Privacy Policy

1. Company Information & Data Controller

Suzhou Bingju Network Technology Co., Ltd ("Bingju Technology", "we", "us", or "our") is incorporated and operates under the laws of the People's Republic of China, with its registered address at:

Room 1407, Building 3, No. 112 Yingchun South Road, Chengnan Street, Wuzhong District Economic Development Zone, Suzhou, Jiangsu Province 215000, People's Republic of China.

For EU/EEA data subjects, Bingju Technology acts as the Data Controller for personal data processed through our services. For questions regarding this policy or to exercise your data rights, contact us at support@bingjutech.com.

2. Scope of This Privacy Policy

This Privacy Policy applies to:

• The Bingju Technology corporate website (www.bingjutech.com)
• All mobile applications published by Suzhou Bingju Network Technology Co., Ltd on the Google Play Store
• All mobile applications published by Suzhou Bingju Network Technology Co., Ltd on the Apple App Store
• Any associated web services, APIs, or backend platforms operated by us

This policy does not apply to third-party websites, applications, or services that may be linked from our platforms. We encourage you to review the privacy policies of any third-party services you use.

3. Information We Collect

3.1 Information You Provide Directly

• Name, email address, phone number, and company name when submitting contact forms or creating accounts
• Messages, feedback, or support requests submitted to us
• Payment information (processed by third-party payment processors; we do not store full payment card data)
• Profile information created within our applications

3.2 Information Collected Automatically

• Device Information: Device model, operating system version, unique device identifiers (including Android Advertising ID / GAID, Apple IDFA/IDFV), device language, screen resolution, and time zone
• Usage Data: App features accessed, session duration, screen views, button interactions, crash reports, and error logs
• Network Information: IP address (which may indicate approximate geographic location), network type (WiFi/cellular), and Internet Service Provider
• Log Data: Server logs including timestamps, access times, referring URLs, and browser/app version
• Cookies & Similar Technologies: See Section 16 for full details

3.3 Location Data

Some of our applications may request access to your device's location (GPS/coarse location) to provide location-based features. Location data is only collected when you explicitly grant permission. You may revoke location permission at any time in your device settings. We do not collect precise location data without explicit user consent.

3.4 Advertising Data

Our mobile applications display advertisements served by third-party advertising networks (detailed in Section 6). These networks may collect advertising identifiers, IP addresses, and usage data to serve personalized advertising. See Section 6 for full details and opt-out instructions.

4. How We Use Your Information

We use the information we collect for the following purposes:

• Providing, maintaining, and improving our services and applications
• Processing transactions and delivering requested features
• Responding to inquiries, support requests, and communications
• Sending service-related notifications (e.g., app updates, security alerts)
• Analyzing usage patterns to improve user experience
• Detecting, preventing, and addressing technical issues, fraud, and abuse
• Complying with legal obligations and enforcing our terms
• Serving advertisements through integrated advertising networks (with your consent where required)
• Performing internal analytics and research to improve our product offerings

Legal Basis (GDPR): We process your personal data on the following legal bases: (a) Consent — for advertising data and optional features; (b) Contract performance — to deliver services you request; (c) Legitimate interests — for analytics, security, and service improvement; (d) Legal obligation — to comply with applicable law.

5. How We Share Your Information

We do not sell your personal information to third parties for their own marketing purposes. We may share information in the following circumstances:

• Advertising Partners: We share advertising identifiers and usage data with our advertising network partners (see Section 6) for ad serving and measurement purposes
• Service Providers: Third-party providers who assist us with hosting, analytics, payment processing, and customer support — subject to confidentiality agreements
• Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction
• Legal Requirements: We may disclose information when required by law, regulation, court order, or governmental authority
• Protection of Rights: To protect the rights, property, or safety of Bingju Technology, our users, or the public

6. Advertising & Third-Party Ad Networks

6.1 Advertising Formats Used

• Open / Splash Ads (App Open Ads): Full-screen advertisements displayed when an app is launched or brought to the foreground. These provide high-visibility placements and are used where commercially appropriate.
• Rewarded Video Ads: User-initiated video advertisements that users choose to watch in exchange for in-app rewards (virtual currency, extra lives, unlocked content, etc.). These are entirely opt-in and require user action to trigger.
• Interstitial Ads: Full-screen advertisements displayed at natural transition points within an app (e.g., between levels, after completing a task). Users can close these after a brief display period.
• Banner Ads: Smaller rectangular advertisements displayed persistently at the top or bottom of the app screen during normal use.

6.2 Integrated Ad Networks

The following advertising networks and platforms may be integrated into our applications. Each network has its own privacy policy, and you may opt out of personalized advertising via their respective opt-out mechanisms.

