Leavison App Privacy Policy

Effective Date: July 01, 2025

This Leavison App Privacy Policy (hereinafter referred to as the "Policy") is formulated by Hangzhou Weixiang Shichuang Technology Co., Ltd. (hereinafter referred to as "we"/"the Operator") in accordance with the Personal Information Protection Law of the People's Republic of China, Cybersecurity Law of the People's Republic of China, Information Security Technology - Specifications for Personal Information Processing, as well as the General Data Protection Regulation (GDPR) (EU/EEA), California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) (U.S.), and other applicable privacy laws and regulations for users in Europe, the United States and other regions.

This Policy aims to clearly inform you of our rules for collecting, using, storing, and protecting your personal information (Personal Data under GDPR), as well as the rights you hold with respect to your personal information. Your use of any service provided by the Leavison App (hereinafter referred to as the "App") constitutes your full reading, complete understanding, and consent to all terms of this Policy, and your agreement to our processing of your personal information in accordance with this Policy. If you do not agree to this Policy, you must immediately cease using the App.

This Policy is a supplementary agreement to the Leavison App Service Agreement and has the same legal effect as the Service Agreement. For matters not covered herein, please refer to the relevant provisions of the Service Agreement.

1. Definitions

1. Personal Information (Personal Data): Any information recorded by electronic or other means that can identify a specific natural person, either alone or in combination with other information, or reflect the activities of a specific natural person. This includes, but is not limited to, mobile phone numbers, email addresses, and information related to device permissions. For EU/EEA users, this definition aligns with the scope of "Personal Data" under GDPR.
2. User-Generated Content (UGC): All content created by you through the App's creative modules, including but not limited to emojis, creative materials, and other original content owned by you.
3. Device Permissions: System function permissions (e.g., Bluetooth, location) that your mobile device grants to the App.

2. Collection and Use of Personal Information

We collect your personal information in accordance with the data minimization principle (a core principle under GDPR and global privacy standards) – we only collect information necessary to fulfill the core functions and agreed service purposes of the App, and we will not collect irrelevant information. The specific types of information collected and their intended uses are as follows:

(1) Account-Related Information: Mobile Phone Number/Email Address

1. Collection Scenarios: You may voluntarily provide either a mobile phone number or an email address when registering, logging into the App, or requesting account recovery or password reset.
2. Purpose of Use: Solely for account registration, identity verification, login authentication, password recovery, and account security maintenance for the App.
3. Usage Restrictions: We will not use your mobile phone number or email address for irrelevant purposes such as advertising push or commercial marketing, nor will we disclose such information to third parties (except as required by applicable laws and regulations).

(2) Information Related to Device Permissions

We will only request and use the following permissions of your terminal device with your explicit consent. You have full control over the enabling and disabling of these permissions, which can be adjusted at any time in your device's system settings. Disabling a permission may prevent the corresponding core function of the App from working properly.

1. Bluetooth Permission
   • Purpose of Authorization: To enable pairing, binding, parameter configuration, operation control, status synchronization, and other core operations between your mobile terminal and our officially released sports devices.
   • Usage Restrictions: This permission is exclusively used for the above device interaction functions. We will not collect any information about your terminal device or other third-party devices through Bluetooth permission.
2. Location Information Permission
   • Purpose of Authorization: For Android terminal devices only – basic location information is required to ensure the normal operation of Bluetooth functions (a technical requirement of the Android system). We do not collect precise location data, trajectory information, or any other location-related data through this permission, nor do we use this permission for location tracking, geographic information analysis, or any other unrelated purposes.
   • Usage Restrictions: For iOS terminal devices, Bluetooth functions work normally without location information authorization, and we will not request location information permissions from iOS devices.

3. Collection and Processing of User-Generated Content (UGC)

The App provides creative module services that allow you to create, publish, and share original content such as personal emojis. The rules for collecting and processing such content are as follows:

1. Content Collection: UGC (e.g., emojis) that you actively publish, submit, or share through the creative modules will be collected and stored by us, and this collection is based on your voluntary consent.
2. Content Review: All UGC you share will be reviewed by our platform in accordance with applicable laws, public order and good morals, and the relevant provisions of the Leavison App Service Agreement. We reserve the right to reject publication, block, or delete content that violates review standards, and may take measures such as restricting access to creative modules or suspending account services based on the severity of the violation.
3. Platform Usage Rights: By sharing UGC on the App, you irrevocably grant us a worldwide, non-exclusive, sublicensable, royalty-free license to use such materials for the App’s operation, display, promotion, function optimization, user communication, and other related service scenarios (including, but not limited to, in-app display and use as platform promotional materials). No additional compensation will be paid to you for such use.
4. Ownership of Rights: You retain all intellectual property rights (including copyright) in your UGC. We only hold the usage rights as stipulated in this section. If you choose to delete shared UGC, we will cease displaying and using the content and delete the relevant materials within a reasonable period (except for content that has been legally disseminated).
5. Liability Warranty: You warrant that all UGC you share is independently created by you and does not infringe on any third party’s intellectual property rights, portrait rights, reputation rights, or other legitimate rights and interests. You shall be liable for all damages suffered by us or third parties due to infringement caused by your content.

