target
iFLYTEK CXL Privacy Policy
Release Date: September 20, 2024
Effective Date: September 20, 2024
The iFLYTEK CXL Privacy Policy (hereinafter referred to as "this Policy") applies to websites, applications, products, and services provided by Zhejiang CXL Technology Co., Ltd. (hereinafter referred to as "iFLYTEK CXL" or "we") that display this Policy or link to it. Please read this Policy carefully before use to understand the details of how we handle your personal information. If there are specific privacy policies for the websites, applications, products, or services we provide, those specific policies will take precedence. For matters not covered in those specific policies, the content of this Policy shall prevail.
We have highlighted key content related to sensitive personal information and your rights and interests in personal information in bold form for your special attention.
This Policy will help you understand the following:
I. Definitions and Interpretations
II. How We Collect and Use Your Personal Information
III. How We Use Cookies and Similar Technologies
IV. How We Entrust Processing, Share, Transfer, and Publicly Disclose Your Personal Information
V. How We Protect Your Personal Information
VI. How We Store Your Personal Information
VII. How You Can Manage Your Rights Related to Personal Information
VIII. How We Protect Minors' Personal Information
IX. How Your Personal Information May Be Transferred Globally
X. How We Update This Policy
XI. How to Contact Us
XII. Other Provisions
Ⅰ. Definitions and Interpretations
1.Personal Information: Personal Information refers to various information recorded electronically or by other means that is related to an identified or identifiable natural person, excluding information that has been anonymized. For clarity, Personal Information includes but is not limited to Sensitive Personal Information.
2.Sensitive Personal Information: Sensitive Personal Information refers to Personal Information that, once disclosed or illegally used, can easily lead to infringement of a natural person's personal dignity or harm to personal or property safety. This includes information such as biometrics, religious beliefs, specific identities, medical health, financial accounts, location traces, as well as Personal Information of minors under the age of 14.
3.Personal Information Processor: A Personal Information Processor refers to an organization or individual that independently determines the purpose and method of processing Personal Information in Personal Information processing activities.
4.Data Subject: The Data Subject refers to the natural person identified or associated with the Personal Information.
5.Automated Decision-Making: Automated Decision-Making refers to the activity of automatically analyzing and assessing an individual's behavior patterns, interests, or economic, health, and credit status through computer programs to make decisions.
6.De-identification: De-identification refers to the process of processing Personal Information so that it cannot identify a specific natural person without additional information.
7.Anonymization: Anonymization refers to the process of processing Personal Information to the extent that it cannot identify a specific natural person and cannot be restored.
8.Unique Device Identifier (UDI): A Unique Device Identifier (UDI), also known as a dedicated ID or UUID, is a string of characters programmed into a device by its manufacturer, used to uniquely identify the corresponding device (e.g., IMEI number for mobile devices). UDIs have various uses, including providing advertisements when cookies are not available.
9.IP Address: Every device connected to the internet is assigned a unique number called an Internet Protocol (IP) address. These numbers are usually assigned based on geographical regions. IP addresses can generally be used to identify the location of a device when it is connected to the internet.
10.SSL: SSL (Secure Socket Layer), also known as the Secure Sockets Layer, is a security protocol implemented over the transmission communication protocol (TCP/IP). SSL supports various types of networks and provides three basic security services, all of which achieve information confidentiality through the use of public-key and symmetric-key technologies.
11.Information Collection Technologies: "Automatic Collection" as mentioned in this Policy by iFLYTEK CXL includes the following methods:
(1)Cookie: A Cookie is a small text file placed on your device (computer, mobile phone, or other smart terminals) by a website server when you browse a webpage. It can be used to enhance your user experience.
(2)Log Files: Log Files store automatically collected data, including Internet Protocol (IP) addresses, browser types, Internet Service Providers (ISPs), referring/exit pages, operating systems, date/time stamps, and clickstream data.
(3)ET Tag (Entity Tag): ET Tag is an HTTP protocol header transmitted between internet browsers and internet servers. It can replace Cookies for tracking individual users, allowing us to gain deeper insights and improve our services.
(4)JavaScript: JavaScript is a programming language used to create more interactive and dynamic web pages. JavaScript can set, read, and delete Cookies.
11.Affiliates: Affiliates refer to any party that directly or indirectly controls, is controlled by, or is under common control with Zhejiang CXL Technology Co., Ltd. Here, "control" and "controlled" refer to the right to direct the management policies of a party through voting rights, contracts, or other means.
II. How We Collect and Use Your Personal Information
As a processor of personal information, iFLYTEK Tidal Force adheres to the principles of legality, legitimacy, necessity, and good faith in collecting and using your personal information for the purposes outlined below.
1.Personal Information You Actively Provide During the Provision of Products and/or Services
1.1 Customized Solutions
To offer you customized solutions, you need to provide us with your name, company name, contact information (mobile number), email address, city of residence, and product requirements. We will use your name and contact information (mobile number) as your account to create a personal work order. Based on the city and product requirements you provide, we will understand your region and specific needs, and arrange for service personnel in the corresponding area to contact you to provide tailored services. Please note that if you do not provide your email address or company name, it will not affect your normal use of the customized solution service. However, if you provide these additional details, we can send you relevant documents such as product brochures based on your email and specific requirements, facilitating your access and review. Additionally, knowing your company's situation can help us understand its current collaboration with the industrial intelligence industry, enabling us to provide even better customized services.
2.Personal Information We Actively Collect During the Provision of Products and/or Services
2.1 Operation Statistics and Analysis
When you use iFLYTEK Tidal Force's website products and/or services, we automatically collect detailed information about your usage and save it as web logs. The necessary information includes usage details, IP address, URL of the accessed service, browser type and language used, date, time, and duration of access, and browsing information (browsing history, download history, and click history). This information helps us analyze the usage of our website products and/or services, troubleshoot issues, ensure service stability and network security, and improve and optimize product interactions through data statistics. This information is essential for operational statistics and analysis. If you refuse to allow us to collect this information, we will be unable to troubleshoot or conduct operational statistics for the website, potentially affecting your usage security and experience.
Personal Information Processing Clarification
(1) Sensitive personal information collected by us is prominently identified in this policy. If your sensitive personal information is leaked, tampered with, or used illegally, it may harm your personal or financial safety. To prevent such occurrences, we have implemented appropriate technical and organizational protection measures to safeguard your information security.
(2) According to relevant laws and regulations, we do not need your consent to process your personal information in the following circumstances:
Necessary for concluding or performing a contract where an individual is a party, or for implementing human resource management in accordance with legally established labor rules and regulations and collectively signed labor contracts;
Necessary for fulfilling statutory duties or obligations;
Necessary for responding to public health emergencies or protecting the life, health, and property safety of individuals in emergency situations;
Necessary for public interest activities such as news reporting and public opinion supervision, within reasonable limits;
Processing personal information that has been disclosed by the individual themselves or is already legally disclosed, within reasonable limits as stipulated by law;
Other circumstances stipulated by laws and administrative regulations.
III. How We Use Cookies and Similar Technologies
Use of Cookie Technology
We collect and utilize your information through cookies, which we store as log information. We employ our own cookies with the aim of providing you with a more personalized user experience and services, specifically for the following purposes:
(1) Remembering Your Identity: For instance, cookies assist us in recognizing you as our registered user or saving your preferences or other information you have provided to us.
(2) Analyzing Your Usage of Our Services: For example, we may utilize cookies to understand the activities you engage in when using our services or which webpages or services are most popular among you.
Use of Similar Technologies to Cookies
Our products and services do not employ our own similar technologies to cookies.
However, our products and services may contain cookies and similar technologies placed by advertisers, partners, or other third-party service providers. These cookies and similar technologies may collect non-personally identifiable information about you for the purposes of analyzing how users interact with such services, delivering advertisements that may interest you, or evaluating the effectiveness of advertising services. The collection and use of such information by these third-party cookies and similar technologies are not governed by this policy but rather by the privacy policies of the respective users. We assume no responsibility for third-party cookies and similar technologies.
You can reject or manage cookies and similar technologies through your browser settings. However, please note that disabling cookies or similar technologies may prevent you from enjoying the best service experience, and certain services may not function properly.
IV. How We Entrust Processing, Share, Transfer, and Publicly Disclose Your Personal Information
Entrusted Processing
To provide you with more comprehensive and high-quality products and services, we may entrust third parties (including companies, organizations, and individuals) to process certain personal information of yours. For third parties entrusted with the processing of your personal information, we will sign rigorous data processing agreements with them, clearly stipulating the purpose, duration, method of processing, types of personal information, protective measures, as well as the rights and obligations of both parties. We will also supervise the third parties' personal information processing activities, requiring them to process your personal information solely in accordance with our requirements, the provisions of this policy, and any other relevant confidentiality and security measures. They are prohibited from exceeding the agreed-upon processing purposes and methods. If you refuse our third parties from collecting necessary personal information for service provision, it may result in your inability to enjoy the services provided by those third parties.
