Privacy Policy for CYCPLUS Fit

This Policy applies exclusively to the CYCPLUS Fit App product and its related services owned by Chengdu Wuban Culture Communication Co., Ltd. (hereinafter referred to as "Wuban" / "we").

To protect the security of user information, we strictly adhere to the principles of accountability, clear purpose, informed consent, data minimization, security assurance, user participation and transparency. We take protective measures in accordance with mature industry security standards to properly handle user information. Please read and understand the entire content of this Policy before using our product or services.

1. Collection and Use of Information

We collect and use your relevant information solely for the purpose of fulfilling the business functions stipulated in this Policy. You have the right to choose whether to provide such information; however, failure to provide necessary information may prevent you from using the corresponding services or resolving related issues.

1.1 Scope of Collected and Used Information

In the course of your use of our services, we will collect the information you voluntarily provide and the information necessary to provide services, and obtain the following permissions at the same time:

• Android ID: Used to analyze error information and assist client identification
• Storage Permission: For managing local cache
• Photo Album Permission: For reading local photo albums, supporting avatar replacement and image sharing
• Location Permission: For locating the current device position
• Bluetooth Permission: For connecting the device to the App
• Device Information Permission: For uploading log files
• App List Reading Permission

The aforementioned information is used to complete account registration, protect account security, upload avatars, and enable data upload and sharing, etc. The information you provide is authorized to be used by us for the duration of your use of the services. When you stop using the push services, we will cease using and delete the aforementioned information.

We will de-identify or anonymize the collected information. Information that cannot identify a natural person alone or in combination with other information is not deemed personal information in the legal sense. If we combine non-personal information with other information to identify your identity, or use it in conjunction with your personal information, such information will be treated and protected as your personal information in accordance with this Policy during the period of combined use.

If the scope of subsequent collection, use and processing of information exceeds the aforementioned scope, or is used for purposes not stated in this Policy, or information collected for a specific purpose is used for other purposes, we will notify you within a reasonable period after collecting the information or before processing it, and obtain your authorized consent.

1.2 Exceptions to the Requirement for Authorized Consent

Pursuant to applicable laws, regulations and national standards, we may collect and use your information without your authorized consent in the following circumstances:

1. Directly related to national security and national defense security
2. Directly related to public security, public health and major public interests
3. Directly related to criminal investigation, prosecution, trial and judgment enforcement
4. Necessary to protect your or another individual's major legitimate rights and interests such as life and property, where it is difficult to obtain the individual's consent
5. The collected information has been voluntarily disclosed by you to the public
6. Information collected from legally publicly disclosed sources, such as legitimate news reports and government information disclosures
7. Necessary for the conclusion or performance of a contract at your request
8. Necessary to maintain the safe and stable operation of the software and related services, such as detecting and resolving malfunctions of the software and services
9. Necessary for news organizations to carry out legitimate news reporting activities
10. Necessary for academic research institutions to conduct statistical or academic research for the public interest, where personal information is de-identified when providing research results to the public
11. Other circumstances as stipulated by laws and regulations

1.3 Third-Party SDK Permission Usage Instructions

Third-party SDKs are integrated into our product. Details regarding the collection and use of information by these SDKs, as well as links to their privacy policies, are as follows:

2. Sharing, Transfer and Public Disclosure of Information

We strictly protect your personal information and will not share, transfer or publicly disclose your information to any other company, organization or individual, except in the circumstances stipulated by law or agreement.

2.1 Information Sharing

We may share your information with third parties only in the following circumstances:

• With your explicit consent
• Pursuant to applicable laws and regulations, or mandatory requirements of government authorities
• Sharing with affiliated companies: Only necessary information will be shared, subject to the terms of this Policy; if an affiliated company changes the purpose of information processing, it will seek your authorized consent again
• Sharing with authorized partners: Solely for the purposes stated in this Policy, we may share necessary information with partners to provide better customer service and user experience. We only share your information for legal, legitimate, necessary, specific and clear purposes, and only share the information necessary to provide the services

2.2 Information Transfer

We will not transfer your personal information to any company, organization or individual except in the following circumstances:

• With your explicit consent
• In the event of merger, acquisition or bankruptcy liquidation, if information transfer is involved, we will require the new company or organization holding your information to continue to be bound by this Policy; otherwise, we will require the company or organization to seek your authorized consent again

2.3 Public Disclosure of Information

We may publicly disclose your information only in the following circumstances:

• With your explicit consent
• Pursuant to laws, legal procedures, litigation or mandatory requirements of government authorities

