We value the privacy of our users and the protection of their information. We might gather and utilize information about you when you use our products and/or services. We would like to explain our business situation and the types of privacy details we gather from you, as well as the pathways and protection measures to access, update, and delete that information, and the rules we need to follow when we share, transfer, or publicly disclose your information, through the “Ottai App Privacy Protection Policy” (the "Policy"). Moreover, there are rules we need to follow when we share, transfer, or publicly disclose your private information. This Policy relates to your use of the Ottai monitoring services and the various functions included in the services (hereinafter referred to as "our products and/or services"), and we will not be able to provide you with the services if you do not agree to this Policy. We hope that you will read and confirm that you fully understand the contents of this Policy (especially the bolded and underlined portions) before using our products and/or services so that you can make the choices you believe to be appropriate under the guidance of this Policy.

By using or continuing to use our products and/or services after we have updated the Policy, you agree to the contents of this Policy (including updated versions) and consent to our gathering, utilizing, storing, and protecting your relevant information in accordance with this Policy.

This policy document will help you understand the following:

1. The scope of application of the policy and the basis for processing private information.

2. How we gather and utilize your private information.

3. How we store and protect your private information.

4. How we entrust you to process, share, transfer, and publicly disclose your information.

5. Your rights.

6. How we process the privacy of minors.

7. How the policy and the document will be updated.

8. How to contact us.

1. User or you: refers to the registered user of the Ottai platform.

2. Ottai Platform: refers to the Internet platform developed, owned, and operated by Ottai Technology (Wuxi) Co., Ltd., including web pages, app clients, official accounts, mini programs, etc., that are currently operated and will be developed from time to time in the future.

3. We: refers to Ottai Technology (Wuxi) Co., Ltd., the operator of Ottai products and/or services.

4. Affiliated companies: refers to the existence of an affiliation with each other, and affiliation refers to the relationship between our controlling shareholders, de facto controllers, directors, supervisors, and senior management and the enterprises they directly or indirectly control, as well as other relationships that may lead to the transfer of interests in Ottai products.

5. Ottai products and/or services: refers to the products or services provided to you by Ottai Technology (Wuxi) Co., Ltd. through the Ottai Platform, which include but are not limited to real-time monitoring of the user's blood glucose, blood glucose data analysis, blood glucose danger alarms, and blood glucose data sharing and other services.

6. Ottai device: refers to blood glucose monitoring devices such as CGMS developed by Ottai Technology (Wuxi) Co., Ltd., as well as devices that will be developed in the indefinite future and are capable of being bound to the Ottai platform.

7. Privacy: refers to all kinds of information recorded electronically or otherwise concerning an identified or identifiable natural individual, excluding information that has been anonymized.

8. Sensitive privacy: refers to privacy that, if disclosed or used illegally, could easily lead to the infringement of a natural person's human dignity or jeopardize the safety of his or her person or property.

9. Processing of privacy: includes the gathering, storage, utilization, processing, transmission, provision, disclosure, and deletion of privacy.

10. Gathering: refers to the act of obtaining control over privacy, including the provision of privacy by the subject of privacy on his or her initiative, the automatic gathering of privacy by interacting with the subject of privacy or recording the behavior of the subject of privacy, as well as the indirect acquisition of privacy by sharing, transferring, or gathering publicly available information, etc.

11. Deletion: the act of removing privacy from systems involved in the realization of daily operational functions, so that it remains in a state where it cannot be retrieved or accessed.

12. Public disclosure: the act of releasing information to society or unspecified groups.

13. Sharing: the process in which a privacy controller provides privacy to other controllers, and both parties have independent control over privacy.

14. Anonymization: a process in which the subject of privacy is rendered unrecognizable or unrelated through the technical processing of privacy, and the processed information cannot be recovered. (Note: Information derived from the anonymization of privacy is not privacy.).

15. De-identification: the process of technically processing privacy in such a way that the subject of privacy cannot be identified or associated with it without the aid of additional information.

(1) The scope of the application

This policy applies to the products and services we provide. This policy shall apply when you visit or log in to the relevant clients, websites, or programs of the "Ottai" platform to access our products and services.

Please be aware that this policy applies only to information gathered by us and does not apply to information gathered by third-party products and/or services accessed through our products and/or services, including any third-party websites and information collected through other companies or organizations that serve advertisements in our products and/or services.

