This policy is only applicable to the Tezeus APP products or services provided by Tezeus (Shenzhen) Technology Co., Ltd. (hereinafter referred to as "Tezeus" or "we")

This policy will help you understand the following:

• I. How do we collect and use your user information
• II. How do we use cookies and similar technologies
• III. How do we share, transfer, and publicly disclose your user information
• IV. How do we protect your user information
• V. Your rights
• VI. How do we handle children's personal information
• VII. How your user information is stored and transferred globally
• VIII. How is this policy updated
• IX. How to contact us

We are fully aware of the importance of user information to you, and we will do our utmost to ensure the security and reliability of your user information. We are committed to maintaining your trust in us and adhering to the following principles to protect your user information: principle of consistency of rights and responsibilities, principle of clear purpose, principle of opt-in consent, principle of data minimization, principle of ensuring security, principle of subject participation, principle of openness and transparency, etc. At the same time, we promise that we will adopt corresponding security protection measures to safeguard your user information in accordance with mature security standards in the industry.

Please read and understand this Privacy Policy carefully before using our products (or services).

1.1. Information we collect and use during your use of our products or services

We will only collect and use your user information for the business functions described in this policy. The purpose of collecting user information is to provide you with products or services. You have the right to choose whether to provide this information. However, in most cases, if you do not provide it, we may not be able to provide you with the corresponding services or respond to your questions:

When you use our services, you are allowing us to collect the information you voluntarily provide to us or that is necessary for us to provide services to you, including:

• Account Information: When you register for a Tezeus account, we will collect your email address, account password, avatar, and nickname. Your email address and account password are used to verify your login, while your avatar and nickname are used for display within the application.
• Personal basic information: When you log in to Tezeus, this application requires the collection of your personal basic information, including gender, date of birth, height, and weight. The purpose is to provide you with more accurate data monitoring. This information will be synchronized to the cloud backend supporting this application.
• Device and Application Information: When you access or use this application, we will obtain your mobile device information, application information, and the smart devices you have bound. Mobile device information includes phone system type, phone system version, phone model, AndroidID (used for application initialization), device identifiers (including MAC address, IMEI, SN). Smart device information includes: device MAC address, device model, Bluetooth name, firmware version, binding times, binding status, device binding time, firmware upgrade information, language. Application information includes: APP name, APP version. The purpose of collecting such information is to establish Bluetooth connections, manage smart device configurations, update the firmware version of smart devices, update APP versions, update smart devices, etc. This information is also used for analyzing APP issues and smart device issues.
• Storage permission: Obtain it to manage local cache.
• Camera permission: After obtaining it, it can be used for avatar replacement, binding to smart devices, etc.
• Album permissions: After obtaining, it can read local albums for avatar replacement and image sharing.
• Location permission: After obtaining, it is used for the device to locate its current position.
• Bluetooth permission: After obtaining, it is used for connecting the device product with the APP.
• Mobile phone information permission: After obtaining, it is used to upload log files.
• Read application list permission: After obtaining this permission, it can be used to share content to other applications (such as Facebook, X, etc.).
• Sports and Health Information: To manage, display, analyze, and statistically process your sports and health data, we will synchronize your sports data and physiological health data from your health center. Sports data includes location information, duration of exercise, step count, exercise heart rate, calories, as well as other sports data and application configuration data.

The aforementioned information you provided will be continuously authorized for our use during your service usage. Upon your cessation of using the push service, we will cease using and delete the aforementioned information.

We guarantee that we will de-identify or anonymize the collected user information in accordance with the law. Information that cannot be used alone or in combination with other information to identify the identity of a natural person does not constitute personal information in the legal sense. If we combine non-personal information with other information to identify your personal identity, or use it in conjunction with your personal information, we will treat and protect such information as your personal information during the period of combined use, in accordance with this Privacy Policy.

In order to better operate and improve our technology and services, or due to changes in business strategies, when the collection, use, and processing of user information required for the products or services we provide exceed the scope mentioned above, or when we intend to use the collected user information for other purposes not specified in this privacy policy, or when we intend to use information collected for specific purposes for other purposes, we will notify you within a reasonable period after obtaining the user information or before processing the user information, and obtain your authorization and consent.

