Update date: Aug 21, 2021
Effective date: Aug 21, 2021
You are welcome to choose the products or services provided by Wuhan CLOUD PINE Technology Co., Ltd. (hereinafter referred to as "we" or "CLOUD PINE"). This policy explains to you the collection, use, storage and sharing of personal information, as well as the related rights you enjoy when you use our products or services.
If you have any questions, comments or suggestions, please contact us in the following ways:
E-mail: law@carbit.com.cn
Tel.: 027-59586633
This policy will help you understand the following:
CLOUD PINE is fully aware of the importance of personal information and will do our best to keep the personal information secure and reliable. We are committed to maintaining your trust in us, abiding by the following principles, and protecting your personal information: consistent rights and responsibilities, clear purposes, consent selection, minimum sufficiency, security assurance, subject participation, openness and transparency, etc. At the same time, CLOUD PINE promises that we will take corresponding security measures to protect your personal information according to the mature security standards in the industry.
Please read this Privacy Policy carefully before using our products (or services).
I. How to Collect and Use Personal Information
(I) How to collect personal information
We will collect and use your personal information for the following purposes stated in this policy:
1. Register as a user of CLOUD PINE products or services
When you use the navigation function of the product, you need to provide us with your Google account for the user to log in.
After you cancel your account, we will stop providing you with the navigation function and corresponding services. You can contact us to delete your personal information. Otherwise, we will delete your personal information or carry out anonymization according to the requirements of applicable laws.
2. Provide you with products or services
1) Information you provide for us
A. When you use the "navigation" function, you need to authorize us the rights of "positioning" and "location information". After your authorization, we will read your precise location information and longitude and latitude, and provide navigation services according to the functions you need to use.
B. When you use the "local music" function, you need to authorize us with "storage, reading and writing" or "multimedia" rights, so that we can read local music, thus you can listen to personal songs while driving.
When you use the information publishing, instant messaging and other services in this software, you should provide us with true identity information; otherwise, we will not provide you with relevant services. In the process of using services, you can give feedback on the experience of our products and services, so as to help us better understand your experience and needs of using our products or services and improve our products or services.
2) Information we collect during your use of the services
We will collect information about your use of products and services, and ways of using them, and correlate the information to improve our services, including:
A. Equipment information: According to the specific authority granted by you during the installation and use of software, we will receive and record the relevant information of the equipment you use (including software and hardware feature information such as equipment model, operating system version, equipment settings and unique equipment identifier) and the relevant information of the equipment location (such as IP address, MAC address, GPS location information and sensor information such as Wi-Fi access point, Bluetooth and base station that can offer relevant information).
B. Log information: When you use the products or services provided by our website or client, we will collect your detailed usage of our services and save them as relevant network logs. For example, your search query content, software list, MAC address, language used, access date and time, your access record, call status generated from the application, etc. Please note that individual device information, log information, etc. are information that cannot identify the identity of a specific natural person. If we combine this kind of non-personal information with other information to identify the identity of a specific natural person, or use it with personal information, this kind of non-personal information will be regarded as personal information during combination and use, and we will anonymize and de-identify this kind of personal information unless authorized by you or otherwise stipulated by laws and regulations.
C. When you use the navigation function, we need to obtain your Google account information, Google pay payment status and Google ID information for your authorized login, judging whether you can continuously use navigation services, and distinguishing different users respectively. Obtaining the information of these three items can provide you with navigation and T-BOX split screen services.
D. When you contact us, we may save the communication/call records and contents generated in the application or the contact information left by you, so as to contact you or help you solve problems, or record the solutions and results of related problems.
E. When you use the product services to perform certain operations (for example, adding friends to your group), we may send notifications to you or others; for the third-party application services that you open and use on the service open platform, we will collect relevant information when you start the application and handle it according to this privacy policy.