4. Storage of Personal Information

1. Storage Location: Personal information we collect is stored within the People's Republic of China. For users in the EU/EEA, U.S., and other regions, we ensure that data storage complies with GDPR’s cross-border data transfer rules (e.g., Standard Contractual Clauses) and applicable U.S. state and federal laws where required. We will not transfer personal information outside of China unless required by applicable laws and with your explicit consent.
2. Storage Period:
   • Account-related information (mobile phone number/email address): Retained from the date of your account registration until 15 working days after you actively cancel your account, after which we will delete or anonymize such information;
   • Device permission-related information: Temporarily stored only while you have enabled the permission and use the relevant App functions. Collection and storage of such information will cease immediately when you disable the permission or exit the App;
   • User-Generated Content (UGC): Retained from the date of publication until 15 working days after you actively delete it or cancel your account, after which we will delete the relevant content.
3. Storage Security: We adopt industry-standard technical safeguards (including, but not limited to, data encryption, access control, firewall protection) and administrative safeguards (including, but not limited to, dedicated personnel oversight, confidentiality training, and operation log recording) to protect your personal information from unauthorized disclosure, alteration, damage, or loss, in compliance with GDPR’s data security requirements and U.S. privacy standards.

5. Sharing, Transfer, and Public Disclosure of Personal Information

1. We will not sell, rent, or commercially transfer your personal information or UGC to any third party.
2. We will not share your personal information with third parties except in the following statutory circumstances:
   • With your express written consent (or explicit consent, as required by GDPR/CCPA) to share with a third party designated by you;
   • When required by applicable laws, judicial or administrative authorities (e.g., court orders, regulatory subpoenas);
   • With service providers (e.g., server hosting, data storage providers) who assist us in providing technical and operational support. We will enter into strict Data Processing Agreements (DPAs) with such providers (in compliance with GDPR requirements), requiring them to use the information only for the agreed purposes and to prohibit further disclosure to any third party;
   • In the event of corporate restructuring (e.g., merger, division, liquidation), personal information may be transferred to the successor entity, which will be bound by the privacy protections set forth in this Policy.
3. We will not publicly disclose your personal information unless we obtain your explicit consent or are required to do so by applicable laws (after completing required notification procedures).

6. Your Rights Regarding Personal Information

In accordance with the Personal Information Protection Law of China, GDPR, CCPA/CPRA, and other applicable privacy laws, you have the following rights with respect to your personal information, and we will provide convenient channels for you to exercise these rights:

1. Right to Access: You have the right to request access to the personal information we collect and store about you, as well as information about how it is used (in compliance with GDPR’s Right of Access and CCPA’s Right to Know);
2. Right to Rectification: If your personal information (e.g., mobile phone number, email address) is inaccurate or incomplete, you have the right to request us to correct it;
3. Right to Erasure/Deletion: You have the right to request the deletion of your personal information under applicable statutory conditions (e.g., GDPR’s Right to Erasure/"Right to be Forgotten", CCPA’s Right to Delete);
4. Right to Account Deletion: You have the right to request the deletion of your App account through relevant functions in the App or our official contact channels. After account deletion, we will delete or anonymize your personal information in accordance with this Policy;
5. Right to Withdraw Consent: You have the right to withdraw your consent to device permissions (e.g., Bluetooth, location) at any time through your device’s system settings. We will immediately cease using the relevant permissions and collecting corresponding information upon withdrawal;
6. Right to Object and Lodge Complaints: If you object to our processing of your personal information or believe that our data practices violate your legal rights, you have the right to lodge a complaint with us and request a resolution. For EU/EEA users, you also have the right to lodge a complaint with your local Data Protection Authority (DPA).

How to Exercise Your Rights

You may submit a request to exercise the above rights through the "After-Sales Support / Contact Us" module in the App, or via the official contact information set forth in Section 10 of this Policy. We will verify your identity and respond to your request within 15 working days (or 30 working days for complex matters, with prior notification to you), in compliance with GDPR/CCPA response time requirements.

7. Protection of Minors' Information

1. We recognize the importance of protecting minors' personal information and comply with the Children's Online Privacy Protection Act (COPPA) (U.S., for children under 13) and GDPR’s provisions on children’s data protection (for children under 16, or as required by EU member states). If you are a minor under the age of 18 (or under 13 for COPPA-covered users), you must use the App under the supervision, consent, and guardianship of your legal guardian. Guardians shall assist minors in complying with this Policy and applicable laws and regulations.
2. We will not actively collect additional personal information from minors. If a guardian discovers that we have collected personal information of a minor, the guardian has the right to request us to delete it, and we will promptly process such requests after verification.

8. Changes and Notification of This Policy

1. We reserve the right to modify and update this Policy to reflect changes in applicable laws, regulations, or the App’s service functions.
2. After modifying this Policy, we will publish the updated version in a prominent location within the App for a notice period of no less than 7 working days. The revised Policy will take effect upon the expiration of the notice period.
3. Your continued use of the App after the notice period constitutes your acceptance of the revised Policy. If you do not accept the revised Policy, you must immediately cease using the App.

9. Dispute Resolution

1. Any dispute arising out of or in connection with this Policy shall first be resolved through amicable negotiations between the parties. If negotiations fail, the dispute shall be handled in accordance with the dispute resolution provisions of the Leavison App Service Agreement:
   • If you are a consumer user: You may choose to initiate legal proceedings in the people’s court with jurisdiction over the domicile of Hangzhou Weixiang Shichuang Technology Co., Ltd. or your place of residence. For EU/EEA users, disputes may also be resolved through Alternative Dispute Resolution (ADR) mechanisms as required by GDPR;
   • If you are a non-consumer user: The dispute shall be subject to the jurisdiction of the people’s court with jurisdiction over the domicile of Hangzhou Weixiang Shichuang Technology Co., Ltd.
2. The conclusion, effectiveness, performance, interpretation, and dispute resolution of this Policy shall be governed by the laws of the People's Republic of China, as well as applicable EU/EEA and U.S. privacy laws for users in those regions.

10. Contact Us

If you have any questions, comments, or suggestions regarding this Policy, or wish to exercise your rights related to personal information, please contact us through the following channels, and we will handle your request in a timely manner: