Legal Statement and Privacy Right Policy

Version dated May 2018

Reminders

Your trust is of great importance to us. We deeply understand the importance of user information security, and will take security measures in accordance with laws and regulations to protect your user information to keep it secure and under control. Therefore, Hangzhou Danqoo Network Media Technology Co., Ltd. (“we”) formulates this Legal Statement and Privacy Right Policy (this “Statement and Policy”) and reminds you that: Before using our services, please carefully read and thoroughly understand this Legal Statement and Privacy Right Policy and confirm that you have fully understood and agreed to this Statement and Policy before using relevant products or services. By using our services, you acknowledge that you accept and recognize the contents hereof.

If you have any questions, comments or suggestions on the contents of this Statement and Policy, you may contact us via online channel.

Definition

Affiliates: mean the affiliates as disclosed by Alibaba Group Holding Limited in its latest annual report as a listed company. You may find details athttp://www.alibabagroup.com/cn/ir/secfilings.

Personal Information: means all kinds of information, recorded electronically or otherwise, that is sufficient to identify a natural person on its own or in combination with other information, including but not limited to name, birth date, identification certificate number, personal biometric information, address and telephone number of a natural person. The Personal Information referred to herein is your personal information that we collect, transmit, store, use and share for the purpose of providing services to you.

Business Data: means the data you upload, download, store or process using your services that is different from Personal Information.

Legal Statement

  1. Ownership of Rights
    1. Our logo, “Alibaba Cloud” and other texts, graphs and combination thereof, other marks and symbols of ours and our service names are the registered trademarks of ours and our Affiliates’ in China and other countries. Without our written authorization, no one may display, use or otherwise process (including without limitation reproduce, disseminate, show, mirror, upload and download) any of the said trademarks in any way or represent to others that you have the right to display, use or otherwise process any of the said trademarks.
    2. The intellectual property rights in all of our products, services, technologies and all applications (“Technical Services”) shall vest in us or their right owners.
    3. Unless otherwise stated by us, all rights (including but not limited to copyright, trademark right, patent right, trade secret and any other related rights) in, of and to all documents and other information (including but not limited to texts, graphs, pictures, photos, audios, videos, icons, colors, layout and electronic documents) published by us on our website are vested in us. Without our permission, no one may use the said information (including but not limited to monitor, reproduce, rebroadcast, display, mirror, upload and download any contents in our website via programs or devices). Where any person is authorized to browse, reproduce, print or disseminate any information in our website, such information shall not be used for commercial purposes and this statement of rights must be included when using all or any portion of the information.
  2. Limitation on Liability
    1. We hereby remind you that you shall abide by laws of the People’s Republic of China in using our services, and you shall not endanger cyber security or utilize our services to engage in activities that infringe upon others’ reputation right, privacy, intellectual property rights or other legitimate interests. Notwithstanding the aforesaid reminder, we will assume no liability for your purposes of using our services.
  3. Protection of Intellectual Property Rights

    We respect intellectual property rights and oppose and combat any infringement upon intellectual property rights. If any organization or individual believes that the contents of our client pages may infringe upon its/his/her legitimate interests, such organization or individual may issue a written notice of claims to us and we will deal with the same by law as soon as possible after receipt of applicable notice from the intellectual property right owner.

    Privacy Right Policy

    We respect and protect user information and will treat the same with great duty of care. When you use our services, we will collect, process and disclose your personal information in accordance with this Privacy Right Policy. With this Privacy Right Policy, we intend to clearly introduce to you how we deal with your Personal Information. Therefore, we advise you to read this Privacy Right Policy completely to understand the means of protecting your privacy right.

    If you have any questions, comments or suggestions, please contact us via the contact information we provide.

    This Policy will help you understand the following:

    1. Scope of Application
    2. Collection and Use of User Information
    3. Sharing, Transfer and Disclosure of User Information
    4. User Information Management
    5. Use of Cookie and Similar Technologies
    6. Personal Information Security
    7. Protection of Minors
    8. Update of This Privacy Right Policy
    9. How to Contact Us
    1. Scope of Application
      1. This Privacy Right Policy shall apply only to your use of our services, including the provision of network distribution, control and management of smart device to you.
      2. This Privacy Right Policy shall not apply to services provided by third parties to you. For example, this Privacy Right Policy shall not apply to the information you provide to a third party who relies upon our platform to provide services to you.
      3. The Legal Statement and Privacy Right Policy is the general privacy right policy for AliCould IoT section, and all the user rights and information security measures therein apply to our users. In case there is any discrepancy or conflict between the Legal Statement and Privacy Right Policy and this Privacy Right Policy, this Privacy Right Policy shall prevail.
    2. Collection and Use of User Information
      1. Member information
        1. If you have registered any Taobao account or Alipay account, you may log in to our services using such account. If so, the real-name information (name, ID card number, phone number/email) you provide for the registration of Taobao account or Alipay account will be synchronized with us.
      2. Provision of Technical Services to you

        Information provided by you to us includes:

        1. The information you are requested to provide is subject to that listed on our web page. If you do not intend to use certain services, you are not required to provide relevant information.