1.2. Exceptions to obtaining authorization and consent

Please understand that, in accordance with laws, regulations, and relevant national standards, we do not need to obtain your authorization and consent to collect and use your user information in the following situations:

1. Directly related to national security and defense security;
2. Directly related to public safety, public health, and significant public interests;
3. Directly related to criminal investigation, prosecution, trial, and execution of judgments;
4. To safeguard your or another individual's vital legal rights and interests, such as life and property, but it is difficult to obtain their consent;
5. The user information collected from you is publicly disclosed by yourself;
6. Your user information collected from legally disclosed information, such as legitimate news reports, government information disclosure, and other channels;
7. Necessary for signing or fulfilling a contract according to your requirements;
8. Necessary for maintaining the safe and stable operation of software and related services, such as discovering and handling faults in software and related services;
9. The personal information controller is a news organization and it is necessary for conducting lawful news reporting;
10. It is necessary for academic research institutions to conduct statistical or academic research based on public interests, and when providing academic research or descriptive results to the public, they should de-identify the personal information contained in the results.
11. Other circumstances stipulated by laws and regulations.

Third-party SDK information

1. Third-party SDK name: Firebase
Provider name	Google
Collection types	Device MAC address, Device unique identifier IMEI, Location information;
Purpose of Use	Our product integrates with Firebase and requires the collection of your device's MAC address, unique device identifier IMEI, and location information to provide performance monitoring and anomaly analysis capabilities.
Privacy Statement / Guide	https://policies.google.com/privacy

2. Third-party SDK name: Google Maps SDK
Provider name	Google
Collection types	location information, device information (IP address, GNSS information, WIFI parameters, WIFI list, BSSID, SSID, WIFI status, sensor information, Bluetooth information, signal strength information, base station information), device identification information, current application information, device parameters, and system information
Purpose of Use	Our product integrates the Google Maps SDK, which requires the collection of your location information, device information (IP address, GNSS information, WIFI parameters, WIFI list, BSSID, SSID, WIFI status, sensor information, Bluetooth information, signal strength information, base station information), device identification information, current application information, device parameters, and system information to provide accurate geolocation functionality.
Privacy Statement	https://policies.google.com/privacy

3. Apple Healthkit
This app supports the synchronization of your Apple Healthkit data to Tezeus. With your consent, we will synchronize your Apple Healthkit data to Tezeus. The synchronized information may include activity steps, calories consumed, exercise minutes, sleep data, heart rate, heart rate variability, resting heart rate, blood oxygen concentration, wrist temperature, breathing rate, weight, BMI, body fat percentage, and other data. You can revoke your consent for the app to process your Apple Health information at any time.
Privacy Guide	Apple HealthKit Documentation

4. Google Health Connect
This app supports the synchronization of your Google Health Connect data to Tezeus. With your consent, we will synchronize your Google Health Connect data to Tezeus. The synchronized information may include activity steps, calories consumed, exercise minutes, sleep data, heart rate, heart rate variability, resting heart rate, blood oxygen concentration, wrist temperature, breathing rate, weight, BMI, body fat percentage, and other data. Reading Health Connect data is intended to display your health trends and exercise analysis. Data is synchronized to your own account and is used solely to provide services to you; it will not be sold or shared with third parties, and data transmission is encrypted. You can revoke your consent for the app to process your Google Health Connect information at any time. When you choose to consent, we will comply with the Health Connect Permissions Policy, including usage restrictions, when using information received from Health Connect. These requirements apply to raw data obtained from Health Connect, as well as aggregated, de-identified, or derived data obtained from such raw data: • Health Connect data may only be used to enable an allowed use case or to provide or improve a feature that is prominently displayed within the interface of the requesting app. • User data may only be transferred to third parties in the following circumstances: - To enable an allowed use case or to provide or improve a feature clearly visible in the interface of the requesting app (only with user consent); - Where necessary for security purposes (e.g., investigating abuse); - Where the conduct complies with applicable laws and/or regulations; or - As part of a merger, acquisition, or sale of developer assets, with prior explicit user consent. • Human access to user data is prohibited except in the following circumstances: - Explicit user consent has been obtained for reading specific data; - Where necessary for security purposes (e.g., investigating abuse); - Where the conduct complies with applicable laws; or - The data (including derived data) has been aggregated in compliance with applicable privacy laws and other legal requirements in the jurisdiction and is used for internal operations. Any other transfer, use, or sale of Health Connect data is prohibited, including: • Using Health Connect to develop or incorporate into applications, environments, or activities where it is reasonably foreseeable that failure could result in death, serious bodily injury, or environmental damage (e.g., nuclear facilities, air traffic control systems, life support systems, or weapons). • Accessing data via Health Connect using headless apps. The app must display a clearly identifiable icon in the app tray, device app settings, notification icons, etc. • Using Health Connect with apps that synchronize data between incompatible devices and platforms. • Connecting Health Connect with apps, services, or features directed primarily at children. Health Connect is not approved for services primarily directed at children. Others: We may disclose your personal information to comply with laws, regulations, legal processes, or mandatory government requirements. In the event of a reorganization, acquisition, or asset sale, we will continue to take measures to protect the confidentiality of personal information and will notify affected data subjects before transferring any personal information to a new entity. Our Information Security Measures: We will take reasonable technical and organizational measures to make every effort to ensure the security of your personal information. We use technologies such as encryption and authentication tools to protect your personal information. However, you should be aware that while we take reasonable measures to protect your information, no method of data transmission or storage is absolutely secure. In the event of a personal information security incident, we will inform you of the situation in a timely manner in accordance with legal and regulatory requirements and take necessary remedial measures. Deleting Your Personal Information: You can delete your personal information by canceling your account via the Tezeus app. Steps: After logging in, go to "My Page" → "Other Settings" → "Cancel Account". Upon confirmation, the account cancellation will take effect immediately. We will stop providing products or services to you and delete or anonymize your information upon your request. You can also contact us at: support@tezeus.cn
Privacy Statement	https://policies.google.com/privacy

2.1. Cookie

To ensure the normal operation of the website, we will store small data files called cookies on your computer or mobile device. Cookies usually contain an identifier, site name, as well as some numbers and characters. With the help of cookies, the website can store your access preference data. We will not use cookies for any purposes beyond those stated in this policy. You can manage or delete cookies according to your preferences. You can clear all cookies saved on your computer, and most web browsers have a function to block cookies. However, if you do so, you will need to personally change your user settings every time you visit our website.

2.2. Website beacons and pixel tags

In addition to cookies, we also use other similar technologies such as web beacons and pixel tags on our website. For example, the email we send you may contain a click-through URL that links to content on our website. If you click on the link, we will track this click to help us understand your product or service preferences and improve customer service. Web beacons are usually transparent images embedded in websites or emails. With the help of pixel tags in emails, we can know whether the email has been opened. If you do not want your activities to be tracked in this way, you can unsubscribe from our mailing list at any time.

3.1. Sharing

We will not share your user information with any other companies, organizations, or individuals, except in the following circumstances:

1. Sharing with explicit consent: Upon obtaining your explicit consent, we will share your user information with other parties.
2. We may share your user information externally in accordance with legal and regulatory provisions, or as per mandatory requirements imposed by government authorities.
3. Sharing with our affiliated companies: Your user information may be shared with our affiliated companies. We will only share necessary user information and be bound by the stated purposes in this privacy policy. If an affiliated company intends to change the purpose of processing user information, it will seek your authorization and consent again.
4. Based on our analysis, we may provide you with targeted push notifications or precise advertising marketing functions.
5. Information you disclose to the public on your own;
6. Information collected from legally disclosed sources, such as legitimate news reports and government information disclosure channels.

3.2. Transfer

We will not transfer your user information to any company, organization, or individual, except in the following circumstances:

1. Transfer with explicit consent: Upon obtaining your explicit consent, we will transfer your user information to other parties;
2. In cases involving mergers, acquisitions, or bankruptcy liquidation, if user information transfer is involved, we will require the new company or organization holding your user information to continue to be bound by this privacy policy. Otherwise, we will require the company or organization to seek your authorization and consent again.

3.3. Public disclosure

We will only publicly disclose your user information in the following circumstances:

1. After obtaining your explicit consent;
2. Disclosure based on law: We may publicly disclose your user information in the event of legal, legal procedural, litigation, or mandatory requirements imposed by government authorities.

3.4 Exceptions to obtaining prior authorization and consent when sharing, transferring, or publicly disclosing information

Please understand that, in accordance with laws, regulations, and relevant national standards, we do not need to obtain your authorization and consent to share, transfer, or publicly disclose your user information in the following situations:

1. Directly related to national security and defense security;
2. Directly related to public safety, public health, and significant public interests;
3. Directly related to criminal investigation, prosecution, trial, and execution of judgments;
4. For the purpose of safeguarding your or other individuals' vital legal rights and interests such as life and property, but it is difficult to obtain their consent;
5. Information that you have voluntarily disclosed to the public;
6. Collected from legally disclosed information, such as legitimate news reports, government information disclosure, and other channels.

1. We have implemented security measures that comply with industry standards to protect the user information you provide, preventing unauthorized access, public disclosure, use, modification, damage, or loss of data. We will take all reasonable and feasible measures to safeguard your user information. For instance, SSL encryption is employed to protect data exchanged between your browser and the "service"; we also provide secure browsing via https on our website; we utilize encryption technology to ensure data confidentiality; we employ trusted protection mechanisms to prevent malicious attacks on data; we deploy access control mechanisms to ensure that only authorized personnel can access user information; and we organize security and privacy protection training sessions to enhance employees' awareness of the importance of protecting user information.

2. We will utilize encryption technology to ensure the confidentiality of data transmission and storage. We will employ trusted protection mechanisms to prevent malicious attacks on both the data and the servers that store it.

3. We will deploy access control mechanisms to ensure that only authorized personnel can access personal information; and in accordance with business needs and personnel levels, we will control the number of authorized personnel and implement hierarchical permission management for them; all accesses to personal data will be logged and regularly audited by administrators.

4. We will rigorously select business partners and service providers, and incorporate the requirements for personal information protection into our business contracts or auditing, assessment, and other activities with them.

5. We will organize safety and privacy protection training courses, tests, and promotional activities to enhance employees' awareness of the importance of protecting personal information.

In summary, we will do our utmost to protect your personal information. However, no measure is infallible, and no product, service, website, data transmission, computer system, or network connection is absolutely secure.

If an unfortunate incident involving personal information security occurs, we will inform you in accordance with legal and regulatory requirements: the basic situation and possible impacts of the security incident, the measures we have taken or will take to address it, suggestions for you to independently prevent and reduce risks, and remedial measures for you. We will inform you of the relevant situation of the incident through email, text message, push notification, etc. When it is difficult to inform each individual data subject, we will take reasonable and effective measures to make an announcement. At the same time, we will also report the handling of personal information security incidents in accordance with the requirements of regulatory authorities.

5.1. Access to your user information

You have the right to access your user information, except for exceptions stipulated by laws and regulations. If you wish to exercise your data access rights, you can contact us at support@tezeus.cn.

5.2. Correct your user information

When you find errors in the user information we have processed about you, you have the right to request us to make corrections. You can submit a correction request through the methods listed in "(I) Accessing Your User Information". If you are unable to correct these user information through the above link, you can contact us at support@tezeus.cn.

5.3. Deleting your user information

In the following situations, you may submit a request to us to delete user information:

1. If our handling of user information violates laws and regulations;
2. If we collect and use your user information without your consent;
3. If our handling of user information violates our agreement with you;
4. If you no longer use our products or services, or if you have deactivated your account;
5. If we no longer provide you with products or services.

We will evaluate your deletion request and, if it meets the corresponding regulations, we will take the necessary steps to handle it. When you submit a deletion request to us, we may require you to verify your identity to ensure the security of your account. After you delete information from our services, due to applicable laws and security technology, we may not immediately delete the corresponding information from our backup systems. We will securely store your information until the backup can be cleared or anonymized.

5.4. Change the scope of your authorization and consent

Each business function requires some basic user information to be completed (see "Part I" of this policy). Regarding the collection and use of user information, you can grant or withdraw your authorization consent at any time. Once you withdraw your consent, we will no longer process the corresponding user information. Please also note that revoking your authorization consent may lead to certain consequences, such as our inability to continue providing you with the corresponding services or specific functions. However, your decision to withdraw consent will not affect the user information processing that has been carried out based on your previous authorization.

5.5. User information subject cancels account

You can log out of your previously registered account at any time. You can log out of your account through the Tezeus app. Operation steps: After logging in, go to "My Page" --> "Other Settings" --> "Logout Account". The cancellation of your account will take effect immediately after confirmation. We will cease providing you with products or services and, in accordance with your request, delete or anonymize your information, unless otherwise stipulated by laws and regulations. This may also result in you losing access to the data in your account, so please proceed with caution.

5.6. User information subject obtains user data

You have the right to obtain a copy of your user information, and you can authorize data synchronization to third-party platforms through the Tezeus APP. Under the premise of technical feasibility, such as data interface compatibility, we can also directly transmit your data to the third party you specify according to your requirements.

5.7. Constraining automatic decision-making in information systems

In certain business functions, we may make decisions solely based on non-manual automatic decision-making mechanisms, including information systems and algorithms. If these decisions significantly affect your legitimate rights and interests, you have the right to request an explanation from us, and we will also provide appropriate remedies.

5.8. Responding to your above request

To ensure security, you may need to provide a written request or otherwise prove your identity. We may first require you to verify your identity before processing your request. We will give a reply within fifteen days. For your reasonable requests, we do not charge fees in principle. However, for repeated requests that exceed reasonable limits, we may charge a certain cost depending on the situation. For those unfounded repeated requests that require excessive technical means (such as developing new systems or fundamentally changing current practices), pose risks to the legitimate rights and interests of others, or are highly impractical, we may refuse them. Please also understand that due to security considerations, requirements of relevant laws and regulations, or technical limitations, we may not be able to respond to some of your requests, such as in the following situations:

1. Related to the fulfillment of obligations stipulated by laws and regulations by the user information controller;
2. Directly related to national security and defense security;
3. Directly related to public safety, public health, and significant public interests;
4. Directly related to criminal investigation, prosecution, trial, and execution of judgments;
5. The controller of user information has sufficient evidence to indicate that the subject of user information has subjective malice or abuses rights;
6. Where it is necessary to safeguard the vital and legitimate rights and interests of the user information subject or other individuals, such as life and property, but it is difficult to obtain their consent;
7. Responding to the request of the user information subject will result in serious damage to the legitimate rights and interests of the user information subject or other individuals or organizations;
8. Involving trade secrets.

We attach great importance to the protection of children's personal information, and our products, websites, and services are mainly aimed at adults. Children should not create their own user accounts without the consent of their parents or guardians. Although local laws and customs define children differently, we consider anyone under the age of 14 as a child. For cases where we collect user information from children with the consent of parents or guardians, we will only store, use, or publicly disclose this information as permitted by law, with the explicit consent of parents or guardians, or as necessary to protect children. Otherwise, we will endeavor to delete the relevant data as soon as possible. Due to the limitations of existing technology and business models, it is difficult for us to proactively identify children's personal information. If you find that we have collected children's personal information without your knowledge or without obtaining verifiable consent from guardians in advance, you can contact us in a timely manner, and we will try our best to delete it in a timely manner. If we discover the aforementioned situation ourselves, we will also delete it in a timely manner, except for those required by law to be retained.

Currently, we have rented servers from various locations provided by Amazon Web Services. Usually, the data of local residents is only stored on servers within the local jurisdiction and will not be transmitted across borders. With your consent, we may transfer your data across borders in accordance with applicable laws. Prior to cross-border transfer, we will take necessary security measures to ensure the security of your personal information, such as encryption and de identification, or sign necessary data transfer agreements with the data recipient. We will comply with the regulations of relevant jurisdictions to ensure that your data is protected anywhere. Please note that your personal information may be transferred to overseas jurisdictions in the country/region where you use the product or service, or accessed from these jurisdictions.

Our privacy policy may change. Without your explicit consent, we will not reduce the rights you are entitled to under this privacy policy. We will post any changes made to this policy on this page. For significant changes, we will also provide more prominent notifications. The significant changes referred to in this policy include but are not limited to:

1. Our service model has undergone significant changes. Such as the purpose of processing user information, the type of user information being processed, and the way in which user information is used;
2. We have undergone significant changes in ownership structure, organizational structure, and other aspects. Changes in ownership caused by business adjustments, bankruptcy mergers and acquisitions, etc;
3. The main objects of user information sharing, transfer or public disclosure have changed;
4. There has been a significant change in your right to participate in user information processing and the way you exercise it;
5. When the responsible department, contact information, and complaint channels for handling user information security change;
6. When the user information security impact assessment report indicates the presence of high risks.

We will also archive the old version of this policy for your reference.

If you have any questions, comments, or suggestions regarding this privacy policy, please contact us through the following methods: support@tezeus.cn

---