Privacy Policy

I. How to collect and use information

In the course of using the Products and services, we need/may need to collect and use your personal information, including:

1. Account registration information: For the services that can only be used through the platform account, you need to provide your name, email address, phone number, verification code, and account password to create platform accounts. Fill in the above information when using the client application, we will verify your identity based on the information you provide, to ensure we are providing services to you.
2. Non-account registration information: If you choose to provide a nickname, profile picture, and other non-registered account required personal information, we will provide you with more user-friendly services. Your nickname and profile picture are only supplementary information to your profile and will not be displayed publicly.
3. User feedback information: When you use the feedback and suggestion functions in our products, we will collect your email address, mobile phone number, and feedback content, so as to timely handle your problems and equipment faults.
4. Mobile Device Information: In the process of using our services, we may automatically collect your personal information, including:
   1. Basic information: Based on your specific operations during software installation and/or use, we receive and record the device information (including the device model, operating system version, device Settings, unique device identifier, and hardware and software features such as the device environment) and device location information (including the GPS location authorized by you and the sensor information such as the WLAN access point, Bluetooth, and base station).
   2. Service log information: When you use our website or products or services provided by the client, we automatically collect your interest in our service business data, as a service log, including browsing, click to view, search query, trading, sharing information, as well as the IP address, browser type, telecom operators, language use, access, date and time.
   3. Authorization Information: In order to provide more user-friendly services, we may need to collect and use your personal information in the following functions when you enable the client application.
      • Camera/camera-based permission: Before enabling the client application to remotely control a smart device, we need to obtain the permission to use the camera/camera on your mobile device so that we can scan a QR code to add a smart device.
      • Access permission for photo albums (photo library/video library): You can enable access permission for photo albums to capture videos and pictures of smart devices in real time. We will store the captured video files and pictures on mobile devices for your subsequent viewing and use.
      • Microphone-based permission: You can enable the microphone permission to implement the voice function, that is, to make one-way or two-way voice calls with the smart device.
      • Speaker-based rights: You can enable the speaker-based rights function to listen to the voice on the smart device.
      • Permission based on system storage: We will obtain the system storage space and permission information of your mobile device when you install and enable the client application, so as to ensure the normal operation of the application and meet the storage space required for pictures/videos.
      • Location-based permissions: We will obtain your mobile device location permissions when you install and enable the client application, so that we can provide security-compliant services for your geographical location.
      • Based on notification permission: You can enable the notification permission to receive alarm notification messages sent by smart devices.
5. Smart Device Information: In order to achieve remote control of smart devices through client applications, we will collect basic information about smart devices, including device name, device ID, device password, online status, network access information, firmware version and upgrade information, so as to provide connection services for you. You understand and agree that the above functions may require you to enable the access rights of your location information (geographic location), camera (camera), photo album (photo library), microphone (voice), speaker, and system storage space information on your mobile device to collect and use the information involved in these permissions. You can view the status of the above permissions in the system Settings of your mobile device, and you can decide to turn these permissions on or off at any time. Please note that you open any permissions that represents your authorization we can collect and use personal information to provide corresponding service for you, once you close any permissions that represents your cancel the authorization, we will no longer be based on corresponding permission to continue to collect and use personal information, also is unable to provide you with the permission of the service. However, your decision to turn off permissions does not affect previous information collection and use based on your authorization.

II. How to use cookies and similar technologies

1. Cookie: To make your access experience easier, we store cookies, Flash cookies, or other local storage provided by the browser (or associated application) that usually contains identifiers, site names, and some numbers and characters on your computer or mobile device (collectively, "Cookies"). With cookies, websites can store data such as your login details. You may modify your acceptance of cookies or reject our cookies if your browser or browser add-on services allow it. However, if you do so, it may affect your secure access to our site in some circumstances and may require you to change user Settings every time you visit our site.
2. Cookie similar technology: In addition to cookies, we also use web beacons, pixel tags, Etags and other similar technologies on our websites. For example, we may send you an email that contains an address link to the content of our website, and if you click on that link, we will track that click to help us understand your product or service preferences so that we can proactively improve our customer service experience. A website beacon is usually a transparent image embedded in a website or email. With the help of the pixel labels in the E-mail, we can tell whether the E-mail is open or not. If you do not wish your activities to be tracked in this way, you can always unsubscribe from our mailing list. An ETag (entity tag) is an HTTP protocol header that is passed between an Internet browser and an Internet server in place of a Cookie. ETag can help us avoid unnecessary server load, improve service efficiency, save resources, energy, and at the same time, we may record your identity through ETag, so that we can further understand and improve our products or services. Most browsers provide the function of clearing cached data. You can clear cached data in the browser Settings function. Note, however, that if you disable ETag, you may not enjoy a relatively better product or service experience.

