APUS Flashlight Privacy Policy
1. Overview
APUS Flashlight (hereinafter referred to as “this Product”) is a flashlight product developed, operated and managed by Qilin Hesheng Network Technology Co., Ltd. (hereinafter referred to as “APUS”, “we”, “us” or “our"). We fully respect and protect users’ personal privacy. While providing you with quality services, we will collect, use, disclose, store and protect your personal data in accordance with this Privacy Policy (hereinafter referred to as “Policy”).
We will explain how we process your personal data in this Policy and how you may access and control your personal data.
Please completely read and fully understand this Policy before using this Product. If you have any questions about this Policy, or have any complaints or suggestions, please contact us via the methods as described in this Policy. This policy will help you understand the followings:
How We Collect and Use Your Personal Data
How We Use Cookie and Similar Technologies
How We Share, Transfer and Disclose Your Personal Data
Process Your Personal Data Using Third Party Services
How We Protect Your Personal Data
How You Access and Control Your Personal Data
How We Process the Minor’s Data
How Your Personal Data Is Transferred Globally
Contact Us
Update of Privacy Policy
**How We Collect and Use Your Personal Data**
We may collect your personal data as follows while we are providing services. These data is critical for us to realize various functions of this Product. We will use these data to help us develop and improve our products to provide better services. We will use your personal data in strict compliance with the purposes set forth in this Policy. We will inform you in advance and obtain your consent before we use these data for any other purposes than set forth in this Policy or we use the personal data collected for specific purposes for other purposes.
2.1. Category and purpose of your personal data we collect
This Product is a full functionality flashlight product with rich content and services. We will collect different categories of your personal data in different scenarios according to various product features, and will use these data to realize such product features.
2.1.1. Pre-activation service
In order to strictly comply with the laws and policies of the relevant countries or regions, we need to use pre-activation services to know your country or region. During pre-activation, we will send your IP address, country code (MCC), mobile phone language, system version and other information to our server. This information is only used to know your country or region, thus providing you with agreements and services that comply with that country or region. This information will be deleted within a short period of time after knowing your country or region, and will not be permanently saved.
2.1.2. Flashlight lighting
Flashlight Lighting When you need a flashlight, you can use the phone as a light source. You need to turn on the camera permission to open the phone camera and use the flash to provide you with flashlight lighting. This function only needs to use mobile phone flash and will not read anything other than your photo album and flash.
2.1.3. Cloud service
We provide you with a wealth of features and services through cloud service interfaces, such as search and product updates. In order to ensure the operation of cloud services, we need to collect some necessary data, including: application information such as application package name, application version, and application installation time; system information such as country code, system language, and system time zone; screen resolution and other devices Information; network information such as operators.
2.1.4. Service quality measurement
In order to measure the quality of service of a product and thus provide you with better services experience and other new services, we will collect the following information during your use of the service, and the information obtained will only be used for this purpose.
Activation information: application information including application package name, application version, and application installation time; system information such as Android ID, country code, system language, system version, system time zone, and Google service version; screen resolution, mobile phone brand, mobile phone model, etc.; Network card information and other devices information; network types, operators and other network information.
Usage information: application information including application package name, application version, and application installation time; system information such as country code, system language, and system time zone; screen resolution and other device information.
2.1.5. Provide stable services
In order to provide you with a stable service, we will collect the following related information for locating, analyzing ,and improving problems in the event of product. And the information is only used for this purpose.
Crash information: When our product crashes, you can choose whether to upload crash information. Then we will get the uploaded crash information, including application name, application version, application installation time, application signature and other application information; country code, system language, system time zone, memory information and other system information; screen resolution, mobile phone brand, horizontal screens, vertical screens and other information; crash process name, crash time, system non-sensitive log at crash, and crash log of this application.
Feedback: If you have any questions or suggestions about this policy, you can give us feedback through the product’s feedback function. We will get your feedback, including email address, feedback content, mobile phone brand, mobile phone model, system version and other information.
