Last Updated: Jul 1, 2023
Effective Date: Jul 1, 2023
At Hypershell Technology Co., Ltd. and its affiliated companies (“Hypershell”, “we,” “our” or “us”), we respect your privacy and treat your information with the utmost care.
This Policy describes:
- What Information Do We Collect
- How Do We Collect Your Information
- How Will We Use Your Information
- How Do We Store Your Information
- Share and Transfer
- Your Rights
- Security of Your Information
- Children’s Information
- Supplemental Notice for California Residents
- Supplemental Notice for Nevada Residents
- Privacy Policies of Third-Party Websites/Applications
- How to Contact Us
At Hypershell, we believe that you can have great products and great privacy. This means that we strive to collect only the personal data that we need. We may collect a variety of information, including:
- Account Information.Your Hypershell account and related account details, including contact phone number, email address, passwords, social account and third-party avatar.
- Device Information.Data from which your device could be identified, such as Wi-Fi List Information, Mac address, CPU information, memory information, SD card information and operating system version.
- Contact Information. We may need your contact information such as your name, email address, shipping address and phone number when you place an order or contact us for customer service.
- Photo and Video. We may need to upload your personal photos and videos when dealing with certain issues and modifying personal information.
- Location. We may need your location information for activating your Hypershell hardware products, Bluetooth connection, time zone setting, obtain your latitude, longitude and altitude information for data analysis to provide better marketing promotion services.
- Other Information You Provide to Us. Details such as the time, topic and content of your communications with Hypershell.
You are not required to provide the personal data that we have requested. However, if you choose not to do so, in many cases we will not be able to provide you with our products or services or respond to requests you may have.
You directly provide Hypershell with most of the data we collect. There are four ways we collect your information with your consent:
Directly Collection from You
We may collect the following personal information that you provide to us directly, including your name, contact phone number, email address, shipping address, passwords, social media account, location of your devices, your location information, your photos and videos.
We may collect your devices information automatically within the necessary scope, including location information of the device, Wi-Fi List Information, Mac address, CPU information, memory information, SD card information and operating system version.
From the Third Party Sources
We collect and use information obtained from Facebook, Google, Wechat, and other accounts you use to login to the Services (“Third-Party Accounts”), such as: your name, your user name, avatar, social account and other details you may have on your Third-Party Account profile. We do not have access to your Third-Party Account passwords.
- Devices Permission
In the process of collecting and using the above personal information, we will mainly call the mobile phone device permissions. When you enable any permission, you authorize us to collect and use relevant personal information to provide you with corresponding Services. You can get your device permission list by contacting us as set forth in “Contact Us” below.
You can also choose to change the scope of consent or withdraw your authorization at any time. After the authorization is withdrawn, we will no longer collect personal information related to these permissions, and we will not be able to continue to provide you with corresponding Services.
However, your decision to withdraw consent or authorization will not affect our previous collection and use of personal information based on your authorization. When we want to use the information for other purposes not specified in this Policy, we will ask for your prior consent.
Hypershell uses personal data to power our Services, to process your transactions, to communicate with you, for security and fraud prevention, and to comply with law. We may also use personal data for other purposes with your consent.
Hypershell uses your personal data only when we have a valid legal basis to do so:
- To honor our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our services.
- Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent.
- Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business and services; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing services.
- Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to share data with tax authorities).
Hypershell uses your personal data only for the purposes described below:
- Provide Our Services
We use your information to fulfil our agreements with you and provide you with our Services, we process your personal information as necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract, including but not limited to:
- Managing your information and accounts, including registration;
- Providing the Services to you, including providing access to certain areas, functionalities, and features of our Services;
- Answering requests for customer or technical support;
- Communicating with you about your account, activities on our Services, and policy changes; and
- Administrative Purposes
We use your information for various administrative purposes, including but not limited to:
- Pursuing our legitimate interests such as direct marketing, research and development (including marketing research), network and information security, and fraud prevention;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
- Measuring interest and engagement in our Services;
- Improving, upgrading or enhancing our Services;
- Developing new products and Services;
- Ensuring internal quality control and safety;
- Authenticating and verifying individual identities, including requests to exercise your rights under this policy;
- Debugging to identify and repair errors with our Services;
- Auditing relating to interactions, transactions and other compliance activities;
- Sharing information with third parties as needed to provide the Services;
- Enforcing our agreements and policies;
- Complying with our legal obligations.
