DocuVerse Private Cloud Storage Privacy Agreement

Updated date of this version: January 7, 2025

Effective date of this version: January 7, 2025

Welcome to DocuVerse private cloud storage! Feitianyun Network Technology (Shenzhen) Co., Ltd. and its related parties (hereinafter referred to as Feitianyun or us) thank you for your trust in us when providing us with your personal information. Protecting the security of your personal information is our obligation, and we will provide adequate protection for the security of your personal information in accordance with laws and regulations. To this end, we have formulated the DocuVerse Private Cloud Storage Privacy Policy (hereinafter referred to as this policy) to help you fully understand how we collect, use, share, store and protect your personal information when you use our products and services. Information and how you can manage your personal information so that you can better make appropriate choices.

Before you start using our products and services, please read and understand the content of this policy carefully (especially the content marked in bold form) to ensure that you fully understand and agree before starting to use it.

In addition to this policy, in specific scenarios, we will also explain to you the purpose, scope and use of the corresponding information collection through instant notifications (including pop-ups, page prompts, etc.), function update instructions, etc. These instant notifications and Function update instructions, etc. form part of this policy and have the same effect as this policy. We will try our best to explain the professional terms involved in this policy to you in a concise and popular manner so that you can understand them easily. If you have any questions, opinions or suggestions about the content of this policy, you can contact us through the contact information at the end of Article 10 of this policy.

By agreeing to this policy, you mean that you have understood the functions provided by DocuVerse private cloud storage and the necessary personal information needed to operate the functions. When you turn on or use DocuVerse private cloud storage, we will process relevant information in order to implement the functions and services you choose to use, or to comply with legal and regulatory requirements. In addition to the information required to implement the basic functions and services of DocuVerse private cloud storage, and the information necessary in accordance with legal and regulatory requirements, you can refuse us to process other information, but this may prevent us from providing corresponding functions and services.

This policy will help you understand the following:

1. Scope of application

How we collect and use your information

3. Use of similar technologies such as cookies

4. How we store and protect your personal information

5. How do we share, transfer, and publicly disclose your personal information

6. How do you exercise your rights to manage personal information

7. How we handle personal information of minors

8. How your personal information is transferred globally

9. This policy is updated

10. Contact us

1. Scope of application

DocuVerse“ private cloud storage in this agreement refers to” the DocuVerse private cloud operating system, private cloud disk client, Feitian Cloud official website, DocuVerse private cloud storage software development kit (SDK) and application programming interface (API) for third-party websites and applications, Mini programs and other ways to access and use our products and services, as well as the products and services provided to you by new forms that emerge with the development of technology (collectively referred to as“ DocuVerse private cloud storage”)

The actual functions of DocuVerse private cloud storage and each version may differ slightly, but if each version does not have a separate privacy policy, we will collect and process your personal information in accordance with this policy. If the associated version of DocuVerse private cloud storage has a separate privacy policy, the privacy policy of the associated version will also apply. If this policy and the related version of the policy are inconsistent, the privacy policy of the related version shall apply. Some query and operation paths in DocuVerse private cloud storage and associated versions may be inconsistent, subject to actual conditions.

Except for the relevant information collection and use activities described in this policy, this policy does not apply to other services provided to you by third parties. Other services apply to the personal information collection and use rules that they separately explain to you.

How we collect and use your information

We will follow the principles of legality, legitimacy and necessity, and collect and use your personal information that you proactively provide during or arising from using DocuVerse private cloud storage, as well as obtained from third parties with your authorization, in accordance with the following purposes described in this policy, to satisfy your use of DocuVerse private cloud storage, communicate with you, and improve or optimize our products or services. As our business develops, the products or services we provide may be adjusted and changed. If we want to use your information for other purposes not specified in this policy, or use the information collected for specific purposes for other purposes, unless we have other legal basis or legitimate reasons for processing your information, we will inform you in a reasonable manner and obtain your consent again before using it. You can quickly understand the details of the personal information we collect by visiting the "DocuVerse Private Cloud Storage Personal Information Collection List".

2.1 Scenarios for collecting information

2.1.1 Registration and login

When you register and log in to DocuVerse Private Cloud Storage, you can create an account using your mobile phone number. We collect your mobile phone number to help you register and log in to DocuVerse Private Cloud Storage, protect and maintain the security of your account, and make it easier for you to retrieve your account. We will also bind the DocuVerse server or client device through the basic information you provide, and important notices about the device may be sent via mobile phone text messages. If you do not provide this information, you will not be able to register or log in to DocuVerse private cloud storage through DocuVerse's network connection service. You can choose to improve the relevant identification information (avatar, nickname) in the future. We collect this information to meet your personalized needs and enrich your account information.

You can also use a third-party account to quickly and easily register and log in to DocuVerse private cloud storage, but you need to authorize us to obtain your information on the third-party platform, including avatar, WeChat (nickname, openid), QQ (nickname, openid), and other information you authorize., used to generate a DocuVerse system account bound to the third-party account, allowing you to directly register, log in and use DocuVerse private cloud storage and related services. In some cases, we need to re-verify and bind your mobile phone number to confirm the authenticity and relevance of the third-party account.

If you have forgotten the login method for your DocuVerse private cloud storage, you can use the password recovery feature. In order to ensure the security of your account, we may need you to verify it based on any of three methods: your DocuVerse system account information, device information, and device sharer account information.

You can also log in to use DocuVerse private cloud storage through your local account. If you use DocuVerse private cloud storage through your local account, we will not collect your personal information, but in other scenarios where you need to collect your personal information, we will collect and process your personal information in accordance with this policy.

2.1.2 Discovering devices in the local area network

When you need to use the Discover Devices feature in a local area network, this service requires you to authorize local network permissions so that we can discover hardware devices equipped with DocuVerse private cloud storage system in the local area network and make it convenient for you to quickly connect. If you do not enable this permission or refuse to authorize this permission, you will not be able to use the relevant functions provided above based on local network permissions, but will not affect your use of other functions of this service.

2.1.3 Equipment status monitoring

In order to enable you to better manage your DocuVerse server or client device, we need to collect the following information: DocuVerse server or client device model, device serial number SN and MAC address, IP address and your customized device name, device system status (online/offline/dormant), device ownership role (owner/sharer), warranty expiration time (visible only to administrators), binding time, service version, system version, and running time. The purpose of collecting this information is to help you bind your device, identify your device and associate it with your account, and ensure that your account can query and manage the device you are bound to, so that you can monitor the status of the device in real time and ensure that the management rights of the device are allocated reasonably. For equipment managers, we also collect the warranty expiration time of the equipment to provide reminders of the expiration of warranty services.

2.1.4 Login history and trusted terminal management

(1) When you log in to DocuVerse private cloud storage, in order to ensure the security of your account and prevent unauthorized access, quickly identify and respond to any abnormal activities, protect your account from security threats, and improve security, we will collect the following information about your login history:

• Login time: accurate to seconds, record the specific time of each login;
• Operation record: Record your account login and account unbinding operations;
• Location information: By collecting and identifying IP addresses, we will accurately determine the geographical location when you log in to the city level;
• IP address: 4) Used to identify the location of the login network (accurate to the city level);
• Terminal type: Windows, Mac, Android, iOS, HarmonyOS, Browser, Android TV, Apple TV, Applet, AndroidTV, etc. to confirm the system platform you used when logging in;
• Access method: Identify whether you access DocuVerse private cloud storage through a web page or through another client.

(2) We allow you to set up trusted devices as trusted terminals so that you will not repeatedly require identity verification when logging in on these devices. This is designed to simplify the login process while providing a balanced security and convenience option.

• Collection of login information: To ensure the security of your account, whenever you log in to DocuVerse private cloud storage, we will record the terminal type, terminal name, login location (identified by IP address and accurate to the city level) and the last login time you use when logging in. This information helps us identify login behaviors other than you in a timely manner and take necessary security protection measures.
• Account and security: You can view your login history and trusted terminal list at any time. And have the right to remove any login terminal that you think is suspicious at your discretion. If any abnormalities are found, we recommend that you immediately update your account password and remove suspicious trust terminals to ensure account security.

The purpose of collecting information about trusted terminals is to:

• Improve account security: By tracking login history, we can effectively monitor and prevent unauthorized account access to ensure the security of your account. When the system detects any abnormal logins or security threats, we can take quick action, including notifying you and assisting you in taking further protective measures.
• Manage login terminals: Allows you to manage trust terminals, which reduces duplicate verifications on your commonly used devices, and provides a mechanism for you to easily remove any login devices that are no longer in use or suspicious.

2.1.5 Third-party storage and network disk services

In order to realize file upload and download services between DocuVerse and third-party storage and network disk services, we have integrated the online mounting functions of third-party storage and network disk services (including but not limited to SAAS network disk services such as Baidu Network Disk and OneDrive, and object storage services such as Alibaba Cloud, Huawei Cloud, Tianyi Cloud, Tencent Cloud, Jingdong Cloud, Qiniuyun, Youpai Cloud, Shenxin EDS, and XSKY EOS) into the DocuVerse system. This function is turned off by default. Only the administrator has operation rights and can decide whether to mount it according to his actual needs. If you need to use this feature, third-party SaaS-type network disk services need to first obtain your explicit authorization and consent. If you do not agree, you will not be able to use the third-party network disk services integrated in the DocuVerse system for file upload and download services. In order to ensure that you can freely move and manage files between the DocuVerse system and third-party network drives, we will request read and write permissions for files. We emphasize that this permission is only limited to ensuring that you can successfully complete the task of uploading, downloading and synchronizing files, and does not involve obtaining the specific content of the file. We will not share any of your personal information with third-party online disk service providers. You can choose whether to connect a third-party network disk to DocuVerse private cloud storage. If you choose not to access, you can still use other services and features of DocuVerse's private cloud storage.

2.1.6 Album backup

When you need to use the album backup function, you can choose to turn on device storage/photo permissions to back up the pictures, videos, etc. stored on your phone to your hardware device. If you do not enable this permission or refuse to authorize this permission, you will not be able to use the relevant functions provided above based on storage/photo permissions, but will not affect your use of other functions of this service.

2.1.7 Download files

When you need to use the download file feature, this service requires you to authorize writing to external storage so that we can download the files you store on your hardware device to your device with DocuVerse private cloud storage. If you do not enable this permission or refuse to authorize this permission, you will not be able to use the relevant functions provided above based on the permission to write to external storage, but will not affect your use of other functions of this service.

2.1.8 Document management

When you upload files, videos, or files, you can choose to turn on the Device Storage/Photo permission so that the files, videos, files, etc. stored on your phone can be backed up to your hardware device. If you do not turn on this permission or refuse to authorize this permission, you will not be able to use the above-mentioned related functions provided based on the Device Storage/Photo permission, but will not affect your use of other functions of this service.

When you create a new folder, this service collects the name of the folder you want to create and transfers it to your hardware device to create a new folder. If you do not provide the name of the new folder, this service will not be able to provide you with the function of creating a new folder, but it will not affect your use of other functions of this service.

2.1.9 Offline download

You can choose to use offline download services. During this process, we will not collect any personal information about you, but we need you to choose the download location to obtain disk read and write permissions so that you can download files to your network storage device disk through offline download.

2.1.10 Sharing Function

When you choose to share files off-site, we will collect the file name, the device ID for identity verification, control the validity period and number of accesses of the access range, and use it to display sharing links, avatars, and nicknames to the recipient for easy recognition.

Please note that non-DocuVerse network storage device users can also serve as recipients. If the file contains your personal information or sensitive personal information, please carefully consider the risks of sharing it. At the same time, if the information shared involves other people's personal information, you need to obtain their explicit consent before sharing.

During the sharing process, we will also display the extraction code (anonymized) to the recipient. DocuVerse private cloud storage provides additional security verification to ensure that only recipients who enter the correct extraction code can access the shared file.

In order to effectively control the sharing scope, we will collect the number of times the sharing link is visited, sent, and downloaded.

2.1.11 Community

When you use the community features in our software to post or reply, we may collect your IP, forum nickname (ID generation), custom avatar, and post content. This information is mainly used for our posting on your Internet. Conduct compliance review to ensure that you have a green and healthy Internet environment. If you refuse to provide this information, you will not be able to use the post and reply functions, but it will not affect your normal use of other functions of DocuVerse private cloud storage.

2.1.12 Technical support

When you contact our technical support team for assistance, we may collect the following information:

① Device information: Including the SN number of the device, system version, service version, network status (including IP address and network connection and disconnection information), operation log (including system operation information and log records generated by user operations) and client information (including your operating system type and version, software version information).

② Personal files on DocuVerse servers or client devices: Our technical support team may have access to personal files you upload to DocuVerse servers or client devices only if you authorize and provide appropriate permissions.

③DocuVerse server or client device serial number, server or client device product model, server or client device system type, client type, WeChat ID, information about the way the client accesses the server or client device (whether it is accessed through the local area network or the Internet).

The purposes we collect this information are to:

① Ensure efficient technical support services: By collecting equipment information, we can quickly locate problems and provide you with more accurate technical guidance.

② Clear definition of rights: In the initial stage, technical support personnel only require you to provide an account with ordinary user rights to obtain device information. This ensures that our access to your device is limited to the extent necessary.

③ In-depth problem diagnosis: In the face of complex technical challenges, if higher authority is needed to locate system problems, we will seek your consent and you will create and provide an administrator account to the technical support team. Only in this case can technicians have access to your personal files.

④ Help us better understand the products you use so that we can provide targeted technical support and provide corresponding solutions. The main purpose of our collection of the above information is to help users locate technical support issues and provide effective solutions. We will ensure that this information is only used to resolve technical issues you encounter while using our products and services.

2.1.13 Individual services and third-party services

DocuVerse's private cloud storage contains information or links to information content that we obtain in various legal ways, as well as other individual services that we legally operate. DocuVerse private cloud storage may contain links to third-party content or directly integrate third-party information. Based on business development needs and user experience optimization, we reserve the right to add, reduce or adjust individual service content, form and special sections included therein at any time. We will try to notify users of these changes in advance, but in some cases such changes may need to be implemented immediately.

You can enable and use the above individual service functions in DocuVerse private cloud storage. Certain individual services may require you to also accept specific agreements for the service or other rules that bind you and the service provider. You can determine the service entity that performs with you based on the agreement you signed when using the corresponding individual service or the information posted on the corresponding service. If necessary, we will provide these agreements and rules for your review in a reasonable manner. Once you start using the above services, you will be deemed to understand and accept the relevant agreements and rules governing the individual services.

In DocuVerse private cloud storage, certain services or functions may be provided independently by third parties or in cooperation with us. Such services may have their own separate user agreements, privacy policies or other binding provisions. Before choosing to use a third-party service, you need to carefully understand and evaluate the risks associated with it, and ensure that you fully read, understand and agree to all relevant agreements and regulations (if any) of the third-party service. When you choose to interact with these third-party websites or apps, you need to independently judge and evaluate the risks involved. Any dispute, damage or loss arising from the use of third-party services will need to be resolved independently with the third party. DocuVerse Private Cloud Storage is not responsible for any direct or indirect damage caused by third-party services.

It is worth noting that some third-party service providers may use the open ID associated with your account to collect and process data. The collection, storage, use and transfer of this data are the sole responsibility of the corresponding third-party service provider. DocuVerse does not participate in the processing of this data and cannot access, control or modify such data. When you choose to use third-party services, the security of your personal information and data will be governed by the terms and policies of the third-party service provider. You must choose and use them carefully.

If you have any questions about the agreement or regulations of a third-party service, we recommend that you consult legal or other professional before activating the service. When the agreements or regulations of third-party services change, DocuVerse Private Cloud Storage may not directly notify you. Therefore, we recommend that you regularly review and understand the relevant agreements and regulations of the third-party services you use to ensure your own rights and interests.

2.1.14 Operations and security

In order to maintain the normal and stable operation of relevant products or services and protect the safety and legitimate interests of you or other users or the public, we may collect the following necessary information:

① In order to ensure the safe operation of software and services, the quality and efficiency of operations, we may collect your hardware model, operating system version number, and device identifier (Android includes IMEI/MEID, AndroidID, OAID, IMSI, SIM card information (including ICCID), GAID, hardware serial number (SN), and iOS includes IDFV, IDFA; Different identifiers vary in terms of validity period, whether they can be reset by the user, and how they are obtained), network device hardware address (device MAC address), hardware serial number, IP address, WLAN access point (including SSID, BSSID), Bluetooth, base station, software version number, network access method, type, status, network quality data, operation, usage, service log data, plug-in or usage of various application functions.

② We may use your account information, device information, service log information, as well as information that our related parties and partners are authorized by you or can provide to us in accordance with the law, to determine account security, perform identity verification, identify violations and violations, detect and prevent security incidents, and take necessary recording, analysis, and disposal measures in accordance with the law.

③ We may collect failure logs when abnormal failures occur in DocuVerse private cloud storage to analyze and assist you in troubleshooting and resolving these exceptions and failures.

④ We will not collect data you store in photos, files and other functions in the DocuVerse private cloud storage system.

2.1.15 Self-start or associated start instructions

① Push related: In order to ensure that the application can normally receive broadcast information pushed by the client when it is closed or running in the background, the application must use the (self-start) capability. There will be a certain frequency to send broadcast wake-ups through the system. The self-start or association activation behavior is necessary to implement functions and services; when you open a content-type push message, after obtaining your explicit consent, the relevant content will be jumped to open. Without your consent, there will be no connection activation.

② Upload related: When you upload files within this application (such as album synchronization, ordinary file upload), handle the HTTP connection according to the upload status and monitor status changes in the connection and system restart to ensure the smooth completion of each upload task, especially when the user switches between different applications, the upload needs to continue in the background (a background process may start itself), and when the upload task is successfully completed and there are relevant notifications and interface displays.

③ Download-related: When you download files within this application (such as in-application version update prompts, ordinary file downloads), handle the HTTP connection according to the download status and monitor status changes in the connection and system restart to ensure the smooth completion of each download task. Especially when the user switches between different applications, the download needs to continue in the background (a background process may self-start), and when the download task is successfully completed with relevant notices and interface displays.

④ Widgets: This application supports the desktop widget function. The widget function needs to monitor and receive system broadcasts (android.media.AUDIO_BECOMING_NOISY, android.intent.action.MEDIA_BUTTON, mainly used in music players). This broadcast is the system refreshes the desktop widget broadcast, and whether or not refreshes is executed by the system; if you use the desktop widget function of this application, this application must use the self-start ability to wake up the desktop widget related services of this application by receiving system broadcasts (including but not limited to updates of widget data)

2.2 Handle personal information in accordance with the law

In accordance with relevant laws, regulations and national standards, we may process your personal information in accordance with the following circumstances:

(1)Get your consent;

(2)necessary to conclude and perform the contract at your request;

(3)necessary information necessary to perform legal obligations, such as anti-money laundering, anti-terrorist financing, anti-telecommunications network fraud, real-name management and other relevant laws and regulations;

(4)Directly related to national security and national defense security;

(5)It is necessary to respond to public health emergencies, or to protect the life, health and property safety of natural persons in emergencies;

(6)Directly related to criminal investigation, prosecution, trial and execution of judgments;

(7)The personal information collected is disclosed by you yourself;

(8)Personal information collected from legally publicly disclosed information, such as legitimate news reports, government information disclosure and other channels;

(9)It is necessary to maintain the safe and stable operation of the services provided, such as: discovering and disposing of product or service failures;

(10)Other circumstances stipulated by laws and regulations.

It should be noted that when the processing of your personal information falls under the above-mentioned circumstances (2) to (10), we may comply with the requirements of applicable laws and regulations without requiring your consent.

2.3 apply permissions

In order to provide services to you, DocuVerse private cloud storage may need to apply to you for appropriate permissions to the extent necessary. Please rest assured that DocuVerse Private Cloud Storage will not enable these permissions by default. Only if you proactively confirm the activation, DocuVerse Private Cloud Storage will collect your information through these permissions and only use them in the necessary scenarios explained to you. It should be noted that just because DocuVerse Private Cloud Storage obtains a specific permission does not mean that DocuVerse Private Cloud Storage will inevitably collect relevant information about you; even if you have confirmed that you have enabled permissions to DocuVerse Private Cloud Storage, DocuVerse Private Cloud Storage will only collect relevant information about you to the extent that it is legal, legitimate and necessary. If you choose not to enable permissions, this may prevent you from using specific features related to this permissions, but it will not affect your use of other services provided by DocuVerse private cloud storage. For details such as permission descriptions and usage scenarios, please refer to the "DocuVerse Private Cloud Storage Permission Application and Usage Instructions".

3. Use of similar technologies such as cookies

Similar technologies such as cookies and device information identification are commonly used technologies on the Internet. When you use DocuVerse private cloud storage and related services, we may use relevant technology to send one or more cookies or anonymous identifiers to your device to collect and identify information when you visit and use this product. We promise not to use cookies for any other purpose than those described in this policy. We use cookies and similar technologies mainly to make it easier for you to use our products and services, ensure the safety and efficient operation of products and services, improve login and response speeds, and help you get a more relaxed access experience. If you use the web version of DocuVerse private cloud storage, most browsers provide users with the ability to clear browser cached data. You can operate to clear Cookie data in your browser settings, but after clearing, you may not be able to use the functions or services provided by us that rely on cookies.

4. How we store and protect your personal information

4.1 shelf life

While you use this service, we will retain your personal information for the period necessary to achieve the purposes described in this policy (unless the retention period needs to be extended as required or permitted by law). If you need to delete personal information, you can contact us through the contact information in Article 12 of this policy. In addition, unless clearly stipulated by laws and regulations, we will delete or anonymize your personal information after the above personal information retention period is exceeded.

The criteria used to determine our retention period are as follows:

(1)the period for which we continue to maintain a relationship with you and provide you with DocuVerse private cloud storage products and services (e.g., the period during which you have a DocuVerse private cloud storage account or continue to use DocuVerse private cloud storage products);

(2)Whether the account owner modifies or whether its user deletes information through its account;

(3)whether we have a legal obligation to retain data (for example, some laws require us to retain your transaction records for a certain period of time before they can be deleted); or

(4)Whether reservations are recommended from our legal standpoint (e.g., in connection with the enforcement of our agreements, dispute resolution, applicable limitations, litigation, or regulatory investigations).

4.2 security measures

We attach great importance to your information security and are committed to not only adhering to current information security standards, but also working to ensure that our security measures are at the forefront of the industry. To ensure the security of your data, we have adopted a series of advanced security technologies, including but not limited to encrypted transmission, secure storage, firewall protection, and regular security vulnerability scanning. In addition to these technical means, we have also implemented a supporting management system to enhance information security, and all data processing and storage processes have been strictly reviewed and improved. We fully realize that no system can be completely invulnerable, so we are constantly committed to identifying and managing possible risks and taking preventive measures to reduce the risk of leakage, destruction, misuse, unauthorized access, unauthorized disclosure, and alteration of your information. If a security incident unfortunately occurs, we have clear processes and response mechanisms to deal with these issues, including promptly notifying affected users, fixing security vulnerabilities, and taking measures to prevent similar incidents in the future.

(1)We will collect and use your information in accordance with industry mature security standards and regulations, and inform you of the purpose and scope of use of relevant information through user agreements and privacy policies.

(2)The personal information we collect from you is encrypted and stored by using encryption technology, and is isolated through isolation technology.

(3)When using personal information, such as personal information display and personal information correlation calculation, we will use a variety of data desensitization technologies including content replacement, encryption desensitization and other data desensitization to enhance the security of personal information in use.

(4)Establish strict data use and access systems, adopt strict data access rights control to protect personal information, and avoid data being used in violation of regulations. We will authenticate and control employees authorized to access personal information, and sign confidentiality agreements with them to ensure that only authorized personnel can access personal information.

The Internet is not an absolutely safe environment. Even if we do our best to strengthen security protection measures, it is impossible to always ensure the absolute security of information. Please understand that when you use our products and services, there may be malicious attacks and security issues beyond our control.

4.3 you for your cooperation

Although we have taken the above-mentioned reasonable and effective measures and have complied with the standards required by relevant laws and regulations, we still cannot guarantee the security of your personal information when communicated through unsafe channels. Therefore, you should take active measures to ensure the security of your personal information, such as setting complex passwords, regularly changing account passwords, not disclosing your account password information to others, and helping us ensure the security of your account and personal information.

4.4 Information security incident handling

We will formulate an emergency plan for cybersecurity incidents. After an unfortunate personal information security incident occurs, we will immediately initiate the emergency plan, convene members of the emergency cybersecurity emergency team, trace the cause in the shortest possible time, reduce losses, and report to the corresponding authorities in accordance with regulations. Report. At the same time, in accordance with the requirements of laws and regulations, we will promptly inform you of the basic situation and possible impact of the security incident, and the handling measures we have taken or will take through the contact information you reserve such as platform notices, SMS notices, telephone or email., suggestions for you to prevent and reduce risks independently, remedial measures for you, etc. When it is difficult to inform one by one, we will issue an announcement in a reasonable and effective manner.

5. How do we share, transfer, and publicly disclose your personal information

5.1 Application Program Interface (API) and Software Tool Development Kit (SDK)

In order to ensure the safe and stable operation of our products and services or realize related functions, DocuVerse private cloud storage includes software tool development kits (SDKs) and application programming interfaces (APIs). For example, when you use products and services supported by such SDKs/APIs, this third-party SDK/API may collect and process your personal information. We will conduct security testing and evaluation of third-party SDKs/APIs and strictly comply with relevant laws, regulations and regulatory requirements to protect data security. In order to ensure the security of your information to the greatest extent, we strongly recommend that you review and fully understand the privacy terms of the third-party SDK /API before using any third-party SDK/API services. The third party will be responsible for your personal information in accordance with its privacy terms and personal information protection policies. Independent obligations and responsibilities. This policy does not apply to products or services used by third parties that you actively log in or trigger a jump to, and we are not responsible for how third-party products or services collect, use, and process your personal information. If you find these When the SDK/API is at risk, it is recommended that you immediately terminate the relevant operation and contact us in a timely manner. We list the relevant partners we access in the catalog as follows:

5.2 shared

We will not share your personal information with any company, organization or individual other than DocuVerse or related parties, except in the following circumstances:

(1)Have obtained express authorization or consent from you or your guardian;

(2)Judicial or administrative authorities require us to disclose based on legal procedures;

(3)When filing a lawsuit or arbitration against a user in order to protect his or her legitimate rights and interests;

(4)In accordance with the relevant service agreement, usage rules, etc. between you and DocuVerse;

(5)To the extent permitted by laws and regulations, in order to protect DocuVerse and its affiliates, users of this service, and public interests from harm;

(6)Comply with relevant agreements between you and other third parties;

(7)Used based on academic research.

5.3 transfer

We will not transfer your personal information to any company, organization or individual other than related parties, except in the following circumstances:

(1)Obtain your express authorization or consent in advance;

(2)Meet the requirements of laws, regulations, legal procedures, or mandatory government requirements or judicial rulings;

(3)If we or our related parties are involved in transactions such as mergers, divisions, liquidation, acquisition or sale of assets or businesses, your personal information may be transferred as part of such transactions. We will ensure the confidentiality of the information when transferred., and do our best to ensure that new companies or organizations that hold your personal information continue to be bound by this privacy policy, otherwise we will require the company or organization to seek authorization and consent from you again.

5.4 public disclosure

We will only publicly disclose your personal information under the following circumstances:

(1)Obtaining your express consent;

(2)Based on laws and regulations, legal procedures, litigation or mandatory requirements of government authorities.

5.5 Exceptions to obtaining prior authorization and consent when sharing, transferring, and publicly disclosing personal information

In the following circumstances, the sharing, transfer, and public disclosure of personal information does not require prior authorization and consent from the personal information subject:

(1)Directly related to national security and national defense security;

(2)Directly related to public safety, public health, and major public interests;

(3)Directly related to criminal investigation, prosecution, trial, execution of judgments, etc.;

(4)To protect the life, property and other important legitimate rights and interests of the personal information subject or other individuals, but it is difficult to obtain the consent of the person;

(5)Personal information that the personal information subject discloses to the public on his own;

(6)Collecting personal information from legally publicly disclosed information, such as legitimate news reports, government information disclosure and other channels.

6. How do you exercise your rights to manage personal information

In accordance with relevant laws, regulations, and standards, we guarantee that you exercise the following rights with regard to your personal information:

6.1 Query your personal information

① Mobile client path: My-click on nickname-personal information (you can check avatar, nickname, desensitized mobile phone number, identity, and WeChat binding status)

②PC path: Click on avatar (you can query avatar, nickname, and desensitized mobile phone number)

③ Path to the Mini programs: Click on the User Center (you can query avatar, nickname, mobile phone number, and identity)

For information that cannot be inquired through the above channels, you can contact us at any time through the contact information in Article 12 of this policy. We will reply to your inquiry request within 15 working days after verifying your identity information.

6.2 Correct your personal account information

① Mobile client path: My-click nickname-personal information (editable avatar and nickname)

② Mobile client path: My-Application Settings-Account and Security-Mobile phone number (changeable mobile phone number)/Change password (changeable password)/Mailbox (binding/unbinding/changing mailbox);

③PC path: Click on avatar (you can edit avatar and nickname)

For information that cannot be corrected through the above methods, you can contact us at any time through the contact information in Article 12 of this policy. We will reply to your correction request within 15 working days after verifying your identity information.

6.3 Change the scope of your authorization or withdraw your authorization

① Change the path to apply for relevant rights and use authorization scope: My-About Us-Privacy Management-System Rights Management.

② The path for mobile clients to change privacy policy authorization: My-About Us-Privacy Management-Privacy Policy.

When you withdraw your consent, we will no longer process the corresponding personal information. However, your decision to withdraw consent will not affect the previous processing of personal information based on your authorization. If you encounter operational problems during this process, you can contact us at any time through the contact information in Article 12 of this policy.

6.1 delete your personal information

You can delete it yourself by:

Path to delete device information:

① Path 1: My-my equipment-equipment information;

② Path 2: My-My Device-Device Settings.

If we process your personal information in violation of laws and regulations, or we collect and use your personal information without your consent, or you no longer use our products or services and log out of your account, you need to delete your personal information. You can contact us at any time to request the deletion of your personal information, and we will respond to your deletion request within 15 working days. When your information is deleted, we will no longer use the data, but we may not be able to delete it immediately in order to adapt to necessary relevant legal and policy requirements, or to ensure the integrity of the data necessary for the normal operation of the service. Store or backup the data within a period of time, but delete the data in a timely manner after that period.

6.5 Cancel your account

You have the right to cancel your account registered with the DocuVerse system (not applicable under privatization deployment method). You can operate online through the following methods:

Application email: docuverse@fetiyun.com

6.6 Personal information subject obtains a copy of personal information

You have the right to obtain a copy of your personal information, and you can apply for action through the following methods (not applicable under the privatization deployment method):

Application email: docuverse@fetiyun.com

6.7 Automatic decision-making in constrained information systems

In some business functions, we may make decisions based solely on non-manual automatic decision-making mechanisms including information systems, algorithms, etc. If these decisions significantly affect your legitimate rights and interests, you have the right to ask us for an explanation or correction, and we will also provide appropriate remedies. You can contact us at docuverse@fetiyun.com.

6.8 Respond to your above request

To ensure security, you may need to provide a written request or otherwise prove your identity. We may ask you to verify your identity before processing your request. We will respond within 15 working days.

In principle, we will not charge any fees for your reasonable requests. We may refuse requests that are unreasonably repetitive, require excessive technical means (e.g., require the development of a new system or fundamentally change existing practices), pose a risk to the legitimate rights of others, or are highly impractical (e.g., involve information stored on backup tapes).

In the following circumstances, we will not be able to respond to your request as required by laws and regulations:

① Related to the personal information controller's performance of obligations stipulated in laws and regulations;

② Those directly related to national security and national defense security;

③ Those directly related to public safety, public health, and major public interests;

④ Those directly related to criminal investigation, prosecution, trial and execution of judgments;

③ The personal information controller has sufficient evidence that the personal information subject has subjective malice or abuse of rights;

④ To protect the life, property and other important legitimate rights and interests of the personal information subject or other individuals, but it is difficult to obtain the consent of the person;

④ Responding to the request of the personal information subject will cause serious damage to the legitimate rights and interests of the personal information subject or other individuals or organizations;

③ involving trade secrets.

This policy does not, and is not intended to, create, extend, or modify any rights of data subjects and consumers or obligations of DocuVerse, unless otherwise provided by applicable data privacy laws.

7. How we handle personal information of minors

We mainly provide products and services to adults. If you are a minor according to the laws of your country or region, we require you to ask your parents or other guardians to carefully read this policy and use our services or provide us with information with your parents or other guardians 'consent.

We attach great importance to the protection of personal information of minors. If you are the parent or other guardian of a child, please pay attention to whether the child is using our services after obtaining your authorization and consent. If you have questions about children's personal information, please contact our dedicated personal information protection department. If you are a minor according to relevant local laws and regulations, you must read this policy accompanied by your guardian before using this product/service, and ensure that you have obtained the explicit consent of your guardian before using this product and provide us with your personal information. For the collection of personal information from minors using our products or services with the consent of the guardian, we will only use or disclose this information if permitted by laws and regulations, the guardian has expressed the consent, or if necessary to protect the minor. If the guardian has reason to believe that we have collected personal information from minors without the guardian's consent, please contact us at docuverse@fetiyun.com, and we will delete the relevant data as soon as possible at your request.

8. How your personal information is stored and transferred globally

Feitianyun is a global company headquartered in Shenzhen, China. Feitianyun and its related parties provide products or services through resources and servers around the world. This means that if the requirements of laws and regulations are met, your personal information may be transferred to, or accessed from, overseas jurisdictions in the country/region where you use your products or services.

In order to provide you with the global DocuVerse system account service (i.e., global unified account), we will transfer your personal information from your account registration country (home country) to DocuVerse related parties in other countries/regions on the basis of minimum adequacy.

After you register, we will transfer the hash value and home country/region of your account to the the mainland of China node. When you initiate a login request from any country/region in the world, we will determine your home country/region through the the mainland of China node, so as to match the server where your account belongs. This is needed for us to provide you with global DocuVerse system account global services. This will allow you to access your DocuVerse system account conveniently and efficiently from any country/region in the world. To find your server or client device.

9. This policy is updated

We may make changes to this policy as appropriate. We will not reduce your rights under this policy without your express consent. We will post any changes to this policy on this page. For major changes, we will notify you in one or more forms such as push notifications, pop-ups, and email, and obtain your consent again.

The major changes referred to in this policy include but are not limited to:

• Our service model has undergone major changes. Such as the purpose of processing personal information, the types of personal information processed, the use of personal information, etc.;
• We have undergone major changes in our ownership structure, organizational structure, etc. Such as changes in owners caused by business adjustments, bankruptcy mergers, etc.;
• Changes in the main objects of personal information sharing, transfer or public disclosure;
• There have been significant changes in your rights and forms to participate in the processing of personal information;
• When changes occur to our responsible department responsible for handling personal information security, contact methods and complaint channels;
• When the personal information security impact assessment report indicates that there is a high risk.

After we update this policy, if you click Agree and continue to use this service, it means that you agree to the content of this policy (including the updated version) and agree that we collect, use, store, disclose and transfer your relevant information in accordance with this policy.

10. Contact us

10.1 contact information

If you have any questions, comments or suggestions about this policy or our services, you can contact us through the following methods.

(1)Contact us through Feitianyun's official website;

(2)Email: docuverse@fetiyun.com

(3)Mail sent:

• Address: A715, Niulanqian Building, Minye Avenue, Longhua District, Shenzhen City, Guangdong Province
• Tel: 0755-81470011
• Postal code: 518131

(4)Telephone number and service time:

• (the mainland of China) 0755-81470011
• Monday to Saturday (09:00-22:00)

10.2 other explanatory

In order to ensure that we can efficiently handle your questions and provide you with timely feedback, we may require you to submit identification, valid contact information, written request and relevant evidence. We will process your request within 15 working days after verifying your identity.