(2) Basis for processing privacy

Except for the following circumstances, our processing of your privacy must obtain your explicit consent (including obtaining your separate consent or written consent following relevant laws and administrative regulations):

1. It is necessary for the conclusion or performance of a contract to which an individual is a party, or for the implementation of human resources management by the labor regulations and contracts established and signed following the law;

2. It is necessary for the performance of legal duties or obligations;

3. It is necessary to respond to public health emergencies or to protect the life, health, and property of natural persons urgently;

4. Handling of privacy within a reasonable range when performing acts such as news reporting and monitoring of public opinion in the public interest;

5. Processing privacy that individuals disclose themselves or that has been legally disclosed by others within a reasonable scope following the provisions of this Law;

6. Other cases specified by laws and administrative regulations.

(a) We will obtain your privacy through the following two channels:

1. Information provided directly by you

The information you provide to us when using our services, including when you fill in information online on our pages, apply for products and/or services, resolve disputes, or provide information on our services. Information provided when contacting us, and information about your transactions and activities generated in the course of your use of our services.

2. Information we actively gather

When you use the Ottai App and related services/platforms, we will gather information sent to us from your hardware products, computers, mobile phones, and other access devices (see below for details).

(b) When you use our services, we need to gather and utilize your following privacy

1. Register

When you apply to register as a member of the Ottai platform, we will record your mobile phone number. If you refuse to provide us with the above information, you will not be able to register for a user account.

2. Log in

You need to log in to the Ottai platform, during which your account will be verified for login purposes. We will gather and store your mobile phone number for account login. This information is gathered to provide you with account login services and to ensure the security of your account. If you do not provide the above information, you will not be able to log in to the Ottai platform normally.

3. Fulfil your privacy details

During the use of the Ottai platform, you may choose to provide additional information such as gender, date of birth, height, weight, etc. This information is not required for the operation of the service, and it may be used to analyze the blood glucose monitoring data, improve the quality of the service, and so on. If you do not provide the above information, it will not affect your usage of the services provided by Ottai.

4. Blood glucose monitoring, analysis, and early warning

To provide you with blood glucose monitoring, analysis, and early warning services, your blood glucose information will be recorded automatically when you use the monitor and connect it to your mobile device. If you refuse to provide your blood glucose information (e.g., removing the device, disconnecting the cell phone), the Ottai platform will not be able to provide you with blood glucose monitoring, analysis, and warning services; however, it will not affect your usage of other services on the Ottai platform.

If you activate this service, we and/or a third party commissioned by us will alert you via text message and/or phone call if we detect an extreme abnormality in your blood glucose information.

5. Device permission invocation description

To connect to and use our products, the Ottai Platform will ask you for the following system permissions related to privacy:

Permission name: NFC

Purpose of permission: used to activate Ottai products

Statement of the necessity of information gathering: it is mandatory; if refused, the CGM monitor cannot be connected.

Permission name: Bluetooth

Purpose of permission: used to connect Bluetooth devices of Ottai products

Statement of the necessity of information gathering: it is mandatory; if refused, the CGM monitor cannot be connected.

Permission name: Position & Orientation

Purpose of permission: used to locate the signal, search for, and match Bluetooth devices of Ottai products

Statement of the necessity of information gathering: it is mandatory; if refused, the CGM monitor cannot be connected.

Permission name: Camera

Purpose of permission: used to scan the device code of Ottai products

Statement of the necessity of information gathering: it is not mandatory. If rejected, you will need to manually enter the device code.

Permission name: Storage

Purpose of permission: used for reading and saving pictures and data on your device

Statement of the necessity of information gathering: it is mandatory; if you refuse, the blood glucose monitoring and analysis function cannot be used, but it does not affect the use of other functions.

Permission name: Notification

Purpose of permission: used to receive blood glucose alarm information sent by the system

Statement of the necessity of information gathering: it is mandatory; if you refuse, you will not be able to receive blood glucose alarm information, but it will not affect the use of other functions.

6. Security and Service Enhancement

To protect the stability and security of the system when you use our products and services, prevent your information from being illegally accessed, prevent fraud with greater accuracy, and protect the security of your account, we will need to gather information about your device (device model, device MAC address, IP address, device identifier, operating system and software version, device status, network status), log information, and IP address to determine the risk of your account, and we may record links ("URLs") that we believe to be risky. We also gather information about your device to analyze problems with the Ottai system, to count traffic, to identify possible risks, and to investigate when you choose to send us anomalous information. If you do not provide the above information, we will not be able to protect your service and account security during your use of the service, but it will not affect the normal use of other functions and services.