2.1.6. Anti-Fraud and Anti-Cheating
To prevent fraud and cheating, in order to ensure the normal operation of our business that provide you with better services and ecological environment, we need to obtain some necessary data, including: application package name, application version, application installation time, application signature and other applications Information; Android ID, country code, startup time, system time, memory information, system version, power, volume information, Bluetooth information, SIM card status and identification information, storage information and other system information; screen resolution, mobile brand, mobile phone Type, sensor information, camera information, CPU information, GPU information and other device information; location information, headset pluggable information, application installation and use information, screen unlocking information, Wi-Fi list information, network information and other user use information. The information obtained is used only for this purpose and is stored on the server as a pseudonym.
2.2. Your personal data we obtain from a third party
For now, we do not obtain your personal data from any third party. If certain services may require your personal data from a third party, we will notify you in advance and obtain your consent.
2.3. What permissions do we use to get your data
2.3.1. Read phone status and identity
We may read the unique device ID and encrypt irreversibly while will not collect user personal identity information.
2.3.2. Take pictures and videos
The only purpose using this permission is to use camera LED as flashlight. We won’t use camera to take picture or video.
2.3.3. Modify or delete the contents of your USB storage
When user recommends friends to download APUS Flashlight by sharing to social network, we need to save an introduction picture to be shared on SD card. We won’t access other file on SD card.
2.3.4. Full network access
We use these permissions to determine network status, and collect basic anonymous APUS Flashlight usage data.
2.3.5. SMS, contact and account information
(1) Read your contacts
Used to display contact name of missed calls or SMS on lock screen. No contact identified information will be collected.
(2) Send and view SMS
Used in messaging service in Smart Locker, including receive, reply. No Message content will be collected.
(3) Read call log
Used in phone call service in Smart Locker, including display phone number and time of missed calls, and users can spontaneously change status of missed calls. No calls information will be collected.
(4) Find accounts on the devices
This permission allows APUS Flashlight to check if users have logged in Google Play and provide relative app installation service for users.
2.3.6. Receive GCM notification
This permission allows users to receive GCM notification for subscription services.
2.3.7. We may get your location (GPS and network-based)
This permission allows APUS Flashlight provide weather service in Smart Locker. You can still decline them in pop-up window or clear them in settings. This information can‘t be traced back.
2.3.8. 8. Control vibration
We use these permissions to provide many useful features, like vibrating when user turns on/off flashlight, displaying operation instruction on other apps, preparing flashlight for use when android reboot.
2.3.9. Other
Run at startup
Draw over other apps
3. How We Use Cookie and Similar Technologies
Cookie is a small piece of text sent to a browser by a website visited by a user. It helps the browser to record user access information, such as preferred language and other settings. In this way, users will have an easier and more practical experience when they visit the same website the next time. Cookie play a vital role. Without cookie, the user’s experience of Internet will be greatly reduced, and some website features or services may not even work properly. We use cookies to provide you with a complete web browsing service. We do not collect cookie information ourselves. Please note that the websites you visit may use cookie to store your preferences, settings, login status, etc. For example, when you visit a webpage that has a login function for the first time, you need to enter a user name and password to log in. After logging in, the website will record your login status, When you switch different pages under the site, you do not need to re-enter the user name and password, you can directly browse the content of the web page. Websites may use cookie to recommend advertisements. For example, some websites use cookie to record websites that you click on to prevent you from seeing duplicate advertisements. We provide the ability to disable and delete cookies. You can disable or delete cookies.
To make it easier for you to open web pages, we provide web page caching. We allow websites you visit to store some web page data, such as web page pictures and other information. When you visit the site next time, the site will directly read the saved data for display, thereby to open the webpage faster. The cache will expire due to expiration or manual removal. We will not upload any cached content.
4. How We Share, Transfer and Disclose Your Personal Data
We will share with or transfer or disclose your personal data to a third party with your consent or explicit instructions. In addition, to improve the quality of our service, we may also share with or transfer or disclose your personal data to a third party under the following circumstances.
4.1. Subsidiary Products
We may share your personal data with our subsidiary products to provide a more consistent experience and better service. We guarantee that our subsidiary products will treat your personal data in accordance with the purposes and requirements shown in this Policy. We will obtain your prior consent again if our subsidiary products wish to use your personal data for purposes other than those set forth in this Policy.
4.2. Affiliated Company
We may share your personal data with our affiliated companies and will ensure their processing of your personal data is in compliance with the purposes and requirements of this Policy. We will obtain your prior consent again if affiliated companies intend to use your personal data for other purposes than set forth in this Policy.
