Urban Canvas Privacy Policy

Effective Date: [March 10, 2026]

Welcome to Urban Canvas — the Future City Concept Design Engine Application (hereinafter referred to as the "Application"). This application is developed and operated by Baoding Binlie Electronic Technology Co., Ltd (hereinafter referred to as "we", "us" or "our"). Our registered address is Room 201, Unit 1, Building 4, Dongsheng Jiayuan, No. 628 Chengyuan Road, Wusi Road Sub-district Office, Lianchi District, Baoding, Hebei, 071000, and our official contact email is rogerrodri44@gmail.com.

This Privacy Policy (hereinafter referred to as the "Policy") aims to clearly and transparently inform you (the user of this Application, and you confirm that you are a natural person over 18 years old) about how we collect, use, store, share, transfer and disclose your personal data, the various data rights you enjoy and the ways to exercise them, as well as clarify the legal basis for data processing, data controller, Data Protection Officer (DPO) and other core information.

This Application only provides services to users over 18 years old. By checking this Policy and agreeing to the User Service Terms, you confirm that you are over 18 years old and agree that we will process your personal data in accordance with the provisions of this Policy. If you are under 18 years old, please stop using this Application immediately; we will not collect any personal data of minors.

This Policy strictly complies with the Google Play Privacy Policy review standards and also abides by personal data protection laws and regulations in various regions around the world, including but not limited to the European Union's General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), Brazil's General Data Protection Law (LGPD), etc., to ensure comprehensive protection of your personal data.

Please carefully read and understand all the terms of this Policy, especially the content closely related to your rights and interests (including but not limited to the scope of data collection, purpose of use, restrictions on sharing and sales, your rights, etc.). If you do not agree to any term of this Policy, please do not check this Policy or use this Application. Your act of checking this Policy and using this Application shall be deemed that you have fully understood and agreed to all the agreements of this Policy.

I. Core Definitions

1.1 Personal Data

Refers to any information relating to an identified or identifiable natural person, including but not limited to your device information, application usage behavior data, pictures uploaded through the camera/photo album, audio recorded by the microphone, personal profile information (such as avatar) and feedback content. It does not include information that has been anonymized and cannot identify a specific natural person (anonymized information is not personal data and may be freely used by us).

1.2 Data Controller

Refers to a natural person, legal person or other organization that determines the purposes and methods of personal data processing. The data controller of this Application is Baoding Binlie Electronic Technology Co., Ltd, with a registered address at Room 201, Unit 1, Building 4, Dongsheng Jiayuan, No. 628 Chengyuan Road, Wusi Road Sub-district Office, Lianchi District, Baoding, Hebei, 071000, and a contact email at rogerrodri44@gmail.com. We lead all processing activities of your personal data in this Application, including collection, use, storage, etc., and assume the main responsibility for data protection.

1.3 Data Protection Officer (DPO)

To ensure that the personal data processing activities of this Application comply with relevant laws and regulations, we have specially appointed a Data Protection Officer (DPO) who is responsible for supervising the compliance of data processing, providing data protection consulting, and receiving various user requests related to data. The contact information of the Data Protection Officer is as follows:

 Contact Email: rogerrodri44@gmail.com (please mark the email subject as "DPO Consultation/Request")

 Contact Address: Room 201, Unit 1, Building 4, Dongsheng Jiayuan, No. 628 Chengyuan Road, Wusi Road Sub-district Office, Lianchi District, Baoding, Hebei, 071000

 Scope of Responsibilities: Supervise whether the personal data processing activities of this Application comply with relevant regulations such as GDPR, CCPA and VCDPA; answer user questions about personal data processing; receive and handle user requests for data inquiry, correction, deletion, withdrawal from data sharing/sales, etc.; cooperate with the supervision and inspection of regulatory authorities in various regions to ensure full compliance of data processing.

1.4 Data Processing

Refers to any operation related to personal data, including but not limited to collection, recording, storage, use, modification, sharing, transfer, disclosure, deletion and anonymization.

1.5 Data Sales/Sharing

For the purpose of this Policy, "data sales" refers to the act of us transferring your personal data to a third party for consideration; "data sharing" refers to the act of us providing your personal data to a third party free of charge for specific purposes. We promise not to take the initiative to sell your personal data, and will only share your personal data within a limited scope in accordance with the provisions of this Policy and relevant laws and regulations. You may send a "Request to Withdraw from Data Sales/Sharing" to rogerrodri44@gmail.com.

II. Scope and Purpose of Personal Data Collection

We adhere to the principles of "minimum necessity, legality and propriety, and transparent notification", and only collect the personal data necessary for you to use this Application. We do not collect any information unrelated to the functions of this Application, and all data collection activities have clear and legal purposes, which are as follows:

2.1 Personal Data Collected Based on Application Permissions and Its Purpose

This Application will collect corresponding personal data according to the permissions you check and authorize, and all permissions are necessary to realize the core functions of this Application. You can turn off the corresponding permissions in the device settings at any time (after turning off the permissions, the corresponding functions may not work normally, but it will not affect other unrelated functions). The specific permissions and the corresponding data collection and use purposes are as follows:

2.1.1 Camera Permission

Collected Data: Personal profile avatar photos taken by you through the camera, and image data taken to submit feedback;

Purpose of Collection: Complete the avatar setting in the personal center and improve your personal profile; allow you to clearly describe problems through images when submitting feedback, so as to improve the efficiency of feedback processing;

Supplementary Note: Relevant shooting content will only be collected after you actively click the camera shooting button and authorize the camera permission. We will not automatically start the camera or collect shooting data in the background, and strictly follow the Google Application Permission Usage Specifications.

2.1.2 Photo Album (Image) Permission

Collected Data: Images selected and imported from your device's photo album for changing avatars, and image materials uploaded for submitting feedback;

Purpose of Collection: Facilitate you to select existing images from the photo album as the avatar in the personal center; allow you to select images from the photo album as feedback attachments when submitting feedback in the personal center to assist in explaining feedback issues;

Supplementary Note: Only the album content you actively choose to import and upload will be collected. We will not batch scan or collect all the content in your device's photo album, and strictly protect your photo album privacy.

2.1.3 Microphone Permission

Collected Data: Voice information recorded by you on the feedback interface to submit feedback;

Purpose of Collection: Allow you to quickly and clearly describe problems through voice when submitting feedback, so as to improve the efficiency of feedback communication;

Supplementary Note: The microphone will only be activated and audio data will be collected when you actively record voice feedback. We will not automatically start the microphone or monitor and collect any audio information in the background.

2.1.4 External Storage Permission

Collected Data: Basic information such as storage path, file size and modification time of images and audio files related to this Application in your device's external storage;

Purpose of Collection: Realize the local saving and uploading functions of images and audio files in this Application, ensuring that the avatars and feedback materials you upload can be normally stored and submitted; count the storage occupancy of files related to this Application in your device;

Supplementary Note: Only read and write files related to the operation of this Application, and will not read, modify or delete other unrelated files in your external storage (such as documents, other application data, etc.).

2.1.5 Application Information Reading Permission

Collected Data: The version number, running status and crash logs of this Application; the operating system version, device model and unique device identifier of your device (only used to distinguish devices, not associated with your personal identity information);

Purpose of Collection: Troubleshoot application operation failures, fix vulnerabilities, optimize application performance, and ensure the stable operation of this Application on your device; count application usage (such as device adaptation rate, function usage rate, etc.) and optimize function design in a targeted manner; identify abnormal usage behaviors, prevent malicious operations, and protect the security of your personal data and application usage.

2.1.6 Advertising Identifier

Collected Data: The advertising identifier of your device, which is not associated with your personal identity information, unique device identifier or other sensitive data;

Purpose of Collection: Realize the non-intrusive advertising display function (if any) in this Application, push compliant and relevant advertisements according to your interests and preferences, improve the relevance of advertising display, and avoid the interference of irrelevant advertisements; count basic data such as advertising display and clicks, optimize advertising delivery effect, and ensure the compliance of advertising services;

Supplementary Note: We will not use the advertising identifier for any other purpose, nor will we share your advertising identifier with third parties for data sales or illegal data processing. You can reset the advertising identifier or turn off advertising tracking in the device settings at any time. After turning it off, we will stop collecting the identifier, and it will not affect the normal use of the core functions of this application. We strictly follow the Google Play Advertising Identifier Usage Specifications and relevant laws and regulations such as GDPR and CCPA.

2.2 Personal Data Collected Based on Application Function Usage and Its Purpose

When you use various functions of this Application, we will automatically collect your relevant usage behavior data to realize various functions, optimize user experience and ensure security, strictly complying with the requirements of relevant laws and regulations such as GDPR, CCPA and FADP. The details are as follows:

2.2.1 Related to the City Skyline Concept Map Function

Collected Data: The type of city skyline concept maps you browse, browsing duration, collection records, like records, label filtering records (such as cyberpunk, ecological utopia, future energy city, etc.); the city skyline concept map works you generate, custom parameters (such as building height, traffic layout, energy type) and work labels; records of illegal concept map works you report or block.

Purpose of Collection: Display personalized city skyline concept map content for you according to your browsing and filtering habits, and push design style works you may be interested in; realize functions such as collection, like, report and block, record your operation behavior and feedback corresponding results; optimize the label filtering function of the "City Skyline" module to improve the efficiency of concept map search and generation; manage the design work community environment, handle your report requests, and control illegal design content.

2.2.2 Related to the Building Complex Prototype Function

Collected Data: The folder name and classification method of building complexes you custom create (such as vertical farms, floating residential areas, data center towers, etc.); the storage location, modification records and public/private status of building prototype design drawings and structural detail drawings you import, generate and take; the number of your design works and storage space usage.

Purpose of Collection: Provide you with a systematic filing and management function for building complex prototypes to help you establish a traceable future architectural design resume; display the statistics of your repository capacity, allowing you to understand the storage usage and clean up redundant design content in a timely manner; realize the public/private switching function of design works to protect the privacy and intellectual property rights of your design achievements.

2.2.3 Related to the Alert (Notification Center) Function

Collected Data: Records of likes, collections, comments and follow-up notifications of your design works; records of system message reception (such as function updates, security prompts, design skill pushes, etc.); your notification viewing status and deletion records.

Purpose of Collection: Push relevant notifications to you, allowing you to timely understand the interaction status of your published design works (likes, collections, comments), the design dynamics of followed users, system updates and security prompts, etc.; record your notification operation behavior, and realize convenient functions such as pull-down refresh, left-swipe deletion and one-click mark as read to improve user experience.

2.2.4 Related to the Planner AI (AI Design Assistant) Function

Collected Data: Questions you ask the Planner AI (such as future urban planning suggestions, architectural structure design consulting, material selection guidance, style optimization suggestions, etc.); response content of the Planner AI; your consulting records and historical dialogue content.

Purpose of Collection: Realize the AI interactive design function and provide professional and accurate responses related to future urban design according to your questions; optimize the response quality of the Planner AI, and improve the accuracy and pertinence of answers according to your consulting habits and question types; store your consulting records to facilitate you to view historical dialogues and relevant design suggestions in the future and assist in subsequent design work.

2.2.5 Related to Personal Profile (Personal Center) and User Interaction

Collected Data: Your personal profile information, such as nickname, design field (such as architectural visualization, urban planning) and avatar; the number of likes, fans and follows of your design works; your public/private design work list; your report list and block list; your chat records with other users and follow/unfollow records.

Purpose of Collection: Improve your personal profile, display your design field and application usage data, and enhance your personal design influence; realize user interaction functions (chat, follow, unfollow, etc.) to facilitate communication between you and other design practitioners and exchange design experience; manage your design content and interaction records to protect your usage security (for example, after blocking illegal users, you can avoid receiving their messages or viewing their illegal design content again).

2.2.6 Related to the Feedback Function

Collected Data: Feedback content submitted by you (text, design screenshots, voice, video, etc.); your feedback time and feedback type (such as function suggestions, bug complaints, design demand consulting, etc.).

Purpose of Collection: Handle your feedback requests and solve problems related to design functions and operation experience you encounter when using this Application; optimize the function and service quality of this Application, and make targeted improvements to the design functions, interface operations, AI responses, etc. of the Application according to your feedback and suggestions to improve design efficiency and user experience.

2.3 Collection Methods

We strictly comply with the requirements of relevant laws and regulations such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the United Arab Emirates' Federal Data Protection Act (FADP), adhere to the principles of "legality, propriety, transparency and minimum necessity", and collect your personal data through the following three methods to ensure the security of your data and privacy rights throughout the process. The details are as follows:

 Permission Authorization Collection: We will only collect personal data under the corresponding permissions after you clearly check and agree to this Privacy Policy and actively authorize relevant permissions such as camera, photo album, microphone and external storage. Before obtaining your explicit authorization, we will not actively activate any permissions or arbitrarily collect any data related to permissions, ensuring the compliance and autonomy of permission use, which is fully in line with the Google Play Permission Usage Specifications and the privacy protection requirements of FADP.

 Active Submission Collection: During your use of this Application, we only collect specific content you actively submit and upload, including but not limited to avatar pictures in the personal center, design works, and text, pictures, audio and other feedback content submitted on the feedback page. We will not actively obtain any other information unrelated to the functions of this Application, effectively protecting your personal privacy from excessive collection.

 Automatic Collection: When you have authorized relevant permissions and normally use various functions of this Application, we will automatically collect your basic device information (such as device model, operating system version, network connection status) and application usage behavior information (such as function usage frequency, design operation records, label filtering habits, etc.). Such automatically collected data is only used to realize the core functions of this Application, optimize user experience, troubleshoot application operation failures and ensure application usage security. We will not collect any data beyond the scope agreed in this Privacy Policy, and strictly follow the "minimum necessity" principle.

III. Restrictions on the Use of Personal Data

Our use of your personal data is strictly limited to the scope of collection purposes agreed in this Policy, adhering to the principles of "legality, propriety and necessity", and will not be used for any purpose not clearly informed to you. The specific restrictions are as follows:

 No Use Beyond Purpose: Only used to realize the core functions of this Application (such as avatar setting, feedback submission, stable operation of the application, etc.), optimize application experience, troubleshoot failures and ensure security, and will not be used for other purposes unrelated to the functions of this Application;

 No Illegal Use: We will never use your personal data to engage in any activities that violate relevant laws and regulations or damage your legitimate rights and interests, nor will we use your feedback content, uploaded pictures, etc. to engage in illegal or irregular activities;

 Notification of Purpose Change: If it is necessary to change the purpose of using your personal data due to application upgrades, function optimization, etc., we will notify you in advance through pop-ups in this Application, official emails, etc., and will only change the purpose of use after obtaining your explicit consent. If you do not agree to the purpose change, we will stop the relevant data processing activities and delete or anonymize the relevant data as agreed;

 Anonymized Use: We may anonymize your personal data (which cannot identify specific users after processing). The anonymized information can be used for purposes such as application optimization, industry research and data statistics without obtaining your consent separately.

IV. Sharing, Transfer and Disclosure of Personal Data

4.1 Data Sharing

We strictly restrict the sharing of your personal data and will never share your personal data with any irrelevant third parties. We will only share your personal data within the agreed scope after taking safety protection measures in the following special circumstances, and you have the right to withdraw from data sharing at any time:

 Sharing for Entrusted Processing: To realize the core functions of this Application, we may entrust third-party service providers (such as cloud storage service providers, image processing service providers, server providers, etc.) to process your personal data (such as image storage, audio processing, etc.). We will sign a strict data processing agreement with the third party, clarify the rights and obligations of both parties, require the third party to process your personal data in strict accordance with this Policy and relevant laws and regulations, prohibit the third party from using your personal data for other purposes or sharing it with other third parties, and conduct comprehensive supervision and audit on the processing activities of the third party;

 Sharing as Required by Law: In accordance with the mandatory requirements of laws and regulations, subpoenas from judicial or administrative organs, investigation notices, etc., we will provide the necessary personal data to the relevant organs in accordance with the law, and will minimize the scope of data provision within the scope permitted by law to protect your privacy and security;

 Sharing for Security Protection: In case of emergency, to prevent malicious attacks, maintain the safe operation of the application, and protect the legitimate rights and interests of you and other users, necessary personal data (such as abnormal usage behavior data) may be shared within a reasonable scope, and only for the purpose of security protection;

 Sharing with User Consent: After obtaining your explicit written consent (such as you actively choose to share feedback materials to a designated third-party platform, etc.), share relevant personal data with the third party designated by you, and the scope of sharing is strictly limited to the scope you agree to.

4.2 Data Transfer

We will never transfer your personal data unless special circumstances such as enterprise merger, division, acquisition, asset transfer occur. In such cases, your personal data will be transferred to the changed subject as part of the enterprise assets. The changed subject will continue to perform the privacy protection obligations agreed in this Policy. If the purpose and method of data processing changes, we will notify you in advance through pop-ups in this Application, official emails, etc., and will only change after obtaining your explicit consent.

4.3 Data Disclosure

We will never publicly disclose your personal data unless in the following circumstances:

 You explicitly agree to public disclosure, and the scope and method of disclosure meet your requirements;

 Laws and regulations otherwise require public disclosure, and we will minimize the scope of disclosure within the scope permitted by law to protect your privacy;

 After anonymizing personal data, publicly disclose the anonymized information (which cannot identify specific users) for non-commercial purposes such as application optimization, industry research and data statistics.

4.4 Prohibition of Data Sales and User's Right to Withdraw

We solemnly promise: We will never take the initiative to sell any of your personal data, nor will we sign a data sales agreement with any third party, and strictly prohibit the use of your personal data for commercial activities such as paid transfer and sales.

If due to changes in laws and regulations, regulatory requirements or special circumstances, we need to sell your personal data (such circumstances will be clearly notified to you in advance), you have the right to choose not to allow your personal data to be sold at any time and withdraw from your data sales at any time. The specific withdrawal methods are as follows:

 Method 1: Send an email to our official contact email (rogerrodri44@gmail.com) or the Data Protection Officer's contact email (mark the email subject as "Withdraw from Data Sales") and clearly state your request. We will complete the processing within 7 working days after receiving the email and feedback the processing result to you;

 Method 2: Submit a "Request to Withdraw from Data Sales" through the "Feedback" function in the personal center of this Application. We will complete the processing and feedback within 7 working days after receiving the feedback.

Supplementary Note: After you withdraw from data sales, it will not affect your use of any core functions of this Application, nor will you be subject to differential treatment (such as restricting function use, reducing service quality, etc.). This provision strictly complies with the requirements of laws and regulations such as CCPA and CPRA on the protection of users' data rights.

4.5 Methods to Withdraw from Data Sharing

If you have agreed to us sharing your personal data (such as entrusted processing sharing, third-party platform sharing, etc.), you have the right to withdraw from data sharing at any time. The specific withdrawal methods are as follows:

 Entrusted Processing Sharing: Send an email to the Data Protection Officer's contact email (rogerrodri44@gmail.com) (mark the subject as "Withdraw from Entrusted Processing Sharing") and clearly state your request. We will immediately notify the relevant third parties to stop processing your personal data, require the third parties to delete your personal data obtained by them (unless otherwise required by laws and regulations), and feedback the processing result to you;

 Other Sharing Scenarios: Submit a withdrawal request through the official email or feedback function. We will provide you with an exclusive withdrawal method according to the specific sharing scenario and complete the processing within 7 working days.

V. Storage and Security of Personal Data

5.1 Storage Location

We store your personal data in compliant servers that meet the requirements of relevant privacy laws and regulations. At the same time, we will conduct data backup on compliant servers in the corresponding regions in accordance with the requirements of laws and regulations in your region (such as the requirements of GDPR on data storage) to ensure that data storage complies with local regulatory requirements.