7. Auto-start or Associate Start Instructions

Push Notification:

To ensure that this application can receive broadcast messages from the client accurately while being closed or running in the background, the application needs to utilize the (Auto-start) capability. This involves sending broadcasts at a certain frequency through the system to wake up the application through auto-start or associate start actions. This is necessary to fulfil the functionalities and services. When you open content-related push notifications, upon obtaining your explicit consent, it will redirect to open the relevant content. Without your consent, there will be no associated startup.

Download:

When you download files within this app (such as in-app version update prompts), the application manages HTTP connections based on download status, monitors changes in connection states, and ensures the smooth completion of each download task, especially when users switch between different apps, and downloads need to continue in the background (possibly involving auto-start of background processes). Once the download tasks are completed, the APK file is obtained for installation.

Widget:

This application supports desktop widget functionality, and widget functionality requires listening for and receiving system broadcasts (android.appwidget.action.APPWIDGET_UPDATE). This broadcast is for system widget refresh, and the refresh is executed by the system. If you use the desktop widget functionality of this application, the application needs to use auto-start capabilities by receiving system broadcasts to wake up relevant services for the application's desktop widgets (including, but not limited to, widget data updates).

8. Collection of Privacy by Third-Party SDKs or Other Applications

To enable you to use the above services and features, SDKs or other similar applications from authorized partners are embedded in our applications. Such SDKs and similar applications may collect your data, and we will strictly monitor the security of such accessed SDKs or other similar applications in the form of binding agreements to safeguard data security. The SDKs or other similar applications accessed by third parties on the Ottai platform are listed below:

Product Name: AliCloud SMS Service

Company: Alibaba Group Holding Ltd.

Purpose: To send SMS messages to users through the SMS service when users log in and during other important operations.

Type of privacy collected: User's cell phone number

Contact Information: 400-80-13260

Third-party privacy protection policy link or official website link: https://terms.aliyun.com/legal-agreement/terms/suit_bu1_ali_cloud/suit_bu1_ali_cloud202107091605_49213.html?spm=a2c4g.11186623.0.0.41161e61PFmmpk

Product Name: WeChat Open Platform

Type of Privacy Involved: Network Status, APP Installation List

Purpose of Use: To provide users with a WeChat three-way login function and to help users share information to WeChat.

Third-party Entity: Shenzhen Tencent Computer System Co.

Official Website Link: https://open.weixin.qq.com

Privacy Policy Documentation: https://weixin.qq.com/cgi-bin/readtemplate?lang=zh_CN&t=weixin_agreement&s=privacy

Product Name: Feishu Login SDK

Types of Privacy Involved: Network Status, APP Installation List

Purpose of Use: Provide users with a Feishu three-way login function

Third-party Entity: Beijing Feishu Technology Co.

Third-party Privacy Protection Policy Link or Official Website: https://open.feishu.cn/document/common-capabilities/sso/related-agreements/developers-use-compliance-specifications

Link to the third-party privacy protection policy or link to the official website: https://cloud.tencent.com/document/product/382/15627

Product Name: Sentry

Company Name: Functional Software, Inc.

Purpose: Collection of crash and error information from the app when it is running

Type of Privacy Collected: Crash and error information from the app

Contact Information: compliance@sentry.io

Link to the third-party privacy protection policy or link to the official website: https://sentry.io/privacy/

Product Name: Baidu Positioning/Location SDK

Types of personal information involved: Device information [including device identification information (Android ID, IDFA, IDFV), system information (OS version, device brand and model, device configuration), and application information (app name)], Location information [may include latitude and longitude, GNSS information, WiFi gateway address, WiFi MAC address, WiFi signal strength, WiFi status, WiFi parameters, WiFi list, base station ID data information, operator information, device signal strength information, IP address, Bluetooth information, and sensor information (acceleration, gyroscope, orientation, pressure, rotation vector, light, magnetometer)], Network type [e.g., mobile network, WiFi network].

Purpose of Use: To provide users with positioning functions and services.

Third-party Entity: Beijing Baidu Netcom Science Technology Co., Ltd.

Official Website: https://lbsyun.baidu.com/products/location

Privacy Policy: https://lbs.baidu.com/index.php?title=openprivacy

SDK Name: Umeng Message Push SDK

SDK Service Provider: Umeng Tongxin (Beijing) Technology Co., Ltd

Type of Personal Information Collected: Device Information (IMEI/MAC/Android ID/IDFA/OAID/OpenUDID/GUID/SIM Card IMSI/ICCID), Location Information, Network Information

Usage: Used when pushing messages

Link to Privacy Policy Documentation: https://www.umeng.com/page/policy

SDK Name: Huawei Push Kit Vendor Channel SDK

Types of personal information collected: basic application information, in-app device identifiers, device hardware information, basic system information, and system setting information

Purpose of Use: Providing Huawei terminal devices with message push services

Third-party Entity: HUAWEI Software Technology Co., Ltd.