6.3 User Consent & TCF 2.0 (IAB Europe Transparency & Consent Framework)

For users in the European Union, European Economic Area, and the United Kingdom, we implement the IAB Europe Transparency & Consent Framework (TCF) version 2.0 / TCF 2.2. Upon first launch in applicable jurisdictions, a Consent Management Platform (CMP) will present you with choices about how your data is used for advertising purposes. You may:

• Accept all advertising purposes and vendors
• Reject personalized advertising (you will still see non-personalized/contextual ads)
• Make granular choices about specific purposes (storage/access, personalized ads, content measurement, etc.)
• Withdraw consent at any time through the app's privacy settings

6.4 Advertising Opt-Out (Global)

In addition to network-specific opt-out mechanisms, you may limit ad tracking at the device level:

• Android: Settings → Google → Ads → Delete Advertising ID, or enable "Opt out of Ads Personalization"
• iOS 14+: Settings → Privacy & Security → Tracking → disable "Allow Apps to Request to Track". Each app must request ATT permission before accessing IDFA.
• iOS (Global): Settings → Privacy & Security → Apple Advertising → disable "Personalized Ads"

Note: Opting out of personalized advertising does not remove all advertisements from our apps. You will continue to see non-targeted, contextual advertisements.

7. GDPR — EU/EEA User Rights (General Data Protection Regulation)

As a Data Controller for EU/EEA users, Bingju Technology ensures the following rights are available to you:

We will respond to all verifiable requests within 30 days of receipt. If we need additional time (up to 60 additional days) due to complexity, we will notify you within the initial 30-day period.

You also have the right to lodge a complaint with your local Data Protection Authority (DPA). A list of EU DPAs is available at edpb.europa.eu.

7.1 Lawful Bases for Processing (GDPR Article 6)

• Consent (Art. 6(1)(a)): Advertising data, optional analytics, and location data
• Contract (Art. 6(1)(b)): Account management, service delivery, in-app purchases
• Legal Obligation (Art. 6(1)(c)): Tax records, legal holds, regulatory compliance
• Legitimate Interests (Art. 6(1)(f)): Security, fraud prevention, service improvement, bug tracking

8. CCPA — California Consumer Privacy Rights

8.1 Your CCPA Rights

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected, disclosed, or sold about you over the past 12 months
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Opt-Out of Sale/Sharing: Direct us not to sell or share your personal information with third parties
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit Use of Sensitive Personal Information: Limit use of sensitive personal data
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

8.2 Categories of Personal Information Collected (California)

8.3 "Do Not Sell or Share My Personal Information"

Under the CCPA, sharing personal information with advertising partners for cross-context behavioral advertising may constitute a "sale" or "sharing." To exercise your opt-out right:

1. Contact us at support@bingjutech.com with subject line "CCPA Opt-Out Request"
2. Limit ad tracking on your device (see Section 6.4)
3. Use network-specific opt-out tools listed in Section 6.2

We will process opt-out requests within 15 business days.

9. COPPA — Children's Privacy (Under 13)

• Applications not directed at children do not knowingly collect personal data from users under 13
• If we discover that we have inadvertently collected personal data from a child under 13 without verifiable parental consent, we will delete such data promptly
• Applications specifically designed for children ("kids' apps") are built in accordance with COPPA requirements: no behavioral advertising, no data collection beyond what is necessary for the app's function, and no sharing of children's data with third parties for advertising purposes
• Parents/guardians may contact us at support@bingjutech.com to review, delete, or refuse further collection of their child's information
• For apps rated for children on Google Play, we comply with Google Play's Families Policy, including using only Google-certified ad SDKs in child-directed experiences

10. Google Play Policy Compliance

All applications published by Bingju Technology on the Google Play Store comply with Google Play Developer Program Policies, including:

• User Data Policy: Conspicuous disclosure of data collection practices; privacy policy linked in Google Play listing and accessible within the app
• Ads Policy: All ads displayed are compliant with Google Play's Ads Policy; no deceptive ads, no ads that simulate device functionality
• Families Policy (children's apps): Only Google-certified ad networks, no interest-based advertising, no data collection prohibited by Google Play Families Policy
• Data Safety Section: Our Google Play listings include accurate Data Safety section information as required by Google
• Permissions: We only request permissions that are necessary for the app's core functionality; all sensitive permissions are explained to users at the time of request

11. Apple App Store Policy Compliance

All applications published by Bingju Technology on the Apple App Store comply with Apple App Store Review Guidelines, including:

• Guideline 5.1.1 (Data Collection and Storage): We only collect data necessary for our apps to function; we clearly disclose what data is collected and how it is used
• App Tracking Transparency (ATT): For apps that access the IDFA, we display Apple's ATT prompt before any tracking occurs. Users who deny tracking are not tracked.
• Privacy Nutrition Labels: Our App Store listings accurately reflect data collection practices in Apple's Privacy Nutrition Label format
• App Privacy Report: Our apps are designed to minimize data collection consistent with Apple's privacy principles
• Sign in with Apple: Where applicable, we offer Sign in with Apple as an option alongside other login methods

12. Country-Specific Privacy Rights

12.1 United States

In addition to CCPA (California), the following U.S. state privacy laws may apply:

• Colorado Privacy Act (CPA), Connecticut CTDPA, Virginia VCDPA, Utah UCPA: Residents of these states have rights similar to CCPA. Contact us to exercise rights under applicable state law.
• COPPA: See Section 9 above
• CAN-SPAM Act: Commercial emails include opt-out mechanisms. We honor all opt-out requests within 10 business days.

12.2 United Kingdom

We comply with the UK GDPR (as retained in UK law following Brexit) and the Privacy and Electronic Communications Regulations (PECR). UK users have the same rights as EU users under Section 7 above. The UK supervisory authority is the Information Commissioner's Office (ICO): ico.org.uk.

12.3 Canada

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws (including Quebec Law 25). Canadian users have the right to access, correct, and request deletion of personal data. Contact our privacy team at support@bingjutech.com.

12.4 Australia

We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Australian users may lodge complaints with the Office of the Australian Information Commissioner (OAIC): oaic.gov.au.

12.5 Brazil

We comply with the Lei Geral de Proteção de Dados (LGPD — Law No. 13,709/2018). Brazilian users have rights including access, correction, deletion, portability, and the right to revoke consent. The supervisory authority is the Autoridade Nacional de Proteção de Dados (ANPD).

12.6 Japan

We comply with the Act on the Protection of Personal Information (APPI), as amended. Japanese users have rights to disclosure, correction, deletion, and suspension of use of personal data. We handle third-party provision of personal information in accordance with APPI requirements.

12.7 South Korea

We comply with the Personal Information Protection Act (PIPA). South Korean users have rights to access, correct, delete, and suspend processing of personal data. The supervisory authority is the Personal Information Protection Commission (PIPC).

12.8 Singapore

We comply with the Personal Data Protection Act 2012 (PDPA). Singapore users may access and correct personal data, and withdraw consent at any time. The supervisory authority is the Personal Data Protection Commission (PDPC).

12.9 India

We comply with applicable provisions of the Information Technology Act 2000 and its rules, including the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011. We acknowledge India's Digital Personal Data Protection Act (DPDPA) 2023 and are preparing compliance measures accordingly.

12.10 Germany

German users benefit from GDPR protections (see Section 7) supplemented by the Bundesdatenschutzgesetz (BDSG). The minimum age for consent under GDPR Article 8 in Germany is 16 years.

12.11 France

French users benefit from GDPR protections supplemented by the Loi Informatique et Libertés. The supervisory authority is the Commission Nationale de l'Informatique et des Libertés (CNIL): cnil.fr.

12.12 Other EU/EEA Member States

Users in all EU/EEA member states are protected under the GDPR and may exercise the rights described in Section 7. Applicable national implementing laws may provide additional protections. Users may contact their national Data Protection Authority with complaints.

13. Age Restrictions & Minimum Age Requirements

Our general-audience applications require users to be at least 13 years of age (or the applicable minimum age in your jurisdiction). Applications directed at children under 13 are built in full compliance with applicable children's privacy laws.

14. Data Retention

We retain personal data for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law:

• Account data: Retained for the duration of the account plus 30 days after deletion request processing
• Usage and analytics data: Aggregated data retained for up to 24 months; individual event data retained for up to 12 months
• Contact form submissions: Retained for up to 12 months, or longer if necessary for an ongoing business relationship
• Legal/compliance records: Retained for the period required by applicable law (typically 5–7 years for financial records)
• Advertising data: Subject to the retention policies of each advertising network (see Section 6.2)

Upon expiration of the applicable retention period, personal data is securely deleted or anonymized.

15. International Data Transfers

Bingju Technology is headquartered in the People's Republic of China. When you use our services from outside China, your personal data is transferred to and processed in China. For transfers from the EU/EEA, UK, or Switzerland, we rely on the following transfer mechanisms:

• Standard Contractual Clauses (SCCs): European Commission-approved Standard Contractual Clauses are in place with our service providers for EU data transfers
• UK International Data Transfer Agreements (IDTAs): Used for UK-to-China data transfers
• Adequacy Decisions: Where the European Commission has recognized a country as providing adequate data protection

Our service providers and advertising partners who receive personal data are required to provide equivalent levels of data protection through contractual commitments.

16. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies. Our applications may use equivalent technologies (SDKs, device identifiers).

Types of Cookies We Use

• Essential Cookies: Necessary for the website to function. Cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics). Requires your consent in applicable jurisdictions.
• Advertising Cookies: Used by advertising partners to serve personalized ads. Requires your consent in applicable jurisdictions.
• Preference Cookies: Remember your settings and preferences across visits.

You may control cookies through your browser settings or through cookie consent controls on our website. Note that disabling certain cookies may affect website functionality.

17. Security Measures

We implement appropriate technical and organizational security measures to protect your personal data, including:

• Encryption of data in transit using TLS/SSL
• Encryption of sensitive data at rest
• Access controls limiting data access to authorized personnel on a need-to-know basis
• Regular security assessments and vulnerability testing
• Incident response procedures to address and notify of data breaches in accordance with applicable law

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours (GDPR requirement) and will notify affected users without undue delay where required.

18. Third-Party Links & Services

Our services may contain links to third-party websites or integrate third-party services. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through our platforms.

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post a notice in our applications or on our website
• For significant changes, provide more prominent notice (including, where appropriate, email notification)

Your continued use of our services after any changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

20. Contact & Data Protection Officer

For privacy-related inquiries, data subject rights requests, or complaints, please contact us: