Deepin OS Privacy Policy

Latest update date:December 8th, 2020

The Privacy Policy sets forth the personal information processed by UnionTech Software as well as its affiliates (including but not limited to Wuhan Deepin Technology Co., Ltd. (hereinafter referred to as “UnionTech Software” or “We”) as well as the way and purpose for processing the personal information. The Privacy Policy applies to the Deepin OS and the related applications (“the software”) that we provides to you, which will be listed and described one by one.

You can contact us through the following ways:

UnionTech Software Technology Co., Ltd.

[Address] Floor 18, Building 12, Yard 10, Kegu First Street, Beijing Economic and Technological Development Zone, Beijing City, PRC

[Email] support@uniontech.com

[Tel] 400-8588-488

We are deeply aware of the importance of your personal information to you and will try our utmost to maintain the reliability and security of your personal information. We are committed to maintaining your trust in us and will make unremitting efforts to protect your personal information strictly by the following principles: consistency of rights and responsibilities, clear purposes, choice of consent, minimum sufficiency, ensuring safety, subject participation, openness and transparency, etc. In the meantime, we promise to adopt corresponding security protection measures to protect your personal information according to the mature security standard in the industry.

We strive to present the Privacy Policy in a concise, clear and understandable manner. In order to facilitate your reading and understanding, we have defined the special terms about personal information protection. Please go to the “Appendix 1: Definition” in the Privacy Policy for the detailed information about these terms so that you can grasp the information we wish to convene to you accurately.

The Privacy Policy will help you to understand the following:

I.How we collect and use your personal information

II.How we use Cookies and similar technologies

III.How we share, transfer and disclose to the public your personal information

IV.How we protect your personal information

V.How we store your personal information

VI.Your rights

VII.How we process the minor’ s personal information

VIII.How we transfer your personal information globally

IX.How to update the Privacy Policy

X.Our personal information protection department/specialist

XI. Your rights to appeal and sue to the regulatory authority

Before using our products and services, please read and understand carefully the Privacy Policy, in particular the black and bold part, so that you can better understand our products and services and make an appropriate choice.

I.How We Collect and Use Your Personal Information

When you use the software products and services, your relevant personal information will be recorded and stored automatically in your local devices, including:

  • Network Identification Information

e.g. your IP address, MAC address, etc.;

  • Device Information

Including your device motherboard information, BIOS information, CPU information, memory information, hard disk information, partition information, network card information, etc.;

  • Operation System Information

Including the operation system software version, the latest update date of the system, system language, system sound effects, power supply, mouse, system theme, wallpaper, launcher, dock, configuration information for hot corners, daily login times and source for each download;

  • Application Software Information

For example, the version, installation location, start and exist time of your applications installed in the system.

1. Personal Information You Voluntarily Authorize Us to Collect

Only when you actively enable the corresponding business feature, can information of this kind be transmitted through the server to UnionTech Software for processing. Your refusal to enable such features or provide corresponding personal information to UnionTech Software will not affect your normal use of software Operation System services. Such business features include:

1.1 User Experience Program

If you enable the “User Experience Program”, we are authorized to read, record and store the information in your local devices. We will stop collecting such information after “User Experience Program” being disabled by you, including:

1.1.1. Device and System Information

The device information includes your device motherboard information, BIOS information, CPU information, memory information, hard disk information, partition information, network card information, etc. The system information includes the system software version, the latest update date of the system, system language, daily active users, source for each download and the operation system performance information during runtime.

1.1.2. Application Software Information

For example, the version, installation location, start and exist time of your applications installed in the system and the performance information during runtime.

1.1.3. Exception Information

The exception information of the operation system and/or the application during runtime.

1.2 Deepin ID Service

You can register your Deepin ID in [www.deepin.com] and log into the software system or the products provided by our partners. You can make synchronization of the software system configuration and application software of the software system between different devices after login. However, such synchronization will be expired after the Deepin ID service being disabled by you.

1.2.1. Deepin ID Registration

To realize the service feature and meet the relevant regulatory requirement in the P.R.C, personal mobile number is needed to complete the Deepin ID registration. Due to the regulatory requirements of the P.R.C, it will be unavailable for us to provide you with Deepin ID services if you refuse to provide your mobile number. If you are located outside the P.R.C, you need to provide your personal email address to complete the Deepin ID registration.

