Privacy Policy - CUNFAGE

寸发哥物联网产品隐私政策

发布日期：2026年1月21日

生效日期：2026年1月21日

最近更新日期：2026年1月21日

本隐私政策（以下简称“本政策”）由东莞市未来精密制造有限公司及其关联公司（以下统称“我们”“本公司”）制定，适用于寸发哥物联网产品（以下简称“寸发哥产品”或“本产品”），包括寸发哥品牌智能硬件设备、可接入寸发哥APP的第三方品牌智能硬件设备（如智能鱼缸、智能插座等，以下统称“物联网设备”）及寸发哥移动终端应用程序（以下简称“寸发哥APP”）。

我们深知个人信息对您的重要性，将遵循《中华人民共和国网络安全法》《中华人民共和国个人信息保护法》《互联网应用程序个人信息收集使用规定》等法律法规，以及欧盟《通用数据保护条例》（GDPR）相关要求，秉持“合法、正当、必要、诚信、权益影响最小”原则，依法保护您的个人信息安全与隐私权益。

您在下载、安装、注册、登录或使用寸发哥产品前，务必仔细阅读并充分理解本政策全部内容。您点击“同意”、开启相关功能或实际使用本产品，即视为您已充分理解并同意我们按照本政策处理您的个人信息。如您不同意本政策，请勿使用本产品。

一、定义与适用范围

（一）核心定义

1. 个人信息：指以电子或其他方式记录的与已识别或可识别的自然人有关的各种信息，不包括匿名化处理后的信息。

2. 敏感个人信息：指一旦泄露或者非法使用，容易导致自然人的人格尊严受到侵害或者人身、财产安全受到危害的个人信息，包括您的手机号码、精准位置信息等。

3. 匿名化处理：指通过对个人信息的技术处理，使得处理后的信息无法识别特定自然人，且不能复原的过程，处理后的数据不再属于个人信息。

4. 权益影响最小化：指收集使用个人信息时，不仅限于实现功能所需的最小范围，更需采取对您权益侵扰最低的方式，避免造成不必要的风险或心理负担。

（二）适用范围

本政策仅适用于我们提供的寸发哥产品及相关服务。本产品中包含的第三方产品、服务（如Amazon Alexa、Google Assistant语音服务）或第三方网站链接，其隐私政策由第三方独立制定，我们不对第三方的信息处理行为承担责任，您使用第三方服务时需自行查阅其隐私政策。

二、我们如何收集和使用您的个人信息

我们仅为实现本政策载明的目的，在必要范围内收集和使用您的个人信息；超出目的范围使用的，将另行征求您的单独同意。我们禁止通过误导、欺诈、胁迫等方式收集您的个人信息，不设置“默认勾选”授权、不通过隐蔽方式静默收集信息。

（一）核心功能必需的个人信息

核心功能是本产品正常运行的基础，缺少相关信息将无法提供核心服务，我们仅收集实现该功能必需的信息，采取权益影响最小的方式处理。

1. 账户注册与登录

- 收集信息：手机号码、电子邮箱（二选一）、您设置的用户名及非明文密码。

- 收集目的：完成身份验证、账户注册及安全保障，确保您的账户归属清晰。

- 使用方式：您可在寸发哥APP【我的→点击头像】中上传、修改头像、昵称等信息；您主动退出并关闭APP后，我们将停止使用上述信息，如需留存将进行匿名化处理（法律法规另有规定的除外）。

2. 物联网设备绑定与网络配置

- 收集信息：物联网设备出厂MAC地址、SN码（用于验证设备合法性）；您的手机型号、品牌、系统版本、语言、时区（用于故障排查及时间显示）；粗略位置信息（仅用于扫描周边Wi-Fi列表），您手动输入的Wi-Fi名称。

- 收集目的：实现设备与APP的绑定，完成网络配置以保障设备正常联网。

- 使用限制：Wi-Fi密码仅加密存储于物联网设备本地，不上传至我们的服务器；位置信息仅在网络配置场景下临时获取，配置完成后立即停止使用，不留存历史位置轨迹。

3. 设备控制与自动化任务

- 收集信息：您通过APP发出的设备操作指令信息；物联网设备上报的运行事件信息（取决于您的设备授权设置）。

- 收集目的：响应您的控制需求，实现设备功能调用；支持您创建个性化自动化任务（如设备联动触发）。

- 使用方式：您可在设备授权页面自主选择是否允许设备上报事件信息，未授权则无法创建自动化任务，但不影响基础控制功能。

（二）附加功能可选的个人信息

附加功能为非核心服务，您可自主选择启用或停用，停用后不影响核心功能的正常使用，我们对未启用功能不收集任何信息。

1. 设备分享功能：您主动选择分享设备时，需手动输入接收方手机号码，该号码将加密传输至服务器，仅用于实现设备分享权限的开通，分享完成后加密留存必要记录（便于您撤销分享）。

2. 云端推送通知功能：您可在APP【我的→设置→通知设置】中开启/关闭推送服务、调整通知频率。开启后，我们将向您推送设备状态变更、固件更新、服务提醒等信息，不推送无关营销内容。

3. 网络测试功能：您主动发起网络测试时，我们将收集网络类型、服务提供商、IP地址、手机型号信息，仅用于排查网络连接异常、优化设备联网稳定性，测试数据在问题解决后自动匿名化处理。

4. 营销信息推送：我们可能通过短信、邮件向您发送产品更新、优惠活动等营销信息，您可通过邮件底部“取消订阅”链接、APP通知设置或联系客服，退订所有营销类信息，退订后不再发送。

（三）安全运营与产品优化所需信息

为保障账户及设备安全、优化产品体验，我们将收集以下非个人信息或匿名化信息，不关联您的身份标识：

- 设备系统ID、屏幕分辨率、APP版本号、包名、使用时间及频率、故障日志（用于故障排查、漏洞修复及功能优化）；

- 汇总的、无法识别个人身份的产品使用数据（用于分析使用趋势，优化产品设计）。

三、我们如何存储您的个人信息

（一）存储地域

- 您在东南亚、东亚地区使用本产品时，个人信息存储于中国境内合规服务器；

- 您在美洲地区使用本产品时，个人信息存储于美国境内合规服务器；

- 如需将中国境内存储的个人信息跨境传输，我们将提前完成个人信息出境安全评估或签订跨境数据传输标准合同，确保符合中国法律法规要求。

（二）存储期限

我们对个人信息的存储期限为实现收集目的所需的最短时间，具体如下：

- 账户信息：在您的账户存续期间留存，账户注销后15个工作日内删除或匿名化处理；

- 设备操作指令、网络配置信息：仅留存至功能实现完毕，最长不超过90天，逾期自动匿名化；

- 故障日志、测试数据：问题解决后30天内匿名化处理，无关联身份信息；

- 法律法规要求强制留存的信息（如用于公益、科学研究等），我们将在合规范围内留存，且不再用于其他目的。

四、我们如何共享、转让您的个人信息

我们不会向任何第三方出售您的个人信息，仅在以下情形下，按法律法规要求或经您同意后共享个人信息：

（一）与第三方服务提供商共享

为提供技术支持、客户服务、服务器运维等必要服务，我们会向合作的第三方服务商共享必要的个人信息或匿名化信息（如向APP开发服务商提供匿名的安装量数据）。我们将与第三方签订严格的数据处理协议，明确其处理范围、安全义务及责任，要求其仅按我们的指示和本政策处理信息，并定期核查合规性。如您不希望共享，可发送邮件至cunfage@163.com提出申请。

（二）与关联公司共享

当关联公司为您提供寸发哥产品相关服务时，我们会共享必要的个人信息，且关联公司需严格遵守本政策。若关联公司变更个人信息使用目的，我们将另行征求您的单独同意。

（三）依法依规共享/披露

在以下情形下，我们可在未获得您同意时，依法共享或披露个人信息：

- 遵守法律法规、行政机关或司法机关的合法要求（如响应法院传票、监管调查）；

- 为保护您或他人的人身、财产安全，或调查欺诈、滥用账户等违法行为，维护我们的合法权益；

- 基于公共利益开展统计或学术研究，且研究成果不识别特定自然人。

（四）跨境共享特别说明

若向境外（含关联公司、第三方服务商）共享您的个人信息，我们将采取以下合规措施：

- 针对欧盟EEA区域用户，采用欧盟标准合同或GDPR要求的其他跨境数据传输保护措施；

- 您可随时联系我们，了解跨境传输的具体安全措施及相关证明文件。

五、我们如何保护您的个人信息

我们采用技术+管理双重安全措施，保障您的个人信息安全，防止信息被未经授权访问、披露、使用、篡改或损坏：

1. 技术防护措施：敏感个人信息采用加密传输（自定义加密+HTTPS双重加密）和加密存储；使用WebView技术时，对文件协议进行URL验证，限制访问敏感数据；服务器部署访问控制机制，定期进行安全漏洞扫描、系统更新及渗透测试。

2. 管理防护措施：仅授权最少数量的工作人员访问个人信息，工作人员需签署保密协议，定期接受数据安全培训；建立访问日志审计制度，定期核查访问记录；制定数据泄露应急预案，若发生安全事件，将立即启动预案，阻止风险扩大，并按法律法规要求向监管机构报告，必要时通知受影响用户。

温馨提示：您需妥善保管账户密码、手机验证码等信息，不要向他人泄露。因您自身保管不善导致信息泄露的，我们不承担责任；如发现账户异常，請立即联系我们处理。

六、您管理个人信息的权利

您可按照以下方式行使个人信息控制权，我们将在收到请求后15个工作日内响应并处理（法律法规另有规定的除外）：

1. 访问与更正：通过APP【我的→点击头像】自主访问、修改个人信息；无法自助修改的，可联系客服提交更正请求。

2. 删除请求：发送邮件至cunfage@163.com，提交身份证明及删除理由，我们核实身份后，将删除您的相关个人信息（备份系统中的数据将在下次备份更新时删除）。

3. 撤回同意：在手机系统【设置→隐私→隐私管理】中撤回APP权限授权；在APP内关闭相关附加功能、解除设备绑定；发送邮件至cunfage@163.com撤回信息收集、使用同意。撤回同意后，我们将停止处理相关信息，但不影响此前基于您的同意已完成的合法处理行为。

4. 注销账户：通过APP【我的→建议与反馈/联系客服】或发送邮件至cunfage@163.com申请注销账户。账户注销后，相关信息将被删除或匿名化处理，您将无法再登录使用寸发哥产品，法律法规要求留存的信息除外。

（欧盟EEA区域用户额外权利）

若您是欧盟EEA区域用户，依据GDPR，您还享有以下权利：

- 要求我们限制对您个人信息的处理；

- 拒绝仅基于自动化决策对您产生重大影响的处理行为；

- 要求以结构化、机器可读格式获取您的个人信息，并传输给其他数据控制者（数据可携带权）。

七、未成年人个人信息保护

1. 本产品不适用于14周岁以下儿童；18周岁以下未成年人使用本产品，需经其监护人同意或授权，监护人应仔细阅读本政策并指导未成年人使用。

2. 我们不会主动收集未成年人的敏感个人信息；如确需收集（如账户注册），将另行获得监护人的单独同意。

3. 若监护人发现未成年人未经同意提交个人信息，可联系我们查阅、删除相关信息，我们将积极配合维护未成年人合法权益。

八、本政策的变更与修订

1. 我们可能根据法律法规更新、产品功能调整，修订本政策。修订后将通过本政策载明的发布/更新日期标注，同时保留历史版本供您查阅。

2. 若发生重大变更（包括但不限于信息收集目的、共享范围、用户核心权利、安全措施调整等），我们将通过APP弹窗、邮件等显著方式通知您，您确认同意后，修订后的政策方可生效；非重大变更，将在APP内公示，公示后自动生效。

3. 未经您同意，任何修订均不会限制您依据原政策享有的权利。

九、如何联系我们

如您对本政策有疑问、异议、投诉或建议，可通过以下方式联系我们：

- 联系邮箱：cunfage@163.com

- 客服入口：寸发哥APP【我的→联系客服】

我们将在收到您的反馈后15个工作日内予以回复，努力解决您的问题。

Privacy Policy for CUNFAGE IoT Products

Issued on: January 21, 2026

Effective on: January 21, 2026

Last Updated on: January 21, 2026

This Privacy Policy (hereinafter referred to as "this Policy") is formulated by Dongguan Future Precision Manufacturing Co., Ltd. and its affiliates (hereinafter collectively referred to as "we", "us" or "our Company"), and applies to CunFaGe IoT Products (hereinafter referred to as "CunFaGe Products" or "this Product"), including CunFaGe-branded smart hardware devices, third-party branded smart hardware devices connectable to the CunFaGe APP (such as smart fish tanks, smart sockets, etc., hereinafter collectively referred to as "IoT Devices") and the CunFaGe mobile application (hereinafter referred to as the "CunFaGe APP").

We fully understand the importance of your personal information. We will comply with the Cybersecurity Law of the People's Republic of China, the Personal Information Protection Law of the People's Republic of China, the Provisions on the Collection and Use of Personal Information by Internet Applications, and other laws and regulations, as well as the relevant requirements of the EU General Data Protection Regulation (GDPR). We adhere to the principles of lawfulness, legitimacy, necessity, good faith, and minimal impact on rights and interests to legally protect the security of your personal information and privacy rights.

Before downloading, installing, registering, logging in to or using CunFaGe Products, you must carefully read and fully understand all contents of this Policy. Your clicking "Agree", enabling relevant functions or actually using this Product shall be deemed that you have fully understood and agreed that we process your personal information in accordance with this Policy. If you do not agree with this Policy, please do not use this Product.

1. Definitions and Scope of Application

1.1 Core Definitions

Personal Information: refers to all kinds of information related to an identified or identifiable natural person recorded electronically or by other means, excluding anonymized information.

Sensitive Personal Information: refers to personal information that, once leaked or illegally used, is likely to infringe upon the dignity of a natural person or endanger the personal and property safety of a natural person, including your mobile phone number, precise location information, etc.

Anonymization: refers to the process of technically processing personal information so that the processed information cannot identify a specific natural person and cannot be restored. The processed data no longer constitutes personal information.

Minimal Impact on Rights and Interests: refers to that when collecting and using personal information, we not only limit it to the minimum scope required to realize functions, but also adopt methods that cause the least infringement on your rights and interests to avoid unnecessary risks or psychological burdens.

1.2 Scope of Application

This Policy only applies to the CunFaGe Products and related services provided by us. Third-party products, services (such as Amazon Alexa, Google Assistant voice services) or third-party website links contained in this Product are governed by the independent privacy policies of the third parties. We are not responsible for the information processing behaviors of the third parties, and you need to consult their privacy policies when using third-party services.

2. How We Collect and Use Your Personal Information

We only collect and use your personal information within the necessary scope for the purposes specified in this Policy; if used beyond the scope of purposes, we will separately seek your consent. We prohibit collecting your personal information by means of misleading, fraud, coercion, etc., and do not set "default check" authorization or collect information silently through concealed methods.

2.1 Personal Information Necessary for Core Functions

Core functions are the basis for the normal operation of this Product. Without relevant information, core services cannot be provided. We only collect information necessary to realize such functions and process it in a way with minimal impact on rights and interests.

Account Registration and Login

Collected Information: Mobile phone number, email address (either one), username you set and non-plaintext password.

Purpose of Collection: Complete identity verification, account registration and security protection to ensure clear ownership of your account.

Method of Use: You can upload and modify your avatar, nickname and other information in the CunFaGe APP [My → Click Avatar]; after you actively log out and close the APP, we will stop using the above information, and anonymize it if it needs to be retained (unless otherwise stipulated by laws and regulations).

IoT Device Binding and Network Configuration

Collected Information: Factory MAC address and SN code of IoT Devices (for verifying device legitimacy); your mobile phone model, brand, system version, language, time zone (for troubleshooting and time display); rough location information (only for scanning surrounding Wi-Fi lists), and Wi-Fi name you manually enter.

Purpose of Collection: Realize the binding between devices and the APP, and complete network configuration to ensure the normal networking of devices.

Restrictions on Use: Wi-Fi password is only encrypted and stored locally on IoT Devices and will not be uploaded to our servers; location information is only temporarily obtained in the network configuration scenario, and will stop being used immediately after configuration is completed, without retaining historical location tracks.

Device Control and Automated Tasks

Collected Information: Device operation instruction information you send through the APP; operation event information reported by IoT Devices (depending on your device authorization settings).

Purpose of Collection: Respond to your control needs and realize device function invocation; support you to create personalized automated tasks (such as device linkage triggering).

Method of Use: You can independently choose whether to allow devices to report event information on the device authorization page. If not authorized, you cannot create automated tasks, but it will not affect basic control functions.

2.2 Optional Personal Information for Additional Functions

Additional functions are non-core services. You can independently choose to enable or disable them. Disabling them will not affect the normal use of core functions, and we will not collect any information for unenabled functions.

Device Sharing Function: When you actively choose to share a device, you need to manually enter the recipient's mobile phone number. The number will be encrypted and transmitted to the server, only for opening device sharing permissions. After sharing is completed, necessary records will be encrypted and retained (for you to revoke sharing).

Cloud Push Notification Function: You can enable/disable push services and adjust notification frequency in the APP [My → Settings → Notification Settings]. After enabling, we will push you information such as device status changes, firmware updates and service reminders, and will not push irrelevant marketing content.

Network Test Function: When you actively initiate a network test, we will collect network type, service provider, IP address and mobile phone model information, only for troubleshooting network connection abnormalities and optimizing device networking stability. Test data will be automatically anonymized after the problem is solved.

Marketing Information Push: We may send you marketing information such as product updates and preferential activities via SMS or email. You can unsubscribe from all marketing information through the "Unsubscribe" link at the bottom of the email, APP notification settings or contacting customer service. After unsubscribing, no more will be sent.

2.3 Information Required for Safe Operation and Product Optimization

To ensure account and device security and optimize product experience, we will collect the following non-personal information or anonymized information that is not associated with your identity:

Device system ID, screen resolution, APP version number, package name, usage time and frequency, fault logs (for troubleshooting, vulnerability repair and function optimization);

Aggregated product usage data that cannot identify personal identity (for analyzing usage trends and optimizing product design).

3. How We Store Your Personal Information

3.1 Storage Region

When you use this Product in Southeast Asia and East Asia, your personal information is stored on compliant servers in China;

When you use this Product in the Americas, your personal information is stored on compliant servers in the United States;

If it is necessary to cross-border transmit personal information stored in China, we will complete the personal information outbound security assessment or sign a cross-border data transmission standard contract in advance to ensure compliance with Chinese laws and regulations.

3.2 Storage Period

We store personal information for the shortest time necessary to achieve the purpose of collection, as follows:

Account Information: Retained during the existence of your account, and deleted or anonymized within 15 working days after account cancellation;

Device Operation Instructions and Network Configuration Information: Only retained until the function is completed, with a maximum of 90 days, and automatically anonymized after expiration;

Fault Logs and Test Data: Anonymized within 30 days after the problem is solved, without associated identity information;

Information required to be retained compulsorily by laws and regulations (such as for public welfare, scientific research, etc.) will be retained within the scope of compliance and will no longer be used for other purposes.

4. How We Share and Transfer Your Personal Information

We will not sell your personal information to any third party. We will only share personal information in the following circumstances in accordance with legal requirements or with your consent:

4.1 Sharing with Third-Party Service Providers

To provide necessary services such as technical support, customer service and server operation and maintenance, we will share necessary personal information or anonymized information with cooperative third-party service providers (such as providing anonymous installation volume data to APP development service providers). We will sign strict data processing agreements with third parties to clarify their processing scope, security obligations and responsibilities, require them to process information only in accordance with our instructions and this Policy, and regularly verify compliance. If you do not wish to share, you can send an email to cunfage@163.com to make an application.

4.2 Sharing with Affiliates

When affiliates provide you with services related to CunFaGe Products, we will share necessary personal information, and affiliates shall strictly abide by this Policy. If affiliates change the purpose of using personal information, we will separately seek your consent.

4.3 Sharing/Disclosure in Accordance with Laws and Regulations

We may share or disclose personal information without obtaining your consent in the following circumstances:

Complying with legal requirements of laws and regulations, administrative or judicial organs (such as responding to court summons and regulatory investigations);

Protecting the personal and property safety of you or others, or investigating illegal acts such as fraud and account abuse to safeguard our legitimate rights and interests;

Conducting statistics or academic research based on public interests, and the research results do not identify specific natural persons.

4.4 Special Instructions on Cross-Border Sharing

If we share your personal information with overseas parties (including affiliates and third-party service providers), we will take the following compliance measures:

For users in the EU EEA region, adopt EU standard contracts or other cross-border data transmission protection measures required by GDPR;

You can contact us at any time to learn about the specific security measures and relevant supporting documents for cross-border transmission.

5. How We Protect Your Personal Information

We adopt dual technical and management security measures to ensure the security of your personal information and prevent unauthorized access, disclosure, use, tampering or damage to information:

Technical Protection Measures: Sensitive personal information is transmitted and stored with encryption (dual encryption of custom encryption + HTTPS); when using WebView technology, conduct URL verification on file protocols to restrict access to sensitive data; deploy access control mechanisms on servers, and regularly conduct security vulnerability scanning, system updates and penetration testing.

Management Protection Measures: Only authorize the minimum number of staff to access personal information; staff are required to sign confidentiality agreements and receive regular data security training; establish an access log audit system to regularly check access records; formulate a data breach emergency response plan. In case of a security incident, we will immediately activate the plan to stop the risk from expanding, report to regulatory authorities in accordance with legal requirements, and notify affected users when necessary.

Kind Reminder: You need to properly keep account passwords, mobile phone verification codes and other information, and do not disclose them to others. We are not responsible for information leakage caused by your improper custody; if you find any abnormal account, please contact us immediately for handling.

6. Your Rights to Manage Personal Information

You can exercise the right to control personal information in the following ways. We will respond to and handle your request within 15 working days after receiving it (unless otherwise stipulated by laws and regulations):

Access and Correction: Independently access and modify personal information through the APP [My → Click Avatar]; for information that cannot be modified independently, you can contact customer service to submit a correction request.

Deletion Request: Send an email to cunfage@163.com, submit identity certificate and deletion reason. After verifying your identity, we will delete your relevant personal information (data in the backup system will be deleted when the next backup is updated).

Withdrawal of Consent: Withdraw APP permission authorization in the mobile phone system [Settings → Privacy → Privacy Management]; disable relevant additional functions and unbind devices in the APP; send an email to cunfage@163.com to withdraw consent to information collection and use. After withdrawing consent, we will stop processing relevant information, but it will not affect the legal processing behaviors completed based on your consent before.

Account Cancellation: Apply for account cancellation through the APP [My → Suggestions and Feedback/Contact Customer Service] or sending an email to cunfage@163.com. After account cancellation, relevant information will be deleted or anonymized, and you will no longer be able to log in and use CunFaGe Products, except for information required to be retained by laws and regulations.

Additional Rights for Users in the EU EEA Region

If you are a user in the EU EEA region, in accordance with GDPR, you also have the following rights:

Request us to restrict the processing of your personal information;

Refuse processing behaviors that have a significant impact on you based solely on automated decision-making;

Request to obtain your personal information in a structured, machine-readable format and transmit it to other data controllers (right to data portability).

7. Protection of Minors' Personal Information

This Product is not intended for children under the age of 14; minors under the age of 18 using this Product must obtain the consent or authorization of their guardians. Guardians should carefully read this Policy and guide minors to use it.

We will not actively collect sensitive personal information of minors; if it is necessary to collect (such as account registration), we will separately obtain the consent of guardians.

If guardians find that minors have submitted personal information without consent, they can contact us to check and delete relevant information, and we will actively cooperate to safeguard the legitimate rights and interests of minors.

8. Changes and Revisions to This Policy

We may revise this Policy according to the update of laws and regulations and the adjustment of product functions. After revision, we will mark it with the issuance/update date specified in this Policy, and retain historical versions for your reference.

In case of major changes (including but not limited to adjustment of information collection purposes, sharing scope, users' core rights, security measures, etc.), we will notify you in a prominent way such as APP pop-up window and email. After your confirmation and consent, the revised Policy shall take effect; for non-major changes, they will be publicized in the APP and take effect automatically after publicity.

Without your consent, any revision will not restrict the rights you enjoy under the original Policy.

9. How to Contact Us

If you have any questions, objections, complaints or suggestions about this Policy, you can contact us in the following ways:

Contact Email: cunfage@163.com

Customer Service Entrance: CunFaGe APP [My → Contact Customer Service]

We will reply to your feedback within 15 working days after receiving it and strive to solve your problems.