This Policy applies only to the AIx Assistant products or services of Shenzhen AIx Artificial Intelligence Co., Ltd. Last Updated: 2024.10.15

This Policy will help you understand the following:
I. How We Collect and Use Your User Information
II. How We Use Cookies and Similar Technologies
III. How We Share, Transfer, and Publicly Disclose Your User Information
IV. How We Protect Your User Information
V. Your Rights
VI. How We Handle Children's Personal Information
VII. How Your User Information is Stored and Transferred Globally
VIII. How This Policy is Updated
IX. How to Contact Us

We deeply understand the importance of your user information and will do our utmost to protect its security and reliability. We are committed to maintaining your trust in us, adhering to the following principles to protect your user information: the principle of consistent responsibilities and rights, the principle of explicit purposes, the principle of choice and consent, the principle of minimum sufficiency, the principle of ensuring security, the principle of subject participation, the principle of openness and transparency, etc. Simultaneously, we promise to take corresponding security protection measures to protect your user information in accordance with industry-standard security standards.

Please read and understand this Privacy Policy carefully before using our products (or services).

I. How We Collect and Use Your User Information

(I) Information We Collect and Use During Your Use of Our Products or Services

This application uses the WorkManager library to manage background tasks. This library may request system permissions to support task recovery but will not auto-start when the user is not actively using the application.

We will only collect and use your user information for the business functions described in this policy. The purpose of collecting user information is to provide you with products or services. You have the right to choose whether to provide this information. However, in most cases, if you do not provide it, we may not be able to provide you with the corresponding service or respond to the problems you encounter.

1.1 Account Registration/Login:
(1) Scope of Information
To ensure the security of your personal space usage, you need to register and log in to an "AIx Assistant account" before you can normally use other services after registration and login, including network synchronization and speech-to-text services. During registration and login, you need to provide us with your mobile phone number and enter an SMS verification code so that we can verify your user identity. This type of information is necessary for this function. If you do not provide it, you will be unable to complete registration/login. Your account and password will be encrypted and stored on our servers, and only you can use them. It is recommended that you keep your password information safe to prevent your account from being used by others.
(2) Scope of Permissions Called
When managing your cloud space after login, you need to scan a QR code on the web端 to enter the cloud space. During this process, we need to call your camera permission. This is a necessary system permission for entering the cloud space via QR code scanning. If you refuse, you will be unable to enter the cloud space.

1.2 Connecting Headphones:
(1) Necessary and Non-necessary Information Scope
When you connect AIxFU (Aifu) headphones, we will collect your connection log data and headphone device information (device SN and MAC address) to pair and connect the software with the headphones. This information is necessary for the headphone connection service. Please note that when you encounter problems requiring our intervention to resolve, we will need you to provide the aforementioned information.
After the headphone pairing connection is completed, we will only transmit data in real-time via Bluetooth when you use this software, including transmitting headphone device information obtained directly through the headphones and voice information recorded using the headphones. After you enable the cloud space, this information will be stored in the cloud, allowing you to quickly access, edit, replay audio from the cloud space, and download backup data from the cloud space. This information is necessary for the file transfer service. If you refuse to provide this information, you will be unable to use the file transfer service, but it will not affect your ability to connect the headphones. The rules for processing your personal information by the headphone product are governed by the separate privacy policy accompanying that headphone. If there is no separate privacy policy, please refer to this policy for its processing rules.
(2) Scope of Permissions Called
When you initially connect AIxFU (Aifu) headphones, we need to call your Bluetooth permission, storage permission, and location permission (Android only). The Bluetooth permission is necessary for the AIxFU (Aifu) headphones to connect and communicate with the phone. The storage permission is necessary for caching the binding code for headphone security verification and storing call records and upgrade package files to facilitate the normal operation of related functions. The location permission is necessary for activating the ultra-low power Bluetooth protocol, used by this Bluetooth component to identify devices and establish connections within the area. The above permissions are all necessary system permissions for normally using the device to connect AIxFU (Aifu) headphones to the phone. If you refuse, you will be unable to use the corresponding functions.

