Introduction

At Shenzhen Yuanxiang Technology Co., Ltd. ("Shenzhen Yuanxiang Technology", "we" or "our company"), we provide customer-communication services to our Clients through the use of our Chatbot. We only collects natural person’s information in connection to the provision of our services for and on behalf of our Clients. In jurisdictions that differentiate between a "controller" and a "processor" (or similar terms), Shenzhen Yuanxiang Technology functions as the "processor," handling data on behalf of our Clients, who act as the "controllers."

This privacy policy decrees how and why we, along with our affiliates, collect, store, use, and share personal information about you as an end-user. Such data processing is integral to facilitating our service provision and enable your interactions with our platforms. We recognize the importance of protecting your personal information and encourage you to review our privacy practices. If you have any questions or concerns, please contact us at customer@unixyz.cn.

Unless otherwise defined:

• “Clients” refers to the legal persons that purchases our products and/or subscribe to our services as provided in the service agreement.

• "Employee" refers to Client’s employees, who is authorized by the Client to access and manage the relevant accounts on our platforms

• “End User” refers to Client’s employees, representatives, and Client’s customers who interacts with the Client’s employees or representatives.

Scope

This policy applies to Shenzhen Yuanxiang Technology's official website, Shenzhen Yuanxiang Technology's chatbot window, and Shenzhen Yuanxiang Technology's portal, collectively as "our platforms". It governs the personal information generated through our platforms and communications between you and us. This privacy policy excludes information collected through third-party websites, applications, or content, including advertisements, or other channels not affliciated with Shenzhen Yuanxiang Technology. Information collected offline or through any other website operated by the company or third parties is also excluded. Furthermore, any third-party applications or content, including advertisements that may be linked to or accessible from our platforms, are not covered by this policy.

This policy is not intended to override the terms outlined in contracts you may have with us, nor does it supersede rights you may have under applicable data privacy laws.

Please note that our Clients may collect and use your personal information beyond the scope of our services. We encourage End Users to review the privacy policies of the respective Clients to better understand how their data is processed. Any inquiries or requests regarding data processing should be directed to the Clients directly.

What Personal Information We Collect and How We Collect them

1. Information Provided by Clients and End-users

We collect information on our Client's employees and representatives who use our platforms to the extent necessary for the provision of our services. We also collect data on behalf of our Clients on their employees and End-users generated during the ordinary course of our service's operation. Information we collect from you include:

• Account information: Employee's name, role in company, employee’s corresponding team, account username, contact information, etc.), identify of other personnels from the same team or company authorized to access the accounts, and preference settings.

• Identity Information: End-user's name and contact information used to verify End-user's identity, for further communication purposes or any other purposes specified at the time with the End-user's consent.

• Contents of communications: contents of your communications made through our platforms.

• Any other information an End-user may choose to provide, including any feedback, review, or customer service communications.

2. Information Automatically Generated and Collected

The following information may be automatically generated or collected for the provision of and the use of our services:

• Account information: user ID, login credentials, traffic data, and usage history.

• Device information: model, operating system, browser type, operating system, and IP address

• Location data: the city and country where the End-user is located

• Chat information: end-users’ ID, chat duration, content of communication, ID of the employee responsible

• System information: usage logs, crash reports.

How We Use Your Information

We process personal information as necessary for the provision of our Services and the performance of our contract with our Clients. For example, we need to process personal information to enable the following:

• Provision of our Services: account registration, identifying and authenticating Clients and their employees or representatives, setting up smart badges, connecting smart badges to the network, operating smart badges, checking the status of smart badges, and allowing any customization settings;

• Customer support service: information required to communicate with Client, which includes account information, users’ information, contents of the communication between you and us, and other functions enabling reviews of our products and feedback;

• Log reports which include device data, usage history, device settings, crash and error records, abnormal activities records, and account information;

• Operate, evaluate and improve our business: including developing software updates, developing new products and services, analyzing our Services, aggregating and anonymizing data, performing data analytics, auditing and other internal functions;

• Network security: specifically for the prevention, detection, and protection against fraud, abuse, criminal activities, and other abnormal activities；

• Comply with regulation requirements: enforcement and compliance with legal requirements, for the execution of claims, including relevant industry standards, and our policies;

• For administrative purposes: including quality assurance purposes and internal training;

We may combine information we obtain about end-users for the purposes described above. We may also use the information we obtain for other purposes for which we provide specific notice at the time of collection or otherwise with consent.

