This policy applies to the operating entities providing App software services and client services, as well as potential operational related units of client services, specifically referring to Shenzhen XFT MedicalLimited. (hereinafter referred to as "we"). The users of the App software services and client services provided by us are referred to as "users" or "you" in this policy. We understand the importance of personal information to you and will do our best to protect it.

We are committed to maintaining your trust in us and abide by the following principles to protect your personal information: principle of consistent rights and responsibilities, principle of clear purpose, principle of choice and consent, principle of least sufficient, principle of ensuring security, principle of subject participation, principle of openness and transparency, etc. . At the same time, we promise that we will adopt corresponding security protection measures to protect your personal information in accordance with the mature security standards of the industry.

The completion of registration and login means that you agree to this privacy policy. Please read and understand this "Privacy Policy" carefully before using our products (or services).

This clause includes the following:

Personal information refers to various information recorded electronically or in other ways that can identify a specific natural person alone or in combination with other information or reflect the activities of a specific natural person. We will only collect and use your personal information for the following purposes stated in these terms:

Register as a user

To complete the account registration, you need to provide the following information: your mobile phone number, email or WeChat QQ authorization information. The above information will continue to be authorized by us during your use of this service. You can also use some of our secondary services without registering, but our main services require you to register to enjoy them.

The above information will be stored in the territory of the People's Republic of China. If cross-border transmission is required, we will obtain your authorization separately.

Usage scenario: The device identification code is used as the identification of APP push notifications. We and the third-party push service we use require your authorization to obtain the identification code. After obtaining the device identification code, it will be uploaded to the server for storage, and the third-party push will also be obtained And save the device identification code, through the device identification code saved by the two parties, the push message sent by the server is sent to the designated user client through the third party.

Usage scenario: app needs to obtain the Bluetooth permission of the device, pair with the device through Bluetooth, search and connected to the product device , transmit data to other devices through Bluetooth, and obtain data from other devices.

Usage scenario: Android Bluetooth needs to obtain location permission.

Usage scenario: it is used for users to make customer service calls on their own initiative.

Usage scenario: In order to prevent the user from logging in again every time the app is opened, the user's login information and login status will be written to the local data. The login information of the local data will be read when the app is opened next time, and the user will automatically log in when the user is on the account management page Relevant data will be deleted after logging out or uninstalling the APP.

When the user sets and changes the avatar, the relevant image file will be written into the local data, and the image file will be read when the user avatar is displayed. The above data and files will also be uploaded to the server for storage.

Usage scenario: When publishing posts, commenting posts, commenting articles, and giving feedback, you can publish pictures. After the user agrees to use the relevant permissions, you can choose from the album or take photos, upload the obtained picture files to the server, and the server saves the relevant files The information is displayed in the APP. If the user does not choose to publish the picture, the APP will not call the operation of the relevant authority.

When users set and change avatars, they need to take photos or read album permissions to obtain picture files. Then upload to the server and save to the local data for cache use.

1.8. Access to call status

Usage scenario: Bluetooth function support of Android system; product activation and regional verification.

To ensure the proper operation of Bluetooth functionality and to verify the legitimate use area of the product, our applications need to access your device location information in specific situations. Note that we will only request location permission in the following two necessary scenarios:

Bluetooth support: Bluetooth services in the Android system rely on location services for optimal performance. Although we do not directly collect or store your precise geolocation data for Bluetooth operations, the system may temporarily call location services when using Bluetooth functionality. Please rest assured that we strictly follow the principle of minimum necessary, this permission is only enabled to ensure the stability of Bluetooth connection.

Product activation and regional verification: To ensure that your product complies with the geographical use restrictions specified in the relevant laws, regulations or licensing agreements, the application obtains your approximate location information once during the product activation phase to verify that the product is within the permitted geographical area. This process is only verified once, and the acquired location data fails immediately after completion of the verification and will not be recorded, stored, or shared with any other third party.

We respect and are committed to protecting your right to privacy and commit to no additional collect, use or share your location information without your express consent. Please fully understand the above use when granting location permission, and at any time you can manage and revoke location access to this application in the privacy settings of the device.

Your usage record in this app: usage time, mode and duration; your personal information uploaded on your own initiative: name, gender, date of birth, height, weight and region; the information obtained by us with your consent will be used for internal data collection, statistics and analysis.

The third-party SDK statistical services we use will collect SDK/API code versions, Internet service providers, IP addresses, platforms, timestamps, application identifiers, application versions, application distribution channels, independent device identifiers, and iOS advertising identifiers. IDFA, Android advertiser identifier, network card (MAC) address, International Mobile Equipment Identity (IMEI), device model, terminal manufacturer, terminal device operating system version, session start/stop time, language location, time zone and Network status (WiFi, etc.), hard disk, CPU and battery usage information.

In order to provide you with one-click sharing service, our product integrates U-Share + U-Share SDK, which will collect your device identification information (such as IMEI/android ID/IDFA, etc.) and the public information of social accounts you need to share in order to complete One-click sharing service. For the security of your information, we have made data security and confidentiality agreements with third-party SDK service providers, and these companies will strictly abide by our data privacy and security requirements. Unless we have your consent, we will not share your personally identifiable information with them. In order for you to better understand the types and uses of data collected by [UMeng+], and how to protect your personal information, you can log in to https://www.umeng.com/policy to understand the[UMeng+] privacy policy .

By agreeing to these terms, you agree to the third-party statistical services we use to obtain and use your relevant information.

Some of our services (including but not limited to questionnaires, personal data, training records, posting posts, comments, etc.) require you to submit and upload relevant information. If you use such services and upload relevant information, it is deemed that you have actively provided it to Our information, personal information actively submitted through this APP, means that you agree to this privacy policy and expressly agree to the processing of your personal information in accordance with this privacy policy.

When we want to use information for other purposes not specified in this clause, we will seek your consent in advance.

When we want to use the information collected for a specific purpose for other purposes, we will seek your consent in advance.

Location: Our products are integrated with Autonavi open platform SDK in order to realize location service and verify the legitimate use area of products. Personal information is used only.

We will not share your personal information with any other companies, organizations or individuals, except in the following cases:

Sharing with explicit consent: After obtaining your explicit consent, we will share your personal information with other parties.

We may share your personal information externally in accordance with laws and regulations, or compulsory requirements of government authorities.

Sharing with our affiliates: Your personal information may be shared with our affiliates. We will only share necessary personal information and are bound by the stated purpose in this privacy policy. If the affiliated company wants to change the purpose of processing personal information, it will again seek your authorization and consent.

Sharing with authorized partners: Only to achieve the purpose stated in this privacy policy, some of our services will be provided by authorized partners. We may share some of your personal information with our partners to provide better customer service and user experience.

In this case, these companies must comply with our data privacy and security requirements. We will only share your personal information for legal, legitimate, necessary, specific, and clear purposes, and will only share personal information necessary to provide services.

For companies, organizations and individuals with whom we share personal information, we will sign strict confidentiality agreements with them, requiring them to handle personal information in accordance with our instructions, this privacy policy and any other relevant confidentiality and security measures.

We will not transfer your personal information to any company, organization or individual, except in the following cases:

Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties;

When it comes to mergers, acquisitions or bankruptcy liquidation, if it involves the transfer of personal information, we will require the new company or organization that holds your personal information to continue to be bound by this privacy clause, otherwise we will require the company or organization to re-submit You seek authorization and consent.

We will only publicly disclose your personal information under the following circumstances:

After obtaining your explicit consent;

Disclosure based on law: We may publicly disclose your personal information in the case of laws, legal procedures, litigation or mandatory requirements of government authorities.

2.4. We reserve the right to choose to use and disclose anonymous information to third parties, including the right to use for internal business analysis and to provide aggregated statistical data to our various partners.

3. How do we protect your personal information

3.1. We have used safety protection measures that comply with industry standards to protect the personal information you provide to prevent unauthorized access, public disclosure, use, modification, damage or loss of data.

We will take all reasonable and feasible measures to protect your personal information.

For example, the data exchange between your mobile phone and the server is protected by SSL encryption;

We also provide https secure browsing for our services;

We will use encryption technology to ensure the confidentiality of data;

We will use trusted protection mechanisms to prevent malicious attacks on data;

We will deploy an access control mechanism to ensure that only authorized personnel can access personal information;

And we will hold security and privacy protection training courses to strengthen employees' awareness of the importance of protecting personal information.

We will only retain your personal information for the period required to achieve the purpose stated in the terms, unless it is necessary to extend the retention period or is permitted by law.

Emails, instant messaging, and communication with other our users are not encrypted. We strongly recommend that you do not send personal information through these methods. Please use a complex password to help us ensure the security of your account.

If our physical, technical, or management protection facilities are damaged, resulting in unauthorized access, public disclosure, tampering, or destruction of information, resulting in damage to your legal rights, we will bear the corresponding legal responsibility.

In the unfortunate event of a personal information security incident, we will promptly inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, and what you can independently prevent and reduce risks Suggestions, remedies for you, etc.

We will promptly inform you of the relevant situation of the incident by email, letter, telephone, push notification, etc. If it is difficult to inform the subject of personal information one by one, we will adopt a reasonable and effective way to issue an announcement. At the same time, we will also proactively report the handling of personal information security incidents in accordance with the requirements of the regulatory authorities.

In accordance with relevant Chinese laws, regulations and standards, as well as common practices in other countries and regions, we guarantee that you exercise the following rights with respect to your personal information:

You have the right to access your personal information, except for exceptions provided by laws and regulations. If you want to exercise the right of data access, you can access it yourself through the following methods:

Account information-If you want to access or edit the personal information and payment information in your account, change your password, add security information or close your account, you can do so through the relevant settings page in the APP or contact us Such operations.

As long as we don’t need to invest too much, we will provide you with other personal information generated during your use of our products or services.

When you find that the personal information we process about you is wrong, you have the right to ask us to make corrections. You can perform such operations in the manner listed in "4.1 Access to Your Personal Information".

In the following situations, you can request us to delete personal information:

If our handling of personal information violates laws and regulations;

If we collect and use your personal information without obtaining your consent;

If our handling of personal information violates our agreement with you;

If you no longer use our products or services, or you cancel your account;

If we no longer provide you with products or services.

If we decide to respond to your deletion request, we will also notify the entities that have obtained your personal information from us and require them to delete them in a timely manner, unless laws and regulations provide otherwise, or these entities obtain your independent authorization.

When you delete information from our service, we may not delete the corresponding information from the backup system immediately, but we will delete the information when the backup is updated.

Each business function requires some basic personal information to be completed (see "Part 1" of this clause). For the collection and use of additional personal information, we will no longer process the corresponding personal information after you withdraw your consent. However, your decision to withdraw your consent will not affect the previous processing of personal information based on your authorization.

You can cancel the previously registered account at any time. Contact us to perform such operations. After you cancel your account, we will stop providing products or services to you, and delete your personal information at your request, unless otherwise provided by laws and regulations.

You have the right to obtain a copy of your personal information.

Under the premise of technically feasible, such as data interface matching, we can also directly transmit a copy of your personal information to a third party designated by you at your request.

In some business functions, we may only make decisions based on non-manual automatic decision-making mechanisms including information systems and algorithms. If these decisions significantly affect your legal rights, you have the right to ask us for an explanation, and we will also provide appropriate remedies.

You can submit the above request through the contact information at the end of the article, and we will reply within 30 days. To ensure safety, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request.

For your reasonable request, we do not charge fees in principle, but for repeated requests that exceed reasonable limits, we will charge a certain cost depending on the circumstances.

For those unreasonable repetitions, requiring excessive technical means (for example, the need to develop new systems or fundamentally changing current practices), bring risks to the legitimate rights and interests of others, or are extremely impractical (for example, involving information stored on backup tapes) Request, we may refuse.

In the following situations, we will not be able to respond to your request in accordance with laws and regulations:

Related to national security and national defense security;

Related to public safety, public health, and major public interests;

Related to criminal investigation, prosecution and trial;

There is sufficient evidence to show that you have subjective malice or abuse of rights;

Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations.

Our products, websites and services are all for adults. Without the consent of their parents or guardians, minors may not create their own user accounts.

In the case of collecting personal information of minors with parental consent, we will only use or publicly disclose this information when permitted by law, the parent or guardian's explicit consent, or the protection of minors is necessary. In some activities that require personal information, participating in the activity means agreeing to our collection of personal information.

Although local laws and customs have different definitions of minors, we treat anyone under the age of 18 as a minor.

If we find that we have collected personal information of minors without first obtaining verifiable parental consent, we will try to delete the relevant data as soon as possible.

In principle, the personal information we collect and generate within the territory of the People's Republic of China will be stored in the territory of the People's Republic of China.

Since we provide products or services through resources and servers all over the world, this means that after obtaining your authorization and consent, your personal information may be transferred to the overseas jurisdiction of the country/region where you use the product or service, or Receive visits from these jurisdictions.

Such jurisdictions may have different data protection laws or even no relevant laws. In such cases, we will ensure that your personal information is sufficiently and equally protected within the territory of the People's Republic of China.

For example, we will request your consent for the cross-border transfer of personal information, or implement security measures such as data de-identification before cross-border data transfer.

We may make adjustments or changes to this privacy policy in due course. Any update to this privacy policy will be announced in our APP by marking the update time. Except for other mandatory provisions of laws, regulations or regulatory provisions, the content of the adjustment or change It will take effect 7 days after notification or announcement.

If you continue to use any of the services we provide or visit our related websites after the privacy policy is adjusted or changed, we believe that this means that you have fully read, understood and accepted the revised privacy policy and are bound by it.

If you do not agree to this privacy policy, you are deemed to actively choose to stop using our services.

If you have any questions, comments or suggestions about this privacy policy, please contact us in the following ways:

Company Name: Shenzhen XFT MedicalLimited

Address: #203 Building 1, Biomedicine Innovations Industrial Park, #14 Jinhui Road, Pingshan New District, Shenzhen, China

Customer Contact: 075529888818

WeChat public account: XFTCHINA2000 (XFT Medical)

Under normal circumstances, we will reply within 30 days.

March 28,2024