Tiigo Privacy Policy
Last Revision Date: March 20, 2025

I. Introduction

At Tiigo, your privacy is of utmost importance to us. We have established a comprehensive and reliable system to safeguard your personal information, ensuring that you can enjoy our services with confidence, knowing they are secure and dependable.

II. Protection of Minors' Personal Information

(A) Principles of Minors' Protection
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. To enforce this policy and maintain platform security, we collect age-related information to prevent access by underage users. In the event that we inadvertently collect data from users under 18, we will promptly take measures to delete such information.

(B) Restrictions on Minors' Use
If you are under 18 years of age, please refrain from using our services. We strongly recommend that minors use the internet under the guidance of a parent or guardian.

(C) Responsibilities of Guardians
If you are a parent or guardian of a minor and discover that your child has provided us with personal information without your consent, please contact us immediately. We will take swift action to delete the relevant information and ensure that your child no longer uses our services.

(D) Data Deletion Requests
If you become aware that a minor's data has been collected, please contact us immediately via the following method:
Email: renjie4693@gmail.com
We will process and delete the relevant data within 15 business days of receiving the request.

III. Collection and Use of Personal Information

(A) Registration
To use Tiigo's services, you are required to register an account. Please note that protecting your account is your responsibility. Do not share your login credentials with others.

(B) Device Information

a. Device Identification and Unique Identifiers: We use this information to ensure the smooth and secure operation of our software and services.

b. Device-Related Information: We automatically collect information about your device, including the device ID, brand, model, operating system and its version, current device status, hardware specifications, and information from your internet service provider or mobile carrier (e.g., IP address). When you use our application, we also record the network type, platform, and your interactions with its features.

(C) Data Collection for Analysis
To enhance your experience and improve the quality of our services, we collect device logs and usage data. Each time you use our services, our servers record detailed activity information, including device configuration, IP address, access times, pages and files viewed, and features used. We also collect diagnostic data such as crash reports, hardware settings, and error logs. In certain cases, we may use your device ID and advertising ID for further analysis to evaluate marketing strategies, enhance service performance, and provide more personalized services and promotions. However, we will always obtain your explicit consent before doing so.

(D) Permissions
To provide a rich user experience and ensure the proper functioning of all service features, Tiigo may request the following permissions:

a. Photo Library Access: When you wish to upload photos from your device's photo library, we will request access to enable you to share pictures during chats or update your profile picture.

b. Camera Access: When you begin taking photos or initiate a video call, we will request permission to use your camera to support photo sharing and live video calls.

c. Audio and Video Access: When you choose to make a video call or record audio, we will need access to your audio and video features to ensure smooth communication.

d. Bluetooth Access: To provide a better audio experience when connecting to audio devices, we may request Bluetooth access for seamless pairing.

e. External Storage Access:

When you save or download content, we may request access to your device's external storage to manage files such as photos and videos. The specific permissions are as follows:

i. Read Permission
We request read access to external storage to access files on your device. For example, when you choose to upload photos or videos, we need to read the relevant files to complete the operation.

ii. Write Permission
We request write access to external storage to save or download content to your device. For example, when you download images or videos, we need to write the files to a specified location on your device.

f. Advertising ID: To optimize marketing activities, we may collect your device's advertising ID to analyze advertising effectiveness and refine promotional campaigns.
Please note that these permissions are only used with your explicit consent, and you can manage or modify them at any time in your device settings. We are committed to protecting your privacy, and your personal information will always remain confidential and will never be used for unauthorized purposes.

IV. Sharing, Transfer, and Disclosure of Personal Information

(A) Information Sharing

a. With Explicit Consent: Your personal information will only be shared with third parties if you explicitly consent.

b. To Fulfill Legal Obligations: In certain cases, due to laws, regulations, or government requests, we may need to share your information. However, we will only disclose the minimum amount of information necessary to meet the legal requirement.

c. With Authorized Partners: We collaborate with partners to provide certain services or complete specific tasks. In such cases, we will only share the data necessary for them to perform their duties, and our partners are strictly prohibited from using your information for other purposes.

(B) Collaboration with Third Parties
We work with third-party suppliers, service providers, and partners to support our service operations, including providing technical infrastructure, analyzing service performance, handling customer service, processing payments, conducting research, and evaluating advertising effectiveness. For example, we may share data related to app usage, user behavior, and marketing effectiveness with partners such as Appsflyer for marketing analysis and attribution. We may also use platforms like Facebook for statistical tracking to understand user behavior and collect payment information. We have strict data protection agreements with these third parties, requiring them to process your personal information in accordance with our instructions, privacy policy, and relevant confidentiality and security standards.

V. Protection of Personal Information

We employ a multifaceted approach to secure your personal information, adhering to industry best practices and regulatory requirements to ensure the confidentiality of your data. Our measures include anonymizing data whenever possible, using reliable security systems to defend against malicious attacks, and establishing a robust access control mechanism that follows the principle of least privilege. Only authorized personnel can access sensitive data, and our staff undergo regular training to enhance their knowledge of personal information security and best practices.

VI. Management of Personal Information

(A) Accessing Personal Information
In accordance with the law, you have the right to access your personal data. You can manage your information in the following ways:

a. Account Details: Log in to your account and navigate to [My - Settings] to view or update your account information.

b. Customer Support: If you are unable to access your data through the settings, please contact our customer support. We will respond to your inquiry within 15 days.

c. Other Personal Data: For other personal data generated while using our products or services, we will provide access in accordance with relevant agreements and procedures.

d. Requesting a Copy: If you require a copy of your personal data, you may contact our customer support team.

(B) Deleting Personal Information
You can delete specific personal data using the steps for accessing personal information. Additionally, you may request deletion in the following situations:

a. If our collection or processing of your data violates applicable laws or regulations.

b. If we process your personal data without obtaining your explicit consent.

c. If our handling of your data breaches our agreement with you.

d. If you no longer use our products or services and wish to delete your account.

e. If we permanently cease providing products or services to you.

VII.Data Retention

We highly value the privacy and security of user data and strictly comply with applicable privacy laws and regulations. Below is our detailed data retention policy, designed to provide users with transparent and compliant data processing practices:

1. Data Retention Period
We retain users' personal data only for as long as necessary to fulfill the purposes for which it was collected. The specific retention period depends on the nature of the data, processing purposes, and legal requirements. For example:

￮ Account Information: Retained during the existence of the user account and deleted or anonymized within 30 days after account closure.

￮ Transaction Records: May be retained for 7 years to fulfill tax and audit obligations.

￮ Customer Service Records: May be retained for 2 years to resolve user issues or disputes.

￮ Marketing Data: If users consent to receive marketing information, it will be deleted within 6 months after consent is withdrawn.

￮ Log Data: May be retained for 90 days to ensure system security and optimize services.

2. Data Deletion and Anonymization
Once data is no longer needed for its original purpose, we will promptly delete or anonymize it in accordance with our internal data retention policy. Anonymized data will no longer be considered personal data and may be used for statistical analysis or other legitimate purposes.

3. Legal and Compliance Requirements
In certain cases, we may need to retain data to comply with legal, regulatory, or contractual obligations. For example:

￮ To fulfill tax, audit, or financial reporting obligations.

￮ To handle legal disputes or cooperate with law enforcement investigations.

￮ To comply with specific industry or regional laws and regulations.

4. User Rights
Users have the right to request access, correction, or deletion of their personal data under applicable privacy laws. We will process such requests in accordance with user requests and relevant legal requirements. Users may exercise their rights by contacting us at [contact information], and we will process requests within 30 days.

5. Transparency in Data Retention
We are committed to clearly explaining the retention periods and reasons for data retention. Our privacy policy will be regularly updated to reflect the latest legal requirements and practical changes. If you have any questions about our data retention policy, please contact us at [contact information].

6. Data Security and Responsibility
We implement technical and administrative measures to ensure data security during retention. For example:

￮ Using encryption to protect data transmission and storage.

￮ Regularly reviewing our data retention policy to ensure compliance with the latest legal requirements.

￮ Providing privacy and data protection training to employees to ensure adherence to relevant policies.

VIII. Legal Basis for Data Processing and Your Rights

(A) Legal Basis for Data Processing
We process your personal data in accordance with applicable privacy laws. The legal grounds include:

a. Consent: In certain cases, we will seek your explicit consent to collect and use your personal data.

b. Contractual Obligations: When processing your data is necessary to fulfill a contract with you, we will rely on this basis.

c. Legitimate Interests: We may process your data when it is necessary for our legitimate interests, such as ensuring app security, maintaining functionality, and enhancing user experience.

d. Legal Compliance: In some cases, we process your data to comply with legal or regulatory obligations.

e. Public Interest: In certain situations, when it is required for matters of public interest, we will handle your data accordingly.

(B) Your Rights
Under applicable data protection laws, you have the following rights regarding your personal information:

a. Right to Deletion: In specific circumstances, you may request the deletion of your personal data.

b. Right to Restrict Processing: In certain cases, you may request that we limit the processing of your data.

c. Right of Access: You may request access to the personal data we hold about you at any time.

d. Right to Data Portability: You have the right to request that we provide your personal data in a transferable format to you or a third party.

e. Right to Correction: If your data is inaccurate or incomplete, you may request corrections or updates.

f. Right to Object: In particular cases, especially when data is processed based on legitimate interests, you may oppose the processing.

g. Right to File a Complaint: If you believe we have violated privacy laws in processing your data, you may file a complaint with your local data protection authority.

h. Right to Withdraw Consent: If we are processing your data based on your consent, you may withdraw your consent at any time. This will not affect the lawfulness of processing conducted prior to your withdrawal.

IX. Privacy Rights of California Residents (Under CCPA)

Under the California Consumer Privacy Act (CCPA), California residents are granted the following special rights:

1. Right to Know:
You have the right to request detailed information about the personal data we have collected, used, shared, or sold in the past 12 months. This includes:

￮ The categories of personal data collected.

￮ The specific pieces of personal data we have about you.

￮ The purposes for which the data was collected, used, shared, or sold.

￮ The categories of third parties with whom the data was shared or sold.
You may submit this request up to twice a year.

2. Right to Delete:
You have the right to request the deletion of your personal data that we have collected or maintain, subject to certain exceptions under the law. These exceptions may include situations where we need to retain the data to:

￮ Complete a transaction or provide a service you requested.

￮ Detect security incidents, protect against malicious or illegal activity, or prosecute those responsible.

￮ Comply with legal obligations or exercise legal rights.

3. Right to Know About Data Sharing:
You have the right to know whether your personal data has been shared with third parties, including the categories of data shared and the purposes for such sharing. Specifically, you may request:

￮ The categories of personal data shared.

￮ The categories of third parties with whom the data was shared (e.g., service providers, advertising partners, or analytics providers).

￮ The specific purposes for which the data was shared, such as for advertising, analytics, or operational support.

￮ Whether the data was shared for cross-context behavioral advertising (e.g., targeted ads based on your activity across different websites or apps).
We will provide this information in a clear and transparent manner, ensuring you understand how your data is being used and shared.

4. Right to Opt-Out of Sale:
You have the right to direct us not to sell your personal data to third parties. If you choose to opt out, we will cease selling your data unless you later provide explicit consent to resume such sales.

5. Right to Opt-Out of Targeted Advertising:
You have the right to opt out of the use of your personal data for targeted advertising. This means you can request that we do not use your data to deliver advertisements tailored to your interests or behavior across different websites, apps, or services.

6. Right to File a Complaint:
If you believe your data privacy rights have been violated, you have the right to file a complaint with the relevant data protection authority, such as the California Attorney General’s Office or other regulatory bodies.

7. Right to Non-Discrimination:
You have the right to exercise your privacy rights without facing discrimination. This means we will not deny you goods or services, charge you different prices, or provide a different level or quality of services solely because you exercised your rights under the CCPA.

Definition of "Sharing"
Under California law, "sharing" refers to providing personal data to a third party for cross-context behavioral advertising, regardless of whether monetary consideration is involved. This includes situations where data is shared to deliver targeted ads based on your activity across different websites, apps, or services.

If you are a California resident and wish to exercise any of these rights, please contact us at:

• Email: renjie4693@gmail.com

We will respond to your request within 45 days of receipt, as required by the CCPA. If necessary, we may extend the response period by an additional 45 days and will notify you in advance with an explanation.

X. LGPD Compliance Notice (Applicable to Brazil)

Tiigo highly values your privacy and is fully committed to protecting your personal data in compliance with the Brazilian General Data Protection Law (LGPD). If you are in Brazil, you have the following rights:

a. Right to Access: You may request information about the personal data we hold about you and how it is processed.

b. Right to Correction: If your data is inaccurate, incomplete, or outdated, you may request corrections.

c. Right to Erasure: Where legally permitted, you may request the deletion of your data from our systems.

d. Right to Information: You may inquire about the organizations with whom we share your data, the reasons for sharing, and the scope of such sharing.

e. Right to Revoke Consent: You may withdraw your consent for specific data processing activities at any time.

f. Right to Object: You may object to the processing of your personal information if it is based on legitimate interests.

g. Right to Data Transfer: You may request that we transfer your personal data to you or a third party of your choice.

h. Right to File a Complaint: If you believe your data protection rights have been violated, you may file a complaint with the National Data Protection Authority (ANPD).

XI. Your Rights Under the Virginia Consumer Data Protection Act (VCDPA)

In compliance with the Virginia Consumer Data Protection Act (VCDPA), we provide you with clear and accessible options to exercise your privacy rights, including the right to opt out of certain uses of your personal data. Below, we explain how you can exercise these rights:

(A) Right to Opt Out of Targeted Advertising
You have the right to opt out of the use of your personal data for targeted advertising. Targeted advertising refers to displaying ads to you based on your personal data collected across non-affiliated websites or applications.
How to Opt Out:

• Send an email to renjie4693@gmail.com with the subject line "Opt Out of Targeted Advertising" to submit your request.

(B) Right to Opt Out of the Sale of Personal Data
You have the right to opt out of the sale of your personal data to third parties. Under the VCDPA, "sale" is defined as the exchange of personal data for monetary or other valuable consideration.
How to Opt Out:

• Send an email to renjie4693@gmail.com with the subject line "Opt Out of Sale of Personal Data" to submit your request.

(C) Right to Opt Out of Profiling
You have the right to opt out of profiling that supports decisions producing legal or similarly significant consequences for you. Profiling refers to the automated processing of personal data to evaluate, analyze, or predict certain aspects of your behavior, health, or preferences.
How to Opt Out:

• Send an email to renjie4693@gmail.com with the subject line "Opt Out of Profiling" to submit your request.

(D) Processing Your Opt-Out Requests
Once we receive your opt-out request, we will process it within 15 business days and confirm the completion of your request. If we require additional information to verify your identity or process your request, we will contact you promptly.

(E) Additional Rights Under the VCDPA
In addition to the opt-out rights described above, the VCDPA grants you the following rights:

1. Right to Access

￮ You have the right to request access to the personal data we hold about you.

￮ You may request the following information:

▪ The categories of personal data we have collected.

▪ The purposes for which we have collected the personal data.

▪ The categories of third parties with whom we have shared the personal data (if any).

￮ How to Exercise: Send an email to renjie4693@gmail.com with the subject line "Exercise Right to Access."

2. Right to Correct

￮ You have the right to request the correction of any inaccurate or incomplete personal data we hold about you.

￮ How to Exercise: Send an email to renjie4693@gmail.com with the subject line "Exercise Right to Correct," and provide the specific information that needs to be corrected.

3. Right to Delete

￮ You have the right to request the deletion of your personal data, unless we are required by law or legitimate business purposes to retain it.

￮ How to Exercise: Send an email to renjie4693@gmail.com with the subject line "Exercise Right to Delete."

4. Right to Appeal

￮ If we deny your request, you have the right to appeal our decision.

￮ How to Exercise: Send an email to renjie4693@gmail.com with the subject line "Exercise Right to Appeal," and specify the request you are appealing.

￮ We will review your appeal and provide you with a written response within a reasonable time.

(F) Non-Discrimination
We will not discriminate against you for exercising your rights under the VCDPA. This means we will not deny you services, charge you different prices, or provide you with a different level or quality of services based on your exercise of these rights.

XII.GDPR User Rights Statement

We strictly comply with the General Data Protection Regulation (GDPR) and provide the following detailed rights to users in the European Union:

1. Right of Access
Users have the right to access their personal data held by us and obtain the following information:

￮ The purposes of the processing.

￮ The categories of personal data concerned.

￮ The recipients or categories of recipients to whom the data has been or will be disclosed.

￮ The retention period or the criteria used to determine that period.

￮ Other rights available to users (e.g., rectification, erasure, restriction of processing).

2. Right to Rectification
If users' personal data is inaccurate or incomplete, they have the right to request that we correct or complete it without undue delay. For example, users may request updates to their address or contact information.

3. Right to Erasure (Right to Be Forgotten)
Users have the right to request the deletion of their personal data, particularly in the following cases:

￮ The data is no longer necessary for the purposes for which it was collected.

￮ The user withdraws consent, and there is no other legal basis for processing.

￮ The user objects to the processing, and there are no overriding legitimate grounds for continuing it.

￮ The data has been unlawfully processed.
Please note that if we need to retain the data to comply with legal obligations (e.g., tax or audit requirements), we may not be able to delete it immediately.

4. Right to Restrict Processing
Users have the right to request the restriction of processing of their personal data, particularly in the following cases:

￮ The user contests the accuracy of the data, and we need time to verify it.

￮ The processing is unlawful, but the user does not want the data erased.

￮ We no longer need the data, but the user requires it for legal claims.
During the restriction period, we will only store the data and not process it further.

5. Right to Data Portability
Users have the right to receive their personal data in a structured, commonly used, and machine-readable format and transfer it to another service provider. This right applies to data provided directly by the user (e.g., account information, transaction records) and data processed based on user consent.

6. Right to Object
Users have the right to object to the processing of their personal data based on legitimate interests or public interest, including for direct marketing purposes. Unless we can demonstrate compelling legitimate grounds for continuing the processing, we will stop the relevant data processing.

7. Right to Withdraw Consent
If data processing is based on user consent, users have the right to withdraw their consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

8. Right to Lodge a Complaint
If users believe their data rights have been violated, they have the right to lodge a complaint with the data protection authority in their country. Users can find the relevant authority through this link: List of EU Data Protection Authorities.

Users may exercise these rights by contacting us at renjie4693@gmail.com, and we will process requests within 30 days. We are committed to providing transparent and compliant data processing practices for EU users and will continuously update our privacy policy to meet GDPR requirements.

XIII. Changes to This Privacy Policy

We may update our privacy policy from time to time to reflect changes in our practices or legal requirements. Any changes that could affect your rights will be clearly communicated. We will not reduce your rights without your explicit consent. For major updates, you will receive prominent notifications, such as in-app announcements or pop-up notices.

XIV. Data Protection Officer (DPO)

If you have any questions, requests, or concerns regarding the processing of your personal data, or if you would like more information about your privacy rights, please contact our Data Protection Officer (DPO), Ethan Walker, at renjie4693@gmail.com.

XV. Controller Information

Tiigo is the controller responsible for managing your personal information related to our services. If you have any inquiries regarding your personal data, please contact us via the following method:
Email: renjie4693@gmail.com
Address: 431 Guyrene StDove,Creek - 81324,United States (US)

XVI. Contact Us

You may contact us through the following methods, and we will respond within 15 days:
If you have any questions, comments, or suggestions regarding the content of this policy, please contact our official customer service within the Tiigo application or send an email to our service mailbox at renjie4693@gmail.com.