AegeanSoft Privacy Policy

1. Introduction

We strictly comply with laws and regulations and adhere to the following privacy protection principles to provide you with more secure and reliable services:

1.1 Security and Reliability

• We commit our utmost efforts to prevent your information from leakage, damage, or loss through reasonably effective information security technologies and management processes.

1.2 Autonomous Choice

• We provide convenient information management options to help you make appropriate choices and manage your personal information.

1.3 Protection of Communication Confidentiality

• We strictly follow laws and regulations to protect your communication confidentiality and provide secure communication services.

1.4 Necessity and Reasonableness

• We only collect necessary information to deliver better services to you and other users.

1.5 Clarity and Transparency

• We strive to explain the privacy policy in clear and understandable terms to ensure you fully comprehend our information processing practices.

1.6 Privacy by Design

• We integrate privacy protection principles into product design by considering legal, product-related, and design factors at every stage of product or service development.

This Privacy Policy primarily informs you about:

• The types of information we collect
• The purposes for collecting such information
• Your rights as a user

We encourage you to carefully read this Privacy Policy (hereinafter referred to as “this Policy“) to thoroughly understand how we collect and use information. This will help you better comprehend our services and make informed decisions.

By using AegeanSoft services, you acknowledge that you have read and understood the contents described in this Policy.

Should you have any questions, please contact us.

2. Information We Collect

Core Principle:

• We collect only the information necessary to achieve our product functionalities based on the principles of lawfulness, legitimacy, and necessity.

2.1 Information You Actively Provide

• Account Registration Information

  • For instance: Nickname, mobile number, etc., provided during your registration of a NoteExpress Web Academic account.

• Information Uploaded While Using Services

  • For instance: Profile pictures uploaded during your use of NoteExpress Web Academic.

• Information Submitted via Customer Service or Activities

  • For instance: Name, phone number, home address, etc., submitted in surveys during our online events.

Certain services may require specific sensitive personal information to enable particular features. If you choose not to provide such information, specific functionalities may be unavailable, but this will not affect other services. By voluntarily providing sensitive personal information, you consent to our processing of such data in accordance with this Policy.

2.2 Information Collected During Service Usage

We automatically collect the following information when you use our services:

• Log Information:

  • Details generated during service usage.

• Device Information:

  • For instance: Device model, OS version, unique device identifier, Open Anonymous Identifier (OAID), battery status, signal strength.

• Software Information:

  • For instance: Software version, browser type. To ensure operational security or service requirements, we collect data about mobile applications and other software you use.

• IP Address

• Service Log Information:

  • For instance: Searched/viewed content, service error logs, referral URLs.

• Usage Log Information:

  • For instance: Duration and frequency of service usage.

• Location Information:

  • When using location-based services, we may record your device’s location to provide relevant features.
  • Location data may be obtained via IP address, GPS, WLAN (e.g., WiFi), or cell towers.
  • Geographic information may be inferred from your account details or metadata (e.g., geotags in shared photos).

• Other Related Information:

  • Data collected to enhance your experience with our products/services.

• Information Contained in Third-Party User Content:

  • For instance: Your personal information may appear in photos/videos shared by other users through our services.

2.3 Information from Business Partners

We may receive information obtained by third-party partners when you use their services integrated with our platform.
Example scenarios include:

• When you log into partner services using your NoteExpress Web Academic account, we may receive your service name and login time solely for authorization management purposes.

Important Notice: We require third-party partners to legally obtain your information. Always review their privacy policies separately.

3. How We Use Collected Information

Legal Compliance Statement:
We strictly comply with legal regulations and user agreements, utilizing collected information solely for the following purposes. Should usage extend beyond these purposes, we will provide additional explanations and obtain your explicit consent.

3.1 Service Delivery

• Personalized Experience

  • Customize services according to your preferences (e.g., language settings, location preferences, personalized support).

• Product Development & Optimization

  • Analyze system failure logs to enhance service quality and stability.

• Security Assurance

  • Employ information for:
    • Identity verification
    • Security threat prevention
    • Anti-fraud monitoring
    • Data backup
    • Client security services
  • (Example: Detect malware/viruses or identify fraudulent content during downloads/installations)

3.2 Marketing & Communications

• Deliver tailored advertisements and information aligned with your interests.
• Evaluate effectiveness of advertising campaigns and promotional activities.

3.3 Software Management

• Conduct software authentication, version updates, and maintenance.

3.4 User Engagement

• Invite participation in service-related surveys and research.

3.5 Cross-Service Utilization

• Subject to legal compliance and your consent, we may apply information collected from one service to enhance others.
• Examples include:
  • Displaying personalized content/ads across different services
  • Conducting user behavior analysis and statistical research

3.6 Operational Analytics

• To ensure service security and optimize application performance, we may record:
  • Usage frequency and patterns
  • System failure reports
  • Aggregate performance metrics
  • Application source data

Security Notice:

• Analytics data is strictly segregated from personally identifiable information (PII).
• We never combine:
  • Technical performance metrics stored in analytics systems
  • With personal identity information provided within applications

4. Our Use of Cookies and Related Technologies

Core Principle:

• All measures adhere to the principle of minimal necessity in data processing.

We, along with our third-party partners, may collect information through secure cookies and similar technologies to deliver a more personalized user experience and service.

4.1 Key Practices:

• Strict Partner Compliance: We rigorously require all third-party partners to adhere to the provisions outlined in this Policy.
• User Control Options: You may manage cookie preferences through your browser settings.

Important Notice:
Disabling cookies may result in:

• Degraded service quality
• Limited functionality of certain features
• Suboptimal user experience

We recommend maintaining standard cookie settings to ensure full access to our service capabilities.

5. Information You Share

You may share relevant information through our services with friends, family members, and other users.

Important Notice:

• Shared content may include personal identification details and asset information.
• Exercise extreme caution when disclosing sensitive personal data.

Legal Compliance Statement:
Please be aware that such information:

• May be independently retained by recipients
• Could be stored by unaffiliated third parties beyond our control
• Cannot be fully recalled once disseminated

Security Recommendation:
Always verify recipients and evaluate information sensitivity before sharing.

6. Managing Your Information

6.1 Basic Management Methods

• You may access, modify, and delete your registration information and other personal data during service usage. Contact methods are specified in our notifications. The scope and procedures depend on specific services used.

6.2 Practical Management Example: Location Data

• When using geolocation services, disable sharing through:
  • Device Controls: Mobile location settings
  • Service Providers: Hardware/software vendor options
  • Carrier Systems: Communication service channels

Important Notice: Review relevant disablement guides before implementation.

6.3 Your Legal Rights

Core Principle:
Information collection strictly follows functionality requirements stated in this Policy.

• Deletion Rights
  • Request removal if information collection/usage violates laws or agreements
• Correction Rights
  • Demand amendments for inaccurate personal data in our systems
  • Submit requests through contact methods specified in this Policy

6.4 Security & Processing Procedures

Security Notice:
Identity verification required during data operations for account protection.

Administrative Limitation Notice:
Some requests may be unfulfillable due to:

• Technical constraints
• Legal/regulatory obligations

We will respond to all valid requests within reasonable timeframes.

7. Information We Share

Core Principle:
We strictly limit information sharing in compliance with legal regulations.

7.1 Sharing Scenarios

7.1.1 Consent-Based Sharing
Your personal information may be shared with third parties only with your prior consent.

7.1.2 Processing Partners
For specific processing purposes, we may share information with:

• Third-party partners (service providers, contractors, agents, advertisers, developers)
• Entities potentially located outside your jurisdiction
  (Examples: Communication providers for notifications, map service providers for location services)

Security Notice:
Such partners must:

• Process data per our instructions
• Adhere to this Policy’s confidentiality standards
• Implement equivalent security measures

Permitted Purposes:

• Service delivery
• Objectives stated in “How We Use Collected Information”
• Fulfilling our Policy obligations
• Service maintenance and improvement

Protection Measures:

• Encryption technologies
• Data anonymization techniques

7.1.3 Business Restructuring
During mergers, acquisitions, or asset transfers:

• We will notify you via push notifications/announcements
• Continuation of protection standards meeting or exceeding this Policy’s requirements

7.2 Big Data Applications

Core Principle:
Information may be used for aggregated analytics without personal identification.

Examples:

• Generating urban heat maps devoid of personal data
• Producing industry insight reports with anonymized statistics

Sharing Practice:
We may publicly share or provide partners with:

• Statistically processed information
• Non-identifiable usage trend analyses

7.3 Legal Disclosure Requirements

We may disclose personal information when legally required for:

1. Compliance with applicable laws/regulations
2. Adherence to court orders/legal proceedings
3. Response to governmental/authorized organization requests
4. Legitimate belief in legal compliance necessity
5. Protecting vital interests including:
   • Enforcing service agreements/Policies
   • Safeguarding public welfare
   • Defending rights of:
     • Clients
     • Our company/affiliates
     • Users/employees
     • Property/legal interests

Legal Compliance Statement:
All disclosures strictly follow proportionality and necessity principles.

8. Information We May Send You

8.1 Information Push

We may send emails, SMS, notifications, or push messages during service usage.

Important Notice:
You may unsubscribe through device settings per our instructions.

8.2 Service-Related Announcements

We may issue non-advertisement service notices when necessary (e.g., service suspension for maintenance).

Administrative Limitation Notice:
Such essential communications cannot be opted out.

9. Information Storage Location and Retention Period

Storage Location
We comply with applicable laws and regulations by storing domestically collected personal information within China’s territory.

Retention Period
Generally, we retain your personal information only for the minimum period necessary to fulfill collection purposes.

Extended Retention Circumstances
Storage duration may be extended to meet legal requirements under these conditions:

• Compliance with applicable laws, regulations, or relevant provisions
• Adherence to court judgments, rulings, or other legal procedures
• Fulfillment of requirements from government authorities or legally authorized organizations
• When reasonably necessary for legal compliance
• Enforcement of service agreements or this policy, including:
  • Safeguarding public interests
  • Protecting legitimate rights of:
    • Our customers
    • AegeanSoft Corporation/affiliates
    • Other users or employees

Service Termination Protocol
Upon discontinuation of products/services:

• Notification methods:
  • Push notifications
  • Public announcements
• Data processing:
  • Deletion or
  • Anonymization
    within reasonable timeframes

10. Information Security

We implement appropriate security safeguards to protect your information against loss, misuse, unauthorized access, disclosure, or alteration.

Confidentiality Commitment
We strictly comply with laws and regulations to protect the confidentiality of users’ communications.

Security Measures
We employ various security protection measures within reasonable security levels to ensure information security, including:

• Encryption technologies (e.g., TLS, SSL)
• Anonymization techniques
• Other industry-standard safeguards

Management Protocols
We have established dedicated systems to ensure information security through:

1. Strict access controls limiting personnel authorization
2. Mandatory confidentiality agreements
3. Regular compliance audits

Incident Response
In the event of a personal information breach:

• We will immediately activate emergency protocols to contain the incident
• You will be notified via push notifications, announcements, or other appropriate channels

11. Advertising

We may use your relevant information to display advertisements tailored to your interests on our websites, applications, and other channels.

12. Minor Protection

We attach great importance to the protection of minors’ personal information.

Under applicable laws and regulations:

• If you are under 18 years old, parental or guardian consent must be obtained before using AegeanSoft Corporation’s services.
• For inquiries or requests regarding children’s personal information protection, contact us. We will respond within a reasonable timeframe.

13. Scope of Application

This Policy applies to all AegeanSoft services.

Special Provisions

• Certain services have specific privacy guidelines/statements detailing information handling practices.
• In case of conflict, the specific privacy guidelines/statements shall prevail.

Third-Party Services Notice
This policy expressly excludes:

• Services operated by third-party entities
  • Typical case: Utilizing NoteExpress Web credentials to access external services

Your engagement with such services shall be exclusively governed by the respective third-party’s privacy policy. We strongly advise thorough review of all applicable third-party policies.

14. Contact Us

For inquiries regarding this Policy or related matters, please contact us via:
Email: dataprivacy@inoteexpress.com

We will:

1. Promptly review submitted matters
2. Respond within thirty (30) days after verifying your identity

15. Policy Amendments

We may periodically revise this Policy.

Material Change Protocol:
When amendments would substantially reduce your rights:

• Advance notification will be provided through:
  • Prominent on-page alerts
  • Email communication
• Continued use after effective date:
  • Constitutes acceptance of revised terms
  • Indicates consent to be bound by amended Policy