Privacy Policy

Last revised date: October 6, 2023

[Introduction]

Welcome to use our products and services! We are fully aware of the importance of personal information to you, and your trust is very important to us. We will provide full protection for the security of your personal information in accordance with legal and regulatory requirements and with reference to industry best practices. To this end, the Password Box provider (or "we") has formulated this "Privacy Policy" (hereinafter referred to as "this policy") so that you can fully understand how we will collect information when you use our products and services. , use, share, store and protect your personal information, and how you can manage your personal information.

Before you start using our products and services, please be sure to carefully read and understand this policy. In particular, you should focus on reading the items we mark with bold/bold underline Terms, make sure you fully understand and agree before starting to use them. We try our best to explain the professional terms involved in this policy in concise and popular terms to facilitate your understanding.

This policy will help you understand the following:

  1. Definition and scope of application
  2. How we collect and use your information
  3. How we use cookies and similar technologies
  4. How we share, transfer and publicly disclose your information
  5. How we protect your information
  6. How we store your information
  7. How you manage your information
  8. How we handle minors’ information
  9. Third-party SDK list
  10. How to update this policy
  11. How can you contact us

1. Definition and scope of application

(1) Definition

(2) Scope of application

This policy applies to all products and services provided to you by the Password Box provider in the form of websites, clients, and new forms that emerge with the development of technology.

Except for the relevant information collection and use activities described in this policy, this policy does not apply to other services provided to you by other third parties. Other services are subject to their privacy policies and other personal information collection and use rules separately explained to you.

2. How we collect and use your information

When you use our products/services, the personal information we need/may need to collect and use includes the following two types:

  1. In order to realize the basic functions of providing you with our products and/or services, you must authorize us to collect and use the necessary information. If you refuse to provide corresponding information, you will not be able to use our products and/or services normally;
  2. In order to provide you with additional functions of our products and/or services, you can choose whether to authorize us to collect and use the information. If you refuse to provide it, you will not be able to use the relevant additional functions normally or achieve the functional effects we intend to achieve.

We hereby specially remind you:

  1. We are committed to creating a variety of products and services to meet your needs. Because we provide you with many types of products and services, and the specific range of products/services that different users choose to use are different, the basic/additional functions and the corresponding types and scope of personal information collected and used will vary. For differences, please refer to the specific product/service functions;
  2. In order to bring you a better product and service experience, we continue to work hard to improve our products, services and technologies. We may launch new or optimized functions from time to time, which may require collection, Use new personal information or change the purpose or method of using personal information. If the above situation occurs, we will explain it to you in detail by updating this policy, pop-up windows, page prompts, etc., and provide you with a way to choose your consent, and we will only start collection and use after obtaining your express consent. During this process, if you have any questions, comments or suggestions, you can contact us through the contact information at the end of this policy, and we will answer you as soon as possible.

The specific functional scenarios we will provide you include:

(1) Account registration and login

1. Registration and login

When you register and log in to your account through your mobile phone number, email address or account password, we need to collect your mobile phone number or email address and account password , used to create accounts, login verification, and ensure account security. We may verify whether your account is valid by sending a SMS verification code or email. When you register and log in through a third-party account, we need to request your third-party account information (ID, nickname and other information authorized by you) from the third party.

After you register and log in through your email or a third-party account, we also need to collect your mobile phone number before using publishing and other functions that require real-name authentication. Real-name authentication. After you log in to your account, you can choose to bind/unbind your mobile phone number, email address or third-party account according to your own needs. In order to complete the above binding/unbinding operation, we need you to provide Mobile phone number, email address or authorize us to obtain your third-party account information (ID, nickname and other information authorized by you) from a third party.

2. Account information

After registering and logging in to your account, you can fill in your personal information (avatar, nickname, gender, location, hometown, birthday, domain name, introduction) and personalize your ID according to your own needs. Your avatar, nickname, gender, ID, domain name, registration time, location, hometown, and introduction will be displayed in the application to identify your user identity and facilitate your communication and interaction with other users.

