws, regulations, standards in China, and practices in other countries and regions, we guarantee you the following rights regarding your user information:

4.1. Access to Your User Information You have the right to access your user information, except in cases specified by laws and regulations. If you wish to exercise your right to access data, you can log in directly to the CYCPLUS App to access it. If you are unable to access this user information through the above link, you can send an email to steven@cycplus.com. We will respond to your access request within 15 days.
4.2. Correction of Your User Information When you find that the user information we process about you is incorrect, you have the right to request us to make corrections. You can send an email to steven@cycplus.com. We will respond to your correction request within 30 days.

4.3. Deletion of Your User Information You may request the deletion of user information in the following circumstances:

1. If our processing of user information violates laws and regulations;

2. If we collect or use your user information without obtaining your consent;

3. If our processing of user information violates the agreement with you;

4. If you no longer use our products or services, or if you cancel your account;

5. If we no longer provide products or services to you. We will evaluate your deletion request, and if it meets the relevant regulations, we will take appropriate steps to process it. When you submit a deletion request, we may ask you to verify your identity to ensure the security of your account. After you delete information from our service, due to applicable laws and security technologies, we may not immediately delete the corresponding information from backup systems; we will securely store your information until the backup can be cleared or anonymized.
4.4. Changing the Scope of Your Authorized Consent Each business function requires some basic user information to be completed (see 'Section One' of this policy). You can grant or withdraw your authorized consent for the collection and use of user information at any time. Once you withdraw your consent, we will no longer process the corresponding user information. Please also note that revoking your consent may lead to certain consequences, such as our inability to continue providing you with the corresponding services or specific functions. However, your decision to withdraw consent will not affect the processing of user information that was conducted based on your prior authorization.

4.5. User Information Subject Account Cancellation You may cancel your previously registered account at any time, and you can do so through the CYCPLUS App. Steps: After logging in, go to My Page --> About App --> Cancel Account. The cancellation of the account will take effect immediately upon confirmation. We will stop providing you with products or services and, at your request, delete or anonymize your information, unless otherwise provided by laws and regulations. This may also result in you losing access to the data in your account, so please proceed with caution.

4.6. User Information Subject Obtaining User Data You have the right to obtain a copy of your user information, and you can authorize data synchronization to third-party platforms through the CYCPLUS App. Provided that it is technically feasible, for example, if the data interfaces match, we can also, at your request, directly transfer your data to the third party you designate.

4.7. Constraints on Automated Decision-Making by Information Systems In certain business functions, we may make decisions solely based on non-human automated decision-making mechanisms, including information systems and algorithms. If these decisions significantly affect your legal rights and interests, you have the right to request an explanation from us, and we will provide appropriate remedies.

4.8. In response to your above request, for security reasons, you may need to provide a written request or otherwise prove your identity. We may first require you to verify your identity before processing your request. We will respond within fifteen days. For your reasonable requests, we generally do not charge fees; however, for repeated requests that exceed reasonable limits, we will charge a certain cost based on the situation. For those requests that are groundless, require excessive technical means (such as needing to develop new systems or fundamentally change existing practices), pose risks to the legal rights of others, or are extremely impractical, we may refuse. Please also understand that, for security reasons, compliance with relevant laws and regulations, or technical limitations, we may not be able to respond to certain requests of yours, such as the following situations:

1. Related to the obligations of the user information controller as stipulated by laws and regulations;

2. Directly related to national security and defense security;

3. Directly related to public safety, public health, and significant public interest;

4. Directly related to criminal investigations, lawsuits, trials, and the execution of judgments;

5. The user information controller has sufficient evidence to indicate that the subject of user information has subjective malice or abuses rights;

6. For the protection of significant legal rights and interests of the subject of user information or other individuals, but it is difficult to obtain their consent;

7. Responding to requests from the subject of user information will result in serious damage to the legal rights and interests of the user information subject or other individuals and organizations;

8. Involving trade secrets.
5. How We Handle Children's Personal Information
We take the protection of children's personal information very seriously. Our products, website, and services are primarily aimed at adults. Children should not create their own user accounts without the consent of a parent or guardian. Although local laws and customs define children differently, we consider anyone under the age of 14 to be a child. For cases where children's user information is collected with the consent of a parent or guardian, we will only store, use, or disclose this information when legally permitted, with the explicit consent of the parent or guardian, or when necessary to protect the child; otherwise, we will endeavor to delete the relevant data as soon as possible. Given the limitations of existing technology and business models, it is difficult for us to proactively identify children's personal information. If you discover that we have collected children's personal information without knowledge or without prior verifiable parental consent, you can contact us promptly, and we will make efforts to delete it in a timely manner upon discovery. If we discover such circumstances ourselves, we will also delete it promptly, except where the law requires us to retain it.
6. How your user information is stored and transferred globally
In principle, user information collected and generated within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China. We will only retain your user information for the duration necessary for the purposes and uses described in this policy and for the shortest period required by laws and regulations. After the above retention period, we will delete your user information or anonymize it in accordance with applicable laws and regulations. Unless otherwise provided by laws and regulations, or for the purposes of public interest, scientific historical research, etc., or with your separate authorization and consent, we may need to retain relevant data for a longer period. As we provide products or services through resources and servers located globally, this means that, with your authorization and consent, your user information may be transferred to jurisdictions outside the country/region where you use the products or services, or accessed from these jurisdictions. Such jurisdictions may have different data protection laws, or may not have relevant laws at all. In such cases, we will ensure that your user information is afforded adequate protection equivalent to that within the People's Republic of China. For example, we will request your consent for the cross-border transfer of user information, or implement security measures such as data de-identification prior to cross-border data transfers.

7: How This Policy is Updated
Our privacy policy may change. Without your explicit consent, we will not reduce the rights you are entitled to under this privacy policy. We will publish any changes made to this policy on this page. For significant changes, we will also provide more prominent notifications. Significant changes referred to in this policy include but are not limited to:

1.A significant change in our service model. Such as the purpose of processing user information, the types of user information processed, the ways in which user information is used, etc.

2. Significant changes in our ownership structure, organizational structure, etc. Such as changes in ownership due to business adjustments, bankruptcy mergers and acquisitions, etc.;

3. The main parties to whom user information is shared, transferred, or publicly disclosed change;

4. There are significant changes in your rights regarding user information processing and how to exercise those rights;

5. When there are changes in the department responsible for handling user information security, contact methods, and complaint channels;

6. When the user information security impact assessment report indicates the presence of high risk.

8. How to Contact Us
If you have any questions, comments, or suggestions regarding this privacy policy, please contact us via email at steven@cycplus.com, and we will respond within thirty days.