Official Website: https://developer.huawei.com/consumer/cn/

Privacy Policy: https://developer.huawei.com/consumer/cn/doc/development/HMSCore-Guides/sdk-data-security-0000001050042177

SDK Name: Xiaomi Push Vendor Channel SDK

Types of Personal Information Involved: device identifiers (such as Android ID, OAID, GAID), device information

Purpose of Use: Used when pushing messages on Xiaomi cell phone terminals

Third-party Entity: Beijing Xiaomi Mobile Software Co., Ltd.

Data Processing Method: through de-identification, encrypted transmission and other secure methods

Official Website: https://dev.mi.com/console/appservice/push.html

Privacy Policy Documentation: https://dev.mi.com/console/doc/detail?pId=1822

SDK Name: Vivo Push Vendor Channel SDK

Types of Personal Information Involved: Application basic information, device identification information (such as OAID, Android ID), device hardware information, and system basic information.

Purpose of Use: Used when pushing messages on Vivo cell phone terminals.

Third-party Entity: Vivo Mobile Communications Co., Ltd.

Data Processing Methods: Through de-identification, encrypted transmission, and other secure methods.

Official Website: https://dev.vivo.com.cn/promote/pushNews

Privacy Policy Documentation: https://www.vivo.com.cn/about-vivo/privacy-policy

SDK Name: OPPO Push Vendor Channel SDK

Types of Personal Information Involved: device identifiers (e.g., IMEI, ICCID, IMSI, Android ID, GAID), application information (e.g., application package name, version number, and runtime status), and network information (e.g., IP or domain name connection results, current network type).

Purpose of Use: used in OPPO cell phone terminal push messages

Third-party Entity: Guangdong HuanTai Technology Co., Ltd.

Data Processing Method: encrypted transmission and processing using secure processing methods

Official Website: https://open.oppomobile.com/new/introduction?page_name=oppopush

Privacy Policy Documentation: https://open.oppomobile.com/wiki/doc#id=10288

SDK Name: Meizu Push Vendor Channel SDK

Types of Personal Information Involved: Basic application information, device identification information (e.g., OAID, Android ID), device hardware information, basic system information, and network information.

Purpose of Use: To provide message push service for Meizu terminal devices.

Third-party Entity: Zhuhai Meizu Communication Equipment Co., Ltd.

Data Processing Method: Secure processing through encrypted transmission and processing.

Official Website: http://open.flyme.cn/service/3

Privacy Policy Documentation: http://open.flyme.cn/docs?id=202

SDK Name: Honor Push Vendor Channel SDK

Types of Personal Information Involved: Application Anonymous Identifier (AAID), Push Message Token

Purpose of Use: To provide push message service for Honor terminal devices.

Third-party Entity: Honor Terminal Technology Co., Ltd.

Data Processing Method: Secure processing through encrypted transmission and processing

Official Website: https://developer.hihonor.com/cn/tg/page/tg2022092817400001

Privacy Policy Documentation: https://developer.hihonor.com/cn/kitdoc?spm=..0.0.d9fb4c6eCPFYrN&category=%E5%9F%BA%E7%A1%80%E6%9C%8D%E5%8A%A1&kitId=11002&navigation=guides&docId=personal-data-processing.md

SDK Name: Agoo long-link channel SDK

Types of Personal Information Involved: device brand, model, network status, use of outdated components to get Android ID locally in the application.

Purpose of Use: Push messages from the server to the client through the long link channel. Assist the client in identifying and adapting the push method and operating system, and completing the message push.

Third-party Entity: Taobao (China) Software Co., Ltd.

Data Processing Method: Secure processing through encrypted transmission and processing.

Contact Information: pipwg@service.alibaba.com

Privacy Policy Documentation: https://terms.alicdn.com/legal-agreement/terms/suit_bu1_taobao/suit_bu1_taobao201703241622_61002.html

1. Privacy storage site

We store private and important data collected and generated in our operations in the People's Republic of China in accordance with relevant laws and regulations. Currently, we will not transmit the above information outside of China. If we do need to provide such information outside of China due to business needs, we will follow the regulations of the relevant countries or ask for your consent.

2. Privacy storage period

We will only retain your private information for as long as is necessary to fulfill the purposes outlined in this policy unless you request that we delete or cancel your account immediately, or as otherwise required by law or regulation.

3. How we protect your privacy

(1) We have implemented industry-standard security measures to protect the privacy you provide against unauthorized access, public disclosure, use, alteration, damage, or loss of data. We will take all reasonably practicable steps to protect your privacy.

(2) We will take all reasonably practicable steps to ensure that we do not collect irrelevant information. We will only retain your information for as long as it is necessary to fulfil the purposes described in this policy unless we need to extend the retention period or are permitted by law to do so.

(3) The Internet environment is not always secure, and we will strive to ensure or guarantee the security of any information you send to us. However, we will not be held legally responsible for any leakage, public disclosure, loss, or theft of your information due to computer/mobile phone terminal problems, hacker attacks, or computer/mobile phone terminal virus intrusion, which may result in damage to your legitimate rights and interests. Nevertheless, we will take all reasonable measures and provide you with the necessary assistance to help you safeguard your legitimate rights and interests.

(4) When Ottai ceases to operate its products or services, we will:

a. Stop gathering privacy promptly;

b. Notify you of the suspension of operations in the form of one-on-one delivery or announcement;

c. Delete or anonymize the privacy held.

(5) In the unfortunate event of a privacy security incident, we will promptly inform you, as required by law and regulation, of:

the basic situation and the possible impact of the security incident, the disposal measures we have taken or will take, the suggestions that you can independently use to prevent and reduce the risk, and the remedial measures for you. We will also take the initiative to report the disposition of privacy security incidents in accordance with the requirements of the regulatory authorities. When it is difficult to inform the subjects of privacy one by one, we will find a reasonable and effective way to make a public announcement.

We are fully aware of the legal responsibility for any damage caused to the subject of privacy due to illegal sharing or public disclosure of privacy. We assume the obligation of confidentiality regarding your privacy and will not sell or rent any of your information. We will strictly follow the terms and conditions outlined for all entrusted handling, sharing, and public disclosure of your privacy:

1. Entrusted Processing

To improve efficiency and reduce costs, we may entrust third-party professional service providers to handle information on our behalf. For example, we may engage professional service providers to provide us with infrastructure technology services, content services, call services, notification services, etc. For companies, organizations, and individuals that we entrust to process privacy, we will require them to comply with strict confidentiality obligations and take effective confidentiality measures through written agreements, on-site audits, etc., and require them to process your privacy only within the agreed scope of entrustment and not to use your privacy for their interests. We will not be liable for any leakage of your privacy due to the actions of the third-party professional service providers commissioned by us, but in any case, we will give you the necessary assistance to safeguard your legitimate rights and interests.

2. Share

We will not share your privacy with other companies, organizations, and individuals, except in the following circumstances:

(1) Sharing with explicit consent: We may share your information with other parties with your explicit consent. If you do not consent to share, you may not be able to use the services provided to you by the third party;

(2) Provided in accordance with applicable laws and regulations, legal process requirements, and mandatory administrative or judicial requirements.

3. Transfer

We will not transfer your privacy to any company, organization, or individual, except in the following circumstances:

(1) Transfer with explicit consent: After obtaining your explicit consent, we will transfer your privacy to other parties;

(2) When a merger, acquisition, or bankruptcy liquidation is involved, if privacy is transferred, we will require the new company or organization that holds your privacy to continue to be bound by this policy; otherwise, we will require the company or organization to re-ask for your authorization and consent.

4. Public disclosure

We will only publicly disclose your privacy under the following circumstances:

(1) After obtaining your explicit consent;

(2) Disclosure based on law: We may publicly disclose your privacy when required by law, legal proceedings, litigation, or mandatory requirements from government authorities.

Under relevant Chinese laws, regulations, standards, and common practices in other countries and regions, we guarantee that you can exercise the following rights concerning your privacy:

1. Inquiry (access), change of your private information

You have the right to access your privacy, except for exceptions provided by laws and regulations. If you want to exercise your right to access your privacy, you can do so through the following methods: Home Page of Ottai APP - Personal Center - Edit Information.

2. Correcting and supplementing your private information

(1) If you discover an error in the information we have processed regarding you, you can request that we make corrections or additions.

(2) If you can't correct your information through the mentioned channels, you can contact us at any time through the customer service contacts in the Ottai App.

3. Deletion of your private information

In the following circumstances, you may request us to delete your private information:

(1) The purpose of processing has been achieved, cannot be achieved, or is no longer necessary to achieve the purpose of processing;

(2) We cease to provide products or services, or the purpose of this policy can no longer be achieved;

(3) You withdraw your consent to process your private information;

(4) We handle private information in violation of laws or administrative regulations or in violation of our agreement with you;

(5) Other situations stipulated by laws and administrative regulations.

If we decide to respond to your deletion request, we will also notify the entities that obtained your private information from us and require them to delete it promptly, unless otherwise provided by laws and regulations, or these entities obtain your independent authorization. When you delete information from our services, we may not delete the corresponding information from the backup system immediately, but we will delete the information when the backup is updated.

4. Changing or withdrawing the scope of your authorized consent

(1) Each business function requires some basic privacy to be completed. If you withdraw your consent, it may result in the inability to use the basic functions of the Ottai Test platform;

(2) You may give or withdraw your consent to the gathering and utilization of additional privacy at any time, and you may change the scope of your consent through the privacy settings of your mobile phone system;

(3) After you withdraw your consent, we will no longer process the corresponding privacy. However, your decision to withdraw your consent will not affect the previous processing of privacy based on your authorization.

5. Cancellation of accounts by subjects of privacy

You have the right to cancel your registered account. After canceling your account, we will stop providing products or services to you and delete your privacy according to your request, unless otherwise provided by laws and regulations.

6. Obtain a copy of your privacy

We will provide you with copies of the following types of privacy upon your written request: your basic privacy, identity information, and blood glucose monitoring information. You can contact our customer service staff at any time, and we will respond to your request within fifteen days. However, please note that we only provide you with a copy of the information we have gathered.

7. Transfer of privacy

If you request to transfer your privacy to the privacy processor designated by you, we will provide you with the necessary assistance under the premise of legality with the means to do so if the conditions stipulated by the State Internet Information Department are met.

8. Respond to your above-mentioned request(s).

(1) To ensure security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request. If you are not satisfied, you can also make a complaint to the local Regulatory Authority.

(2) In principle, we do not charge fees for reasonable requests, but we may charge a fee for repeated requests that exceed reasonable limits. We may reject unnecessarily repetitive requests, require excessive technical means (e.g., the development of new systems or fundamental changes to existing practices), pose a risk to the legal rights of others, or are highly impractical.

1. We take the protection of minors' privacy very seriously. Our products and services are intended only for adults who have reached the age of 18. Minors should not create their private subject accounts, with or without parental or guardian consent. If we become aware that we have collected data from minors, we will seek to delete the relevant data as soon as possible.

2. Despite differences in the definition of a minor under local law and customs, we consider any person under the age of 18 to be a minor.

1. Our privacy protection policy is subject to change. We will not reduce your rights under this policy without your express consent. We will post any changes to this policy on this page. When the Privacy Protection Policy is revised or significantly changed, we will display the changed content to you in the form of push notifications, pop-up windows, etc., when you log in and when the version is updated. Only after you confirm the revised privacy protection policy will we gather, use, process, and store your privacy in accordance with the revised privacy protection policy; you can choose not to agree to the revised privacy protection policy, but this may result in you being unable to use Ottai products and/or services.

2. Major changes referred to in this policy include but are not limited to:

(1) Our service model has undergone significant changes, such as the purpose of processing privacy, types of privacy processed, how privacy is used, etc.;

(2) We have undergone major changes in ownership structure, organizational structure, etc., such as changes in owners caused by business adjustments, bankruptcy, mergers, etc.;

(3) The main objects of privacy sharing, transfer, or public disclosure change;

(4) There are significant changes in your rights to participate in the processing of privacy and how you treat/process them;

(5) When our responsible department, contact information, and complaint channels for handling privacy security change;

(6) When the privacy security impact assessment report indicates that there is a high risk.

3. We will also keep an older version of this policy on our server storage for your review.

1. If you have any questions, comments, or suggestions regarding this policy, please contact us through our customer service at 400-9039-130.

2. If you are not satisfied with our response, in particular, if our privacy processing behavior harms your legitimate rights and interests, you can also make a complaint or report to the regulatory authorities.

3. The validity, interpretation, and dispute resolution of this policy shall be governed by the laws of the People's Republic of China. If any dispute or controversy occurs between you and us, it should first be resolved through friendly negotiation, and if the negotiation fails, we agree to submit the dispute or controversy to the jurisdiction of the people's court with jurisdiction over the place of residence of Ottai Technology (Wuxi) Co., Ltd.