- Other Purposes
We also use your information for other purposes as requested by you or as permitted by applicable law.
- Consent.We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information or with your consent.
- Automated Decision Making.We may engage in automated decision making, including profiling. Hypershell’s processing of your personal information will not result in a decision based solely on automated processing that significantly affects you unless such a decision is necessary as part of a contract we have with you, we have your consent, or we are permitted by law to engage in such automated decision making. If you have questions about our automated decision making, you may contact us as set forth in “Contact Us” below.
- De-identified and Aggregated Information.We may use personal information and other information about you to create de-identified and/or aggregated information, such as de-identified demographic information, de-identified location information, information about the device from which you access our Services, or other analyses we create.
The information that we collect from you will be processed primarily in the EU and the United States but may be transferred to and stored at/processed in other countries.
You can opt out of having your information being used by Hypershell for performance-based advertising by accessing your mobile device settings and following the most recent published instructions. If you limit ad tracking, you will still see advertisements (even ones sourced from Hypershell’s network), but we will no longer be able to use the personal information described above in Section 1 to serve you with more relevant ads.
In addition, the advertising identifier (along with any information collected about that identifier) that was previously assigned to you will also be disassociated. This means that if at a later stage, you decide to opt back in, we will not be able to use any of your past information for advertising purposes, and you will (for all practical purposes) be a new user to our system.
We will not share your personal information with any company, organization or individual other than Hypershell except in the following cases:
a)Sharing with explicit consent: After obtaining your explicit consent, we will share your personal information with other parties.
b)Fulfilling legal obligations: We may share your personal information externally in accordance with laws and regulations or the mandatory requirements of government authorities.
c)Disclosures to Protect Us or Others:We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our, or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.
d)Disclosure in the Event of Merger, Sale, or Other Asset Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
f)Sharing with authorized partners: Some of our Services will be provided by authorized partners only for the purposes stated in this policy. We may share some of your personal information with our partners to provide better customer service and user experience. We will only share your personal information for legal, legitimate, necessary, specific and explicit purposes, and only share personal information necessary to provide services. Our partners are not authorized to use the shared personal information for any other purpose. Usually our partners are:
- Third-party service providers: Provide us with payment facilitation, package shipping, application development, electronic message processing and other services. Some of your personal information may be collected directly by third-party service providers and subject to their privacy policies.
- Third-party SDK service providers: In order to ensure the stable operation and function realization of the application and enable you to use and enjoy more services and functions, we will embed third-party SDKs in the application.
For details, see the following list of third-party service providers:
Third-party service providers
Purpose of use
Type of information
users can log in through Google account authorization
users can log in through Facebook account authorization
users can log in through WeChat account authorization
to provide the online e-commerce platform to support and process orders, risk and fraud screening, identity verification, payments
to store the avatar image uploaded by the user
You have several rights under the data privacy legislation. This includes, under certain circumstances, the right to:
- Request access to your personal data
You have the right to obtain a copy of the personal data we hold about you and certain information relating to our processing of your personal data.
- Request correction of your personal data
You are entitled to have your personal data corrected if it is inaccurate or incomplete. You can update your personal data at any time by logging into your account and updating your details directly, or by emailing us at feed firstname.lastname@example.org.
- Request erasure of your personal data
This enables you to request that Hypershell delete your personal data, where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Request restriction of processing of your personal data
You have a right to ask Hypershell to suspend the processing of your personal data in certain scenarios, for example if you want us to establish the accuracy of the data, or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. Where processing is restricted, we are allowed to retain sufficient information about you to ensure that the restriction is respected in future.
- Request the transfer of your personal data
You have the right to obtain a digital copy of your personal data or request the transfer of your personal data to another company. Please note though that this right only applies to automated data which you initially provided consent for us to use or where we used the data to perform a contract with you.
- Object to processing of your personal data
You have the right to object to the processing of your personal data where we believe we have a legitimate interest in processing it (as explained above). You also have the right to object to our processing of your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your data which override your rights and freedoms.
- Request human intervention for automated decision making and profiling
You have the right to request human intervention where we are carrying out automated decision making when processing your personal data. This form of processing is permitted where it is necessary as part of our contract with you, providing that appropriate safeguards are in place or your explicit consent has been obtained.
We will try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. We may need to request specific information from you to help us confirm your identity and ensure your right to exercise any of the above rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
- Right to lodge a complaint
If you have any concerns or complaints regarding the way in which we process your data, please email us directly at email@example.com. You also have the right to make a complaint to the data protection regulator in the US or EU or in other competent authority). We would, however, appreciate the chance to deal with your concerns before you approach the data protection regulator, so please do contact us in the first instance.
If you wish to exercise any of these rights, please email us at firstname.lastname@example.org.
Cookies are small text files that are sent to or accessed from your web browser or your computer’s hard drive. Cookies typically contains the name of the domain (internet location) from which the cookies originated, the “lifetime” of the cookies (i.e., when it expires) and a randomly generated unique number or similar identifier. Cookies also may contain information about Device, such as: user settings, browsing history, and activities conducted while using the Services.
Our Services use the following cookies:
Ÿ Strictly necessary cookies, which are required for the operation of the Services. Without them, for example, you would not be able to use your Account.
Ÿ Analytical/performance cookies, which allow Hypershell to recognize and count the number of visitors, learn how visitors navigate the Services, and improve the Services.
Ÿ Functionality cookies, which Hypershell uses to recognize you when you return to the Services.
To learn more about cookies and web beacons, please email us at email@example.com.
By using our Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on our Services, by mail or by sending an email to you.
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Hypershell does not knowingly collect any Personal Identifiable Information from children under the age of 13 in EU, or age under 14 in US (or other age as required by local law). If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
If we become aware that a child has provided us with personal information in violation of applicable law, we will delete any personal information we have collected, unless we have a legal obligation to keep it, and terminate the child’s account.
This Supplemental California Privacy Notice only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA provides California residents with the right to know what categories of personal information Hypershell has collected about them and whether Hypershell disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding 12 months. California residents can find this information below:
Category of Personal Information Collected by Hypershell
Category of Third-Party Information is Disclosed to for a Business Purpose
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
· Service providers
· Advertising networks
· Social networks
Internet or other electronic network activity
Browsing history, search history, information on a consumer's interaction with an internet website, application, or advertisement.
· Service providers
· Advertising networks
· Government entities
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
A name, signature, physical characteristics or description, address, telephone number, education, employment, employment history, bank account number or other financial information. Personal Information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. Note: Some personal information included in this category may overlap with other categories.
· Service providers
· Advertising networks
· Government entities
Physical location or movements.
· Service providers
· Advertising networks
· Government entities
The categories of sources from which we collect personal information and our business and commercial purposes for using personal information are set forth in Section 1 to 3 above, respectively.
“Sales” of Personal Information under the CCPA
For purposes of the CCPA, Hypershell does not “sell” personal information, nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age.
Additional Privacy Rights for California Residents
- Non-Discrimination.California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.
- Authorized Agent.Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth in “Contact Us” below and provide written authorization signed by you and your designated agent.
- Verification.To protect your privacy, we will take steps the following steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include asking you for additional proof of identity and asking questions regarding your account and use of our Services.
If you are a California resident and would like to exercise any of your rights under the CCPA, please contact us as set forth in “Contact Us” below. We will process such requests in accordance with applicable laws.
- California Shine the Light.The California “Shine the Light” law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties.
- Right for minors to remove posted content.Where required by law, California residents under the age of 18 may request to have their posted content or information removed from the publicly-viewable portions of the Services by contacting us directly as set forth in “Contact Us” below or logging into their account and removing the content or information using our self-service tools.
If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. Please note that we do not currently sell your Personal Information as sales are defined in Nevada Revised Statutes Chapter 603A. If you have any questions, or to request that we do not sell your information in the future, please “Contact Us” as set forth below with the subject line “Nevada Do Not Sell Request”.
The Services may contain links to other websites/applications and other websites/applications may reference or link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Providing personal information to third-party websites or applications is at your own risk.
We welcome feedback and are happy to answer any questions you may have about your data.
You may contact us electronically at: firstname.lastname@example.org.
Or in the alternative, you can contact us at Hypershell Technology Co., Ltd. Room 306, No. 5005 Shenjiang Road, Pudong New District, Shanghai, China.