F. When you use the third-party SDK integrated with this software, the third party may require you to provide corresponding personal information that is a must to provide this function. Please read the Privacy Policy of the third party carefully before using this function. If you disagree, you can choose to stop using this function. At present, SDKs integrated with the software include Umeng + Statistical Analysis, mapbox, bugly.
| SDK name | SDK service type | Collect personal information field | Data security capabilities of SDK service providers | SDK privacy policy links |
| Umeng + Statistical Analysis SDK | Provide system analysis services and basic anti-cheating services for APP | Device MAC address, unique device identification code (IMEI/android ID/IDFA/OPENUDID/GUID/IMSI information of SIM card), and geographic location information for anti-cheating. | Level III grade-based network security protection of the Ministry of Public Security (the highest security level of non-bank institutions); certification based on ISO 27001 information security management system; certification based on ISO 27018 protection system of personally identifiable information (PII) in public clouds. | https://www.umeng.com/page/policy |
| mapbox | Provide navigation function for APP | GPS location information | / | https://www.mapbox.com/legal/privacy |
| bugly | Truly restore the Crash scenario based service for developers, without involving the user's privacy information. | Crash scenario: Crash information and thread stack, ROM/RAM/SD card capacity, network/language status, etc. App information: Package name, version and process name. Device information: Identification of IMEI and other devices. | Certification based on information security management system; certification of information technology service management system; certification based on quality management system (ISO 9000). | \ |
3. Provide security for you
In order to prevent, discover and investigate the fraud and infringement, as well as acts that endanger security, that are illegal or violate our agreements, policies, or rules, we may collect or integrate the user information, service usage information, equipment information, log information and information authorized by you or shared according to laws.
4. Other purposes
When collecting your information for other specific purposes not specified in this policy, we will ask your consent in advance.
In case of stopping operating our products or services, we will stop collecting the personal information, inform you of the notice of stopping operation in the form of delivery or announcement one by one, and delete or anonymize the personal information held.
(II) How to use your information
The purpose of collecting your information is to provide services and improve service quality for you, so we will use your information for the following purposes:
1. Provide the products or services for you, and maintain, improve and optimize these services and service experience.
2. In order to prevent, discover and investigate the fraud and infringement, as well as acts that endanger security, that are illegal or violate our agreements, policies, or rules, and protect legitimate rights and interests of you, other users or the public and us, we may use or integrate your user information, service usage information, equipment information, log information, and information we have obtained from you or shared according to the law to comprehensively detect and prevent security incidents, and take necessary records, audits, analysis and measures according to laws.
3. Other purposes with your permission.
II. How to Use Cookie and Similar Technologies
The products or services provided by us do not use the Cookie and similar technologies.
III. How to Share, Transfer and Publicly Disclose Personal Information
(I) Sharing
We will not share your personal information with companies, organizations and individuals other than our service providers, except in the following cases:
1. Sharing with explicit consent: We will share your personal information with other parties after obtaining your explicit consent.
2. Sharing under legal situations: We may share your personal information with others according to the provisions of laws and regulations, the needs of litigation dispute resolution, or the requirements put forward by administrative and judicial organs according to laws.
3. When you are complained of infringement of intellectual property rights or other legal rights by others, it is necessary to disclose the necessary information to the complainant to handle the complaint.
4. Sharing with authorized partners: Only for the purpose stated in this privacy policy, some of our services will be jointly provided by us and authorized partners. We may share some of your personal information with our partners to provide better customer services and user experience. In order to better serve customers, our products may be integrated with third-party SDK or other similar applications, for example, [mapbox] SDK. For your information security, we have signed a strict data security confidentiality agreement with third-party SDK service providers, and these companies shall strictly abide by our data privacy and security requirements. We will not share your personal identity information with others unless you agree. To assist you to better understand the types and uses of data collected by [mapbox] and how to protect your personal information, you can log in to https://www.mapbox.com/legal/privacy to learn about the privacy policy of [mapbox].
We are not responsible for privacy protection measures of other websites unless otherwise stipulated by law. We may add business partners or share brand websites whenever necessary, but the information provided for them is only de-identified, and we will not disclose your identity.
(II) Transfer
We will not transfer your personal information to any companies, organizations or individuals, except in the following cases:
1. Transfer with explicit consent: We will transfer your personal information to other parties after obtaining your explicit consent.
2. In mergers, acquisitions or bankruptcy liquidation or other situations involving mergers, acquisitions or bankruptcy liquidation, in case of involving personal information transfer, we will ask the new company or organization holding your personal information to continue to be bound by this policy; otherwise, we will ask the company, organization and individual to ask you for authorization and consent again.
(III) Public disclosure
We will only publicly disclose your personal information under the following cases:
1. Obtain your explicit consent;
2. If we determine that you have violated laws and regulations or seriously violated the relevant agreement rules of this service or product, or to protect the personal property safety of CLOUD PINE or the public from infringement, we may disclose your personal information with your consent according to laws and regulations or the relevant agreement rules of this service or product, including relevant violations and measures taken by CLOUD PINE against you.
(IV) Exceptions of obtaining prior authorization and consent when sharing, transferring or publicly disclosing personal information
Sharing, transferring and publicly disclosing your personal information do not require your prior authorization and consent under the following cases:
1. It is related to national security and national defense security;
2. It is related to public safety, public health and major public interests;
3. It is related to criminal investigation, prosecution, trial and judgment execution;
4. It is to safeguard life, property and other important legitimate rights and interests of you and others, but it is difficult to obtain your consent;
5. It is the personal information disclosed to the public by you;
6. The personal information is collected from the information disclosed legally and publicly, such as legal news reports, government information disclosure and other channels.
7. Other circumstances stipulated by laws and regulations
According to laws, sharing and transferring personal information after de-identification and ensuring that the data receiver cannot recover and re-identify the subject of personal information is not an external sharing, transfer and public disclosure of personal information, and there is no need to inform you and obtain your consent for the preservation and processing of such data.
IV. How to Protect Personal Information
(I) Preservation period
We will keep your personal information during use of our products and services. If you cancel the account or take the initiative to delete the above information, we will save your information according to the Cybersecurity Law of the People's Republic of China and other laws and regulations. After you cancel the account or actively delete the above information, we will not use your personal information commercially, but we may use your personal information after anonymization.
(II) Preservation area
Your personal information is stored in the territory of the People's Republic of China. If some products or services involve cross-border transactions and we need to transmit your personal information overseas, we will strictly follow the laws and regulations to perform and ensure the security of your personal information.
(III) Safety measures
1. We will take various preventive measures to prevent your personal information from unauthorized access, public disclosure, use, modification, damage or loss. We will use encryption technology to ensure the confidentiality of data, use trusted protection mechanisms to prevent malicious attacks on data, and deploy access control mechanisms to ensure that only authorized personnel can access personal information, and we will strengthen employees' awareness of the importance of protecting personal information.
2. At present, we have obtained the following certification: ISO20000 certification, ISO27001 certification, ISO9000 certification and CMMI3 certification.
3. We will take reasonable and feasible measures and try our best to avoid collecting irrelevant personal information. We will only retain your personal information for the period required to achieve the purpose stated in this policy, unless it is necessary or it is permitted by law to extend the retention period.
(IV) The Internet environment is not 100% secure. Although we have these security measures, please note that there are no "perfect security measures" on the Internet. We will try our best to ensure the security of your information.
1. The Internet is not an absolutely secure environment, and emails and instant messaging are not encrypted. We strongly recommend that you should not send personal information through such methods. Please use a complex password to help us ensure the security of your account.
2. After the personal information safety incident, we will, in accordance with the requirements of laws and regulations, promptly inform you of the following cases, including basic situation and possible impact of the safety incident, the disposal measures we have taken or will take, the advice you can take to prevent and reduce risks and the remedial measures for you, etc. We will inform you of the incidents in a timely manner by mail, letter, telephone, push notification. If it is difficult to so inform relevant personnel one by one, we will make a reasonable and effective announcement.
In addition, we will actively report the disposal of personal information safety incidents as required by the supervision authorities.
V. Your Rights
In accordance with relevant Chinese laws, regulations, and standards, as well as common practices in other countries and regions, we will protect you to exercise the following rights with respect to your personal information:
(I) Access your personal information
You have the right to access your personal information, except for the exceptions stipulated by laws and regulations.
(II) Correct your personal information
You are entitled to ask us to make corrections when you find that there are errors in our processing of your personal information. You can inform us by phone or email. We will reply to your request for correction within 30 days. To ensure security, we will verify your identity information before you exercise the right to correct information.
(III) Delete your personal information
In the following cases, you can ask us to delete personal information:
1. Our handling of personal information violates laws and regulations;
2. We collect and use your personal information without your consent;
3. Our handling of personal information violates the agreement with you;
4. You no longer use our products or services, or you cancel your account;
5. We no longer provide you with products or services.
If we decide to respond to your request for deletion, we will also notify the entities that have obtained your personal information from us and ask them to delete it in time, unless otherwise stipulated by laws and regulations, or these entities have obtained your independent authorization.
After you delete information from our service, we may not immediately delete the corresponding information in the backup system, but we will delete or anonymize the information when the backup is updated.
(IV) Change the scope of your authorization and consent
Every business function needs some basic personal information to be completed. For the collection and use of additional personal information, you can give or withdraw your authorization and consent at any time.
When you withdraw your consent, we will no longer process the corresponding personal information. However, your decision to withdraw your consent will not affect the previous personal information processing based on your authorization.
(V) Restrain the automatic decision-making of information system
In some business functions, we may only make decisions based on non-manual automatic decision-making mechanisms such as information systems and algorithms. If these decisions significantly affect your legitimate rights and interests, you have the right to ask us for an explanation, and we will also provide appropriate remedies.
(VI) Respond to your above request
For security reasons, you may need to submit a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request. We will give a reply within 30 days.
For your reasonable request, we do not charge fees in principle, but for repeated requests that exceed reasonable limits, we will charge a certain cost depending on the circumstances. We may reject requests that are unreasonably repeated, require excessive technical means (for example, the need to develop new systems or fundamentally change existing practices), bring risks to the legitimate rights and interests of others, or are very unrealistic (for example, involving information stored on backup tapes).
Under the following circumstances, we will not be able to respond to your request according to the requirements of laws and regulations:
1. It is directly related to national security and national defense security;
2. It is directly related to public safety, public health and major public interests;
3. It is directly related to criminal investigation, prosecution, trial and judgment execution;
4. There is sufficient evidence to show that you have subjective malice or abuse of rights;
5. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals and organizations;
6. Commercial secrets are involved.
VI. Protection of Minors
Our products, websites and services are mainly for adults. Minors are not allowed to create their own user accounts without the consent of their parents or guardians.
Although local laws and customs define minors differently, we regard anyone under the age of 18 as a minor.
If we find that we have collected the personal information of minors without obtaining the verifiable parental consent in advance, we will try to delete the relevant data as soon as possible.
VII. How to Transmit Personal Information Globally
In principle, the personal information collected and generated in the People's Republic of China will be stored in the territory of the People's Republic of China
Since we provide products or services through resources and servers all over the world, after obtaining your authorization and consent, your personal information may be transmitted to the jurisdictions out of the country/region where you use the products or services, or be accessed by these jurisdictions.
Such jurisdictions may have different data protection laws or even no relevant laws. In such cases, we will ensure that your personal information is adequately and equally protected in the territory of the People's Republic of China. For example, we will ask your consent to cross-border transmission of personal information, or implement security measures such as data de-identification before cross-border data transmission.
VIII. How to Update this Policy
Our privacy policy may change.
We will not weaken the rights you can enjoy as per this privacy policy without your explicit consent. We will post any changes made to this policy on this page.
For major changes, we will also provide more significant notices (including for some services, we will send notices by email to explain the specific changes of privacy policy).
Major changes referred to in this policy include but are not limited to:
1. Major changes have taken place in our service mode. Such as the purpose of processing personal information, the type of personal information processed, and the use of personal information;
2. Major changes have taken place in our ownership structure and organizational structure. Such as changes in owners caused by business adjustments and bankruptcy mergers and acquisitions;
3. The main objects of personal information sharing, transmission or public disclosure have changed;
4. Major changes have taken place in your right to participate in personal information processing and the way in which you exercise it;
5. Our responsible department, contact information and complaint channel for handling personal information security change;
6. The Report Form of Personal Information Security Impact Evaluation indicates high risk.
IX. How to Contact Us
If you have any questions, comments or suggestions on this privacy policy, and want to make complaints and reports, please contact us in the following ways:
E-mail: support@carbit.com.cn
Tel.: 027-59586633
Under normal circumstances, we will reply within fifteen working days.
If you are not satisfied with our reply, especially if our personal information processing behavior harms your legitimate rights and interests, you can also seek solutions through the following external channels: file a lawsuit in a court with jurisdiction in Wuhan East Lake High-tech Development Zone.