Sharing
We will not share your personal information with third parties (including companies, organizations, and individuals), except in the following circumstances:
(1) Sharing with Explicit Consent: We will share your personal information with third parties after obtaining your explicit consent.
(2) Sharing under Legal Circumstances: We may share your personal information with third parties in accordance with laws and regulations, litigation dispute resolution needs, or as required by administrative or judicial authorities in accordance with the law.
(3) Sharing among Affiliated Companies: To connect with our other products or services, provide you with better services, or protect the personal and property safety of our affiliated companies or other users or the public from infringement, your information may be shared within our affiliated companies. We will only share your personal information among our affiliated companies for specific, clear, and legitimate purposes within the scope declared in this policy, and only the information necessary for service provision will be shared. For example, when registering for an iFLYTEK account, we need to verify the global uniqueness of the proposed account to avoid duplicate registrations. For information shared with affiliated companies, we will require them to adopt protective measures no less stringent than those stated in this policy and strictly comply with relevant laws, regulations, and regulatory requirements. If affiliated companies wish to change the processing purpose of personal information, they will need to seek your authorization and consent again.
Transfer
We will not transfer your personal information to any third party (including companies, organizations, and individuals), except in the following circumstances:
(1) Transfer with Explicit Consent;
(2) Transfer required by applicable laws, legal procedures, or mandatory administrative or judicial requirements;
(3) In the event of a merger, acquisition, or bankruptcy liquidation of the product or service provider, or other situations involving such events, if personal information transfer is involved, we will inform you of the recipient's name or contact information and require the new holder of your personal information to continue to be bound by this policy. If the recipient changes the original processing purpose or method, we will require them to seek your authorization and consent again.
Public Disclosure
We will only publicly disclose your personal information in the following circumstances:
(1) With your separate consent or based on your active choice, we may publicly disclose your personal information;
(2) In cases of legal, legal proceedings, litigation, or mandatory requirements from government authorities, we may publicly disclose your personal information;
(3) If we determine that you have violated laws, regulations, or severely breached the relevant agreement rules of this product, or to protect the personal and property safety of users of this product and its affiliated companies or the public from infringement, we may disclose your personal information in accordance with laws, regulations, or the relevant agreement rules of this product, including relevant violations and measures taken against you by this product.
Exceptions to Prior Authorization and Consent for Entrusted Processing, Sharing, Transfer, and Public Disclosure of Personal Information
In the following circumstances, entrusted processing, sharing, transfer, and public disclosure of your personal information do not require prior authorization and consent from you:
(1) Related to our fulfillment of obligations prescribed by laws and regulations;
(2) Directly related to national security and national defense security;
(3) Directly related to public safety, public health, and significant public interests;
(4) Directly related to criminal investigation, prosecution, trial, and judgment execution;
(5) Necessary to safeguard your or other individuals' significant legitimate rights and interests such as life and property, but it is difficult to obtain consent from the individual;
(6) Personal information that you voluntarily disclose to the public;
(7) Collecting personal information from legally publicly disclosed information, such as legitimate news reports, government information disclosure, and other channels.
Please note: According to legal provisions, the sharing, transfer, and public disclosure of de-identified personal information, ensuring that the data recipient cannot restore and re-identify the personal information subject, do not constitute external sharing, transfer, and public disclosure of personal information. The storage and processing of such data will not require separate notification to you and your consent.
V. How We Protect Your Personal Information
Privacy and Information Protection: We attach great importance to user privacy and personal information protection, and we will take reasonable measures to safeguard our users' personal information. Except as required by laws and regulations or otherwise agreed upon in this policy, we will employ various security technologies and procedures to establish a comprehensive management system to protect your personal information from unauthorized access, use, or disclosure. Without users' permission, we will not disclose their personal information to third parties. We employ professional encryption methods for storage and transmission of relevant information to ensure the safety of users' personal information.
Technical Analysis of User Data: You understand and agree that, without revealing individual user privacy information, we have the right to conduct technical analysis on the entire user database. Only anonymized user data, after being analyzed and organized, will be utilized for commercial purposes.