If it is necessary to transfer your personal data to other countries or regions, we will strictly abide by relevant laws and regulations, take necessary measures such as encrypted transmission, signing data processing agreements, and conducting Data Protection Impact Assessment (DPIA) to ensure the security of data transmission and the legality and compliance of transmission behavior; if your consent is required, we will notify you in advance and conduct transmission only after obtaining consent.

5.2 Storage Period

We adhere to the principle of "minimum necessary storage" and only store your personal data for the shortest period necessary to achieve the collection purpose. After the expiration of the period, it will be automatically deleted or anonymized. The specific storage periods are as follows, which also comply with the requirements of laws and regulations such as CCPA and GDPR on data retention:

 Device information and application usage behavior information: The storage period shall not exceed 1 year, and it will be automatically anonymized after the expiration of the period (cannot identify specific users);

 Avatars, feedback-related pictures/audio/text uploaded by you, and personal profile information: Stored until you take the initiative to delete them; if you stop using this Application for more than 180 days and do not use it again, the relevant data will be automatically deleted. If you uninstall this Application but do not take the initiative to delete the relevant data, we will keep it for you for 30 days (for you to restore the data after reinstalling the application), and automatically delete it after 30 days;

 Feedback processing records: Stored for 30 days after the feedback request is processed (for subsequent verification), and automatically deleted after the expiration of the period;

 Legal Retention: If it is necessary to extend the storage period due to special circumstances such as legal requirements, litigation disputes, security protection, etc., we will extend it within the scope permitted by law and promptly notify you through official emails, application pop-ups, etc.

5.3 Security Protection Measures

We attach great importance to the security of your personal data and take dual security measures of technology and management to prevent risks such as data leakage, tampering, loss and abuse, ensure the security of your personal data, and comply with the privacy and security requirements of Google Play and the data security protection requirements of laws and regulations in various regions:

 Technical Protection: Adopt encryption technology to encrypt the storage and transmission of your personal data in the whole process; set strict access permission control, only authorize employees in necessary positions to access your personal data, and all access behaviors will be fully recorded and audited; regularly conduct security detection and vulnerability repair on servers to prevent risks such as network attacks and virus intrusion; adopt data backup technology to regularly back up your personal data to prevent data loss;

 Management Protection: Establish a special personal data security management system, clarify the job responsibilities of employees, conduct privacy protection training and background checks on employees who can access your personal data; sign confidentiality agreements with employees, clarify their confidentiality obligations, and strictly prohibit the disclosure, abuse and private collection of your personal data; regularly conduct data security audits and Data Protection Impact Assessments (DPIA) to timely discover and rectify security risks; the Data Protection Officer supervises the data security management work throughout the process to ensure the implementation of various security measures;

 Emergency Response: Establish a personal data security emergency response mechanism. If a data security incident such as data leakage, tampering or loss occurs, we will immediately activate the emergency plan, take remedial measures such as stopping data processing, deleting leaked data, and investigating security vulnerabilities to reduce security risks, and promptly notify you and relevant regulatory authorities within the time limit specified by laws and regulations, and cooperate with the investigation and handling of regulatory authorities;

 User Protection: Provide you with privacy-related operation functions to allow you to independently manage the personally uploaded materials; remind you to properly keep your device to avoid unauthorized access to your personal data and this Application by others due to device loss or theft.

Special Note: Although we have taken the above security protection measures, due to the openness of the network environment and the limitations of technological development, we cannot fully guarantee the absolute security of your personal data. If your personal data is leaked or lost due to force majeure, network attacks, equipment failures, your improper operations (such as device loss, password leakage, etc.), we will bear corresponding responsibilities within the scope specified by law, but will not bear compensation responsibilities beyond a reasonable scope.

VI. Core Rights of Users (Including Additional Rights in Specific Regions)

In accordance with the provisions of relevant laws and regulations and this Policy, you enjoy the following core rights to personal data. We will provide convenient ways to assist you in exercising relevant rights without charging any unreasonable fees. At the same time, for users in specific regions (such as the European Union, California in the United States, Virginia, Brazil, etc.), you also enjoy additional personal data rights, which are as follows and strictly comply with the requirements of laws and regulations such as GDPR, CCPA, CPRA, VCDPA, LGPD and FADP:

6.1 Universal Rights for Global Users

 Right to Know: You have the right to know the purpose, method, scope, storage period, sharing object, etc. of our collection, storage, use, sharing, transfer and disclosure of your personal data at any time. We will fully inform you through this Policy, application pop-ups, official emails, etc.;

 Right of Access: You have the right to inquire about the specific content and processing status of your personal data collected and stored by us at any time. We will provide you with clear and complete inquiry results within 7 working days after receiving your inquiry request;

 Right to Rectification: If you find that your personal data is incorrect or incomplete (such as wrong avatar upload, wrong feedback content submission, etc.), you have the right to request us to rectify it. We will complete the processing within 7 working days after receiving your rectification request and notify you in a timely manner after the rectification is completed;

 Right to Erasure: You have the right to request us to delete all or part of your personal data (such as avatars, feedback materials, etc.). We will complete the deletion within 7 working days after receiving your deletion request and notify you in a timely manner after the deletion is completed (unless otherwise required by laws and regulations);

 Right to Withdraw Consent: You have the right to withdraw your consent to our collection, use and sharing of your personal data at any time (such as withdrawing the authorization of camera, photo album and other permissions, and withdrawing consent to data sharing). After withdrawing consent, we will immediately stop the relevant data processing activities and delete or anonymize the relevant data as agreed, and it will not affect the validity of our legal processing of personal data before you withdraw consent;

 Right to Complain: If you believe that our personal data processing activities violate the provisions of this Policy or relevant laws and regulations, or damage your legitimate rights and interests, you have the right to complain to us or the local personal data protection regulatory authority;

 Right to Data Portability: You have the right to request us to provide your personal data to you or another data controller designated by you in a structured, machine-readable format. We will complete the processing within 15 working days after receiving the request.

6.2 Additional Rights for Users in Specific Regions

6.2.1 Users in the European Union (Scope of GDPR Application)

 Right to Restriction of Processing: You have the right to request us to restrict the processing of your personal data (for example, if you believe that your personal data is incorrect, you can request us to suspend the processing of the data until the error is corrected);

 Right to Object: You have the right to object to our processing of your personal data based on legitimate interests or public interests. If you raise an objection, we will stop the relevant processing activities unless we can prove that there are legitimate reasons overriding your interests;

 Right to Reject Automated Decision-Making: You have the right to object to decisions made solely on the basis of automated decision-making (including profiling) that have legal effects or significant impacts on you. If such decisions exist, we will provide you with a way of human intervention;

 Right to Complain to Regulatory Authorities: You have the right to complain to the data protection authority of the EU Member State (such as the Data Protection Commission of Ireland) about our personal data processing activities, and the relevant authority will conduct investigation and handling in accordance with the law.

6.2.2 Users in California, USA (Scope of CCPA and CPRA Application)

 Enhanced Right to Know: You have the right to know whether your personal information has been disclosed to third parties, and have the right to request us to disclose the specific categories, sources, purposes of collecting, using, sharing and selling your personal data within the past 12 months, as well as the names and categories of third parties with whom it has been shared or sold;

 Enhanced Right to Erasure: You have the right to request us to delete all your personal data (unless otherwise required by laws and regulations), and we must notify the third parties that have obtained your personal data to request them to delete the relevant data together;

 Right to Non-Discrimination: When you exercise any right stipulated by CCPA and CPRA, we will not discriminate against you (such as restricting function use, increasing service fees, refusing to provide services, etc.);

 Privacy Choice Right: You have the right to choose not to allow us to use your personal data for targeted advertising, profiling and other purposes, which can be operated through the privacy settings in this Application.

6.2.3 Users in Virginia, USA (Scope of VCDPA Application)

 Right to Object to Processing: You have the right to object to our processing of your personal data for purposes such as targeted marketing, sales and profiling. After raising an objection, we will immediately stop the relevant processing activities;

 Right to Ensure Data Accuracy: You have the right to request us to ensure the accuracy of your personal data. If you find data errors, we must correct them in a timely manner and notify the third parties that have obtained the data to update the relevant data;

 Right to Complain to Regulatory Authorities: You have the right to complain to the Virginia Department of Agriculture and Consumer Services about our personal data processing activities, and the relevant authority will handle it in accordance with the law.

6.2.4 Users in Brazil (Scope of LGPD Application)

 Enhanced Right to Data Portability: You have the right to request us to provide your personal data to you in an easy-to-understand, machine-readable format, or transfer it to another data controller designated by you, and we shall not charge any unreasonable fees;

 Right to Compensation for Damages: If our personal data processing activities violate the provisions of LGPD and cause losses to you, you have the right to request us to bear compensation liability;

 Right to Complain to Regulatory Authorities: You have the right to complain to Brazil's National Data Protection Authority (ANPD) about our personal data processing activities.

6.2.5 Additional Rights for Users in the United Arab Emirates (Scope of FADP Application)

 Right to Data Security: You have the right to require us to take necessary and reasonable security measures to ensure the security of your personal data. In the event of a personal data leakage incident, we will promptly notify you and the UAE data protection regulatory authority.

 Right to Prohibit Unauthorized Disclosure: You have the right to prohibit us from disclosing your personal data to any third party without obtaining your explicit consent (unless otherwise required by laws and regulations).

 Right to Complain: If you have any objection to our personal data processing activities, you have the right to file a complaint with the UAE Federal Data Protection Authority.

6.3 Methods of Exercising Rights

You can exercise all the above rights through the following methods. After receiving your request, we will verify your identity in a timely manner (the verification method will not excessively collect your personal data, but only used to confirm your user identity), assist you in exercising relevant rights, and ensure that the exercise of rights is convenient and efficient:

 Email Application: Send an email to our official contact email (rogerrodri44@gmail.com) or the Data Protection Officer's contact email, clearly stating the rights you want to exercise, your user-related information (to facilitate identity verification) and specific requests. We will reply within 7 working days after receiving the email, and complex requests (such as data portability, large-scale data deletion) will be processed and feedback results will be given within 15 working days;

 Feedback Function Application: Open this Application → enter the personal center → click "Feedback" to submit your request for exercising rights. We will reply and process within 7 working days after receiving the feedback;

 Written Application: You can mail your request for exercising rights and identity verification materials to our registered address (Room 201, Unit 1, Building 4, Dongsheng Jiayuan, No. 628 Chengyuan Road, Wusi Road Sub-district Office, Lianchi District, Baoding, Hebei, 071000, recipient marked: Data Protection Officer Group). We will process and feedback within 15 working days after receiving the written application.

VII. Complaint Channels (Guidelines for Users to Complain to Regulatory Authorities)

If you believe that our personal data processing activities violate the provisions of this Policy or relevant laws and regulations, or damage your legitimate rights and interests, you have the right to first complain to us through the email, feedback function and other methods agreed in this Policy. We will complete the processing and feedback results within 15 working days after receiving the complaint. If you are not satisfied with our processing results, or we fail to process your complaint within the agreed time limit, you have the right to complain to the personal data protection regulatory authority in your region, and we will actively cooperate with the investigation and handling of the regulatory authority.

Reference to complaint channels of major regional regulatory authorities (to facilitate your quick complaint):

 European Union: Data Protection Authorities of EU Member States (such as the Data Protection Commission of Ireland, official website: https://www.dataprotection.ie/);

 California, USA: California Privacy Protection Agency (CPPA, official website: https://cppa.ca.gov/);

 Virginia, USA: Virginia Department of Agriculture and Consumer Services (official website: https://www.consumer.virginia.gov/);

 Brazil: Brazil's National Data Protection Authority (ANPD, official website: https://www.anpd.gov.br/);

 United Arab Emirates: UAE Federal Data Protection Authority (official website: https://www.federalauthority.ae/);

 Other Regions: The corresponding personal data protection regulatory authority in your country/region.

VIII. Legal Basis for Data Processing

Our processing of your personal data strictly complies with the provisions of relevant laws and regulations and has a legal basis. The details are as follows:

 Based on Your Consent: Your act of checking this Policy, authorizing application permissions and actively submitting personal data shall be deemed that you agree that we will process your personal data in accordance with the provisions of this Policy, which is the main legal basis for us to process your personal data (corresponding to Article 6(1)(a) of GDPR, Section 1798.100 of CCPA, Article 7 of LGPD, etc.);

 Based on Contract Performance: To perform the service contract between us and you (you use this Application, and we provide you with services), we need to collect and use your relevant personal data (such as pictures, device information, etc.) to realize the core functions of this Application and ensure the normal provision of services (corresponding to Article 6(1)(b) of GDPR, Article 8 of LGPD, etc.);

 Based on Legitimate Interests: To maintain the normal operation of this Application, optimize application experience, prevent security risks, handle user feedback and other legitimate interests, we may process your relevant personal data (such as device information, usage behavior information, etc.) within a reasonable scope without damaging your legitimate rights and interests (corresponding to Article 6(1)(f) of GDPR, Article 5 of VCDPA, etc.);

 Based on Legal Obligations: In accordance with the mandatory requirements of laws and regulations, we need to process your personal data (such as cooperating with judicial investigations, performing data protection compliance obligations, etc.) (corresponding to Article 6(1)(c) of GDPR, Section 1798.105 of CCPA, etc.);

 Based on Public Interests: To maintain public interests (such as preventing malicious network attacks, protecting the legitimate rights and interests of other users, etc.), we may process your relevant personal data within a reasonable scope (corresponding to Article 6(1)(e) of GDPR, Article 9 of LGPD, etc.).

IX. Third-Party Service Description

This Application may integrate some third-party services (such as third-party SDKs, cloud storage services, server providers, image processing service providers, etc.) to realize core functions (such as image storage, application crash log statistics, audio processing, etc.). Such third-party services may access and process necessary personal data within the scope authorized by you (only used to realize their service functions).

We will sign strict data processing agreements and confidentiality agreements with third-party service providers, clarify their personal data protection obligations, require them to process your personal data in strict accordance with this Policy and relevant laws and regulations, take necessary security protection measures, strictly prohibit third parties from disclosing, abusing, sharing and selling your personal data, prohibit them from using personal data for purposes unrelated to services, and conduct comprehensive supervision and audit on the processing activities of third parties.

The privacy policy of the third-party service provider is independent of this Policy. You can check the third party's privacy policy to understand its relevant agreements on personal data processing. If you do not agree to the third party processing your personal data, you can stop using the functions involving the third-party service in this Application or uninstall this Application.

X. Application Usage Instructions

1. This Application only provides services to users over 18 years old. By checking this Policy, you confirm that you are over 18 years old. If you are under 18 years old, please stop using this Application immediately; we will not collect any personal data of natural persons under 18 years old.

2. This application has no registration or login function. After you check this Policy and agree to the User Service Terms, you can use all functions of this Application. We will not collect your account, password and other information related to registration and login.

3. You can turn off relevant permissions such as camera, photo album and microphone in the device settings at any time. After turning off the permissions, the corresponding functions may not work normally, but it will not affect the use of other unrelated functions.

4. You should properly keep your device, set security protection measures such as device password and application lock to prevent others from accessing your personal data and this Application without authorization. If your device is lost or stolen, you should notify us in a timely manner, and we will assist you in taking remedial measures such as deleting personal data and restricting use.

5. When using this Application, you should comply with relevant laws and regulations and the User Service Terms of this Application, and shall not upload or submit illegal, irregular, vulgar feedback content or pictures and other materials, nor disclose the personal privacy of others. If you violate the relevant agreements, we have the right to stop providing services for you, delete relevant content and your personal data, and pursue your corresponding responsibilities.

XI. Policy Updates and Notifications

11.1 Policy Updates

We may revise this Policy due to reasons including, but not limited to, updates in relevant laws and regulations, adjustments to the Google Play privacy policy review standards, or optimizations of this Application's functions. The revised Policy will be more conducive to protecting the security of your personal data, will not lower our obligations to protect your personal data, and will comply with relevant laws, regulations, and Google's review requirements.

The revised Policy will be notified to you via in-app pop-ups, official email, or other means. The revised Policy shall become effective on the effective date specified in such notification. If you do not agree to the revised Policy, you may stop using this Application, and we will delete or anonymize your personal data as agreed; if you continue to use this Application, you will be deemed to have fully understood and agreed to the revised Policy.

11.2 Notification Methods

We will notify you of matters related to personal data processing and this Policy (including but not limited to policy updates, data security incidents, results of rights exercise, complaint handling results, etc.) through the following means:

 In-app pop-ups and announcements;

 Official contact email: rogerrodri44@gmail.com;

 Other reasonable notification methods (e.g., in-app messages).
You should review relevant notifications in a timely manner. Any loss incurred due to your failure to timely review notifications shall be borne by you.

XII. Disclaimer

In the following circumstances, provided that we have fulfilled our corresponding obligations, have acted without gross negligence or willful misconduct, and meet the exemption requirements under applicable laws and regulations, we shall not be liable for any matters related to the processing of your personal data:

 Any leakage, loss, or alteration of your personal data, or any other loss, caused by your own improper actions (such as device loss, theft, password disclosure, active disclosure of personal data, etc.), which shall be borne by you;

 Leakage, alteration, or loss of personal data caused by force majeure events (such as earthquakes, floods, fires, network interruptions, cyber-attacks, virus intrusions, etc.), provided that we have taken reasonable preventive measures and initiated emergency plans in a timely manner;

 Where a third-party service provider violates the data processing agreement, disclosing, misusing, or altering your personal data without authorization, provided that upon discovery, we have fulfilled our supervision obligations and taken timely remedial measures such as terminating cooperation, requiring rectification, or deleting data – the relevant responsibility shall be borne by the third party;

 Any issues or losses related to personal data processing arising from your intentional provision of false information or forged identity, which shall be borne by you;

 Reasonable losses resulting from your exercise of personal data rights, leading to the inability to use certain functions normally or the deletion of relevant data (e.g., inability to view deleted feedback records), for which we shall not be liable;

 Any impact caused by our lawful processing of your personal data (e.g., providing data to regulatory authorities) in accordance with mandatory requirements of laws and regulations, for which we shall not be liable;

 Any impact caused by our use or sharing of anonymized information (anonymized information is not personal data), for which we shall not be liable;

 Other exemption circumstances as stipulated by laws and regulations.
The exemption clauses in this section shall not exempt our liability for compensation for leakage of your personal data or damage to your lawful rights and interests caused by our gross negligence or willful misconduct, nor shall they exempt our statutory obligations.

XIII. Dispute Resolution

Any dispute or controversy arising out of or in connection with this Policy shall be first resolved through friendly negotiations between the parties. If negotiations fail, either party has the right to file a lawsuit with the competent court in the location of the data controller.

During the dispute resolution process, except for the disputed clauses, both parties shall continue to perform the other clauses of this Policy and shall not arbitrarily terminate or suspend relevant obligations.

XIV. Contact Us

If you have any questions, suggestions, complaints regarding personal data processing, or wish to exercise your relevant personal data rights (access, correction, deletion, opt-out of data sales/sharing, etc.), you may contact us through the following means:

 Operating Entity: Baoding Binlie Electronic Technology Co., Ltd

 Registered Address: Room 201, Unit 1, Building 4, Dongsheng Jiayuan, No. 628 Chengyuan Road, Wusi Road Sub district Office, Lianchi District Baoding, Hebei, 071000

 Official Contact Email: rogerrodri44@gmail.com

 Data Protection Officer Contact Email: rogerrodri44@gmail.com (Please include "DPO Inquiry/Request" in the email subject line)

 Response Timeline: We will respond to your request within 7 business days of receipt. For complex requests (such as data portability, large-scale data deletion, complaint handling), we will process and provide feedback on the result within 15 business days.

The right of final interpretation of this Policy belongs to Baoding Binlie Electronic Technology Co., Ltd.

Baoding Binlie Electronic Technology Co., Ltd reserves all rights in accordance with relevant laws and regulations.