        Information collected by us during your use of the services

        1. Device information: we will receive and record the information relating to the smart device you use in accordance with the authority you grant in the installation and use of the application (such as the information of the smart device the network distribution is completed by us, including device model, operating system version, device setting, unique device identifier and other Software and hardware characteristic information).
        2. Log information: When you use the services provided by our website or client, we will automatically collect detailed information relating to your use of our services and save them as network logs, such as your searches, IP addresses, types of browsers, telecommunication service providers, languages, visit dates and times, and web pages visited by you.

        Information provided by the service provider of the smart device when you use our services:

        1. Smart device operating information (such as the information of operating mode, current temperature, current fan speed and current relative humidity of a smart air-conditioner) and location information (such as the information of IP address, GPS location and Wi-Fi access point and Bluetooth that can provide relevant information).
        2. Please note that the device information or operating information alone is not sufficient to identify a certain natural person. If we combine such non-Personal Information with other information to identify a certain natural person, or use the same in combination with Personal Information, then such non-Personal Information will be deemed as Personal Information during such combination, and we will anonymize and de-identify such Personal Information unless with your authorization or it is otherwise provided by laws and regulations.
      3. We use the user information provided by you or collected by us for the following purposes:
        1. To provide you with services and maintain and improve such services;
        2. To promote and introduce products to you to the extent permitted by laws and regulations;
        3. We may use your Personal Information to prevent, identify and investigate into fraud, any act endangering security, illegal activity, or any other act which breaches or violates any agreement, policy or rule with or of us or any of our Affiliates so as to protect the legitimate rights and interests of you, any of our other users, us or any of our Affiliates;
        4. We may combine your information obtained from a certain service with information from any other service so as to provide you with services, personalized content and advice;
        5. For any other purpose as permitted by you.
    3. Sharing, Transfer and Disclosure of User Information
      1. Sharing

        We will not share your user information with any other organization or individual, except in the following circumstances:

        1. Sharing with express consent: We will share your user information with other parties with your express consent;
        2. Sharing as required by laws: We may share your user information as required by laws, regulations, litigation or arbitration, or by administrative or judicial authority in accordance with laws;
        3. Sharing with authorized partners: As we may engage our trusted partners to provide services, we might share your certain Personal Information with such partners in order to provide better customer service and optimize user experience. We will only share your user information for lawful, proper, necessary, specific and express purpose to the extent required for providing the services. Our partners have no right to use the shared user information for any other purpose.

        Currently, the type of our authorized partners includes supplier, service provider and others. We send the information to the suppliers, service providers and other partners who support our business by providing underlying Technical Services, consultation, analysis and other professional services.

        We will conclude strict confidentiality agreement and information protection agreement with the companies, organizations and individuals with whom we share user information to require them to treat user information in accordance with our instruction, this Privacy Right Policy and any other relevant confidentiality and security measures.

      2. Transfer

        We will not transfer your user information to any company, organization or individual, except in the following circumstances:

        1. Transfer with express consent: We will transfer your user information to other parties upon obtaining your express consent;
        2. In case of any acquisition, merger or insolvency liquidation, or other circumstances involving merger, acquisition or insolvency liquidation, of us with any other legal entity, if transfer of user information is involved, we will require the new company, organization or individual in possession of your user information to continue to be bound by this Policy, or we will require such company, organization and individual to obtain your authorization and consent again.
      3. Disclosure

        We will disclose your user information only under the following circumstances:

        1. We may disclose your user information with your express consent or at your voluntary option;
        2. In order to protect the personal and property safety of our platform, our Affiliates or the public, we may disclose your user information in accordance with applicable laws or your relevant agreements or rules.
      4. Exceptions to obtaining prior authorization and consent for sharing, transfer and disclosure of user information

        Your user information may be shared, transferred or disclosed without your prior authorization and consent under any of the following circumstances:

        1. National security and national defense security are involved;
        2. National security and national defense security are involved;
        3. Criminal investigation, prosecution, judgment and enforcement are involved;
        4. For the purpose of protecting your or other individual’s life, property and other major lawful rights and interests, where it is hard to obtain your prior consent;
        5. The Personal Information is disclosed voluntarily by you to the public;
        6. The Personal Information is collected from the information disclosed through lawful public channels, such as lawful news reports or information disclosure by government.
  4. User Information Management
    1. You may log in to the “administrator page” of our client to inquire and administrate (change or delete) the basic business information (house area, family status and house address) and family member information submitted by your for the use of our services.
    2. You may submit a request for deletion of user information to us under any of the following circumstances:
      1. Our user information processing violates any law or regulation;
      2. We collect or use your user information without your express consent; or
      3. Our Personal Information processing materially breaches the agreement with you.

    For the purpose of security, you may be required to provide a written request or to otherwise identify yourself. We may ask you to identify yourself before processing your request.

  5. Use of Cookie and Similar Technologies
    1. In order to ensure the normal operation, provide you with more convenient visit experience and recommend contents that may be of interest to you, we will store small data files named “cookie” on your client. Cookies usually contain identifiers, site names and certain numbers and characters. We can only read the cookies provided by us.
    2. Cookies are able to store your preference. When you visit our website next time, we will be able to display the information you need.
    3. You may manage cookies according to your preference or clear all cookies stored on your mobile device. However, if you do so, you need to change the user setting each time you visit our website.
    4. In addition to cookies, we will use beacon, pixel tag and other similar technologies on our website.
  6. User Information Security
    1. We attach great importance to the security of your information. We endeavor to take all kinds of physical, electronic and administrative security measures to protect your use information from unauthorized access, disclosure, use, manipulation, damage or loss. We will use encryption techniques to improve the security of user information, use trusted protection mechanism to protect user information from malicious attack, deploy access control mechanism to ensure the user information is accessible only to authorized personnel to the maximum extent possible, and hold training sessions about security and privacy protection to enhance our employee’s awareness of the importance of user information protection.
    2. We will take reasonable and practical measures to avoid collecting irrelevant and unnecessary user information to the maximum extent possible. We will retain your user information only for the period as is necessary to achieve the purposes set forth in this Policy, unless it is agreed by you and us to prolong the retention period or permitted by law. Upon the expiration of such retention period, we will delete or anonymize your Personal Information.
    3. Upon occurrence of any user information security incident (such as disclosure or loss), we will, in accordance with the requirements of laws and regulations, notify you of the following matters: basic information and possible influence of such security incident, handling measures we have taken or will take, suggestions on how you may prevent or reduce risks on your own, and remedies to be taken for you. We will notify you of the relevant information of such incident through email, letter, phone, and push notification. If it is difficult to notify each user information subject one by one, we will publish announcement in a reasonable and effective manner.
    4. In addition, we will also report the handling of user information security incident according to the requirements of regulatory authorities.
    5. If the operation of our products or services stops, we will take reasonable measures to protect your user information security, including timely stopping further collection of your user information, sending you a notice thereof on a personal basis or in the form of announcement, and deleting or anonymizing your Personal Information held by us.
    6. If we intend to use your user information for any purpose other than those specified when we collect the same or beyond the scope that is directly or reasonably relevant, we will inform of you the same again and obtain your express consent.
  7. Protection of Minors

    We attach importance to the protection of Personal Information of minors. If you are a minor, we suggest that you ask your guardian to read this Privacy Right Policy carefully, and you may use our services and/or provide us with information subject to the consent of your guardian.

  8. Update of This Privacy Right Policy
    1. There might be modifications of this Privacy Right Policy.
    2. Without your express consent, we will not restrict the rights you are entitled to under this Policy. We will publish any modification of this Policy on a specific web page.
    3. With respect to material modifications, we will also provide a more noticeable notice (with respect to certain services, we will give notice in the form of announcement to specify the modifications of this Policy in detail).
    4. Material change herein includes but is not limited to:
      1. Material change of our service mode, such as the purpose of processing user information, the type of user information we process and the way in which we use user information;
      2. Material change of control and organizational structure, such as the change of owner due to business adjustment or bankruptcy buyout;
      3. Change of the main subject to whom the sharing, transfer or disclosure of user information is made;
      4. Change of the main subject to whom the sharing, transfer or disclosure of user information is made;
      5. Change of our department responsible for the security of user information processing, its contact information or complaint channel; and
      6. High risk is indicated in the user information security impact assessment report.
  9. How to Contact Us

    If you have any questions or comments on the contents of this Statement and Policy or the practice of this Privacy Right Policy, you may contact us via online channel.