Data Security Measures:
(1) Industry-Standard Security: We have adopted security measures that meet industry standards, including establishing reasonable systems and norms, and applying security technologies to prevent unauthorized access, use, modification, damage, or loss of your personal information. For instance, our network services utilize encryption technologies such as Transport Layer Security (TLS) protocols to provide browsing services via HTTPS, ensuring the security of user data during transmission. We encrypt, anonymize, or de-identify personal information using encryption technologies (TLS, SSL), and isolate data through segregation techniques. We manage the storage and usage of personal information through a data classification and categorization system, data security management norms, and data security development standards. We restrict access to personal information to necessary employees and partners of our company and its affiliates through confidentiality agreements, strict access controls, and monitoring mechanisms. All personnel with access to your personal information are required to fulfill their confidentiality obligations. Failure to do so may result in legal liability or termination of the relationship. We conduct security and privacy protection training to enhance employees' awareness of the importance of protecting personal information. We have formulated and implemented emergency response plans for personal information security incidents.
(2) Relevance and Retention: We take all reasonable and feasible measures to ensure that we do not collect irrelevant personal information. We will only retain your personal information for the period necessary to achieve the purposes outlined in this policy, unless an extension is required or permitted by law.
(3) Internet Security Warning: Recognizing that the internet is not an absolutely secure environment, and that communications via email, instant messaging, and other means with users are not encrypted, we strongly recommend against sending personal information through these channels. Please use complex passwords to help us secure your account.
(4) Limited Security Guarantee: While we strive to ensure the security of any information you send us, we cannot guarantee 100% security in the internet environment. If our physical, technical, or administrative safeguards are compromised, leading to unauthorized access, disclosure, tampering, or destruction of information, and causing harm to your legitimate rights and interests, we will bear corresponding legal responsibilities.
(5) Incident Notification: In the unfortunate event of a personal information security incident, we will promptly notify you in accordance with legal requirements, including the cause of the incident, potential harm, types of personal information involved, measures we have taken or will take, and recommendations for self-protection and risk mitigation. We will inform you of the incident via email, SMS, phone call, or notifications. If it is difficult to notify individual users, we will announce the incident in a reasonable and effective manner. Additionally, we will proactively report the handling of personal information security incidents to regulatory authorities as required. Please note that, in accordance with applicable laws and regulations, we may not notify you if measures taken can effectively prevent harm caused by information leakage, tampering, or loss.
VI. How We Store Your Personal Information
This product and/or service are exclusively provided within the territory of Mainland China (for the purpose of this policy, excluding the Hong Kong Special Administrative Region, the Macao Special Administrative Region, and Taiwan). In principle, we collect and store personal information generated within the territory of the People's Republic of China (PRC) and do not conduct cross-border transfers unless otherwise stipulated by laws and regulations.
Location of Information Storage
We comply with laws and regulations, and the information and data collected about you will be saved on servers located within the mainland territory of the PRC, except in the following circumstances:
When explicitly stipulated by laws and regulations;
Upon obtaining your explicit authorization;
When you proactively engage in cross-border transactions or similar activities via the internet.
Duration of Information Storage
In general, we will retain your personal information for the period necessary to achieve the processing purposes outlined in this policy, unless otherwise specified by applicable laws, regulations, or national normative documents. Specific references include:
(1) Article 21, Chapter III, of the Cybersecurity Law of the People's Republic of China stipulates that technical measures for monitoring and recording network operation status and cybersecurity incidents shall be adopted, and relevant network logs shall be retained for no less than six months as required.
(2) Article 31, Chapter II, of the E-commerce Law of the People's Republic of China requires that the retention period for information on goods and services, as well as transaction information, shall be no less than three years from the date of transaction completion; where otherwise stipulated by laws or administrative regulations, those provisions shall prevail.
Upon expiration of the aforementioned periods or upon your active request to delete your personal information or deactivate your account, we will promptly delete your personal information in accordance with applicable laws and regulations, unless required by laws, regulations, or national normative documents to retain such information for a longer period. However, we may alter the storage duration of personal information under the following circumstances to comply with legal requirements:
To comply with applicable laws, regulations, and other relevant provisions;
To comply with court judgments, rulings, or other legal procedures;
To comply with requests from relevant government agencies or legally authorized organizations;
When we have reasonable grounds to believe that compliance with laws, regulations, and other relevant provisions is necessary;
For purposes reasonably necessary to execute relevant service agreements or this policy, safeguard social and public interests, and protect the personal and property safety or other legitimate rights and interests of our customers, us, other users, or employees.
Upon termination of your use, we will cease collecting and using your information, except as otherwise stipulated by laws, regulations, or supervisory authorities.
In the event that relevant services cease to operate, we will notify you through notices and announcements and delete your personal information retained on our servers within the period required by laws and regulations.
VII. How You Can Manage Your Rights to Personal Information
According to relevant Chinese laws, regulations, and standards, you enjoy several rights in personal information processing activities, specifically including:
You have the right to know and decide on the processing of your personal information, and have the right to restrict or refuse the processing of your personal information by others, except as otherwise stipulated by laws and administrative regulations.
You have the right to access and copy your personal information from the personal information processor, except in circumstances stipulated by law.
You have the right to request the transfer of your personal information to a designated personal information processor.
If you find that your personal information is inaccurate or incomplete, you have the right to request the personal information processor to correct or supplement it.
You have the right to request the deletion of your personal information.
You have the right to request the personal information processor to explain and clarify its rules for processing personal information.
In accordance with relevant legal provisions, your close relatives may exercise the aforementioned rights of access, copying, correction, and deletion of your relevant personal information after your death, but you may contact us to make alternative arrangements.
If you wish to exercise these rights, please provide feedback through the channels described in Chapter XI of this policy. For security purposes, you may need to submit a written request. We may refuse to process requests if we have reasonable grounds to believe they are fraudulent, unfeasible, or infringe upon the privacy rights of others.
VIII. How Do We Protect Minors' Personal Information
Our websites, applications, products, and services are not intended for minors under the age of 14.
If you are a minor under 14 years old, you need to have your guardian read and agree to this policy before using our websites, applications, products, and services.
If you are the guardian of a minor under 14 and believe that we have collected their personal information without consent, please contact us promptly via the methods described in Chapter XI of this policy. We will endeavor to delete the relevant personal information as soon as possible.
IX. How Your Personal Information is Transferred Globally
In principle, personal information collected and generated within the territory of the People's Republic of China by us will be stored within the territory of the People's Republic of China and will not be transmitted across borders.
X. How We Update This Policy
To provide you with better services, our related websites, applications, products, and services may be updated and changed from time to time, and we will revise this policy as appropriate. These revisions constitute part of this policy. However, we will not diminish your rights under this policy without your explicit consent.
After updating this policy, we will publish it in an appropriate manner so that you can keep abreast of the latest version. If you disagree with this policy or have objections to its modifications and updates, you can choose to stop using our related websites, applications, products, and services.
For significant changes, we will also provide more prominent notifications (including but not limited to emails, SMS, or special prompts on the browsing page) to explain the specific changes to this policy.
Significant changes referred to in this policy include but are not limited to:
(1) Major changes in our service model, such as the purpose of processing personal information, the types of personal information processed, and the ways personal information is used;
(2) Major changes in our ownership structure, organizational structure, etc., such as all changes arising from business adjustments, bankruptcies, mergers, and acquisitions;
(3) Changes in the main objects of personal information sharing, transfer, or public disclosure;
(4) Major changes in your rights and the ways to exercise them regarding personal information processing;
(5) Changes in the responsible department, contact information, and complaint channels for handling personal information security;
(6) When the personal information security impact assessment report indicates a high risk;
(7) Changes made in response to national policies or legal norms with the issuance and implementation of policies or laws.
XI. How to Contact Us
To better protect your personal information, we have established a dedicated network security and personal information protection department. If you have any questions or suggestions about this policy or your personal information during use, please contact us through the following contact information:
Contact Phone: 4000-199-199
Contact Email (Personal Information Protection Officer): dpo@iflytek.com
If you are dissatisfied with our response, especially if you believe that our handling of personal information has harmed your legitimate rights and interests, and we cannot provide a satisfactory response or refuse to improve after your feedback, you can lodge a complaint or report to relevant regulatory agencies.
XII. Others
Any disputes related to this policy should be resolved through friendly consultation between the parties. If a resolution cannot be reached through negotiation, you hereby agree to file a lawsuit with the People's Court of High-tech Industrial Development Zone, Hefei City, Anhui Province.
If any court with jurisdiction rules or adjudicates that any clause of this policy is invalid, that clause will be removed from this policy, but the invalidity of that clause shall not affect the validity of the remaining clauses of this policy. The remaining clauses of this policy will continue to be enforced.