2.4 Exceptions to Authorized Consent for Sharing, Transfer and Public Disclosure

Pursuant to applicable laws, regulations and national standards, we may share, transfer or publicly disclose your information without your authorized consent in the following circumstances:

1. Directly related to national security and national defense security
2. Directly related to public security, public health and major public interests
3. Directly related to criminal investigation, prosecution, trial and judgment enforcement
4. Necessary to protect your or another individual's major legitimate rights and interests such as life and property, where it is difficult to obtain the individual's consent
5. Information voluntarily disclosed by you to the public
6. Information collected from legally publicly disclosed sources, such as legitimate news reports and government information disclosures

3. Information Security Protection Measures

We have adopted security protection measures that meet industry standards and take all reasonable and feasible measures to protect your user information from unauthorized access, public disclosure, use, modification, damage or loss. The specific measures are as follows:

• Data transmission and browsing protection: Data exchange between your browser and the services is protected by SSL encryption; our website provides HTTPS secure browsing; we use encryption technology to ensure data confidentiality and trusted protection mechanisms to prevent malicious attacks
• Access control management: Deploy access control mechanisms to ensure that only authorized personnel can access user information; control the number of authorized personnel and implement hierarchical permission management based on business needs and personnel levels; all access to personal data is logged and regularly audited by administrators
• Partner management: Strictly select business partners and service providers, and incorporate personal information protection requirements into commercial contracts, audits and assessments
• Internal staff management: Regularly organize security and privacy protection training courses, tests and publicity activities to enhance employees' awareness of the importance of protecting personal information

Note: No security measure is infallible, and no product, service, website, data transmission, computer system or network connection can be absolutely secure.

In the event of a personal information security incident, we will notify you in accordance with legal requirements of the basic facts and possible impacts of the incident, the disposal measures we have taken or will take, suggestions for you to independently prevent and reduce risks, and remedial measures for you. We will notify you of the incident via email, SMS, push notification, etc. If it is difficult to notify each individual information subject one by one, we will issue an announcement through reasonable and effective means. At the same time, we will report the disposal of the personal information security incident to the regulatory authorities in accordance with their requirements.

4. User Rights Relating to Information

In accordance with relevant Chinese laws, regulations, standards and international practices, we guarantee your exercise of the following rights with respect to your own user information, except in cases stipulated by laws and regulations.

4.1 Right to Access Information

You have the right to access your user information by logging directly into the CYCPLUS Fit App. If you cannot access such information through the above method, you may send an email to wuban9818@gmail.com. We will respond to your access request within 15 days.

4.2 Right to Correct Information

If you find that the information we process about you is incorrect, you have the right to request us to make corrections. You may send an email to wuban9818@gmail.com. We will respond to your correction request within 30 days.

4.3 Right to Delete Information

You may request us to delete your information in the following circumstances: We will evaluate your deletion request and take corresponding steps to process it if the relevant provisions are met:

1. Our processing of your information violates laws and regulations
2. We collected and used your information without obtaining your consent
3. Our processing of your information violates the agreement with you
4. You no longer use our product or services, or you have cancelled your account
5. We no longer provide products or services to you

When you submit a deletion request, we may require you to verify your identity to protect the security of your account. After you delete information from our services, due to applicable laws and security technologies, we may not immediately delete the corresponding information from our backup systems. We will securely store your information until the backup can be cleared or anonymized.

4.4 Right to Change the Scope of Authorized Consent

Certain basic user information is required to complete each business function (see Part 1 of this Policy). You may grant or withdraw your authorized consent to the collection and use of user information at any time.

After you withdraw your consent, we will cease processing the corresponding user information. Please note that withdrawal of your authorized consent may result in certain consequences, such as our inability to continue providing you with the corresponding services or specific functions; however, your decision to withdraw consent will not affect the processing of user information conducted on the basis of your prior authorization.

4.5 Right to Cancel Account

You may cancel your previously registered account at any time by yourself through the CYCPLUS Fit App.

Operation Steps: After logging in, enter the [My Page] → [About the App] → [Cancel Account].

Account cancellation takes effect immediately upon confirmation. We will stop providing products or services to you and delete or anonymize your information in accordance with your request, except as otherwise stipulated by laws and regulations. This may also result in the loss of your access to data in your account, so please proceed with caution.

4.6 Right to Obtain User Data

You have the right to obtain a copy of your user information. You may authorize the synchronization of data to third-party platforms by yourself through the CYCPLUS Fit App.

Where technically feasible, for example, if data interfaces are compatible, we may also transmit your data directly to a third party designated by you at your request.

4.7 Right to Restrict Automated Decision-Making

In certain business functions, we may make decisions solely based on non-manual automated decision-making mechanisms including information systems and algorithms. If such decisions significantly affect your legitimate rights and interests, you have the right to request an explanation from us, and we will provide appropriate remedies.

4.8 Rules for Responding to the Aforementioned Requests

• Identity Verification: To ensure security, you may be required to submit a written request or provide other forms of identity verification. We may first require you to verify your identity before processing your request. We will respond within fifteen days.
• Fee Description: We will not charge fees for your reasonable requests in principle, but may charge a certain cost fee for repeated requests that exceed a reasonable limit.
• Request Rejection: We may reject requests that are frivolously repetitive, require excessive technical means (e.g., developing a new system or fundamentally changing current practices), pose risks to the legitimate rights and interests of others, or are highly impractical. Please understand that for security reasons, applicable legal requirements or technical limitations, we may not be able to respond to certain of your requests, such as the following circumstances:
  1. Related to the performance of legal obligations by the information controller
  2. Directly related to national security and national defense security
  3. Directly related to public security, public health and major public interests
  4. Directly related to criminal investigation, prosecution, trial and judgment enforcement
  5. Where the information controller has sufficient evidence to show that the information subject has subjective malice or abuses rights
  6. Necessary to protect the major legitimate rights and interests such as life and property of the information subject or other individuals, where it is difficult to obtain the individual's consent
  7. Responding to the request will cause serious damage to the legitimate rights and interests of the information subject or other individuals or organizations
  8. Involving trade secrets

5. Rules for the Processing of Children's Personal Information

• Product and Service Orientation: Our products, websites and services are mainly intended for adults. Children shall not create their own user accounts without the consent of their parents or legal guardians. Despite differences in the definition of children under local laws and customs, we regard any individual under the age of 14 as a child.
• Information Processing with Consent: For the collection of children's user information with the consent of parents or legal guardians, we will only store, use or publicly disclose such information when permitted by law, with the explicit consent of parents or legal guardians, or as necessary to protect the child; otherwise, we will endeavor to delete the relevant data as soon as possible.
• Processing of Unintentional Collection: Due to the limitations of existing technologies and business models, it is difficult for us to proactively identify children's personal information. If you find that we have collected children's personal information without your knowledge or without prior verifiable guardian consent, you may contact us in a timely manner, and we will delete it as soon as possible after discovery. If we discover the aforementioned circumstances on our own, we will also delete the information in a timely manner, except as required by law.

6. Storage of User Information and Cross-Border Transfer

6.1 Information Storage

• Storage Location: In principle, user information collected and generated by us within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China.
• Storage Period: We will only retain your user information for the period necessary for the purposes and uses stated in this Policy and the shortest period stipulated by laws and regulations. After the aforementioned retention period expires, we will delete your user information or conduct anonymization in accordance with the requirements of applicable laws and regulations.
• Exceptions: Unless otherwise stipulated by laws and regulations, or for the purposes of public interest, scientific and historical research, or with your separate authorized consent, we may need to retain relevant data for a longer period.

6.2 Cross-Border Transfer

Since we provide products and services through global resources and servers, your user information may be transferred to, or accessed from, overseas jurisdictions where you use the products or services, with your authorized consent.

Such jurisdictions may have different data protection laws or even no relevant laws. In such cases, we will ensure that your user information receives protection equivalent to that within the territory of the People's Republic of China. For example, we will request your consent to the cross-border transfer of user information, or implement security measures such as data de-identification before cross-border data transfer.

7. Updates to This Privacy Policy

Our privacy policy may be changed. Without your explicit consent, we will not reduce the rights you enjoy in accordance with this privacy policy. We will post any changes to this Policy on this page.

For material changes, we will provide a more prominent notice. Material changes referred to in this Policy include, but are not limited to:

• Material changes to our service model, such as changes to the purpose of information processing, type of user information processed, and method of using user information
• Material changes in our ownership structure and organizational structure, such as changes in ownership caused by business adjustments, bankruptcy and mergers and acquisitions
• Changes to the main recipients of user information sharing, transfer or public disclosure
• Material changes to your rights in participating in information processing and the manner of exercising such rights
• Changes to the responsible department, contact information and complaint channel for information security management
• Identification of high risks in the information security impact assessment report

8. Official Contact Information

If you have any questions, comments or suggestions regarding this Privacy Policy, please contact us via email:

Contact Email: wuban9818@gmail.com

We will respond to your feedback within 15 days.