How We Share Your Information

1. With Our Clients

The provision of our services necessitate the sharing of end-users’ information with our Clients and other personnel authorized by our Clients, which may include their employees and representatives. The information disclosed may include end-user’s name, user ID (if applicable), contact information, and content of communications. Please consult the corresponding Client’s internal policies to understand how your information may be used.

2. With Third-party Service Providers

We may engage selected third-party service providers to support our services. These service providers may only use the data as determined in our agreements with them. Additionally, our clients may direct us to give third parties access to end-users’ information and account. Such third party’s use of personal information will be governed by their privacy policies and terms and we are not responsible for their acts or omissions.

3. Legal Obligations

We may share your personal information in certain circumstances, including:

• To law enforcement authorities, government or public agencies or officials, regulators, or any other person or entity with appropriate legal authority or justification for receipt of such information, if required or permitted to do so by law or legal process;

• When we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity;

• When the information is required for the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, or for the enforcement of civil law claims.

4. Business Purposes

We may share end-users’ information with our subsidiaries and affiliates for business support, marketing, or other specified purposes that are communicated to you at the time.

Additionally, if the ownership of all or substantially all of our company’s business, or individual business units or assets owned by our company that is related to the Services, were to change, or a bankruptcy or other change were to occur, end-users’ Personal Information may be transferred to the new owner or may be shared during such transaction (such as during due diligence) even if such transaction is not completed. In any such transfer of information, the Personal Information will remain subject to this Privacy Policy unless and until changed according to the terms herein.

EU/EEA Users

Where the General Data Protection Regulation (GDPR) is applicable to Shenzhen Yuanxiang Technology in accordance with the law, the information and the rights specified in this section are available to users residing in the EU/EEA region.

We act as a "controller" for the Services in which we determine how personal information is utilized in relation to our offerings. Conversely, we function as a "processor" for the Services where we handle personal information solely in accordance with our customers' instructions, as according to the GDPR.

Legal Basis and Purposes for Which We Process Your Personal Information

The table below provides the ways we plan to use your personal data and which legal bases we rely on. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we rely on to process your personal data where more than one ground has been set out below.

• Purpose / Activity: Portal Account - registration and operation
  Type of Data: Contact information (email)
  Legal Basis:Necessary for the performance of a contract with you.

• Purpose / Activity: To provide service to our Client
  Type of Data: Contents posted in chatbot
  Legal Basis:Necessary for the performance of a contract with our Client.

  Necessary for the legitimate interest of our Client (performance of our services for the Client).

• Purpose / Activity: To provide service to our Client and End-user.To identify the relevant region, ensuring the provision of applicable services.
  Type of Data: Location data (city of where the End-users is located)
  Legal Basis:To provide service to our Client, we obliged our Client to collect the information in a lawful manner. 

• Purpose / Activity: To provide service to our Client.To verify the End-user's identity

  To enable further communications and provide assistance to End-user.
  Type of Data: Identity and contact information of End-users
  Legal Basis:With your consent.

• Purpose / Activity: To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
  Type of Data: Technical information
  Legal Basis:Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, in the context of a business reorganization or group restructuring exercise).

• Purpose / Activity: Fraud prevention
  Type of Data: Technical information,Usage information.
  Legal Basis:Necessary to comply with a legal obligation.

• Purpose / Activity: Customer support
  Type of Data: Account information,Contact information.
  Legal Basis:With your consent.

  
  

Your EU/EEA Rights and Choices

The GDPR provides consumers (EU/EEA residents) with specific rights regarding their personal information. This section describes your GDPR rights. To exercise any of these rights, please contact us at customer@unixyz.cn.

• Access to Personal Information — You have the right to obtain confirmation from us on whether we process your personal information and, if so, you may have the right to request access to your personal information.

• Rectification of Personal Information — You have the right to request that we rectify inaccurate personal information concerning you and, depending on the purposes of the processing, you may have the right to have incomplete personal information completed.

• Erasure/Deletion — You have the right to request us to erase some or all of the personal information concerning you.

• Restriction of Processing — You have the right to request us to restrict the further processing of your personal information. In such cases, the respective information will be marked as restricted, and may only be processed by us for certain purposes.

• Object to Processing — You have the right to object, on grounds relating to your particular situation, to the processing of your personal information by us, and we may be required to no longer process some or all of your personal information.

• Object to Direct Marketing — You have the right to object to the processing of personal information for direct marketing purposes.

• Object to Decision Based Solely on Automated Processing — You have the right not to be subject to a decision based solely on automated processing where the decision has a significant legal impact on you.

• Data Portability — You have the right to receive a copy of your personal information which you have provided to us, in a structured, commonly used, and machine-readable format, and you have the right to request the transfer of that personal information to another entity without hindrance from us.

• Withdraw Consent — You have the right to withdraw consent you have provided to us where we rely solely on your consent to process your personal information. You can always provide your consent to us again at a later time. Please note that the withdrawal will not affect the processing of data based on prior consent.

• Right to Complain — You have the right to lodge a complaint to an applicable supervisory authority or other regulators if you are not satisfied with our responses to your requests or how we manage your personal information. A list of and more information about the EU/EEA Data Protection Authorities can be found here. We encourage you to first or also reach out to us, so we have an opportunity to address your concerns directly.

Please note that we can only respond to your request concerning the data processed by us. If you have inquiries regarding how our Clients handle your data, or if you wish to exercise your rights related to their data processing practices, we kindly recommend contacting the Client directly.

US Users

This section contains information relevant to residents of certain US states that have their own data privacy regulations and associated rights.

Notice For Users Residing in California

Where the California Consumer Privacy Act of 2018 (CCPA) as amended by the  California Privacy Rights Act (CPRA) is applicable to Shenzhen Yuanxiang Technology in accordance with the law, the information and the rights specified in this section are available to users residing in California.

We collected the following categories of personal information from consumers within the last twelve (12) months.

A. Identifiers.

Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

Collected: YES

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

Examples: A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

Collected: NO

C. Protected classification characteristics under California or federal law.

Examples: Age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Collected: NO

D. Commercial information.

Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Collected: NO

E. Biometric information.

Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

Collected: NO

F. Internet or other similar network activity.

Examples: Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

Collected: YES

G. Geolocation data.

Examples: Physical location or movements.

Collected: NO

H. Sensory data.

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

Collected: NO

I. Professional or employment-related information.

Examples: Current or past job history or performance evaluations.

Collected: NO

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Collected: NO

K. Inferences drawn from other personal information.

Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Collected: NO

L. Sensitive Personal Information.

Examples: Social Security number, driver’s license, state identification card, or passport number; Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; Precise geolocation; Racial or ethnic origin, religious or philosophical beliefs, citizenship, or immigration status; The contents of mail, email, and text messages unless we are the intended recipient of the communication; Biometric information processed to uniquely identify an individual; and Health information, sexual orientation.

Collected: NO

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights. To exercise any of these rights or to appeal a decision regarding a consumer rights request, please contact us at customer@unixyz.cn.

Right To Access Specific Information and Data Portability Rights

You have the right to request that the Company disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

• The categories of personal information we collected about you.

• The categories of sources for the personal information we collected about you.

• Our business or commercial purpose for collecting or sharing that personal information.

• The categories of third parties with whom we share that personal information.

• The specific pieces of personal information we collected about you (also called a data portability request).

• If we disclose your personal information for a business purpose, we will identify the personal information categories that each category of recipient obtained.

Right to Delete

You have the right to request that the Company delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

Personal Information Sales Opt-Out Rights

We do not knowingly sell your personal information, yet our use of tracking technologies may be considered a "sale"/ "sharing" under California law. Email us to opt-out of the sale.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• Deny you goods or services.

• Charge you different prices or rates for like-goods or services, including through granting discounts or other benefits, or imposing penalties.

• Provide you with a different level or quality of like-goods or services.

• Suggest that you may receive a different price or rate for like-goods or services or a different level or quality of like-goods or services.

Notice of Financial Incentive

We may offer our customers a loyalty program that provides certain perks, such as rewards and exclusive offers. We may also provide other programs, such as sweepstakes, contest, or other similar promotional campaigns (collectively, the “Programs”). When you sign up for one Program, we typically ask you to provide your name and contact information (such as email address and/or telephone number). Since our Programs involve collecting personal information, they might be interpreted as a “financial incentive” program under California law. The value of your personal information to us is related to the value of the free or discounted products or services, or other benefits that you obtain or that are provided as part of the applicable Program, less the expense related to offering those products, services, and benefits to Program participants. You can withdraw from participating in a program at any time by contacting us at customer@unixyz.cn.

Other California Privacy Rights

California's "Shine the Light" law (Civil Code Section § 1798.83) permits California users of our websites, other products, services and platforms to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.

Users of other US States

This section provides information in accordance with US States other than California that have enacted state data privacy laws. If you are a resident of Colorado, Connecticut, Montana, Oregon, Utah or Virginia, you have the rights set forth in this section below. To exercise any of these rights or to appeal a decision regarding a consumer rights request, please contact us at customer@unixyz.cn.

Right to Access Data and Data Portability Rights

You have the right to request that the Company disclose certain information to you about our collection and use of your personal information. Once we receive and confirm your verifiable consumer request, we will disclose to you:

• The categories of personal information we collected about you.

• The categories of sources for the personal information we collected about you.

• Our business or commercial purpose for collecting or sharing that personal information.

• The categories of third parties with whom we share that personal information.

• The specific pieces of personal information we collected about you (also called a data portability request).

• If we disclose your personal information for a business purpose, we will identify the personal information categories that each category of recipient obtained.

Right to Delete

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

Right to Correct

You have the right to request that we rectify inaccurate personal information concerning you and, depending on the purposes of the processing, you may have the right to have incomplete personal information completed.

Right to Opt Out of Targeted Advertising, Sale of Personal Data and Automated-Decision Making

We do not knowingly sell your personal information, use your data for targeted advertising purposes, or in conducting automated-decision making that has a legal or significant impact on you. Yet our use of tracking technologies may be considered similar behaviors under respective state  laws. For any concerns or to exercise your rights, please email us.

Right Regarding Sensitive Personal Data

If you are a Virginia, Colorado, or Connecticut resident, we do not knowingly collect or process users' sensitive personal data. If you have any inquiries, please contact us at customer@unixyz.cn.

Data Retention and Security

We have implemented measures dedicated to keep your information secure and will continue to work on features to keep your information safe. While we strive to employ commercially reasonable means to safeguard personal information, it's essential to acknowledge that no internet transmission or electronic storage method is entirely secure. We cannot guarantee absolute security. If you access our Services via a third-party platform you should also protect your account with secure account credentials and prevent unauthorized access to your account and personal information.

Subject to the rights of users set forth in this policy, we’ll retain information for as long as we need it to provide you the Services or to comply with applicable law. When we no longer require your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

AI Feature

Our AI feature is powered by Azure OpenAI. We rely on Azure OpenAI's security measures and data processing policies to ensure the protection of data processed through this feature. According to Azure OpenAI’s policy, any inputs or training data used within our platform are not accessible to Azure, OpenAI, or any other third parties.

Children's Data Protection

We define “children” (or “child”) as: (i) individuals under the age of 16 residing in Europe; (ii) individuals under the age of 13 residing outside Europe, or (iii) otherwise specified by applicable law in a particular jurisidction. Our services is not intended for children and we do not have reasonable grounds to believe that any of our End Users are children. We do not knowingly collect personal information from children. If we learn that we have collected or received personal information without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child, please contact us at customer@unixyz.cn.

International Transfer of Data

End-users’ information may be processed where we have facilities or where we have service providers, including mainland China. The data protection rules in these countries may be different from those in the country where end-users reside. For further inquiries regarding data transfer, please contact us at customer@unixyz.cn.

Updates to the Privacy Policy

We may modify or update this Privacy Policy from time to time to reflect the changes in our business and practices, and so you should review this page periodically. If we make material changes to how we treat our users' personal information, we will notify you through our platforms or on the Website home page. The date the privacy policy was last revised is identified at the top of the page.

Contact Us

If you have any questions or comments about this Privacy Policy or our privacy practice, please contact us at customer@unixyz.cn.