PRIVACY POLICY

Here at Beijing Changxiang Wisdom Technology Co., Ltd. (“ we” , “ us” , “ our” , or “ Changxiang Wisdom”, "CXZH"), we are making security products that are very powerful but also very easy to use. The key is in simplicity. We believe that your rights about privacy and control over your information should be also simple and easy to understand.

We will be transparent about the information (data) we collect and why we collect them. We do not and will not sell your data to third parties. Our primary purpose in collecting your data is to be able to deliver you better security products and services.

This Privacy Policy applies to Changxiang Wisdom‘s website and all products and services offered by Changxiang Wisdom. It describes how we collect, use, share and secure your personal information. It also describes your choices regarding use, access and correction of your personal information.

Effective date and update

Effective date of this privacy policy: 2023/07/07

Why do we collect your information?

When you install and use our apps, we can collect and process some of your data for different legitimate purposes. You will find below explanations regarding the reasons why we may collect data.

1. To run analytics and understand how users interact with our apps or games to provide better user experience and better service.
2. For third party analytics and third party advertising services - Express consent
3. To fix issues, such as the crash or ANR issues on some special devices

What kind of information do we collect?

We collect personal data about you from different sources as listed below. In this Statement, “personal data” means any information relating to an identified or identifiable individual. 

Personal Data You Provide to Us

When you interact directly with us, we may collect personal data that you provide to us, including: 

User Data. If you create an account with us, make a purchase, or request information about our product we collect information about you, including:

• Account Data. If you create an account with us, we collect identifiers, such as your name, mailing address, email address, phone number, user credentials (login name and password), and depending on the product purchased may also collect child name and age, emergency contact information, and location identifying labels (such as “home” or “school,” as defined by parent), driver’s license, and date of birth, as well as your audio, electronic, visual, or similar information, such as your picture (or avatar, if chosen). 
• Payment Data. If you complete a purchase for one of our products and services, we collect your billing address, including credit card, debit card, and or PayPal payment data, National ID (region specific, if outside the United States), and VAT/Tax ID (regional specific, if outside the United States), as well as commercial information, such as information about the items you have purchased. 
• Identity Data. We collect your date of birth, age, and gender, as well as identifiers, such as your address, email, bank account information, credit/debit card information, mother’s maiden name, insurance information, gamer tag, and other personal details about you, such as your Social Security Number and/or state/government identifier, driver’s license number or other national personal identifier to verify your identity and to provide identify theft monitoring and protection services.

Personal Data We Collect Automatically

When you visit and use our websites and Services, we may automatically collect data about your interaction with our websites and Services, including:

Product Data. If you install our products, we collect information about you, including:

• Device Data. We collect information to facilitate installation and use of our products, including your device and system information such as operating system, device name, browser, network, and applications running on the device. This data can also include internal identifiers such as Wallet ID, Auto bill ID, payment transaction ID, serial numbers, MAC address, Norton Machine ID, account generated unique ID, mobile device IDs (UDID, IMEI, and IDFA), Wi-Fi MAC Address, install identifier, Member ID, and LifeLock ID. 

• Service Data. This can include product license information, usage data, and/or preference information, browser activity, and URLs accessed, restoration case number (for filed restoration cases only), complaint case number (for lodged complaint only), parent case numbers (for disputed alerts only). This data may include internet or other electronic network activity information, such as diagnostic data such as crash dumps, system logs, error reports, product and internet usage time, network connection activity, interactions with our websites and extensions, blocked websites, device or phone settings, and reviews from third parties which we collect to, as necessary, to troubleshoot any malfunctioning Services. This data also helps us better understand and better serve your interests, expectations, needs and requirements.
•  Security Data. This data may include financial transactions, alert data, and data that is collected for cyber threat intelligence, as needed to provide cyber safety and identity threat protection Services. This data can include URLs and websites visited, executable files identified as malware, application names and versions, your interface and screen activity, and search terms. This data can also include device fingerprint ID from third parties to validate and authenticate payment and transaction information related to billing on accounts
•  Geolocation Data. When you use our Services, if you consent via the device interface to sharing the precise geolocation data of your device, we will receive your precise location information. We also infer your more general location information (for example, your IP address or time zone may indicate your more general geographic region). 
• Network Traffic Data. We may process internet or other electronic network activity information, such as network traffic data related to cyber and identity threats for network and information security purposes, including:
  • Sender email addresses (e.g., of sources of SPAM such as phishing scams);
  • Recipient email addresses (e.g., of victims of targeted email attacks);
  • Reply-to email addresses (e.g., as configured by cybercriminals sending malicious email);
  • Filenames and execution paths (e.g., of malicious or otherwise harmful executable files attached to emails);
  • URLs and associated page titles (e.g., of web pages broadcasting or hosting malicious or otherwise harmful content);
  • IP addresses (e.g., of web servers and connected devices involved in the generation, distribution, conveyance, hosting, caching, or other storage of cyber and identity threats such as malicious or otherwise harmful content); and
  • Browser information (e.g., user agent string and session within cookies).