III. How to share, transfer and disclose information

1. Share information: We will not share your personal information with companies, organizations and individuals other than service providers, except in the following cases:
   1. Sharing under legal circumstances: We may share your personal information in accordance with laws and regulations, litigation and dispute resolution requirements, or according to the requirements of administrative and judicial organs.
   2. Sharing with express Consent: Upon obtaining your express consent, we will share your personal information with other parties.
   3. Sharing at your choice: When you enable the function of sharing smart devices through the client application, we will share the information of the smart terminals you add to the terminal users specified by you according to your choice.
2. Transfer of information: We will not transfer your personal information to any company, organization or individual except in the following circumstances:
   1. Transfer with express consent: Upon obtaining your express consent, we will transfer your personal Information to other parties;
   2. In the service provider, mergers, acquisitions or bankruptcy liquidation or other situations involving mergers, acquisitions or bankruptcy liquidation, such as involving personal information transfer, we will request the new holder you personal information of the company, the organization continue to be bound by this policy, otherwise we will ask the company, organization or individual to ask for a grant to you.
3. Disclosure: We will only disclose your personal information in the following circumstances:
   1. With your express consent or upon your active choice, we may publicly disclose your personal information;
   2. If we determine your violation of the laws and regulations or a serious breach of relevant agreements and rules of platform, or to protect the platform users or the personal property safety of the public from the infringement, we can according to the laws and regulations or under the condition of your consent to disclose personal information about you, including related violations and the platform has the measures taken to you.

IV. How to protect and manage your information

1. We have taken reasonable and feasible security measures in line with industry standards to protect your information from unauthorized access, public disclosure, use, modification, damage or loss of your personal information. Such as:
   1. We use HTTPS encryption transmission protocol to transmit device data to the cloud;
   2. Data between devices is transmitted in 128/256-bit AES and XTEA encryption mode;
   3. Automatically generate AES encryption keys through ECDH;
   4. Using ECDSA digital signature to verify identity;
   5. To transmit image data with the Scrambling mechanism.
2. We have the industry advanced data as the core, around the data life cycle of the data security management system, from the organizational construction, system design, personnel management, product technology and other aspects of multi-dimensional improve the security of the entire system. Our critical information systems are currently GDPR compliant and ISO27001 certified.
3. Continuously adjust the existing working standards and procedures to ensure the confidentiality, integrity and availability of the data, and promptly notify the authorities and users within 72 hours as required by laws and regulations upon the occurrence of personal privacy violations:
   1. Import ISO 27001 / ISMS information security management system;
   2. Revise the data protection and privacy policy of the company;
   3. Data collection and use consent/statement content adjustment;
   4. Update the processing procedures for data leakage;
   5. Develop an emergency response procedure.

V. How to manage your information

You can manage your information in the following ways:

1. Query and Change your Information: You have the right to query and change your personal information through the client application or log in to the website and click Account Settings to query and modify your account information.
2. Change the scope of your authorization: To enable some functions of the client application, you need to obtain your authorization on the mobile device. You can modify the authorization in the relevant system Settings of the mobile device. When you withdraw your authorization, we will no longer process the relevant personal information and the corresponding functions may not be enabled properly. However, your decision to withdraw your consent will not affect the processing of personal information that has previously been carried out based on your authorization.
3. Responding to your feedback request: In order to ensure security, we may require you to verify your identity before processing your request, so you need to provide written proof or other relevant information to prove your identity. In the following circumstances, we will not be able to respond to your request in accordance with laws and regulations:
   1. Related to national security and national defense security;
   2. Related to public security, public health or major public interests;
   3. Those related to criminal investigation, prosecution, trial and execution of judgments;
   4. There is sufficient evidence to show that the subject of personal information has subjective malice or abuse of rights;
   5. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations;
   6. Involving trade secrets.

VI. How to realize the global transfer of information

According to the requirements of data security protection laws and regulations applicable in different countries, the measures for the global transfer of information are as follows:

Personal information collected and generated during operations in China shall be stored in China, except in the following cases:

1. The applicable laws are clearly stipulated;
2. Obtain your express authorization;
3. You take the initiative to conduct cross-border transactions through the Internet.

In light of the above circumstances, we will ensure that your personal information is adequately protected in accordance with this Privacy Policy.

VII. How to update this Privacy Policy

1. We may revise this policy in due course to meet the requirements of the latest laws and regulations.
2. We will notify you on the official website or in other ways before the change takes effect, so that you can read the complete content after the update.
3. Under such circumstances, if you choose to continue to use our services, you agree to be bound by the first revised Policy.

VIII. Regarding privacy policy issues, please email: info@tzhtech.com

Thank you for taking the time to read our privacy policy!

Shenzhen TZH Electronic Technology Co., Ltd.