Yunfan Zhiyuan logo Yunfan Zhiyuan
Legal

Privacy Policy

Effective Date: May 15, 2026. This Privacy Policy applies to Chengdu Yunfan Zhiyuan Technology Co., Ltd, website yunfanzhiyuan.com, and all mobile applications, software products, and related services released through Google Play, Apple App Store, and any other authorized application marketplaces.

1. Data Controller and Contact

Data Controller: Chengdu Yunfan Zhiyuan Technology Co., Ltd.
Office Address: No. 806, 8th Floor, Building 1, No. 29 Xinsheng Road, Chengdu High tech Zone (self numbere d), Chengdu, 610000, CN.
Website: yunfanzhiyuan.com.
Business Support: support@yunfanzhiyuan.com.
Key Account Contact: wangfan1@yunfanzhiyuan.com.

2. Scope

This policy covers personal data processed when users access our websites, business portals, mobile management applications, software services, cloud services, data services, and customer support channels. It also applies to app store listing pages, ad-supported user flows, and integrations with third-party analytics, identity, and advertising systems.

3. Data We Collect

3.1 Information You Provide

  • Account profile information such as name, company, role, email, and business contact details.
  • Support and service request details, including issue descriptions and attachments.
  • Contract, billing, procurement, or business consultation information.
  • Feedback, survey responses, and user communication records.

3.2 Information Collected Automatically

  • Device information, including model, operating system version, app version, locale, and language.
  • Network and technical logs, including IP address, request timestamps, crash logs, and diagnostics.
  • App activity data such as session events, feature interactions, and in-app navigation behavior.
  • Advertising identifiers (for example GAID/AAID on Android and IDFA on iOS where permitted by platform settings and consent requirements).

3.3 Information from Third Parties

  • Marketplace signals from app stores, including installation source, campaign attribution, and policy notices.
  • Fraud-risk indicators and anti-abuse metadata from trusted security and analytics providers.
  • Aggregated or pseudonymized marketing insights provided by ad monetization partners.

4. How We Use Data

  • To provide software development, cloud computing equipment technology services, big data services, internet data services, and information system integration services.
  • To provide and optimize mobile management applications and related business operations.
  • To process technical services, technology development, technology consulting, technical exchange, technology transfer, and technology promotion workflows.
  • To deliver customer support, enterprise management consulting, marketing planning, and business information consulting.
  • To maintain system security, prevent fraud, and detect policy violations.
  • To manage lawful advertising monetization, attribution measurement, and campaign optimization under applicable legal requirements.
  • To comply with legal obligations, regulatory orders, and platform policy requirements.

Where required by law, we rely on one or more legal bases, including:

  • Performance of a contract or pre-contractual request.
  • Legitimate interests in secure and efficient service delivery, balanced against user rights.
  • User consent, including consent for specific advertising or tracking functions where required.
  • Compliance with legal obligations and regulatory duties.
  • Protection of vital interests and public-interest requirements when applicable.

6. Data Sharing and Disclosure

  • Service providers that host infrastructure, process analytics, provide customer operations, and support security.
  • App marketplaces and payment processors for app publication and transaction support.
  • Advertising and monetization partners where configured in applications and permitted by law.
  • Corporate affiliates, advisors, auditors, and legal counsel under confidentiality obligations.
  • Government authorities, regulators, or courts when legally required.
  • Potential acquirers or investors in connection with merger, restructuring, financing, or business transfer, subject to confidentiality and lawful handling.

7. Advertising and Monetization Platforms

Some applications may include ad-supported monetization. Supported ad formats may include app open ads, rewarded video ads, interstitial ads, banner ads, and native placements, depending on product design and user region.

Examples of advertising and monetization platforms or mediation stacks that may be used, directly or through mediation:

  • Google AdMob and Google Ad Manager
  • Meta Audience Network
  • Unity Ads
  • AppLovin and AppLovin MAX
  • ironSource
  • Mintegral
  • Pangle
  • Vungle (Liftoff Monetize)
  • Chartboost
  • InMobi
  • Start.io
  • Tapjoy
  • AdColony
  • Smaato
  • Amazon Publisher Services
  • Moloco
  • Digital Turbine
  • Kidoz or youth-focused ad systems where child-directed settings are required

Advertising SDKs may process identifiers, coarse or precise location (when permitted), device characteristics, engagement signals, and anti-fraud data. For jurisdictions requiring prior consent, personalized advertising is disabled until valid consent is obtained. Users may reset device advertising identifiers or disable tracking through operating system settings.

8. Cookies, SDKs, and Similar Technologies

  • Essential technologies for authentication, load balancing, and service stability.
  • Analytics technologies to understand aggregate usage and performance trends.
  • Advertising SDK technologies for monetization, frequency capping, attribution, and fraud prevention.
  • Consent management technologies, including signals aligned with IAB TCF where implemented.

Users can control cookies through browser settings and manage app permissions through mobile system controls.

9. International Data Transfers

Data may be processed in multiple jurisdictions where our infrastructure or partners operate. For cross-border transfers, we implement appropriate safeguards, which may include contractual clauses, transfer impact assessments, organizational controls, and technical security measures required by applicable law.

10. Data Retention

We retain personal data only for as long as necessary to fulfill service purposes, legal obligations, dispute resolution, and security requirements. Retention periods vary by data category, service type, and legal environment. We delete or anonymize data when no longer necessary.

11. User Rights by Region

11.1 European Economic Area, United Kingdom, and Switzerland

  • Rights may include access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.
  • Users may lodge complaints with supervisory authorities.
  • EU/EEA frameworks may include GDPR and ePrivacy requirements; UK users are covered by UK GDPR and the UK Data Protection Act.

11.2 United States

  • Depending on state law, users may have rights to know, access, delete, correct, and opt out of certain data sharing or targeted advertising.
  • Applicable frameworks may include CPRA/CCPA (California), VCDPA (Virginia), CPA (Colorado), CTDPA (Connecticut), UCPA (Utah), and other emerging state laws.

11.3 Canada and Latin America

  • Rights are handled in accordance with applicable frameworks such as PIPEDA (Canada), LGPD (Brazil), and other regional rules.

11.4 Asia-Pacific and Other Regions

  • Local compliance may include APPI (Japan), PIPA (Korea), PDPA frameworks (for example Singapore and other markets), and applicable national data laws.

To exercise rights, contact support@yunfanzhiyuan.com. We may request reasonable verification to protect account security.

12. Children and Age Protections

  • Our services are not intentionally designed to collect personal data from children below the minimum age defined by applicable law without verified authorization.
  • For child-directed or mixed-audience experiences, we apply age-screening and child-protective configurations.
  • Advertising treatment for children includes restricted data processing, contextual ad controls, and disabling personalized advertising where required.
  • Compliance references may include COPPA, Google Play Families policy requirements, and Apple App Store child-safety requirements.
  • Parents or guardians may contact us to request deletion or correction of a child-related record when legally permitted.

13. Security Controls

  • Encryption in transit for data exchange channels and secure credential handling.
  • Role-based access controls and least-privilege operational practices.
  • Monitoring for unauthorized access, suspicious behavior, and abuse signals.
  • Security updates, patch management, backup controls, and incident response procedures.

14. App Store and Platform Compliance

  • Google Play: compliance with Developer Program Policies, User Data policy, Ads policy, Families policy, and Data safety disclosure obligations.
  • Apple App Store: compliance with App Store Review Guidelines, App Tracking Transparency requirements, and privacy nutrition label disclosures.
  • Additional stores: adaptation to local store standards and country-specific legal requirements.

15. Changes to This Policy

We may update this Privacy Policy due to legal, operational, product, or platform policy changes. Material updates will be posted with a revised effective date. Continued use after updates indicates acceptance, subject to applicable legal rights.

16. Data Subject Request Process

Users may submit requests to access, correct, delete, restrict, or export personal data where applicable. Requests should be sent to support@yunfanzhiyuan.com with enough detail for verification and processing.

  • Verification: We may request additional information to confirm identity and prevent unauthorized disclosure.
  • Scope Review: We determine whether obligations apply based on region, product type, and legal framework.
  • Execution: Approved requests are fulfilled within required legal timelines unless exceptions apply.
  • Recordkeeping: Request handling logs may be retained for compliance and audit purposes.

17. SDK and Partner Function Disclosure

Depending on product configuration, our applications may include third-party SDKs for analytics, crash reporting, push messaging, attribution, fraud prevention, and advertising monetization. SDK use is controlled through internal approval procedures and regional compliance requirements.

  • Analytics and diagnostics SDKs: session trends, performance metrics, error tracking, and stability analysis.
  • Attribution SDKs: campaign measurement and installation source reconciliation.
  • Advertising SDKs and mediation: ad delivery, frequency management, anti-fraud checks, and revenue reporting.
  • Security SDKs: risk scoring, abuse detection, and suspicious-behavior monitoring.

In jurisdictions requiring explicit consent, non-essential SDK processing is controlled by consent status. Users may also exercise opt-out or permission controls through platform settings where available.

18. Incident Notification and Remediation

We maintain incident response workflows for security and privacy events. When a notifiable incident is confirmed, we coordinate containment, forensic review, impact assessment, and legally required notifications to authorities, affected partners, or users.

  • Initial containment and access restriction to reduce further impact.
  • Technical investigation and timeline reconstruction.
  • Risk classification based on data category, volume, and potential harm.
  • Corrective controls, including patching, credential updates, and process hardening.

For privacy inquiries, contact support@yunfanzhiyuan.com.