Depending on the context in which such data is collected, the data may contain personal data concerning you or third parties. However, in such cases, we will process the data only to the extent strictly necessary and proportionate to the purposes of detecting, blocking, reporting (by removing any personally identifiable elements), and mitigating the cyber or identity threats of concern or those of other users relying on our Services to protect their networks, systems, and identities. When processing personal data in this context, we will only identify specific data subjects if and to the extent necessary for the remediation of the cyber or identity threats concerned, or as required by law.

Personal Data We Collect from Other Sources

• Referrals. We may collect personal data from you about other people, such as personal data about friends and family through customer or employee referrals, or data about family members you include on your account.

When you choose to provide us with personal data about third parties, we will only use this data for the specific stated reason that you provided it. It is your responsibility to abide by applicable privacy and data security laws when you disclose third parties’ personal data to us, including informing third parties that you are providing their personal data to us and how it will be transferred, used, or processed, and securing the appropriate legal permissions and safeguards. If you choose to provide us with a third party’s personal data, you represent that you have the third party’s permission to do so. Examples include forwarding references or sending job referrals. You also acknowledge that when we interact with such third-party individuals whose personal data you share with us, it is our duty to inform them that we obtained their personal data from you. Where applicable, third parties may unsubscribe from any future communication following the link provided in the initial message. If you believe that one of your contacts has provided us with your personal data and you would like to request that it be removed from our database, please contact us.

• Third-Party Data. This information includes personal data we may obtain about you from a third party through the use of our Services, including:
  • Credit reporting agencies and financial institutions (used for purposes such as identity theft protection Services);
  • Enrollment information from your employer (when enrolled with our Services as an employee benefit);
  • Marketing and joint-marketing partners (used for purposes such as to offer Services and/or joint Service bundles to prospective members);
  • Public sources such as the dark web to alert you to potential misuse of your personal data; and
  • Private sources for purposes of providing customers with alerts related to financial transactions, property title, social media abuse, and other types of alerts within our products.

Such data includes threat intelligence data used to analyze threats and protect you, us, and our other customers against cyber threats. This data may include the email and IP address of the sender of malware. Third Party data may also include data reflecting your usage of and engagement with our websites and Services collected by us or third-party analytics providers. This data helps improve the functionality and effectiveness of our websites and Services and may help to better tailor our websites and Service to your usage and preferences. You can find more information about sharing of your personal data with third-party partners in the “When and Why We Disclose Your Personal Data” section below.

We may combine personal data from our partners and third parties with personal data we already have about you, to provide you with more relevant communications and to better tailor our offers to you. We make reasonable efforts to verify that the third parties we work with are reputable, and we do not ask them to disclose your personal data if we do not have a lawful purpose and valid legal basis to collect and process that data.

How We Use and Process Your Personal Data

• Create and manage your account;
• Provide you with information and Services that you request;
• Authenticate your identity prior to enrolling in our Services;
• Verify your identity and entitlement to Services, when you contact us or access our Services;
• Process your purchase transactions;
• Update you on the status of your orders;
• Allow you to register the Services you purchase;
• Confirm that you received necessary service and transactional emails;
• Manage your subscriptions; and
• Provide you with technical and customer support.

Where you have provided your consent, in order to:

• Subscribe you to newsletters and send you product updates or technical alerts;
• Send you marketing communications and information on new Services;
• Communicate with you about, and manage, your participation in contests, offers, or promotions;
• Solicit your opinion or feedback and/or provide opportunities for you to test Services;
• Enable you to refer a friend who may be interested in our offerings, as permitted by law; 
• As applicable, to enable non-essential cookies or similar technologies; and
• As applicable, to provide you with interest-based ads about Gen Digital on sites other than our own.

For the purpose of fulfilling our legal obligations, we may be obligated to, for instance, keep and process records for tax purposes, accounting, other obligations such as court or other legal orders, and other necessary disclosures. 

For the purpose of promoting and operating our business and advancing our or a third party’s legitimate interests, such as the effective delivery of our Services, and communications to you as well as to our other customers and partners, in order to:

• Enable participation in interactive features of our Services, 
• Notify you about changes to our terms or this Privacy Statement;
• Communicate commercial promotions and provide quotes for our Services;
• Inform you about additional Services that provide solutions to issues detected as a result of your request;
• Promote and administer co-branded offers with trusted partners;
• Confirm sales conversions and conduct lead generation activities;
• Better administer and understand the usability, performance, and effectiveness of our Services websites, and communications to you, including troubleshooting, debugging, reviewing customer service interactions, data analytics, testing, research, and statistical analysis;
• Improve our Services (including developing new Services) and customize and present content in the most relevant and effective manner for you and for your device, including suggestions and recommendations about things that may be of interest to you; 
• *Enhance the security of our own networks and information systems; 
• *Develop cyber-threat intelligence resources; and
• *Otherwise keep our Services, business, and users safe and secure, and comply with applicable laws and regulations or judicial process or government agencies, and to protect or exercise our legal rights and defend against legal claims.

*For Network and Information Security Purposes and Cyber-Threat Intelligence:

Our legitimate interests include developing threat intelligence resources aimed at maintaining and improving the ability of our information networks and systems to resist unlawful or malicious actions and other harmful events, such as cybercriminal activities, and attempts at identity theft or fraud (“cyber and identity threats”).

We only rely on our or a third party’s legitimate interests to process personal data when these interests are not overridden by your rights and interests.

When and Why We Disclose Your Personal Data

We may disclose personal data about you with your consent, or: 

• With our Partners

We may provide your personal data to our partners for the purpose of allowing them to conduct Gen Digital business. Our partners may use your personal data to communicate with you and others about Gen Digital Services either alone or jointly with partner products and services. We may provide your personal data to partners to confirm your eligibility for joint or co-branded offers or to communicate and administer such offers (e.g., report sales conversions, verify eligibility, assess effectiveness of joint offer, etc.). Our partners are not allowed to use any data including personal data that they receive from us for any purpose except for communicating, evaluating, improving, and administering the offer in question (Gen Digital branded, co-branded, or joint offer). This will not affect the partner’s ability to use personal data that it may already have obtained from you or other sources. If you do not wish to receive promotional emails from our partners, you can unsubscribe directly using the unsubscribe link or tool provided in the partner’s email or other communication to you.

In the past 12 months since this Statement was last updated, we disclosed the following categories of personal data to our partners: User data, Product data, Website data, Third-party data.

• With our Distributors or Resellers
  
  We may provide your personal data to our distributors, resellers, or partners for the purpose of distribution, sale, or management of our products. Our distributors, resellers, or partners may communicate with you about Norton and LifeLock products or services. In addition, you may purchase our products directly from our distributor, a reseller, or an app store. Because your relationship in these cases is with that distributor, reseller, or app store, such third party will also process your personal data.
  
  In the past 12 months since this Statement was last updated, we disclosed the following categories of personal data to our partners: User data, Product data.

• With Our Advertising Partners

We engage in personalized (or targeted) advertising in our Services or on other sites when we advertise our Services elsewhere. We may provide or share (as defined by the CCPA) your personal data, including the data about your interests in our Services, to third parties for the purposes of serving you more relevant ads about our Services. Where we provide you with interest-based ads on a site other than our own, we do not track your other activities on that site. If you click on our ads, we will know the domain you came from.

In the past 12 months since this Statement was last updated, we disclosed or shared the following categories of personal data to our advertising partners: User data, Device Data, Website data.

• With Data Analytics Providers

We may provide your personal data to third parties to use the personal data in aggregate form to help us understand how our Services are being used or to understand the effectiveness of our marketing campaigns.

In the past 12 months since this Statement was last updated, we disclosed the following categories of personal data to our data analytics partners: User data, Product data, Website data.

• With Service Providers Processing Data on Our Behalf

We may use contractors and service providers to process the personal data we collect for the purposes described in this Statement, the relevant Product and Service Privacy Statements, and for business purposes such as financial auditing, data storage and security, troubleshooting and debugging, improving the functionality and usability of our websites and Services, improving and operationalizing threat intelligence and counter-threat measures, and for marketing and promoting our Services.

We contractually require service providers to keep data confidential, and we do not allow our service providers to disclose our data or your personal data to others without our authorization, or to sell it or use it for purposes unrelated to the services they provide (e.g., their own marketing purposes). However, if you have a separate and/or independent relationship with these service providers, their privacy statements will apply to such relationships. Such service providers may include benefit brokers, your employer (for products and services offered as an employee benefit), contact centers, payment card processors, and marketing, survey, or analytics suppliers.

In the past 12 months since this Statement was last updated, we disclosed the following categories of personal data to our service providers: User data, Product data, Website data, Third-party data.

• With Payment Processors If you pay for use of our services, you may use a third-party payment processor to take payment from you. These third parties are properly regulated and authorized to handle your payment information. However, they are independent controllers of your data with their own responsibilities.
  
  Your billing data is processed by the payment processor from whom you purchased the product. Your data is processed according to the relevant processor’s privacy policy.
  
  

  Third-party Privacy Policy:

  • Google Play Store (for mobile apps): https://policies.google.com/privacy

• With Public Authorities and Legal Proceedings 
  
  In certain instances, it may be necessary for us to disclose any of the personal data we collect to comply with a legal obligation, at the request of public authorities, or as otherwise required by applicable law. No personal data will be disclosed except in response to:
  • A subpoena, warrant, or other legal process issued by a court or other public authority of competent jurisdiction;
  • Discovery requests or demands as part of a civil lawsuit or similar legal process;
  • Where disclosure is required to comply with applicable laws, or necessary for us to enforce our legal rights pursuant to applicable law;
  • A request with the purpose of identifying and/or preventing credit card fraud or identity theft; or
  • Where disclosure of personal data is necessary to prevent or lessen a serious and imminent threat of bodily or other significant harm to the data subject or other individuals potentially concerned.

In the past 12 months since this Statement was last updated, we disclosed the following categories of personal data to public authorities: User data, Product data, Website data.

• For Restoration Services

We may disclose your user data, security data, diagnostic information, and third-party data to financial institutions, financial services companies, and other third parties at your direction to provide restoration services and other Services to you.

In the past 12 months since this Statement was last updated, we disclosed the following categories of personal data to financial institutions: User data, product data.

• With Our Corporate Affiliates

We may share the information we collect with our corporate affiliates, subsidiaries, branch offices and other members of our corporate group.

In the past 12 months since this Statement was last updated, we disclosed the following categories of personal data third-party corporate affiliates: User data, Product data, Website data, Third-party data.

• For Business Transfers

We may share the personal data we collect in connection with a substantial corporate transaction, such as the sale of a website, a merger, acquisition, consolidation, asset sale, or initial public offering, or in the unlikely event of bankruptcy.

Third-parties Privacy Policy:

For antivirus engine:

• Antiy Antivirus SDK - https://www.avlsec.com/en/privacy-policy

For ad services:

• Google Admob - https://policies.google.com/privacy?hl=en
• Facebook - https://www.facebook.com/about/privacy
• AppLovin - https://www.applovin.com/privacy
• Pangle - https://www.pangleglobal.com/privacy

For analytics:

• Google Analytics - https://policies.google.com/privacy
• Firebase - https://firebase.google.com/support/privacy/

For purchasing:

• Google Play - https://play.google.com/intl/ALL_us/about/play-terms.html

Others:

• If the government asks for your information, your information will be revealed to them.
• If someone buys our company us or we go bankrupt, your information may be transferred to someone else.

Access to your information:

Our services are not directed to children under eighteen, and we do not knowingly collect personal information from children under thirteen. If we learn that we have collected personal information of a child under thirteen we will delete such information from our files as soon as possible, provided, however, that some information may remain in archived/backup copies for our records or as otherwise required by law.

The Legal Bases for Using Personal Information

The General Data Protection Regulation (GDPR) is effective starting from May 25, 2018. The GDPR requires that a valid legal basis be used to process personal data:

• Performance of a contract: The use of your personal information may be necessary to perform the agreement you have with us. For example, to complete your purchase of your product, to make sure that your product performs its functions in a secure way or to respond to your requests.
• Legitimate interests: We may use your personal information for our legitimate interests. For example, we rely on our legitimate interest to analyze and improve our products and the content on our websites, to send you notifications about software updates or information about products or to use your personal information for administrative, fraud detection or legal purposes.
• Legal obligation: We may use your personal information to comply with legal requirements, as further mentioned above, if government ask for your information.
• Consent: We may at times, request your consent to conduct certain actions with your personal information. When requesting your consent, we are transparent and clear in ensuring you know what you are consenting to.

How do we protect your information?

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site. Sensitive and private data exchange between the Site and its User happens over a SSL secured communication channel and is encrypted and protected with digital signatures.

Privacy policy updates

We will update our Privacy Policy as necessary to ensure that our policies are in line with international regulations, our product and business practices. If we make any changes to this Privacy Policy, we will notify you of such changes by posting them on our website or by sending you an email or other notification prior to the change becoming effective.

Contact us

We have appointed an executive agent for our privacy protection policy, who will be responsible for our compliance with the privacy criteria as described in this statement.

If you have any questions or concerns regarding this Privacy Policy, would like to modify the communications option, update or refer to your personal information we possess, or withdraw your decision to allow us to collect, use or publish your personal information, please feel free to contact us at any time:

Email: big.cats.feb+legal@gmail.com

Changxiang Wisdom
Room 02B-412, 2nd Floor, Tower C
No. 28 A Information Road
Haidian District, Beijing
We will contact you within 15 days from the receipt of your contact, and will do our best to resolve any problem you have.