4.3. Third party service provider
We may engage third party service providers to provide specific services. Third party service providers may collect data when providing services, and we will ensure that they follow our instructions, follow the purposes and requirements set out in this policy to process your personal data, and take appropriate confidentiality and security measures to safeguard data security.
4.3.1. Attribution of installation channel
In order to attribution of installation channel and provide you with better services, we use the services of a third party service provider. The service needs to obtain your information including: application package name, application version, application installation time and other applications Information; Android ID, country code , language, system version and other system information; power, charging type, sensor information, mobile brand, mobile phone Type, network information, CPU information and other device information. The information obtained is only used for this purpose.
4.3.2. Anti-fraud and Anti-Cheat
In order to prevent fraud and prevent cheating, and to provide you with better services and better ecological environment, we use Digital Union’s services. The service needs to obtain your information including: application package name, application time information, application version number, installation path, application size and other application information; CPU, screen resolution, total memory information and other hardware general information; country code, start-up time, system time and other system information; mobile phone brand, mobile phone model, memory, CPU and other equipment hardware information. The information obtained is only used for this purpose.
4.4 Share of your personal data as required by law
Subject to compliance with this Policy, we may be required to share or disclose your personal data under certain circumstances, such as in accordance with laws and regulations, and compulsory requirements of government orders; to safeguard the legitimate rights and interests of yours, ours, and third parties; and to prevent or deal with fraud, secure or technical problems.
4.5 Change of organization and existing status of our company
For any change of the organization or existing status of our company (such as restructuring, merger or bankruptcy), your personal data may be transferred to the company entity after change or our affiliated company (the “Data Transferee”). The Data Transferee will continue to be bound by this Policy.
5. Process Your Personal Data Using Third Party Services
The Product may contain a hyperlink directing to third party products or services, such as a hyperlink to another website. You may click the hyperlinks in this Product to access third party products or services. Meanwhile, we may also embed third party links in this Product and you may click these links to access or use third party products or services on the interface of this Product. We hereby remind you that when you access or use third party products or services via the above methods whereby your personal data will be obtained by such third party products or services, the privacy policies of such third party products or services will apply to such personal data.
6. How We Store and Protect Your Personal Data
6.1. Security protection of personal data
We are committed to protecting your personal data. We have adopted all possible security technologies and procedures to protect your personal data against unauthorized access, use, revision, damage, destruction or disclosure. These security measures mainly include the following:
a) Your personal data is stored in the computer systems located in a controlled site with security measures such as encryption.
b) Only APUS employees who have the necessity to process relevant data for the purpose of product operation are authorized to access your personal data and such employees are required to comply with strict confidentiality obligations.
c) We are constantly striving to ensure the security of your personal data, and we adopt encryption technologies during data transmission to prevent your information against unauthorized access, use, revision, damage, destruction or disclosure.
d) We are more prudential when we transmit and store special categories of your personal data and adopt encryption technologies and other security measures to ensure data security.
In case of personal data security incident, according to the requirements of relevant laws and regulations, we will promptly inform you via push notification, announcement, etc. the basic situations and possible influence of the security incident, response measures we have taken or will take, suggestions for you regarding self-prevention and risk reduction, remedial measures for you, etc. We will timely deal with system vulnerabilities, cyber-attacks, virus intrusion, and other security risks.
6.2. Personal data storage term
We will store your personal data for the necessary period for data collection and processing purposes. Beyond the above-mentioned period, we will delete or anonymize personal data.
Browsing history, bookmarks, web page data, cookie, downloading file information, and search history are all stored locally and are available throughout the application lifecycle. You can manually clear this data at any time.
The access records, application execution logs, and application debug logs of the cloud service are stored on the server for a short period of time, typically 7 days. If this period expires, we will delete or anonymize the data.
Application usage data is pseudo-persistently stored on the server for data analysis. You can access, edit or delete your data in the manner described in section 7. : How to Access and Control Your Personal Data.
After you cancel your account, we may not be able to delete your personal data immediately due to technical reasons; however, we will delete it during the next system update, and we undertake not to process your personal data during the period between cancellation of your account and the next system update.
7. How You Access and Control Your Personal Data
7.1. Access and revise your personal data
You may access and edit your personal data online through APUS User Information Center.