3. Non-registration mode

If you use the password box without registering or logging in, we will provide you with a "browse-only" service in the non-registration mode. In the non-registration mode, we can only provide you with some functions. In order to ensure the realization of functions, we will collect and use your network information (sensor information such as WLAN access points and base stations, IP address, network access method, network quality data, mobile network information), device information (device identifier, Operating system setting information, device hardware information, device network information), log information (network access log, User operation log), personal Internet access record information ( website Browsing records, operation click records), search keywords information.

In addition to the above information, during your use, we may apply to obtain your device permissions to implement other additional functions (see "Other Additional Functions" in "How We Collect and Use Your Personal Information" in this Policy).

(2) Information storage and browsing

You can save group and password information in the password box, or upload the saved information to our server through the cloud synchronization function in the app.

When you click on a link to jump to another App while using Password Box, we will retrieve whether the App is installed on your device. If installed, it may help you call up the App after you click the jump link to provide you with a more convenient experience.

(3) Search function

You can use the function to search for keywords. In order to implement this function, we need to use network storage mechanisms and application data caching to collect and use your search keyword information and store it locally to provide more efficient and convenient search services. Search results will be displayed based on your search keyword information.

(4) Customer service function

You can use the customer service function to initiate complaints, appeals, and consultations with us. For the security of your account, we may need to collect and use customer service communication records with you (online chat records, phone recordings, emails), as well as the real name and mobile phone number you provided , email address information in order to handle your feedback complaints, appeals or consultation results in a timely manner. If you make a complaint in your own name, you also need to provide valid identity document information.

(5) Other additional functions

In order to provide you with more convenient, high-quality, and personalized products or services, we may collect and use your personal information in the following additional functions provided to you. If you do not provide this information, it will not affect your use of our other business functions, but you may not be able to obtain the convenient experience these additional functions bring to you. These additional features include:

1. Additional functions based on location permissions

When you need to use the password box to search nearby data, or receive personalized push information and advertisements based on location permissions, you can choose to turn on device location permissions and authorize us to collect and use your precise positioning information , so that we can push nearby content and services to you. If you do not enable this permission, you will not be able to receive recommendations based on precise positioning information, but this will not affect your use of other services. If you do not agree to enable device location permission, we may also use your network information (IP address, network access method, mobile network information), device information (device identifier, operating system setting information) , device hardware information, device network information) to provide you with geographical location-related services or advertising and other information. 

2. Additional functions based on camera permissions

When you need to use the functions of scanning, changing avatars, covers, and taking photos or videos in the password box, you can choose to enable device camera permissions to scan codes, take pictures or videos in real time for sharing, and set avatars and covers. If you do not enable this permission, you will not be able to use functions related to QR code scanning, picture or video shooting, but this will not affect your use of other services.

3. Additional functions based on storage permissions

When you need to use the functions of scanning, changing avatars, covers, or taking photos or videos in the password box, you can choose to enable device storage permissions to access, upload pictures or videos on the device, or save pictures to the device. If you do not enable this permission, you will not be able to use functions related to uploading and saving pictures or videos, but this will not affect your use of other services.

4. Additional functions based on phone permissions

If you are using an Android system device, we may apply to you for phone permission in order to identify your unique device identifier IMEI so that we can conduct security risk control, data statistics and push products, services and advertising information to you. . If you turn off this permission, it will not affect your use of other services.

Please note that when you turn on any permission, you authorize us to collect and use relevant personal information to provide you with corresponding services. Once you close any permission, you cancel the authorization and we will not If we continue to collect and use relevant personal information based on the corresponding permissions, we will not be able to provide you with the services corresponding to the permissions. However, your decision to turn off permissions will not affect the previous collection and use of information based on your authorization. 

(7) Other rules for collecting and using personal information

1. If the information you provide contains the personal information of other users, you must ensure that you have obtained legal authorization before providing us with such personal information. 

2. If we use information for other purposes not specified in this policy, or if we use information collected for specific purposes for other purposes, we will obtain your consent in advance. 

3. If we obtain your information indirectly from a third party, we will clearly request the third party in writing to explain the source of its personal information before collection, and whether it has obtained any information about its collection, processing and provision of your personal information to us. obtain your legal authorization. Except where expressly permitted by law, we will only collect your personal information from third parties after confirming that the third parties have obtained your authorization and consent. If the scope of the third party's authorization cannot cover our processing and use purposes, we will or require the third party to obtain your consent before processing your personal information. At the same time, our professional security team will perform security reinforcement on personal information (including sensitive information reporting, sensitive information encrypted storage, access permission control, etc.). We will use no less protective means and measures than we use for our own users' personal information to protect indirectly obtained personal information.

4. Exceptions with authorization and consent

According to relevant laws and regulations, we do not require your authorization and consent to collect and use your personal information under the following circumstances:

  1. Relevant to our performance of obligations stipulated in laws and regulations;
  2. Directly related to national security and national defense security;
  3. Directly related to public safety, public health, and major public interests;
  4. Directly related to judicial or administrative law enforcement such as criminal investigation, prosecution, trial and judgment execution;
  5. To protect your or other individuals' life, property and other major legitimate rights and interests but it is difficult to obtain your consent;
  6. Personal information that you disclose to the public on your own;
  7. Collect personal information from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels;
  8. Necessary to enter into and perform relevant agreements or other written documents with you;
  9. Necessary to maintain the safe and stable operation of the products and/or services provided, such as discovering and handling product and/or service failures;
  10. Other situations specified by laws and regulations.

Please be aware that, in accordance with applicable law, if wetake technical measures and other necessary measures to process personal information in such a way that the data recipient cannot re-identify a specific individual and cannot recover Or we may conduct de-identified research, statistical analysis and prediction on the collected information to improve the content and layout of the Password Box, provide product or service support for business decisions, and improve our products and services (including the use of anonymous data for machine learning or model algorithm training), the use of such processed data does not require further notification to you and your consent. 

5. If we stop operating the Password Box products or services, we will promptly stop the activities of continuing to collect your personal information, notify you of the cessation of operations in the form of one-by-one delivery or announcements, and we will notify you of the relevant information held by us. Personal information related to business suspension will be deleted or anonymized. If children's personal information is involved, we will promptly notify the children's guardians of the suspension of operations.

3. How we use Cookies and similar technologies

(1) Use of Cookies

In order to ensure the normal operation of the website, provide you with an easier access experience, and recommend content that you may be interested in, we will store Cookies and Flash on your computer or mobile device. Cookies, or other local storage provided by your browser (or associated application) that typically contain an identifier, a site name, and a number and characters (collectively, "Cookies"). With the help of Cookies allow websites to store data such as your preferences.

If your browser or browser extensions allow it, you can modify your acceptance of cookies or reject our cookies. For more information, see AboutCookies.org. However, if you perform the operations described in this article, in some cases it may affect your safe access to our website, and you may need to change user settings every time you visit our website.

(2) Use of cookies and similar technologies

In addition to Cookies, we will also use other similar technologies such as web beacons, pixel tags, and ETags on our website.

For example, the emails we send you may contain an address link to the content of our website. If you click the link, we will track the click to help us understand your product or service preferences so that we can proactively improve our customer experience. Service experience. A web beacon is typically a transparent image embedded into a website or email. With the help of pixel tags in emails, we can learn whether the emails have been opened. If you do not want your activities to be tracked in this way, you can unsubscribe from our mailing list at any time.

ETag (Entity Tag) is an HTTP protocol header transmitted behind the scenes between an Internet browser and an Internet server, and can replace Cookies. ETag can help us avoid unnecessary server load, improve service efficiency, and save resources and energy. At the same time, we may record your identity through ETag so that we can understand and improve our products or services more deeply. Most browsers provide users with the function of clearing browser cache data. You can perform the corresponding data clearing operation in the browser settings function. However, please note that if you deactivate ETag, you may not be able to enjoy a relatively better product or service experience.

4. How we share, transfer and publicly disclose your information

(1) Sharing

We will not share your personal information with companies, organizations and individuals other than the Password Box provider, except in the following circumstances:

  1. Sharing under legal circumstances: We may share your personal information externally in accordance with laws and regulations, litigation, dispute resolution needs, or as required by administrative and judicial authorities in accordance with the law.
  2. Sharing with explicit consent: We will share your personal information with other parties with your explicit consent.
  3. Sharing with authorized partners: We may entrust authorized partners to provide you with certain services or perform functions on our behalf. We will only do so for the legal, legitimate, necessary, specific and clear reasons stated in this policy. For the purpose of sharing your information, authorized partners can only access the information they need to perform their duties, and we will require them through agreements not to use this information for any other purpose.

Currently, our authorized partners include the following types:

  1. Authorized partners for advertising and analysis services. We will entrust these partners to process information related to advertising coverage and effectiveness, but unless we obtain your permission, we will not share your personally identifiable information with partners that provide advertising and analysis services, or we will The information is de-identified so that the authorized partner cannot identify you personally. Such partners may combine the above information with other data they lawfully obtain to perform advertising services or decision-making recommendations entrusted by us.
  2. Suppliers, service providers and other partners. We send information to vendors, service providers and other partners who support our business, including providing technical infrastructure services on our behalf, analyzing how our services are used, providing customer service, facilitating payments, or conducting academic research. and investigation.

(2) Transfer

We will not transfer your personal information to any company, organization or individual, except in the following circumstances:

  1. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties;
  2. In the event of a merger, acquisition or bankruptcy liquidation of the Password Box provider, or other situations involving mergers, acquisitions or bankruptcy liquidation, if the transfer of personal information is involved, we will require the new company or organization that holds your personal information to continue to be bound by this provision. Otherwise, we will require the company, organization and individual to re-obtain your authorization and consent.

(3) Public disclosure

We will only publicly disclose your personal information under the following circumstances:

  1. We may publicly disclose your personal information with your explicit consent or based on your active choice;
  2. If we determine that you have violated laws and regulations or seriously violated the Password Box related agreements and rules, or to protect the personal and property safety of Password Box users or the public from infringement, we may, in accordance with laws and regulations or obtain Disclosure of personal information about you with your consentincluding the relevant breach and the actions Password Box has taken against you.

(4) Exceptions to obtaining prior authorization and consent when sharing, transferring, or publicly disclosing personal information

According to relevant laws and regulations, sharing, transferring, and publicly disclosing your personal information does not require your prior authorization and consent in the following situations:

  1. Relevant to our performance of obligations under laws and regulations;
  2. Directly related to national security and national defense security;
  3. Directly related to public safety, public health, and major public interests;
  4. Directly related to judicial or administrative law enforcement such as criminal investigation, prosecution, trial and judgment execution;
  5. To protect your or other individuals' life, property and other major legitimate rights and interests but it is difficult to obtain your consent;
  6. Personal information that you disclose to the public on your own;
  7. Collect personal information from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels.

Please be informed that, subject to applicable law, if we process personal information through technical measures and other necessary measures such that the recipient of the data is unable to re-identify a specific individual and cannot recover, the sharing of such processed data , transfer, and public disclosure without further notification to you and obtaining your consent. 

5. How we protect your information

(1) Data protection technical measures we take

We have adopted reasonable and feasible security measures that comply with industry standards to protect your information and prevent personal information from unauthorized access, public disclosure, use, modification, damage or loss. For example, we will use encryption technology to improve the security of personal information. When exchanging data between your browser and the server, it is protected by SSL protocol encryption. We also provide HTTPS protocol secure browsing for the password box website; we will use Trusted protection mechanisms prevent personal information from being maliciously attacked; we will deploy access control mechanisms to try our best to ensure that only authorized personnel can access personal information. At present, our important information systems have passed the level 3 or above assessment of network security level protection.

(2) Organizational measures for data protection management we have adopted

We have established an advanced data security management system in the industry that is centered on data and revolves around the data life cycle to improve the security of personal information from multiple dimensions such as organizational construction, system design, personnel management, and product technology. We have set up a dedicated personal information protection department and designated a dedicated person responsible for the protection of children's personal information. We will hold security and privacy protection training courses to enhance employees’ awareness of the importance of protecting personal information. We will update and disclose security risks, personal information security impact assessment reports and other relevant content from time to time, which you can obtain through the password box announcement.

(3) Response to personal information security incidents

If our physical, technical or management protection facilities are damaged, resulting in unauthorized access, public disclosure, tampering or destruction of information, resulting in damage to your legitimate rights and interests, we will promptly activate the emergency plan and take reasonable relief measures to Minimize the impact on your personal information and other rights and interests as much as possible. If a personal information security incident occurs, we will also inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the handling measures we have taken or will take, suggestions for you to prevent and reduce risks on your own, and Your Remedies, etc. We will notify you of event-related information by email, letter, phone call, push notification, etc. When it is difficult to notify the personal information subjects one by one, we will issue announcements in a reasonable and effective manner. At the same time, we will also report the handling of personal information security incidents in accordance with the requirements of regulatory authorities.

(4) Independent prevention of account security risks

We strongly recommend that you do not use communication methods other than those recommended by Password Box to send your information when using Password Box, and please use complex passwords to help us protect the security of your account. 

When using the password box for online transactions, you will inevitably have to disclose your personal information to the counterparty or potential counterparty, such as Contact information or Contact address. In addition, you can also establish communications, exchange information or analyze content with third parties through our services. Please protect your personal information properly and provide it to others only when necessary. If you find that your personal information, especially your account or password, has been leaked, please contact Password Box customer service immediately so that we can take appropriate measures according to your application.

Please note that the information you voluntarily share or even share publicly when using our services may involve your or others' personal information or even personal sensitive information. Please consider more carefully whether to share or even share relevant information publicly when using our services. 

6. How we store your information

(1) Storage location

The personal information we collect and generate during our operations in the People's Republic of China will be stored in China. Under the following circumstances, we will provide your personal information to overseas entities after fulfilling our obligations under the law:

  1. Applicable laws are clearly defined;
  2. Obtain your express authorization;
  3. You conduct cross-border transactions and other personal proactive behaviors through the Internet.

In response to the above situations, we will ensure through contracts and other forms to protect your personal information to a level no less than that specified in this policy.

(2) Storage period

We will only retain your personal information for the period necessary to achieve the purposes stated in this policy, unless there are mandatory retention requirements by law, such as the "E-Commerce of the People's Republic of China" The Law requires that product and service information and transaction information be kept for no less than three years from the date of completion of the transaction. We mainly refer to the following standards when determining the storage period of personal information, whichever is longer:

  1. Complete the transaction purposes related to you, maintain corresponding transaction and business records, and respond to your possible inquiries or complaints;
  2. Ensure the safety and quality of the services we provide you;
  3. whether you agree to a longer retention period;
  4. Whether there are other special agreements or legal and regulatory provisions regarding the retention period.

After the retention period has expired, we will delete or anonymize your personal information as required by applicable law.

7. How do you manage your information?

In addition to following the operation path in Section 2 of this policy and operating on our client, you can also access and manage your information in the following ways:

(1) Query, correct and supplement your information

You have the right to inquire, correct or supplement your information. You can do this yourself by:

  1. Log in to the mobile password box client and enter "Account and Security" to query, correct or supplement personal data, account and security information;
  2. Log in to the mobile password box client and select customer service for help to assist you in querying, correcting or supplementing your information.

(2) Delete your information

You can delete some of your information by the methods listed in "(1) Query, correct and supplement your information".

In the following situations, you can make a request to us to delete your personal information by contacting Password Box customer service:

  1. If our processing of personal information violates laws and regulations;
  2. If we collect and use your personal information without your explicit consent;
  3. If our handling of personal information seriously violates our agreement with you;
  4. If you actively cancel your account.

If we decide to respond to your deletion request, we will also try our best to notify the subjects who obtained your personal information from us and request them to delete it in a timely manner (unless otherwise provided by laws and regulations, or these subjects have independently obtained your authorization) .

After you or we assist you in deleting relevant information, we may not be able to immediately delete the corresponding information from the backup system due to applicable legal and security technical restrictions. We will store your personal information securely and restrict Any further processing of it until the backup can be purged or anonymized. 

(3) Change the scope of your authorization and consent

You can change or withdraw the scope of your authorization for us to collect and process your personal information: You can give, modify or withdraw your authorization consent by setting or changing the settings of your smart mobile device in "Settings". For authorizations that you cannot set directly through the above method, you can modify it by contacting Password Box customer service,But please note that for some types of personal information, such as information necessary to realize the basic functions of Password Box or Information necessary for us to fulfill our obligations under laws and regulations, we may not be able to respond to your request to change the scope of authorization (see (5) Responding to your above request for details). 

After you withdraw your authorization, we will no longer process the corresponding personal information. However, your decision to withdraw your authorization will not affect our previous processing of personal information based on your authorization.

(4) Cancel your account

You can apply to cancel your account through the following methods:

  1. Log in to the mobile password box client and submit an account cancellation application through "Account and Security-Cancel Account";
  2. Log in to the mobile password box client and select customer service for help to assist you in applying to cancel your account.

After you voluntarily cancel your account, we will stop providing products or services to you, and delete or anonymize your personal information in accordance with the requirements of applicable laws.

(5) Respond to your above request

To ensure the security of your account, when you make the above request to us, we may first ask you to verify your identity (such as asking you to provide a written request or other methods) before processing your request. 

We will respond to the above requests you make to us as soon as possible. If you are not satisfied with our response, you can also file a complaint through Password Box customer service.

In principle, we do not charge fees for your reasonable requestsHowever, for repeated requests that exceed reasonable limits, we will charge a certain fee at our discretion. For information that is not directly related to your identity, is applied for repeatedly without reasonable reasons, or requires excessive technical means (for example, the need to develop a new system or fundamentally change existing practices), poses risks to the legitimate rights and interests of others, or does not We may deny realistic requests. 

In the following circumstances, we will not be able to respond to your request in accordance with legal and regulatory requirements: 

  1. Related to our fulfillment of obligations stipulated in laws and regulations;
  2. Directly related to national security and national defense security;
  3. Directly related to public safety, public health, and major public interests;
  4. Directly related to criminal investigation, prosecution, trial and execution of judgments;
  5. There is sufficient evidence that the personal information subject has subjective malice or abused his rights;
  6. In order to protect the life, property and other major legitimate rights and interests of the personal information subject or other individuals but it is difficult to obtain the authorization and consent of the individual;
  7. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations;
  8. Involving trade secrets. 

8. How we handle minors’ information

We presume that you have the appropriate capacity for civil conduct. If you are a minor, we ask that you ask your parents or other guardians to read this policy carefully and use our services or provide information to us with the consent of your parents or other guardians.

If you are a parent or other guardian of a child, please pay attention to whether the child under your supervision is using our services with your authorization and consent. If you have any questions about the personal information of the children under your custody, please contact us through the contact information in Section 11.

9. Third-party SDK list

In order to ensure the stable operation and function realization of our client and enable you to enjoy and use more services and functions, our application will embed the SDK of authorized partners or other similar applications.

We will conduct strict security testing on the application programming interface (API) and software tool development kit (SDK) used by authorized partners to obtain relevant information, and agree on strict data protection measures with authorized partners to ensure that they comply with this policy and any other Relevant confidentiality and security measures are used to process personal information. For more details please see Third-party SDK list.

10. How to update this policy

Our services and technologies are constantly updated and optimized to follow the needs of you and other users, so when new services and business processes change, we may update our privacy policy to inform you of the specific changes. However, we will not restrict your rights in accordance with this policy without your explicit consent.

For major changes, we will also provide more prominent notifications (including notifications through password box disclosures or providing you with pop-up prompts).

Major changes referred to in this policy include but are not limited to:

  1. Significant changes to our service model. Such as the purpose of processing personal information, the type of personal information processed, the use of personal information, etc.;
  2. We undergo significant changes in control and other aspects. Such as changes in information controllers caused by mergers, acquisitions, reorganizations, etc.;
  3. The main recipients of personal information sharing, transfer or public disclosure change;
  4. There are significant changes in your rights regarding the processing of personal information and how you exercise them;
  5. Changes in our responsible departments, contact information and complaint channels responsible for handling personal information protection;

11. How do you contact us?

You can contact us through the following methods and we will respond to your request as soon as possible:

  1. If you have any questions, comments or suggestions about the content of this policy, you can contact us through Password Box customer service;
  2. Contact us by sending an email to yullg@foxmail.com.