Privacy Protection Policy

The operator of the lovemurmur APP (hereinafter referred to as "we") fully understands the importance of personal information to you. We will protect your personal information and privacy security in accordance with laws and regulations. We are committed to maintaining your trust in us and adhere to the following principles to protect your personal information: principle of consistent rights and responsibilities, purpose specification principle, choice and consent principle, data minimization principle, security assurance principle, subject participation principle, and openness and transparency principle. We also promise that we will adopt corresponding security protection measures to protect your personal information in accordance with industry-standard security solutions.

We hope you will carefully read and thoroughly understand this Privacy Protection Policy before using our products and related services to make appropriate choices. Once you start using our products and related services, it means you have fully understood and agreed to this Privacy Protection Policy. This Privacy Agreement only applies to information collected by the lovemurmur APP product and related services and does not apply to information collected by third-party services accessed through us.

Introduction

We strictly keep confidential the user information we collect and have established a sound user information protection system to provide reliable and reassuring services to every user:

• 1. Clarity: We will use easy-to-understand language to explain the privacy policy so you can clearly understand how we protect and process your collected information.
• 2. Safeguarding Rights: We will take sufficient and reasonable measures to protect your privacy rights and interests.
• 3. Respect for Users: We respect the free exercise of your rights such as choice and right to know, allowing you to manage your personal information.
• 4. Necessary Security: We will only collect necessary information and use this information to provide you with safe and detailed services.
• 5. Timely and Considerate: We will listen to your inquiries at any time and answer your questions as soon as possible.

We hope you will read the "Privacy Protection Policy" (hereinafter referred to as "this Policy") carefully to understand in detail how we collect and use information, so that you can better understand our services and make choices regarding whether to use the services and which services to use that align more closely with your true intent. If you have any questions, please contact us.

1. How We Collect and Use Your Personal Information

Personal information refers to any information recorded electronically or by other means that can identify a specific natural person alone or in combination with other information, or reflect the activities of a specific natural person. The types of personal information we collect, collection purposes, collection methods, and scope of use are as follows:

Information Category	Specific Information Items	Collection Purpose	Collection Method	Scope of Use
Registration Information	Email address, Password	User authentication, account registration	User actively fills in and submits	Account management, identity verification
Profile Information	Nickname, Avatar, Gender, Age, Location, Personal Bio	Completing user profile, providing personalized services	User actively fills in and submits	Personalized display, social feature implementation
Device Control Information	Device connection status, control commands, usage records	Implementing smart device control functions	Automatically recorded during user operation	Device control, function implementation
Community Content Information	Posted moments, pictures, text, comments, interaction records	Providing community sharing and interaction features	User actively publishes	Content display, community interaction
Device Information	Device model, operating system version, device identifier, network information	Service adaptation, security verification, troubleshooting	Automatically obtained by the system	Device adaptation, security verification, anomaly detection
Log Information	Operation records, access time, feature usage	Service optimization, issue troubleshooting	Automatically recorded by the system	Product optimization, user experience improvement, troubleshooting

To bring you a better product and service experience, we are continuously striving to improve our technology. Consequently, we may from time to time introduce new or optimized features that may require the collection and use of new personal information or changes to the purpose or method of personal information use. For such cases, we will separately explain the corresponding information collection purpose, scope, and method of use to you, including but not limited to updating this Policy, providing page prompts, and offer you a way to voluntarily choose to consent. We will collect and use such information only after obtaining your explicit consent. During this process, if you have any questions, comments, or suggestions, you can contact us through the various contact methods we provide, and we will respond to you as soon as possible.

(1) Registration, Login

When you register for this application, we collect your email address and password to create an account. You need to complete email verification to ensure account security.

During the registration and service usage process, if you provide additional information to complete your profile, it will help us provide you with better service and experience: nickname, avatar, gender, age, location, personal bio. The above information you provide will be subject to our continued authorization for use during your use of this service. When you proactively cancel your account, we will delete or anonymize your personal information as required by applicable laws and regulations as soon as possible.

(2) For the Purpose of Providing Security Features

To provide you with a safer, more trustworthy product and usage environment, and to offer high-quality, reliable services and information, we collect information about the products or services you use and how you use them and associate this information. This information includes:

1. Device Information:

While you are using this application, to provide you with services more tailored to your needs, interactive displays, maintain normal platform operation, and protect your account security, we will receive and record information about the device you use (including device model, operating system version, device identifier, network information, etc.) based on the specific permissions you grant during software installation and use.

2. Log Information:

When you use the products or services provided by our application, we automatically collect detailed information about your usage of our products or services, which is saved as relevant network logs. This includes your operation records, access time, feature usage, etc. Please note that device information and log information alone are information that cannot identify a specific natural person. Therefore, device information and log information alone are not "personal information" as defined in this Policy. If we combine such information with other information to identify a specific natural person, or use it in combination with personal information, then during the period of combined use, such information will be regarded as personal information. Unless we obtain your authorization or unless otherwise stipulated by laws and regulations, we will anonymize or de-identify such personal information.

3. When you contact us, we may save your communication records and content or the contact information you leave in order to contact you or help you solve problems, and we may also record the handling plans and results of related issues.

4. To improve the security of your use of services provided by us, our affiliated companies, and partners, to protect the personal and property safety of you, other users, or the public from infringement, to better prevent phishing websites, fraud, network vulnerabilities, computer viruses, network attacks, network intrusion security risks, and to more accurately identify violations of laws and regulations or relevant platform agreement rules, we may use or integrate your user information, device information, relevant network logs, and information obtained by affiliated companies and partners with your authorization or based on law, to comprehensively judge your account risk, conduct identity verification, detect and prevent security incidents, and take necessary recording, auditing, analysis, and disposal measures in accordance with the law.

5. Please understand that as our business develops, the functions and services provided by "lovemurmur" may be adjusted. In principle, when new functions or services are related to the functions or services we currently provide, the collection and use of personal information will have a direct or reasonable connection with the original processing purpose. In scenarios where there is no direct or reasonable connection with the original processing purpose, we will inform you again and obtain your consent before collecting and using your personal information.

(3) Other Purposes

1. If the information you provide contains personal information of other users, before providing this personal information to the platform, you need to ensure that you have obtained legal authorization.
2. If we use information for other purposes not specified in this Policy, or use information collected for a specific purpose for other purposes, or if we actively obtain your personal information from third parties, we will obtain your consent in advance.
3. If we obtain your information indirectly from a third party, we will clearly require in writing that the third party collect it only after legally obtaining your consent, inform you of the shared information content, and require your explicit confirmation for sensitive information before providing it to us for use. We will require the third party to promise the legality and compliance of the source of personal information. If the third party violates this, we will clearly require them to bear corresponding legal responsibilities. At the same time, our professional security team will implement security protection for personal information (including classification of sensitive information, access control for sensitive information use, encrypted storage of sensitive information, etc.). We will use protection methods and measures no less than those we use for our own users' personal information to protect indirectly obtained personal information.

(4) Platform APP Device Permission Call Description:

Bluetooth Permission: When you use the platform APP on Android or iOS versions, we will obtain this permission to allow the app to connect to smart devices, providing you with the function to directly control devices via the APP. If you do not enable this permission, you will be unable to use this function, but it will not affect your use of other services.

Read/Write External Storage Permission: When you use the avatar setting or send pictures function in the Android version of the platform APP, you can enable the storage permission to use or save pictures or files. If you do not enable this permission, you will be unable to use functions related to SD card reading or caching, but it will not affect your use of other services.

Photo Album Permission: When you use the avatar setting or send pictures function in the Android or iOS version of the platform APP, you can enable the photo album permission to upload pictures from your device. If you do not enable this permission, you will be unable to use functions related to picture uploading or sending pictures, but it will not affect your use of other services.

Camera Permission: When you use the avatar setting or send pictures function in the Android or iOS version of the platform APP, you can enable the camera permission to take real-time photos and upload pictures for setting avatars or sending pictures. If you do not enable this permission, you will be unable to use functions related to picture taking, but it will not affect your use of other services.

Microphone Permission: When you use the voice service in the Android or iOS version of the platform APP, you can enable the microphone permission to record personal profile voice clips or send voice messages. If you do not enable this permission, you will be unable to use functions related to voice input, but it will not affect your use of other services.

View Network Status Permission: When you use the platform APP on Android or iOS versions, we will obtain this permission to view all network statuses, such as existing and connected networks. If you do not enable this permission, you will be unable to promptly receive notifications of network status changes, but it will not affect your use of other services.

You understand and agree that the above services may require you to enable access permissions for your location information (geographic location), camera, photo album and storage, microphone (voice), and network status on your device to realize the collection and use of information involved by these permissions. You can view the status of the above permissions in your phone's "Settings - App Permissions" and decide to enable or disable these permissions at any time. Please note that enabling any permission means you authorize us to collect and use relevant personal information to provide you with corresponding services. Once you disable any permission, it means you have canceled the authorization. We will no longer continue to collect and use relevant personal information based on that permission and will be unable to provide you with the service corresponding to that permission. However, your decision to close a permission will not affect the information collection and use previously conducted based on your authorization.

(5) Exceptions to Obtaining Authorization and Consent

You fully understand and agree that we may collect and use your personal information without your authorization and consent in the following circumstances, and we may not agree to your requests for correction/modification, deletion, account cancellation, withdrawal of consent, or request for information:

1. Related to national security and national defense security;
2. Related to public security, public health, and significant public interests;
3. Related to criminal investigation, prosecution, trial, and execution of judgments, etc.;
4. Where it is necessary to protect the life, property, and other significant legitimate rights and interests of the personal information subject or other individuals but it is difficult to obtain the consent of the individual;
5. The personal information collected is disclosed by you to the public on your own initiative;
6. Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels;
7. Necessary for concluding a contract according to your requirements;
8. Necessary for maintaining the safe and stable operation of the provided products or services, such as discovering and handling product or service failures;
9. Necessary for legitimate news reporting;
10. Necessary for academic research institutions to carry out statistical or academic research based on public interests, and when providing the results of academic research or description to the outside world, the personal information contained in the results is de-identified;
11. Other circumstances stipulated by laws and regulations.

Please be aware that according to applicable laws, if we process personal information by taking technical measures and other necessary measures so that the data recipient cannot re-identify a specific individual and cannot restore it, or we may conduct de-identified research, statistical analysis, and prediction on the collected information to improve the content and layout of the platform, provide product or service support for business decisions, and improve our products and services (including using anonymous data for machine learning or model algorithm training), then the use of such processed data does not require separate notification and obtaining your consent.

If we cease operation of platform products or services, we will promptly stop continuing to collect your personal information, notify you of the cessation of operation individually or by announcement, and delete or anonymize the personal information we hold.

2. How We Share, Transfer, and Disclose Your Personal Information

(1) Sharing

We will not share your personal information with companies, organizations, or individuals other than the platform service provider, except in the following cases:

1. Sharing with explicit consent: After obtaining your explicit consent, we will share your personal information with other parties.
2. We may share your personal information as required by laws and regulations or mandatory requirements of government authorities.
3. Sharing with our affiliated companies: Your personal information may be shared with our affiliated companies. We will only share necessary personal information, which is bound by the purposes stated in this Privacy Policy. If an affiliated company wants to change the purpose of personal information processing, it will seek your authorization and consent again.

(2) Transfer

We will not transfer your personal information to any company, organization, or individual, except in the following cases:

1. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties;
2. In the event of merger, acquisition, bankruptcy liquidation, or other circumstances involving merger, acquisition, or bankruptcy liquidation, if personal information transfer is involved, we will require the new holder of your personal information to continue to be bound by this Policy. Otherwise, we will require that company, organization, or individual to seek your authorization and consent again.

(3) Public Disclosure

We will only publicly disclose your personal information in the following circumstances:

1. After obtaining your explicit consent or authorization;
2. If we determine that you have violated laws and regulations or seriously violated relevant platform agreement rules, or to protect the personal and property safety of platform and its affiliated company users or the public from infringement, we may disclose your personal information in accordance with laws and regulations or relevant platform agreement rules with your consent, including relevant violations and measures the platform has taken against you.

(4) Exceptions to Prior Authorization and Consent for Sharing, Transferring, or Publicly Disclosing Personal Information

In the following circumstances, sharing, transferring, or publicly disclosing your personal information does not require prior authorization and consent from you:

1. Related to national security and national defense security;
2. Related to public security, public health, and significant public interests;
3. Related to criminal investigation, prosecution, trial, and execution of judgments, etc.;
4. Where it is necessary to protect the life, property, and other significant legitimate rights and interests of you or other individuals but it is difficult to obtain the consent of the individual;
5. Personal information that you have disclosed to the public on your own initiative;
6. Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels.

According to legal provisions, if we process personal information by taking technical measures and other necessary measures so that the data recipient cannot re-identify a specific individual and cannot restore it, then the sharing, transfer, or public disclosure of such processed data does not require separate notification and obtaining your consent.

3. How We Protect Your Personal Information

(1) We have used security protection measures that meet industry standards to protect the personal information you provide, preventing data from unauthorized access, public disclosure, use, modification, damage, or loss. We will take all reasonably feasible measures to protect your personal information.

1. We will use encryption technology, anonymization processing, and related reasonably feasible means no less than industry peers to protect your personal information and use security protection mechanisms to prevent your personal information from being maliciously attacked.
2. We will establish a dedicated security department, security management system, and data security process to protect your personal information security. We adopt strict data usage and access systems to ensure that only authorized personnel can access your personal information.
3. Despite having taken the above reasonable and effective measures and complied with the standards required by relevant laws and regulations, please understand that due to technical limitations and possible various malicious means, in the Internet industry, even with best efforts to strengthen security measures, it is impossible to always guarantee 100% security of information. We will endeavor to ensure the security of the personal information you provide to us.
4. You acknowledge and understand that the systems and communication networks you use to access our services may have problems due to factors beyond our control. Therefore, we strongly recommend that you take active measures to protect the security of your personal information, including using complex passwords, changing passwords regularly, and not disclosing your account passwords and related personal information to others.
5. We will formulate emergency response plans and immediately activate the emergency plan when a user information security incident occurs, striving to stop the impact and consequences of these security incidents from expanding. Once a user information security incident (leakage, loss) occurs, we will, in accordance with legal requirements, promptly inform you of: the basic situation of the security incident and its possible impact, the measures we have taken or will take, suggestions for you to prevent and reduce risks independently, and remedial measures for you. We will promptly inform you of the relevant situation of the incident via push notifications, emails, letters, SMS, and related forms. When it is difficult to inform individually, we will adopt reasonable and effective ways to issue announcements. At the same time, we will also report the handling of user information security incidents as required by relevant regulatory authorities.

(2) Our Data Security Capabilities

1. Content Security: We adopt multi-layer security measures to protect user content with secure storage and protection capabilities;
2. Data Security: For user private data, we use international standard encryption methods for encrypted storage, further ensuring secure data storage.
3. Access Security: All requests are transmitted using HTTPS, and authorization access mechanisms are added to the business simultaneously.

(3) We will take all reasonably feasible measures to ensure that irrelevant personal information is not collected. We will only retain your personal information for the period necessary to achieve the purposes described in this Policy, unless the retention period needs to be extended or is permitted by law.

(4) The Internet environment is not 100% secure. We will endeavor to ensure or guarantee the security of the information you send to us. If our physical, technical, or management protection facilities are breached, leading to information being accessed, publicly disclosed, altered, or destroyed without authorization, resulting in damage to your legitimate rights and interests, we will bear corresponding legal responsibilities.

(5) If you find that your personal information, especially your account or password, has been leaked, please contact platform customer service immediately so that we can take corresponding measures based on your application.

4. Your Rights

In accordance with common practices of relevant laws, regulations, and standards, we guarantee that you can exercise the following rights regarding your personal information:

(1) Access Your Personal Information

You have the right to access your personal information, except as otherwise provided by laws and regulations. If you wish to exercise your right of access, you can access it yourself in the following ways:

1. Personal Profile - If you wish to access or edit information such as your nickname, age, region, etc., in your personal profile, you can perform such operations via the "Edit Profile" option on the "Me" page after logging into your account.
2. Moment Information - You can access or clear your moment posting history via the "Moments" section after logging into your account.
3. If you cannot access your personal information through the above paths, you can contact us via platform customer service at any time. We will review the issues involved as soon as possible, and after verifying your user identity by dedicated personnel, reply to your access request within 15 working days.

(2) Correct Your Personal Information

When you discover errors in the personal information we process about you, you have the right to request us to make corrections. You can submit a correction request in the manner listed in "(1) Access Your Personal Information" above.

If you cannot access your personal information through the above paths, you can contact us via platform customer service at any time. We will review the issues involved as soon as possible, and after verifying your user identity by dedicated personnel, reply to your access request within 15 working days.

(3) Delete Your Personal Information

You can delete part of your personal information in the manner listed in "(1) Access Your Personal Information" above. In the following circumstances, you can request us to delete personal information:

1. If our processing of personal information violates laws and regulations;
2. If we collect and use your personal information without obtaining your explicit consent;
3. If our processing of personal information seriously violates our agreement with you;
4. If you no longer use our products or services, or you proactively cancel your account;
5. If we no longer provide you with products or services.

If we decide to respond to your deletion request, we will also simultaneously notify the entities that obtained your personal information from us, requiring them to delete it in a timely manner, unless otherwise stipulated by laws and regulations or these entities have obtained your independent authorization.

When you delete your personal information from our products or services, according to legal requirements, we may not immediately delete the corresponding information in the backup system but will delete this information when the backup is updated.

(4) Change the Scope of Your Authorization and Consent

1. You can close location, camera, microphone, photo album permissions in your device's own operating system to change the scope of consent or withdraw your authorization. After withdrawing authorization, we will no longer collect information related to these permissions. You can also withdraw authorization by canceling your account.
2. Specific business functions and services require your information to be completed. When you withdraw consent or authorization, we cannot continue to provide you with the functions and services corresponding to the withdrawn consent or authorization and will no longer process your corresponding personal information. However, your decision to withdraw consent or authorization will not affect our previous personal information processing based on your authorization.

(5) Personal Information Subject Account Cancellation

You can cancel your account via [Me] - [Account Settings] - [Cancel Account]. Before you cancel your account, we will verify your personal identity, security status, and device information. For the process and content of cancellation, please refer to the prompts on the cancellation page. You acknowledge and understand that canceling your account is an irreversible action. After you cancel your account, we will delete your relevant information or anonymize it, unless otherwise stipulated by laws and regulations.

(6) Personal Information Subject Obtains a Copy of Personal Information

You have the right to obtain a copy of your personal information. If you need a copy of the personal information we have collected about you, you can contact us. Manual customer service will verify your personal information. After the personal information subject confirms, the personal information copy will be submitted to you via online customer service. Subject to relevant legal provisions and technical feasibility, we will provide you with a copy of your personal information according to your requirements.

(7) Restrict Automatic Decision-Making by Information Systems

In some business functions, we may make decisions solely based on non-human automatic decision-making mechanisms, including information systems and algorithms. If these decisions significantly affect your legitimate rights and interests, you have the right to request an explanation from us, and we will also provide appropriate remedies.

(8) Complaints and Reports

If you believe your personal information rights may have been infringed, or you discover clues of infringement of personal information rights, you can report by providing relevant materials by clicking on the other party's avatar or more options in the information flow or dialog box. We will review and handle your complaint and report within 15 working days. If you are not satisfied with the result, you can also file a complaint via platform customer service. For certain groundless repetitive requests, requests that pose risks to the legitimate rights and interests of others, or very unrealistic requests, we may reject them. In the following circumstances, according to legal requirements, we will be unable to respond to your request:

1. Related to the personal information controller's fulfillment of obligations stipulated by laws and regulations;
2. Directly related to national security and national defense security;
3. Directly related to public security, public health, and significant public interests;
4. Directly related to criminal investigation, prosecution, trial, and execution of judgments;
5. The personal information controller has sufficient evidence to show that the personal information subject has subjective malice or abuses rights;
6. Where it is necessary to protect the life, property, and other significant legitimate rights and interests of the personal information subject or other individuals but it is difficult to obtain the consent of the individual;
7. Responding to the request of the personal information subject will cause serious damage to the legitimate rights and interests of the personal information subject or other individuals or organizations;
8. Involving trade secrets.

5. How We Handle the Personal Information of Minors

Our products, website, and services are intended for users who have reached the minimum age requirement stipulated in the user's country/region. Any user who has not reached the minimum age requirement is not allowed to create their own user account or use our services. If we discover or verify that any user below the age requirement registers or uses our products, we will take measures such as canceling accounts and deleting information to prohibit or restrict their use.

6. How We Store Your Personal Information

(1) In accordance with the provisions of laws and regulations, we store your personal information collected during operations on reliable cloud servers. Currently, we will not transfer the above information overseas. If we need to transfer it overseas, we will follow relevant national regulations or seek your consent.

(2) We only retain your personal information for the period necessary to provide the "lovemurmur" and its services: We will retain relevant information during the period when you have not withdrawn, deleted, or canceled your account. After the necessary period expires, we will delete or anonymize your personal information, unless otherwise stipulated by laws and regulations.

(3) We use encrypted storage for personal sensitive information such as your email address to better protect your personal sensitive information.

7. Revision and Notification of the Privacy Protection Policy

In order to provide you with better service, the platform and related services will be updated and changed from time to time. We will revise this Privacy Policy accordingly. These revisions constitute part of this Privacy Protection Policy and have the same effect as this Privacy Policy. Without your explicit consent, we will not reduce the rights you should enjoy under the currently effective Privacy Policy.

After this Privacy Protection Policy is updated, we will release the updated version on the platform and remind you of the updated content in an appropriate manner so that you can timely understand the latest version of this Privacy Policy.

For major changes, we will also provide more prominent notice (including for certain services, we will send notifications via email explaining the specific changes to the Privacy Policy).

Major changes referred to in this Policy include but are not limited to:

1. Major changes in our service mode. Such as the purpose of processing personal information, the types of personal information processed, the use of personal information;
2. Major changes in our ownership structure, organizational structure, etc. Such as changes in ownership due to business adjustments, bankruptcy, mergers, etc.;
3. Changes in the main objects of personal information sharing, transfer, or public disclosure;
4. Major changes in your rights regarding personal information processing and how you exercise them;
5. Changes in the department responsible for personal information security, contact methods, and complaint channels;
6. When a personal information security impact assessment report indicates high risk.

8. How to Contact Us

If you have questions or suggestions regarding this Policy or related matters, we have established a dedicated personal information protection department. You can contact us through the following complaint channels:

We will properly accept and promptly respond to your appeal and reply within 15 working days after verifying your user identity.

If you are not satisfied with our reply, especially if you believe that our personal information processing actions have harmed your legitimate rights and interests, you can also seek a solution by filing a lawsuit with the competent court in the defendant's domicile.

9. Scope of Application

All services provided by lovemurmur use this Privacy Policy. However, please note that this Privacy Policy does not apply to services provided by other companies or individuals, and such services are subject to the privacy policies of those other companies or individuals.