Privacy Policy
Updated on: June 20, 2024
Effective Date: June 27 , 2024
As the operational provider of VitalWave:Heart Rate Monitor APP and services, Expand Finger Pte. Ltd. (hereinafter referred to as "us") attaches great importance to the protection of your personal information. We will protect your personal information and privacy security in accordance with laws and regulations. We have established this privacy policy and would like to remind you of the following information in order to make appropriate choices:
(1) This privacy policy specifies the ways in which we process your personal information during various stages such as downloading, installing, opening, browsing, using, and logging out of the VitalWave:Heart Rate Monitor App (hereinafter referred to as "using"). We promise to take corresponding security measures to protect your personal information in accordance with universally applicable security standards in the industry.
(2) It should be noted that this privacy policy only applies to the VitalWave:Heart Rate Monitor app and services we provide. This privacy policy does not apply to the services provided to you by other third parties (including other companies or institutions that provide advertising services in our services, redirecting links to third-party entities, etc.). Before choosing to use third-party services, you should fully understand the product features and privacy protection policies of third-party services, Then choose whether to use the corresponding function or service.
(3) Before using our products and services, please carefully read and fully understand this policy, and focus on italicized and bold font. We have the right to modify and update this policy from time to time. Please keep an eye out for the latest version of this policy. If you do not agree or accept the terms of this policy, please stop using the products and services we provide. If you continue to use this software after the date of change in the terms of this agreement, we will consider your use to be acceptance and compliance with the updated terms.
(4) In addition to this privacy policy, in specific scenarios, we will also explain to you the purpose, scope, and usage of corresponding information collection through instant notifications (including pop-up windows, page prompts, etc.) and function update instructions. These instant notifications and function update instructions form a part of this privacy policy and have the same effect as this privacy policy.
The following will help you gain a detailed understanding of how we collect, use, store, transfer (if applicable), and protect your personal information.
How do we collect and use personal information
How do we delegate, jointly process, transfer, and disclose personal information
How do we store and protect personal information
Manage your personal information
Minors clause
Revision and Notification of Privacy Policy
Contact Us
Others
How do we collect and use personal information
1.1 During your use of our products and services, we will collect personal information that you voluntarily provided or authorized to provide during registration and use of this service, as well as personal information generated during your use of this service, in accordance with the following purposes and methods:
1.1.1 Customer service functions
When you contact our customer service or use other user response functions (such as in sales after-sales applications, personal information protection complaints or suggestions, complaints or demands), we will collect and use your contact information, your communication/call records and content with us, as well as other necessary information related to your needs. We collect this information to verify your identity Convenient to contact you in a timely manner in the later stage and help solve problems, as well as to record the handling plans and results of related issues.
1.1.2 Operation and Safety Assurance
(1) To ensure the safe operation, quality, and efficiency of software and services, as well as to improve and optimize our service experience, we will collect your device model, operating system, unique device identifier (such as Android ID/OAID on Android and IDFA before iOS 14.5 on iOS), battery, signal strength, configuration information, login IP address, and version and device unique identifier used on mobile devices; The information you search or browse when using our services, including the web search terms you use, the URL address of the social media page you visit, the duration of stay, refresh records, publish records, follow, subscribe, bookmark, share, and other information and content details you browse or request when using our services; Information about the mobile apps and other software you have used, as well as the information (metadata) contained in the content you share through our services, such as the date, time, or location of shared photos or videos taken or uploaded.
(2) To prevent viruses, trojans, or other malicious programs or websites, we may collect application information (such as version, language, source, etc.), process information, overall operation, usage and frequency, application crashes, and performance data installed on your device.
(3) We may use your account information, device information, service log information, as well as information that our affiliates and partners are authorized by you or can provide in accordance with the law, to determine account and transaction security, conduct identity verification, identify violations, detect and prevent security incidents, and take necessary recording, analysis, and disposal measures in accordance with the law.
1.2 In addition to the above content, we will also apply to you for the necessary access permissions to activate a specific service before it can be activated
(1) When you use the "Measure Heart Rate" function, we will request your authorization to take photos with the camera.
(2) When you use the alarm function, we will request your authorization to notify.