7.2. Change of your authorization scope
You may select on the page of APUS User Information Center to change your authorization scope for us to process your personal data. Please be minded that since all functions of the Product need certain basic personal data for normal operation, certain functions of the Product may not operate normally when you withdraw your consent to processing of some personal data.
When we receive your withdrawal of consent, we will no longer process your corresponding personal data.
7.3. Rejection of personalized advertising
You may always choose whether to receive promotional emails, messages, calls, and mails from us or third parties. You may also choose to no longer receive personalized advertisements through APUS User Information Center.
We will no longer use your personal data for the above-mentioned commercial promotion purposes when you refuse to receive interest-based advertisements. Non-personalized ads don’t use mobile ad identifiers for ad targeting, they do still use mobile ad identifiers for frequency capping, aggregated ad reporting, and to combat fraud and abuse.
7.4. Delete your personal data
You may submit a request to us to delete your personal data when:
a) Your personal data is no longer necessary for data collection or processing;
b) You have withdrawn your consent to our processing of your personal data ;
c) Your personal data has been processed illegally;
d) We are obligated to delete your personal data in accordance with the laws of EU members.
We may not be able to delete your personal data immediately due to technical reasons. We will delete it during the next system update. We will not process your personal data in any way during the period between your request of deleting your personal data and the next system update.
7.5. Respond to your requests
We may first verify your identity upon receipt of your request, and may request you to provide the necessary information for authentication.
We will respond to your request on the 30th day after we receive your request and communicate with you in an appropriate way. If necessary, we may extend it (by an additional 30-day at most), and will inform you of the reason for the extension of the deadline on the 30th day after receiving your request. If we have reasonable reasons to believe that no measures are needed to respond your request, we will inform you of our decision 30 days from the date of receipt of your request and provide you with appropriate explanation.
We will use best efforts to help you resolve relevant problems. If you are not satisfied with the response you received, you may refer the complaint to the relevant regulatory authority, or file a lawsuit before a competent judicial authority.
8. How We Process the Minor’s Data
This Product is not intended for a minor under 16 years old (or equivalent minimum age set by the laws of EU members). We will only process the information of these minors to the extent permitted by law and with the consent of their guardians.
We will implement relevant technical measures and make our best efforts to verify whether the processing of minors’ information has been approved by their guardians. We will try to delete relevant data as soon as possible if we are aware that we have collected the personal data of a minor without the prior consent of their certified guardians.
9. Contact Us
If you have any questions or suggestions about this policy, or you need to do your data management power to manage your privacy data, please feel free to contact us: apusflashlight.privacy@gmail.com.
If you find any violation of this policy, please feel free to contact our DPO: dpo@apusapps.com.
10. Update of Privacy Policy
We reserve the right to revise or modify this Policy. For any update of this Policy, we will send you notice on the interface of this Product to remind you of relevant updates and indicate the updated provisions for your ease of reading. Please do completely read and fully understand the updated Privacy Policy. By continuing to use this Product, you will be deemed to have accepted the updated version of this Policy. We will not reduce your rights under this Policy without your explicit consent.
11. How Your Personal Data Is Transferred Globally
We provide APUS products and services around the world, which means to conduct business globally, your personal data might be transmitted to a jurisdiction or accessed from such jurisdiction outside of the country/region where you use this Product. These jurisdictions include but are not limited to Singapore, United States, and China.
Please note that we only return demographic information to China and we do not include information on individual user identities. At the same time, in order to provide you with better services, our third party partners may transmit your data to other countries. For example, in order to detect robots or cheating, we have purchased a Chinese supplier’s traffic monitoring service. The merchant may return the user information to China in order to assist us in analyzing whether there is cheating in the user.
Personal data protection legislation in such jurisdiction might be different or even absent. Under such circumstance, we will adopt various measures to ensure security of your personal data. For instance, we will ask you for your explicit consent before transmission of your personal data, or implement security measures such as encryption and pseudonymisation during data transmission; when your personal data is transferred to such jurisdictions, we will apply the same protection of your personal data in accordance with the Policy. We will endeavor to protect your personal data with the measures stipulated in Article 46 and Article 47 of the EU General Data Protection Regulation.
Last updated: 19 May 2018