1.2.2. System Configuration Synchronization Service

You can log into the Deepin ID through the cloud synchronization module of the software system control center and authorize to enable the "cloud synchronization" service to synchronize the software system configuration between different devices under the same Deepin ID. For this synchronization purpose, the cloud synchronization service will read your device information and system information. Your refusal to provide the foregoing information will not affect the normal operation of other services in the software system.

1.2.3. Application Software Synchronization Service

You can log into the Deepin ID through the cloud synchronization module of the software system control center to synchronize the software application software between different devices under the same Deepin ID. For this synchronization purpose, the application software synchronization service will read your application software informationapplication software purchase information (including your real-name authentication information and bank account information necessary to complete the payment), history application review data and history reward data. Your refusal to provide the foregoing information will not affect the normal operation of other services in the software system.

1.2.4. Browser Service

When you browse and visit the website and platform we provide with the pre-installed browser of the software Operation System, we will collect through cookies and other similar technologies your device informationsystem information and browsing information (including your browser version information, favorites informationbrowsed website recordsbrowser settingsauto-populated data (we will save your user account and password filling record when permitted.) as well as your IP address. Please refer to [Part II] “How We Use Cookies and Similar Technologies” for details.

1.2.5. Application Store Service

We will collect your device information, system information and application information when you download, install and uninstall applications with the pre-installed application store of the software Operation System. You can comment on and/or rate the applications in the application store after login with your Deepin ID. The comments and/or rating information will be stored in association with your Deepin ID.

2.Collecting Your Personal Information Automatically When You Use software Products and Services

When you use some features of the software products and services, we will automatically collect the relevant information, which may include your personal information. Such features include:

2.1. Desktop AI Assistant/Voice Notepad

The desktop AI assistant service is integrated into the software system and co-provided by our partners and us. When you input texts via the desktop AI assistant or use the voice notepad feature, our partner will directly collect your voice content to conduct technical analysis and convert it to texts. As for the detailed description for the information shared to the partners, please refer to [Part III] “How We Share, Transfer and Disclose Your Personal Information” in Privacy Policy in detail.

2.2. System Upgrade

When you upgrade the Deepin OS products and services, we will collect your device ID, system mainline version, system version number and other information for us to clarify your system information, so as to help you update accurately. The collected information will be anonymized.

3. Conducting Internal Audit, Big Data Analysis and Research

3.1. We will conduct necessary internal audit with the personal information collected within UnionTech Software.

3.2. We will use the personal information collected for big data analysis. For example, the collected information will be used to analyze and form statistical products excluding personal information, display the overall picture of UnionTech Software services, analyze the behavior patterns of different groups, etc. We may disclose to the public or share with our affiliates and partners the processed statistical big data information without identification.

4. Safety and Security

We will use your personal information for purposes such as ensuring the security of your personal devices and accounts, the security of our operation as well as fulfilling our legal obligations (for example, saving the information that may involve illegal and criminal activities).

5.Other Usage

5.1. We will seek your explicit consent in advance when using the information collected for a specific purpose for other purposes.

5.2. However, in accordance with the relevant laws and regulations as well as the national standards, we may collect and use your personal information without seeking your authorization and consent under the following circumstances:

5.2.1. personal information directly related to national security, national defence security and other national interests; personal information directly related to public safety, public health, public information and other major public interests;

5.2.2. personal information directly related to crime investigation, prosecution, trial and judgement execution, etc.;

5.2.3. for the purpose of protecting your and other individual’s important legal rights and interests such as life, property, reputation, etc. but difficult to get the person’s consent;

5.2.4. personal information collected that is disclosed to the public by yourself;

5.2.5. personal information collected from legally and publicly disclosed information, such as legal news report, government information disclosure, etc.;

5.2.6. personal information needed to sign and fulfil a contract at your request;

5.2.7. personal information needed for maintaining the safe and stable operation of the products and services provided, for example, finding and handling the faults of products and services;

5.2.8. personal information needed for legal news reporting;

5.2.9. personal information which is needed for conducting statistical and academic research in public interests but de-identified in the academic research results or its description results offered to the outside world;

5.2.10. other circumstances under the provisions of laws and regulations.

II. How to Use Cookies and Similar Technologies

6. Cookie

6.1. We will store on your computer or mobile device a small text file called Cookie, which usually contains the identifier, website name, some numbers and characters. With the assistance of Cookies, we can store your preferences in our web servers and provide you more personalized user experience and services.

6.1.1. We will not use Cookies for other purposes except for those described in this Privacy Policy. You can choose to manage or delete Cookies according to your preference. Please refer to AboutCookies.org for details.

6.1.2. You can clear all the Cookies saved on your computer. Most web browsers have the Cookie blocking feature and you can learn and set it in your browser settings.

7. Do Not Track

Many web browsers have a Do Not Track feature that may send Do Not Track requests to websites. At present, major Internet standards organizations have not yet established policies to regulate how websites should respond to such requests. But if your browser has Do Not Track enabled, your choice will be respected in all of our sites.

III. How We Share, Transfer and Disclose to the Public Your Personal Information

1.Sharing

1.1. We will not share your personal information with any company, organization or individual other than UnionTech Software except for the flowing circumstances:

1.1.1. Sharing with explicit consent: We will share with others your personal information after obtaining your explicit consent.

1.1.2. We may share your personal information externally in accordance with the laws and regulations or the mandatory request of the government authorities.

1.1.3. Sharing with authorized partners: For the purpose of the Privacy Policy statement only, some of our services are jointly provided by our authorized partners. We may share with the partners some of your personal information in order to provide better custom services and user experiences. We will share your personal information necessary for providing services only for the legal, proper, necessary, specific and clear purposes. Our partners are not authorized to use the shared information for other purposes. For the company, organization or individual that we share information with, we will sign a strict confidentiality agreement demanding them to deal with the personal information according to our instructions, the Privacy Policy as well as other related confidentiality and security measures.

Please refer to the below for the detailed information of authorized partner sharing:

Cooperation Type: Voice service

Partner Name: IFLYTEK CO., LTD.

Cooperation Purpose: Speech content text conversion technology

Cooperation Mode: Transmitting the personal information by embedding third-party codes and plugins.

Shared Personal Information Field: Voice information content

Partner Data Security Capacity Description: National Information Security Level Protection Level 3 Certification

1.1.4. It should be specially noted that when related service providers provide services to you through third-party access such as page jumps to service provider pages, the corresponding service provider will directly reach the corresponding personal information authorization license with you and such information directly collected by the service provider is not within the scope of the information we share with them. In the case where the service is provided directly by a third party, we will clearly identify the third party information on the specific service page. To avoid ambiguity, you should be aware of and understand that the aforementioned links to websites, applications, products and services operated by independent third parties are provided only for the convenience of users to browse relevant pages. When you visit such third-party websites, applications, products and services, you should agree separately to the privacy policy and personal information protection clauses provided for you. We and such third-party websites, applications, products and services providers will assume independent personal information protection responsibilities respectively to you within the scope stipulated by law and agreed by both parties.

2.Transfer

We will not transfer your personal information to any company, organization or individual except for the following circumstances:

2.1. Having obtained your explicit authorization and consent in advance;

2.2. When it comes to merger, acquisition or bankruptcy liquidation, if it involves personal information transfer, we will require the new company and organization holding your personal information continue to be bound by the Privacy Policy. Otherwise we will demand the company and organization to seek your authorization and consent again.

3. Public Disclosure

We will disclose your personal information publicly only under the following circumstances and under the premise of adopting the security protection measures that conform to the industry standard:

3.1. Disclosing the specified personal information in the manner you explicitly consent according to your needs;

3.2. Where it is necessary to provide your personal information in accordance with the requirements of laws, regulations, mandatory administrative enforcement or judicial requirements, we may publicly disclose your personal information in accordance with the type of personal information and the manner of disclosure required. Subject to laws and regulations, when we receive the above request for information disclosure, we will require the corresponding legal documents, such as subpoenas or investigation letters. We firmly believe that the information we are required to provide should be as transparent as possible to the extent permitted by law. All requests are carefully reviewed to ensure that they have a legitimate basis and are limited to data obtained by law enforcement agencies for specific investigative purposes and with legal rights. To the extent permitted by laws and regulations, the files we disclose are protected by encryption keys.

IV. How We Protect Your Personal Information

1.Various security technologies and protective measures meeting the industry standard have been adopted in the website to prevent the personal information of users from unauthorized access, use or leakage. This website strictly complies with domestic and foreign security standards to build a security system and integrates cutting-edge and mainstream security technologies to prevent users' personal information from being accessed, used and leaked without authorization. The sound security protection system established makes it available to intercept the attack timely and actively when the website encounters external network attack and virus infection. Each application platform of this website uses the HTTPS encryption protocol for transmission during the network communication, which can effectively prevent the information from being stolen by third parties during the communication between the user and the platform. The user's privacy and sensitive data is stored in an encrypted manner and is backed up in real time in the website.

2.A sound data security management system has been established in this website, including grading and classification of user information, encrypted storage as well as division of data access rights. Internal data management system and operation procedure haven been formulated in which the strict process requirements for data acquisition, use and destruction prevent the user information from being illegally used. Here are the details: defining the security management responsibility for each department and responsible personnel accessing the personal information of users; formulating the workflow and security management process for personal information collection and use and related activities of users; implementing authority management for staff and agents, reviewing the information exported, copied and destroyed in batch and adopting anti-leakage measures; properly keeping the paper media, optical media and electromagnetic media and other carriers that record the personal information of users and adopting corresponding security storage measures; implementing access review for the information system that stores personal information of users and adopting anti-intrusion and anti-virus measures, etc.; recording the processing information for the personal information of users, such as operation staff, time, place and events; holding security and privacy training periodically to raise the staff’s awareness of information protection.

3.We will adopt all reasonable and feasible measures to ensure that irrelevant personal information is not collected. Unless permitted by law or the retention period needs to extend, we will only retain your personal information for the period needed to achieve the purposes in this Privacy Policy.

4.We will regularly update and disclose the relevant contents of reports such as security risks and personal information security impact assessments in accordance with the laws and regulations and the requirements of competent authorities.

5.The Internet environment is not 100% secure and we will try our utmost to ensure or guarantee the security of any information you send us. If our physical, technical, or management protection facilities are damaged, resulting in unauthorized access, public disclosure, tampering or destruction of information, resulting in damage to your legitimate rights and interests, we will assume corresponding legal responsibility.

6.In the unfortunate event of a personal information security incident, we will promptly inform you of the basic situation and possible impact of the security incident, the emergency response taken or to be taken, other relevant disposal measures, remedies for you, etc. in accordance with the laws and regulations, through the station letter/the contact information you reserve, etc. in a timely manner. If it is difficult to notify the individual information subjects one by one, we will take a reasonable and effective way to issue an announcement and will actively report the disposition of personal information security incidents to the relevant regulatory authorities.

7.If you have any questions about the protection of our personal information, you can contact us through the contact information in [Part X] of this Policy. If you find that your personal information has been leaked, please contact us immediately through the contact methods stipulated in this policy so that we can take appropriate measures in a timely manner.

V. How We Store Your Personal Information

We will adopt all reasonable and feasible measures to ensure that irrelevant personal information is not collected. We will store your personal information within the scope permitted by the laws and regulations and within the scope agreed by you. As for the information storage time exceeding the scope permitted by law, we delete or anonymize it.

If there is no other agreement, you commit that we can permanently store your personal information collected based on the “User Experience Program” to maintain and improve the stability and security of our services. Meanwhile, you agree that after disabling your Deepin ID account, we have the right to keep your purchase, comment and rating records in the Application Store generated during your use of Deepin ID till the expiration period of three years due to the transaction security requirements. The remaining personal information of the Deepin ID account will be deleted in time after you disable your account.

VI. Your Rights

We will try our utmost to adopt appropriate technical measures to ensure that you can access, update and correct your registration information or other personal information provided when using the website services.

1.Accessing Your Personal Information

Unless otherwise provided by the laws and regulations, you have the right to access your personal information. You can access your information yourself by:

1.1. Account Information/Basic User Information: If you want to access or edit basic personal information in your Deepin ID, such as mobile phone number, email address, gender, education information, career information or other personal information, you can log into the Deepin ID registration website and perform such operations in “[User Center]”.

1.2. Transaction Information: If you expect to access your history reward records, you can inquire your purchase records and other information related to application purchase in “Personal Center” in Application Store.

1.3. If you cannot access your personal information through the methods aforementioned, you can contact us at any time via the contact information described in [Part X] and we will respond to your access request within [15] days.

1.4. As for the personal information generated during your use of our products and services, we will provide it according to relevant arrangement in item (7) “Responding to Your Requests Aforementioned” of this part.

2.Correcting Inaccurate or incomplete Personal Information

2.1. You can correct or supplement some of your personal information yourself in your [Personal Center]. In particular, please pay attention to verifying the authenticity, timeliness, completeness and accuracy of the personal information submitted, otherwise we will not be able to contact you effectively and provide you with some services. If we have reasonable grounds to suspect that your information provided is incorrect, incomplete or untrue, we have the right to ask you or notify you to correct it or even suspend or terminate some of the services provided to you.

2.2. Some special information may not be corrected by yourself. You can contact us through the contact information published in [Part X] of this Policy. We will respond to your access request within [15] days. To ensure the security of your account, we may require you to verify your identity.

3.Revoking Consent or Processing Restrictions

3.1. You can change the scope of your personal information that you authorize us to collect and use by deleting information, turning off features of the device/tool or performing other feasible privacy settings (depending on the system version).

3.2. If you are unable to revoke your authorized consent through the methods aforementioned, you can contact us at any time via the contact information in [Part X] and explain which consent you expect to revoke to perform such operations. We will respond to your access request within [15] days.

3.3. When you revoke your consent, we will no longer process your corresponding personal information. However, your decision to revoke your consent will not affect the legality of the processing of personal information previously based on your authorization.

4.Deleting Personal Information

4.1. You can raise your request to delete your personal information from the website under the following circumstances:

4.1.1. Our processing of personal information is inconsistent with the laws and regulations or the agreement with you;

4.1.2. Our collection and use of your personal information without your explicit consent;

4.1.3. We terminate to provide or you terminate actively the product and service of this website.

4.2. If we decide to respond to your request for deletion, we will also notify the third parties (including affiliates of this website) who have obtained your personal information from us at the same time and ask these third parties to delete your personal information in a timely manner, unless otherwise provided by the laws and regulations or such third parties have obtained your independent authorization.

4.3. We may not delete the corresponding information from our backup system after you delete your personal information from the website but will delete it when the backup is updated.

4.4. If you are unable to delete such personal information through the above path, you can contact us at any time through the customer service of this website. To ensure the security of your account, we may require you to verify your identity.

5.Canceling Accounts

5.1. Deepin ID supports account cancellation. You can cancel it yourself by accessing [Account Information in Personal Center] or contact us to cancel your Deepin ID through the contact information published in [Part X] of this Policy. To ensure the security of your account, we may require you to verify your identity.

5.2. After canceling your account, we will terminate the services provided for you and delete your personal information at your request within the time limit stipulated by law unless otherwise provided by the laws and regulations or agreed between us.

6.Obtaining the Copy of Personal Information

6.1. You have the right to send a written request to obtain your copy of personal information through the contact information published in the Policy.

6.2. As long as the technology is feasible, such as data interface matching, we can also directly transfer a copy of your personal information to your designated third party according to your requirements and existing common technologies. If the transmission fails due to the third-party’s refusal to receive a copy of your personal information, you should coordinate with these third parties to resolve it by yourself and we will not be responsible for it.

7.Responding to Your Requests Aforementioned

7.1. To ensure the security of your account, you may need to offer a written request or otherwise verify your identity. We may demand you to verify your identity before processing your request.

7.2. We will respond within [15] days. If you are not satisfied, you can complain through the channels in [Part X] of this Policy.

7.3. For your reasonable request, we do not charge fees in principle, but for repeated requests that exceed a reasonable limit, we will charge a certain cost as appropriate. For those that are unreasonably repetitive, requiring excessive technical means (for example, needing to develop new systems or fundamentally changing existing practices), posing risks to the legitimate rights and interests of others or highly impractical (for example, involving information stored on backup tapes), we may reject them.

7.4. Subject to the laws and regulations, we will be unable to respond to your request under the following circumstances:

7.4.1. Directly related to national security and national defence security;

7.4.2. Directly related to public safety, public health and major public interests;

7.4.3. Directly related to crime investigation, prosecution, trial and judgment enforcement;

7.4.4. Having sufficient evidence to prove that you use your rights subjectively, maliciously and abusively;

7.4.5. Responding to your request will result in severe damage to your, other people or organization’s legitimate rights and interests;

7.4.6. Involving trade secrets;

7.4.7. Other circumstances stipulated by law.

VII. How to Process the Minor's Personal Information

1.Our products and services are only available to users over 14 years old. If you are under 14 years, you should provide your legal guardian's contact information (such as email address and phone number). We will contact your legal guardian through the contact information and take reasonable steps to obtain the express authorization and consent of your legal guardian; you should clearly understand that if we discover or suspect that you are under the age of 14, we can suspend or terminate the service to you at any time until you provide us with proof that you are over 14 years old, or assist us in obtaining express authorization and consent from your legal guardian.

2.For the collection of the minor's personal information with the consent of the legal guardian, including the legal guardian's insurance for minors, etc., we will only use or publicly disclose this when it is permitted by law, expressly agreed by the legal guardian or necessary for the protection of minors.

3.If we find that we have collected the personal information from a minor without the prior consent of a verifiable parent or other legal guardian, we will try to delete the data as soon as possible.

VIII. How We Transfer Your Personal Information Globally

1. We will store personal information collected in each country/region in accordance with the laws and regulations of each country/region.

2. We will store personal information collected in China in accordance with Chinese laws and regulations.

3. We reserve the right to transfer your personal information to other government jurisdictions. Your consent to this Privacy Policy and such data you submit or we collect represent your consent to any such transfer. In this case, we will transfer your personal information and provide adequate protection in accordance with the relevant laws and regulations and this Privacy Policy.

IX. How to Update the Privacy Policy

1. Our privacy policy may change. We will not reduce your rights under the Privacy Policy without your explicit consent. We will release an updated version of the Privacy P olicy.

2. For significant changes, we will also provide more prominent notices (including sending notifications via email for some services and explaining the specific changes to the Privacy Policy).

3. Significant changes in Privacy Policy include but not limited to:

3.1. Significant changes in our products and service modes, including the purpose of processing the personal information, the type of the personal information processed, the way in which the personal information is used, etc.;

3.2. Significant changes in ownership structure, organization structure, etc., such as changes caused by business adjustments, bankruptcy, merger and acquisition;

3.3. Changes in the main object of personal information sharing, transfer or disclosure;

3.4. Significant changes in your right to participate in the processing of personal information and how you exercise it;

3.5. Changes in our responsible department for processing personal information security, contact methods and complaint channels;

3.6. Existence of high risks indicated by an impact assessment report on personal data security.

X. Our Personal Information Protection Department/Specialist

1.We have appointed a personal information protection organization to be responsible for coordinating and monitoring UnionTech Software in compliance with and implementation of the laws and regulations and internal policies and systems related to the protection of personal information.

2.If you have any questions, comments or suggestions about this Privacy Policy, you can contact us through the following methods. In general, we will reply within 30 days or a longer period allowed by applicable laws and regulations.

Personal information protection department/specialist: [Legal Affairs Department]

Address: [Floor 18, Building 12, Yard 10, Kegu First Street, Beijing Economic and Technological Development Zone, Beijing City, PRC]

Tel: [010-62669253]

Email:【privacy@uniontech.com】

XI. Complaining and Suing to the Regulatory Department

If you are dissatisfied with our response, especially when you believe that our personal information processing actions have harmed your legitimate rights and interests and no agreement can be reached through negotiation, you have the right to lodge a complaint with the relevant personal information protection supervision authority or either party can bring a law suit to the People's Court located in [Daxing District, Beijing].

Appendix 1: definition

  • Personal Information

Personal information refers to all kinds of information recorded electronically or otherwise that can identify the identity of a specific natural person or reflect the activity of a specific natural person either alone or in combination with other information, including but not limited to the name, date of birth, identification number, personal biometric information, address, and telephone number of a natural person.

  • Personal Sensitive Information

Personal sensitive information refers to the personal information that, if leaked, illegally provided or abused, may endanger personal and property safety and easily lead to damage to personal reputation, physical and mental health, or discriminatory treatment. For example, personal sensitive information includes personal phone numbers, ID numbers, web browsing records, personal biometric information, bank account numbers, communication records and content, property information, credit information, whereabouts, accommodation information, precise positioning information, physiological health Information, transaction information, personal information of minors under 14 years old (including minors of 14 years old), etc.