1.3 Exceptions to obtaining authorized consent
Please understand that in the following situations, according to laws, regulations, and relevant national standards, we do not need to obtain your authorization and consent to collect and use your personal information:
(1) Related to our obligations under laws and regulations;
(2) Directly related to national security and national defense security;
(3) Directly related to public safety, public health, and major public interests;
(4) Directly related to criminal investigation, prosecution, trial, and execution of judgments;
(5) For the purpose of safeguarding the significant legitimate rights and interests of personal information subjects or other individuals, such as life and property, but it is difficult to obtain personal consent;
(6) The personal information collected is publicly available to the public on your own;
(7) Collect your personal information from legally disclosed information, such as legitimate news reports, government information disclosure, and other channels;
(8) Necessary for signing or fulfilling the contract according to your requirements;
(9) Necessary for maintaining the safe and stable operation of software and related services, such as discovering and handling faults in software and related services;
(10) Necessary for legitimate news reporting;
(11) Academic research institutions conduct statistical or academic research based on the public interest, and when providing academic research or descriptive results to the public, de label the personal information contained in the results;
(12) Other situations stipulated by laws and regulations.
How do we delegate, jointly process, transfer, and disclose personal information
2.1 Partners involved in data processing
2.1.1 Principles
(1) Principle of legality: If data usage activities are involved in the process of cooperation with partners, they must have a legitimate purpose and comply with the legal basis of legality. If the partner's use of information no longer complies with the principle of legality, they should no longer use your personal information or use it after obtaining the corresponding legal basis.
(2) The principle of legitimacy and minimum necessity: The use of data must have a legitimate purpose and be limited to the necessity of achieving the purpose.
(3) The principle of safety and prudence: We will carefully evaluate the purpose of partners' use of data, conduct a comprehensive evaluation of their security capabilities, and require them to comply with the cooperation legal agreement. We will strictly monitor the security of software tool development kits (SDKs) and application program interfaces (APIs) used by our partners to obtain information, in order to protect data security.
2.1.2 Entrusted processing
For scenarios where personal information is entrusted for processing, we will sign relevant processing agreements with the entrusted partner in accordance with legal provisions and supervise their personal information usage activities.
2.1.3 Joint processing
For the scenario of jointly processing personal information, we will sign relevant agreements with our partners in accordance with legal provisions and agree on their respective rights and obligations to ensure compliance with legal provisions and protect data security during the use of relevant personal information.
2.1.4 Scope of partners
(1) Our services may access or link to social media or other services provided by third parties (including websites or other forms of services). If the specific functions and scenarios involve services provided by our affiliates or third parties, the scope of cooperation includes our affiliates and third parties. Including:
A. You can use the "Share" button to share some of our service content with third-party services, or you can share third-party service content with our services. These functions will collect your information (including your log information) to run the above functions normally;
B. We provide you with links through advertising or other means of our services, so that you can link to third-party services or websites;
C. Other situations of accessing third-party services. For example, in order to achieve the purposes stated in this policy, we may access SDKs or other similar applications provided by third-party service providers and share some of your information we have collected in accordance with this policy with such third-party service providers in order to provide better customer service and user experience. At present, the third-party service providers we access mainly include the following types:
a. Used for advertising related services, including advertising display, advertising data monitoring/statistics, etc;
b. Used for message push functions, including mobile phone manufacturer push push, specific event reminders, personalized content recommendations, etc;
c. Used for payment related services, including order payment, transaction behavior verification, revenue settlement, payment information summary and statistics, etc;
d. Used to obtain device location permissions, collect device information and log information with your consent;
e. Used for third-party authorization services, including logging in to third-party accounts, sharing relevant content with third-party products, etc;
f. Used to support product functional modules, including online live streaming, video playback, voice recognition, AR, intelligent customer service, barrage playback, content storage, etc;
g. Used to optimize product performance, including improving hardware distribution capabilities, reducing server costs, and functional hot fixes;
h. Used for account security, product reinforcement related services, including network monitoring, domain name resolution (HTTPDNS), anti hijacking, anti spam, anti cheating, encryption and decryption services, etc.a. Used for advertising related services, including advertising display, advertising data monitoring/statistics, etc;
b. Used for message push functions, including mobile phone manufacturer push push, specific event reminders, personalized content recommendations, etc;
c. Used for payment related services, including order payment, transaction behavior verification, revenue settlement, payment information summary and statistics, etc;
d. Used to obtain device location permissions, collect device information and log information with your consent;
e. Used for third-party authorization services, including logging in to third-party accounts, sharing relevant content with third-party products, etc;
f. Used to support product functional modules, including online live streaming, video playback, voice recognition, AR, intelligent customer service, barrage playback, content storage, etc;
g. Used to optimize product performance, including improving hardware distribution capabilities, reducing server costs, and functional hot fixes;
h. Used for account security, product reinforcement related services, including network monitoring, domain name resolution (HTTPDNS), anti hijacking, anti spam, anti cheating, encryption and decryption services, etc.
(2) Some third-party SDKs or similar applications we connect to will collect your personal information based on the product features triggered by you. If you use such third-party services in our services, you agree that they will directly collect and process your information. We will evaluate the legality, legitimacy, and necessity of collecting personal information through such third-party services, and require such third-party services to take protective measures against your personal information and strictly comply with relevant laws, regulations, and regulatory requirements.
The above third-party social media or other services are operated by relevant third parties. Your use of such third-party social media services or other services (including any information you provide to such third-party) is subject to the third-party's own service terms and information protection statements (rather than this policy), and you need to carefully read their terms. This policy only applies to the personal information we collect and does not apply to any third-party services or information usage rules. If you find that these third-party social media or other services pose risks, we suggest that you terminate the relevant operations to protect your legitimate rights and interests and contact us in a timely manner.
2.2 Transfer
With the continuous development of our business, we may engage in mergers, acquisitions, asset transfers, and your personal information may be transferred as a result. When the aforementioned changes occur, we will continue to protect or require the recipient of personal information to continue protecting your personal information in accordance with laws and regulations and security standards no lower than those required by this privacy policy. Otherwise, we will require the recipient to obtain your authorization and consent again.
2.3 Publicity
We will not disclose your information unless we comply with national laws and regulations or obtain your consent. We will adopt security measures that comply with industry standards when disclosing your personal information.
2.4 Exemption from Consent to Provide and Publish Personal Information in accordance with the Law
Please understand that in the following situations, according to laws, regulations, and national standards, we do not need to obtain your authorized consent to provide or disclose your personal information to our partners or third parties:
(1) Necessary for the conclusion and performance of contracts to which you are a party, or for the implementation of human resource management in accordance with labor regulations and collective contracts established in accordance with the law;
(2) Necessary for fulfilling legal duties or obligations;
(3) Directly related to national security and national defense security;
(4) Necessary for responding to sudden public health emergencies or in emergency situations to protect the life, health, and property safety of natural persons;
(5) Directly related to criminal investigation, prosecution, trial, and execution of judgments;
(6) Implementing news reporting, public opinion supervision, and other behaviors for the public interest, and processing personal information within a reasonable range;
(7) Personal information that you disclose to the public on your own;
(8) Collecting personal information from legally disclosed information, such as legitimate news reports, government information disclosure, and other channels;
(9) Other situations stipulated by laws and administrative regulations.
How do we store and protect personal information
3.1 Storage location
We store your personal information collected and generated during domestic operations within the territory of the People's Republic of China in accordance with laws and regulations. At present, we will not transmit your personal information overseas. If we transmit it overseas, we will comply with relevant national regulations or seek your consent.
3.2 Storage period
3.2.1 During your use of this service, we will continue to store your personal information for a period not exceeding the period necessary to provide you with the service. If we cease to operate this service, we will delete or anonymize your personal information within a reasonable period of time in accordance with applicable laws. After you terminate the use of this service or close the corresponding authorization, we will delete or anonymize your information, except for the following situations:
(1) Comply with the requirements of laws and regulations regarding information retention (such as the Electronic Commerce Law of the People's Republic of China requiring the retention of goods and service information and transaction information for no less than three years from the date of transaction completion; the Cybersecurity Law requiring the retention of relevant network logs for no less than six months in accordance with regulations).
(2) For financial, auditing, dispute resolution, and other purposes, it is necessary to extend the deadline reasonably.
3.3 Data security protection measures
3.3.1 We have used security measures that comply with industry standards to protect the personal information you provide from unauthorized access, public disclosure, use, modification, damage, or loss. We guarantee to adopt strict data processing permission control, ensuring that only authorized personnel can access personal information to avoid unauthorized use of data. At the same time, we use widely used encryption technology in the industry to encrypt and save your personal information, and isolate it through data isolation technology. We always implement these technical measures and organizational management methods, and may revise and improve them from time to time to enhance the overall security of the system.
Although the above reasonable and effective measures have been taken and the standards required by relevant laws and regulations have been complied with, please understand that the Internet is not an absolutely secure environment, and email, instant messaging, and communication with other users are not encrypted. We strongly recommend that you do not send personal information through such means. Please use complex passwords to assist us in ensuring the security of your account.
3.3.3 When an event endangers network security occurs, we will take corresponding remedial measures in a timely manner in accordance with the network security emergency plan. If our physical facilities or technical protection measures are damaged, resulting in the leakage, illegal provision, or abuse of your personal information, causing damage to your legitimate rights and interests, we will strictly assume corresponding responsibilities in accordance with the provisions of the law.
3.3.4 After we learn of a personal information security incident in which your personal information was unfortunately leaked, illegally provided, or abused, we will promptly inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, suggestions for you to independently prevent and reduce risks, and remedial measures for you. We will inform you of the relevant situation of the event through push notifications. When it is difficult to inform individual information subjects one by one, we will take reasonable and effective measures to publish the announcement. At the same time, we will also report the handling of personal information security incidents in accordance with regulatory requirements.
Manage your personal information
We attach great importance to your management of personal information and do our best to protect your rights to access, correct, copy, delete, withdraw consent, and cancel your account, so that you have the ability to protect your privacy and information security.
The management paths we provide in different versions or operating systems may vary, please refer to the actual ones.
We do not charge any fees for your reasonable requests in principle, but for requests that are repeated multiple times and exceed reasonable limits, we will charge a certain cost according to the situation. We may refuse requests that are unfounded, require excessive technical means (such as developing new systems or fundamentally changing existing practices), pose risks to the legitimate rights and interests of others, or are highly impractical (such as involving information stored on backup tapes).
In addition, in the following situations, according to legal and regulatory requirements, we may not be able to respond to your request:
(1) Directly related to national security and national defense security;
(2) Directly related to public safety, public health, and major public interests;
(3) Directly related to criminal investigation, prosecution, trial, and execution of judgments;
(4) We have sufficient evidence to indicate that you have subjective malice or abuse of rights (such as your request endangering public safety and the legitimate rights and interests of others, or your request exceeding the scope of general technical means and commercial costs);
(5) Responding to a request from a personal information subject will cause serious damage to the legitimate rights and interests of you or other individuals or organizations;
(6) Involving trade secrets;
(7) Situations where laws and administrative regulations provide otherwise.
4.1 Personal information protection for deceased users
After the death of a user (limited to natural persons only), their close relatives may, for their legitimate and legitimate interests, exercise the right to access, copy, correct, delete, and other related personal information of the deceased user through the contact information disclosed in this policy, unless otherwise arranged before the death of the deceased user.
Please understand and confirm that in order to fully protect the personal information rights and interests of deceased users, close relatives of deceased users who apply to exercise this right need to submit their identification documents, death proof documents, applicant's identity proof documents, and proof of kinship between the applicant and the deceased user according to our designated process or customer service prompts, and provide the types and purposes of the rights applied to exercise.
Minors clause
5.1 Our products and services are mainly aimed at adults. If you are a minor under the age of 18, you should read and agree to this privacy policy under the supervision and guidance of your parents or other guardians before using this service.
5.2 If you are the guardian of a minor, if you have any questions about the personal information of the minor you are monitoring, please contact us through the contact information disclosed in this privacy policy.
5.3 If we find that we have collected personal information of minors without the consent of our guardians, we will try to delete the relevant information of minors as soon as possible.
Revision and Notification of Privacy Policy
6.1 In order to provide you with better services, this service will be updated and changed from time to time. We will revise this privacy policy from time to time, which constitutes a part of this privacy policy and has the same effect as this privacy policy. Without your explicit consent, we will not reduce your rights under the current effective privacy policy.
6.2 After updating this privacy policy, we will issue an updated version and remind you of the updated content through appropriate means before the updated terms come into effect, so that you can keep up with the latest version of this privacy policy in a timely manner. If you continue to use this service after the update of this privacy policy, it is deemed that you have accepted the updated privacy policy.
Contact Us
7.1 For any questions, opinions or requests related to this privacy policy, you can contact us by sending an email to [expandfinger@gmail.com]. Generally, we will reply within fifteen working days after receiving your relevant contact information and verifying your identity.
7.2 For your reasonable requests, we will not charge any fees in principle, but for repeated or unreasonable requests, we will charge a certain fee as appropriate. We may refuse requests for information that is not directly related to your identity, unfounded duplicate information, or requires excessive technical means (such as developing new systems or fundamentally changing current practices), poses risks to the legitimate rights and interests of others, or is unrealistic.
Others
8.1 This privacy policy is only applicable to your use of this service in Chinese Mainland (only for the purpose of this clause, excluding Hong Kong, Macao and Taiwan). This privacy policy may exist in multiple language versions. If there is any inconsistency or conflict between the terms of each language version, the simplified Chinese version of this privacy policy shall prevail.
8.2 This privacy policy shall be signed and come into effect on the date of your authorization and consent to use this product and service. The formulation, performance, interpretation, and dispute resolution of this policy shall be governed by the laws of the People's Republic of China and shall exclude the application of all other conflict laws. If any disputes arise between the parties regarding the content or implementation of this policy (including but not limited to contractual or other property rights disputes), both parties shall resolve them through friendly consultation; If consultation fails, both parties agree to submit it to the jurisdiction of the people's court and handle it.