1.3 Recording (After Connecting Headphones):
(1) Scope of Information
When you use the recording function service (including call recording, audio/video recording, and live recording scenarios), we will collect your voice information and/or other recording content you provide. This type of information is necessary for recording. If you refuse to provide it, you will be unable to use the recording function. Please note that the recording information you input yourself will only be stored on the device end (headphones or phone locally).
You can also use the headphones alone for recording (Flash Record function). After recording is completed, this audio data will be stored locally on the headphones. You can import the audio data from the headphones into this software after connecting the headphones to this software, and use it in local phone storage.
(2) Scope of Permissions Called
When you use the recording function, we need to call your microphone permission to obtain your voice information. This is a necessary system permission for this function service. If you refuse, you will be unable to use the corresponding function. When you use the recording storage function service, we need to call your storage permission/SD card permission to store your voice information. This is a necessary system permission for this function service. If you refuse, you will be unable to use the recording storage function.

1.4 Firmware Gray Scale Upgrade:
(1) Scope of Information
To allow some users to experience new hardware features, we will定向地 send new firmware versions to some users. Therefore, we need to obtain your device serial number.
(2) Scope of Permissions Called
After you agree to the Privacy Policy, we need to obtain your device information permission. This is a necessary system permission for this function service. If you refuse, you will be unable to use the corresponding function.

The above information you provide will be authorized for our continuous use during your use of this service. When you stop using the push service, we will stop using and delete the above information.

We guarantee that we will immediately de-identify or anonymize the collected user information. Information that cannot alone or in combination with other information identify a natural person's personal identity is not personal information in the legal sense. If we combine non-personal information with other information to identify your personal identity, or use it in combination with your personal information, during the period of combined use, we will treat such information as your personal information and process and protect it in accordance with this Privacy Policy.

To better operate and improve our technology and services, or due to changes in business strategy, when the collection, use, and processing of user information required for the products or services we provide exceed the above scope, or when we intend to use the information collected for specific purposes for other purposes not stated in this Privacy Policy, we will notify you within a reasonable period after obtaining the user information or before processing the user information and obtain your authorized consent.

(II) Exceptions to Obtaining Authorization and Consent

Please understand that in accordance with laws, regulations, and relevant national standards, in the following circumstances, we may collect and use your user information without obtaining your authorized consent in advance:

1. Related to national security and national defense security;
2. Related to public security, public health, and significant public interests;
3. Related to criminal investigation, prosecution, trial, and execution of judgments, etc.;
4. Where it is necessary to protect the life, property, and other significant legitimate rights and interests of you or other individuals, but it is difficult to obtain the consent of the person;
5. The user information collected is disclosed to the public by yourself;
6. Collected from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels;
7. Necessary for the conclusion or performance of a contract as requested by you;
8. Necessary for the safe and stable operation of the software and related services, such as discovering and handling faults of the software and related services;
9. Where the personal information controller is a news unit and it is necessary for conducting legal news reporting;
10. Where academic research institutions conduct statistical or academic research based on public interests, and when providing the results of academic research or description to the outside, de-identify the personal information contained in the results;
11. Other circumstances stipulated by laws and regulations.

II. How We Use Cookies and Similar Technologies

(I) Cookies

To ensure the normal operation of the website, we will store small data files called Cookies on your computer or mobile device. Cookies usually contain identifiers, site names, and some numbers and characters. With the help of Cookies, the website can store data about your visit preferences.

We do not use Cookies for any purposes other than those described in this policy. You can manage or delete Cookies based on your preferences. You can clear all Cookies saved on your computer. Most web browsers have the function to block Cookies. But if you do this, you need to manually change the user settings every time you visit our website.

(II) Website Beacons and Pixel Tags

In addition to Cookies, we will also use other similar technologies such as website beacons and pixel tags on the website. For example, the emails we send you may contain clickable URLs that link to the content of our website.

If you click the link, we will track this click to help us understand your product or service preferences and improve customer service. Website beacons are usually transparent images embedded in websites or emails. With the help of pixel tags in emails, we can know whether the email has been opened. If you do not want your activities to be tracked in this way, you can unsubscribe from our mailing list at any time.

(III) Do Not Track

Many web browsers have a Do Not Track feature that can send Do Not Track requests to websites. Currently, major Internet standards organizations have not established policies to specify how websites should respond to such requests. But if Do Not Track is enabled in your browser, all our websites will respect your choice.

III. How We Share, Transfer, and Publicly Disclose Your User Information

(I) Sharing

We will not share your user information with any other companies, organizations, and individuals, except in the following circumstances:

1. Sharing with explicit consent: After obtaining your explicit consent, we will share your user information with other parties.
2. We may share your user information in accordance with laws and regulations, or mandatory requirements from government authorities.
3. Sharing with our affiliates: Your user information may be shared with our affiliates. We will only share necessary user information and be bound by the purposes stated in this privacy policy. If affiliates wish to change the purpose of processing user information, they will seek your authorized consent again.
4. Sharing with authorized partners: Only for the purposes stated in this policy, some of our services will be provided by authorized partners. We may share certain user information with partners to provide better customer service and user experience. We will only share your user information for legal, legitimate, necessary, specific, and explicit purposes, and only share the user information necessary to provide the service. To better operate and improve technology and services, you agree that we and authorized partners may use the collected information for other services and purposes, provided that it complies with relevant laws and regulations.
5. Third-party SDKs
   Some functions in AIx Assistant are provided by our cooperative third-party institutions (hereinafter referred to as "SDK Technical Service Providers") in the form of SDK plugins. SDK Technical Service Providers will obtain corresponding permissions and information based on the necessity of providing functions or services to you. Specifically, you can read the "AIx Assistant Third-Party Information Sharing List" to understand the details of how third-party SDKs process your personal information.

For companies, organizations, and individuals with whom we share user information, we will sign strict confidentiality agreements with them, requiring them to process user information in accordance with our instructions, this privacy policy, and any other relevant confidentiality and security measures.

(II) Transfer

We will not transfer your user information to any company, organization, or individual, except in the following circumstances:

1. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your user information to other parties;
2. In the event of merger, acquisition, or bankruptcy liquidation, if user information transfer is involved, we will require the new company or organization holding your user information to continue to be bound by this privacy policy; otherwise, we will require that company or organization to seek your authorized consent again.

(III) Public Disclosure

We will only publicly disclose your user information under the following circumstances:

1. After obtaining your explicit consent;
2. Disclosure based on laws: We may publicly disclose your user information when required by laws, legal procedures, litigation, or mandatory requirements from government authorities.

(IV) Exceptions to Obtaining Authorization and Consent for Sharing, Transferring, or Publicly Disclosing Information

Please understand that in accordance with laws, regulations, and relevant national standards, in the following circumstances, we may share, transfer, or publicly disclose your user information without obtaining your authorized consent in advance:

1. Related to national security and national defense security;
2. Related to public security, public health, and significant public interests;
3. Related to criminal investigation, prosecution, trial, and execution of judgments, etc.;
4. Where it is necessary to protect the life, property, and other significant legitimate rights and interests of you or other individuals, but it is difficult to obtain the consent of the person;
5. Information that you have disclosed to the public yourself;
6. Collected from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels.

IV. How We Protect Your User Information

(I) We have used security protection measures that comply with industry standards to protect the user information you provide, preventing data from unauthorized access, public disclosure, use, modification, damage, or loss. We will take all reasonably feasible measures to protect your user information. For example, data exchange between your browser and the "service" is protected by SSL encryption; we also provide https secure browsing for the website; we use encryption technology to ensure data confidentiality; we use trusted protection mechanisms to prevent data from malicious attacks; we deploy access control mechanisms to ensure that only authorized personnel can access user information; and we hold security and privacy protection training courses to strengthen employees' awareness of the importance of protecting user information.

(II) We have obtained the following certification: {SSL Certificate}.

(III) Our Data Security Capabilities:
(1) We have adopted security protection measures that comply with industry standards, including establishing reasonable institutional norms and security technologies to prevent your personal information from unauthorized access, use, and modification, and to avoid damage or loss of data. For example, our network services adopt encryption technologies such as the transport layer security protocol, provide browsing services through https, etc., to ensure the security of user data during transmission; we use encryption technology (TLS, SSL), anonymization or de-identification processing and protection mechanisms to encrypt and save user personal information, and use isolation technology for isolation; we manage and regulate the storage and use of personal information by establishing a data classification and grading system, data security management specifications, and data security development specifications; we only allow our employees and partners of our affiliates who need to know this information to access personal information through measures such as confidentiality agreements for information contacts, and we have set strict access permission controls and monitoring mechanisms for this purpose, while requiring all personnel who come into contact with your personal information to perform corresponding confidentiality obligations. Failure to perform these obligations will result in legal liability or termination of the cooperative relationship with us; we have held security and privacy protection training courses to strengthen employees' awareness of the importance of protecting personal information; we have formulated and organized the implementation of emergency response plans for personal information security incidents, etc.
(2) We will take all reasonably feasible measures to ensure that irrelevant personal information is not collected. We will only retain your personal information for the period required to achieve the purposes described in this policy and the minimum period required by laws and regulations, unless an extension of the retention period is required or permitted by law.
(3) The Internet is not an absolutely secure environment, and communication methods such as email, instant messaging, and communication with other users are not encrypted. We strongly recommend that you do not send personal information through such methods. Please use complex passwords to help us ensure the security of your account.
(4) The Internet environment is not 100% secure. We will strive to ensure or guarantee the security of any information you send to us. If our physical, technical, or management protection facilities are damaged, leading to unauthorized access, public disclosure, tampering, or destruction of information, resulting in damage to your legitimate rights and interests, we will bear corresponding legal responsibilities.
(5) After the unfortunate occurrence of a personal information security incident, we will, in accordance with the requirements of laws and regulations, promptly inform you of: the cause of the security incident, possible harm, types of personal information involved, measures we have taken or will take, suggestions for you to independently prevent and reduce risks, and remedial measures you can take. We will promptly inform you of the relevant situation of the incident by mail, SMS, phone call, sending notification, etc. When it is difficult to inform each personal information subject individually, we will take reasonable and effective means to issue an announcement. At the same time, we will also actively report the handling of personal information security incidents to regulatory authorities as required. Please note that according to applicable laws and regulations, if the measures taken can effectively avoid the harm caused by information leakage, tampering, or loss, we may not inform you.

(IV) We will take all reasonably feasible measures to ensure that irrelevant user information is not collected. We will only retain your user information for the period necessary to achieve the purposes described in this policy, unless an extension of the retention period is required or permitted by law.

(V) The Internet is not an absolutely secure environment, and communication methods such as email and instant messaging, as well as communication with other users, are not encrypted. We strongly recommend that you do not send user information through such methods.

(VI) We will regularly update and publicly disclose relevant content of security risk reports and user information security impact assessment reports. You can obtain them by contacting our customer service as described in Chapter IX of this policy. We will process your request within 15 working days.

(VII) The Internet environment is not 100% secure. We will strive to ensure the security of any information you send to us. Even though we have made great efforts and taken all reasonable and necessary measures, it is still possible that we cannot prevent your user information from being illegally accessed, stolen, tampered with, or destroyed, resulting in damage to your legitimate rights and interests. Please understand the above risks of the information network and voluntarily bear them.

(VIII) After the unfortunate occurrence of a user information security incident, we will, in accordance with the requirements of laws and regulations, promptly inform you of: the basic situation and possible impact of the security incident, the measures we have taken or will take, suggestions for you to independently prevent and reduce risks, remedial measures for you, etc. We will promptly inform you of the relevant situation of the incident by mail, letter, phone call, push notification, etc. When it is difficult to inform user information subjects individually, we will take reasonable and effective means to issue an announcement. At the same time, we will also actively report the handling of user information security incidents to regulatory authorities as required.

V. Your Rights

In accordance with relevant Chinese laws, regulations, standards, and common practices in other countries and regions, we guarantee your exercise of the following rights regarding your user information:

(I) Access Your User Information

You have the right to access your user information, except where otherwise provided by laws and regulations. If you wish to exercise your right to data access, you can access it yourself by: contacting our customer service as described in Chapter IX of this policy. We will process your request within 15 working days.

If you are unable to access this user information through the above links, you can use our web form to contact us at any time or send an email to info@AIxfu.com. We will respond to your access request within 30 days.

For other user information generated during your use of our products or services, as long as it does not require excessive effort from us, we will provide it to you. If you wish to exercise your right to data access, please send an email to info@AIxfu.com.

(II) Correct Your User Information

When you find that the user information we process about you is incorrect, you have the right to ask us to make corrections. You can make a correction request through the methods listed in "(I) Access Your User Information". If you are unable to correct this user information through the above links, you can use our web form to contact us at any time or send an email to info@AIxfu.com. We will respond to your correction request within 30 days.

(III) Delete Your User Information

Under the following circumstances, you can request us to delete user information:

1. If our processing of user information violates laws and regulations;
2. If we collect and use your user information without obtaining your consent;
3. If our processing of user information violates our agreement with you;
4. If you no longer use our products or services, or you have canceled your account;
5. If we no longer provide you with products or services.

We will evaluate your deletion request and take corresponding steps for processing if the relevant regulations are met. When you submit a deletion request to us, we may require you to verify your identity to ensure account security. When you delete information from our services, due to applicable laws and security technology, we may not immediately delete the corresponding information from the backup system. We will securely store your information until the backup can be cleared or anonymized.

(IV) Change the Scope of Your Authorized Consent

Each business function requires some basic user information to be completed (see "Part I" of this policy). For the collection and use of collected user information, you can give or withdraw your authorized consent at any time. You can operate in the following ways:
Android Users:
• Go to your phone's "Settings" - "App Management"
• Find AIx Assistant and tap to enter
• Tap Permissions to enter the AIx Assistant permissions page, where you can set all called permissions
iOS Users:
• Go to your phone's "Settings"
• Find AIx Assistant and tap to enter, where you can set all called permissions

After you withdraw your consent, we will no longer process the corresponding user information. Please also note that your withdrawal of consent may lead to certain consequences, such as our inability to continue providing you with the corresponding service or specific functions. However, your decision to withdraw consent will not affect the previous processing of user information based on your authorization.

(V) User Information Subject Deactivates Account

You can deactivate your previously registered account at any time. You can operate in the following ways: You have the right to deactivate your AIx Assistant account. You can contact our customer service as described in Chapter XI of this policy to assist you in deactivating your account. After receiving your request, we will need you to provide your account (mobile number) and SMS verification code to verify your identity. After successful verification, we will complete the deactivation for you within 15 working days. To ensure security, we need you to provide corresponding methods to prove your identity and the legitimacy of your request. After successful deactivation, we will delete your personal information as soon as possible in accordance with legal requirements, unless otherwise stipulated by laws and regulations.

After deactivating the account, we will stop providing you with products or services and, upon your request, delete or anonymize your information, unless otherwise stipulated by laws and regulations. This may also cause you to lose access to the data in your account. Please proceed with caution.

(VI) User Information Subject Obtains a Copy of User Information

You have the right to obtain a copy of your user information. You can operate in the following ways: You can contact our customer service as described in Chapter IX of this policy. We will process your request within 15 working days.

Where technically feasible, for example through matching data interfaces, we can also transmit a copy of your user information directly to a third party designated by you upon your request.

(VII) Restrict Automated Decision-Making by Information Systems

In some business functions, we may make decisions solely based on non-human automated decision-making mechanisms, including information systems and algorithms. If these decisions significantly affect your legal rights and interests, you have the right to request an explanation from us, and we will also provide appropriate remedies.

(VIII) Responding to Your Above Requests

To ensure security, you may need to provide a written request or otherwise prove your identity. We may ask you to verify your identity before processing your request.

We will respond within thirty days. If you are not satisfied, you can also complain through the following channels: filing a complaint and report with the relevant regulatory authority.

We generally do not charge a fee for reasonable requests. However, for repeated requests beyond a reasonable limit, we may charge a certain cost fee depending on the circumstances. We may refuse requests that are unreasonably repetitive, require excessive technical means (for example, requiring the development of new systems or fundamental changes to current practices), pose risks to the legitimate rights and interests of others, or are highly impractical. Please also understand that due to security considerations, requirements of relevant laws and regulations, or technical limitations, we may not be able to respond to certain requests from you, such as in the following circumstances:

1. Related to the fulfillment of obligations stipulated by laws and regulations by the user information controller;
2. Directly related to national security and national defense security;
3. Directly related to public security, public health, and major public interests;
4. Directly related to criminal investigation, prosecution, trial, and execution of judgments;
5. There is sufficient evidence that the user information subject has subjective malice or abuses rights;
6. Where it is necessary to protect the life, property, and other major legitimate rights and interests of the user information subject or other individuals, but it is difficult to obtain the consent of the person;
7. Responding to the request of the user information subject will lead to serious damage to the legitimate rights and interests of the user information subject or other individuals and organizations;
8. Involving trade secrets.

VI. How We Handle Children's Personal Information

We attach great importance to the protection of children's personal information. Our products, websites, and services are mainly aimed at adults. Without the consent of a parent or guardian, children should not create their own user accounts. Although local laws and customs have different definitions of children, we regard anyone under the age of 14 as a child.

For the collection of children's user information with the consent of parents or guardians, we will only store, use, or publicly disclose this information when permitted by law, with the explicit consent of the parent or guardian, or when necessary to protect the child. Otherwise, we will try to delete the relevant data as soon as possible.

Given the limitations of existing technology and business models, it is difficult for us to actively identify children's personal information. If you find that we have collected children's personal information without knowledge or without prior verifiable guardian consent, you can contact us promptly. We will strive to delete it in a timely manner after discovery. If we discover the aforementioned situation ourselves, we will also delete it in a timely manner, unless required to retain it by law.

VII. How Your User Information is Stored and Transferred Globally

In principle, the user information collected and generated within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China. We will only retain your user information for the period required for the purposes and uses described in this policy and the minimum period required by laws and regulations. After the above retention period expires, we will delete your user information or anonymize it according to the requirements of applicable laws and regulations. Exceptions include where otherwise stipulated by laws and regulations, or for purposes of public interest, scientific and historical research, etc., or with your separate authorization and consent, where we may need to retain relevant data for a longer period.

As we provide products or services through resources and servers distributed around the world, this means that, after obtaining your authorization and consent, your user information may be transferred to jurisdictions outside the country/region where you use the product or service, or be accessed from these jurisdictions.

Such jurisdictions may have different data protection laws or may not have relevant laws. In such cases, we will ensure that your user information is protected to a standard equivalent to that within the People's Republic of China. For example, we will seek your consent for the cross-border transfer of user information, or implement security measures such as data de-identification before cross-border data transfer.

VIII. How This Policy is Updated

Our Privacy Policy may change. Without your explicit consent, we will not reduce your rights under this Privacy Policy. We will post any changes to this policy on this page.

For major changes, we will provide more prominent notice. Major changes referred to in this policy include but are not limited to:

1. Major changes in our service modes. Such as the purpose of processing user information, the type of user information processed, and the way user information is used;
2. Major changes in our ownership structure, organizational structure, etc. Such as changes in ownership due to business adjustments, bankruptcy mergers, etc.;
3. The main objects of user information sharing, transfer, or public disclosure change;
4. Your rights regarding user information processing and how you exercise them undergo major changes;
5. When the responsible department, contact method, and complaint channel for handling user information security within our organization change;
6. When the user information security impact assessment report indicates a high risk.

We will also archive the old versions of this policy for your review.

IX. How to Contact Us

If you have any questions, comments, or suggestions regarding this Privacy Policy, please contact us through the following methods:
Email: info@AIxfu.com

We have established a dedicated department for user information protection. You can contact the relevant personnel through the following method: fuwu@aixfu.com

Generally, we will reply within thirty days.

If you are not satisfied with our reply, especially if our user information processing activities have harmed your legitimate rights and interests, you can also seek solutions through the following external channels: filing a complaint and report with the relevant regulatory authority.