Privacy Statement – Data SDK

Vpon Big Data Group (“Vpon” or “we”) is a leading big data company specializing in data analytics built with cutting-edge technologies to provide its customers and partners with effective data-driven marketing solutions.

To deliver our data services (“Services”) to mobile application developers, publishers and/or owners (collectively as the “App Owners”), Vpon uses software development kit and data analytics technologies to enable the App Owners to collect, analyze and realize the usage of their mobile applications (the “App(s)”) and to further enhance user experience and provide certain product features or customized services to the users who use or interact with the App(s) (the “App User(s)”).

The following statement describes how we may collect, use, store and disclose information relating to App Users (or as “you” interchangeably) collected through Vpon Data Software Development Kit (Data SDK) on behalf of App Owners when we deliver the Services. To safeguard the App Users’ privacy, Vpon endeavors to have the App Owners integrate the information regarding the data collection and use of Data SDK into their own privacy statements and provide reference to this Privacy Statement.

This Privacy Statement is made mainly for Data SDK by Vpon and does not apply to any products, services or Apps of the App Owners. The App Owners are responsible for having their own terms of use and privacy policy to address the collection, use and disclosure of App Users’ data, and the rights of a data subject and other law-requiring disclosures, and obtaining App Users’ consent according to the applicable data protection laws and regulations. We encourage you to read the privacy statement of the Apps you use to learn more about the above.

How Vpon’s Technology Works

A.How We Collect Information
In order to provide our Services to the App Owners and enable them to enhance user experience, Vpon’s Data SDK is integrated into the Apps for Vpon to collect information on behalf of the App Owners by default or by App Owners’ event setting during your use or interaction with the Apps.

Data SDK only collects information relating to App User’s devices, network or App usage on the condition that the App Users agree to App Owners’ terms of use or privacy policy and grant permission via their device setting.

B.Information We Collect
The information we collect through our technologies on behalf of App Owners is mainly non-personally identifiable information.

Personally identifiable information (“PII”) is the data that can directly or indirectly identify a specific individual, and may include, but is not limited to, your name, phone number, email address and home address, whereas non-personally identifiable information (“non-PII”) is the information that, by itself, does not directly or indirectly identify a specific individual. When providing its Services, Vpon does not collect PII and will take all precautions to avoid collecting or receiving PII from any partners, including App Owners. If Vpon is made aware that it received PII from its partners, it will use all efforts to remove that information from its records.

Based on your consent, Vpon may collect information while you are visiting or interacting with the Apps of the App Owners integrated with Data SDK. The information collected through Data SDK may include, without limitation, the following types of data:

• Device ID: Device Identifiers, including iOS identifier for Advertising (IDFA), iOS identifier for Vendor (IDFV), Android Advertising ID (AAID), and Vpon specific identifier.
• Device Information: Information about your device, including the type and model, manufacturer, operating system (e.g., iOS or Android), carrier name, screen size, device time zone, and user agent.
• Internet Environment: Information about the network environment of your device, including the IP address, connection type (Wi-Fi, Cellular) and Wi-Fi access points.
• App Usage: Information about your App usage, including App package ID, other applications you have on your device, the time the Apps were visited or used, and other user engagement event designated by the respective Apps.
• Geolocation: Device’s geo-location data when location services are enabled in the Apps you use with your permission. Note that when location services are not enabled, the relative location of your device may still be inferred from other information (e.g., IP address).

Vpon is not responsible for your information directly collected through the Apps by App Owners or any PII that the App Users submit or provide to the Apps. App Owners have their own terms of use and policies regarding the collection, use and disclosure of your information. To learn more about what kinds of your information are collected by a particular App Owner and how it handles your information, we encourage you to read the App Owner’s privacy statement of the App(s) you use.

C.Purpose of the Information We Collect
The information collected is mainly used for the following purposes, based on the request of the App Owner(s):

• To fulfill requests and obligations related to the contractual relationship with the App Owner(s);
• To improve functionality and user experience of the App(s) you use;
• To provide troubleshooting and optimize customized content or features;
• To update the operational and technical functionality;
• To conduct business and data analysis for the App Owner(s);
• To detect or identify misuse or fraudulent behaviors;
• To fulfill our legal and compliance functions or obligations; and
• Other purposes directly relating to any of the above.

D.Parties We May Share the Information With
The parties Vpon may share information with include the following:

• App Owners: We share the information with the App Owners to provide our Services to them.
• Service Providers: We may share your information with our contracted service providers so that they can provide the services for us to fulfill our contractual obligations to the App Owners (e.g., cloud service providers like Google Cloud Platform or Amazon Web Services). These service providers will be subject to the equivalent obligations in this Privacy Statement and any other appropriate confidentiality and security measures, and on the condition that they will only process or store the information pursuant to our instructions.
• Affiliates: We may share your information with our affiliated corporate group entities (“Affiliates”) necessary for providing or improving our Services to the App Owners, and their use of such information will comply with this Privacy Statement so as to protect your information.
• Parties involved in reorganization or reconstruction: Upon bankruptcy, dissolution or other liquidation or insolvency events or in the event of merger, sale or transfer of all or a portion of our assets or shares or other reorganization or reconstruction in our ongoing business, the information that we collect or receive may be shared with or transferred to, that respective entity to the extent strictly necessary for continued provision of Services, provided that it will undertake to be bound by the provisions of this Privacy Statement, with reasonably necessary changes taken into consideration.
• Data Partners: With your consent and upon the App Owner’s request or authorization, we may share your information with data partners so as to provide data enrichment services to the App Owners.

E.Processing and Storage of the Information We Collect
To provide Services in a reliable and flexible manner, Vpon uses industry well-known cloud service providers to process and store the information collected, so the data may be transferred to and processed in multiple places, such as Taiwan, Hong Kong, Japan, and US.

F.Retention of the Information We Collect
Vpon retains information collected and received only for the length of time necessary for the fulfilment of the above applicable purposes (including any directly related purposes) for which the data is or is to be used, and for compliance with applicable laws, regulations, or legal obligations.

G.Privacy Control Procedures of Your Device
Both Apple iOS and Google Android provide mechanisms that allow device users to control the privacy options for the collection of Device ID ( iOS advertising identifier “Identification for Advertisers” (“IDFA”) and Android Advertising ID (“AAID”)) and geolocation information. If you do not want Vpon or App Owners to collect your relevant information, you can follow the procedures described below:

1.Device ID

• Android Users
  To use the “opt-out of interest-based advertising” option, follow the instructions provided by Google HERE.
  
  Open “Google Settings” → “Ads Setting” → “Opt out of Ads Personalization”
  
  If you turn off “Opt out of Ads Personalization”, mobile applications (not only the App Owners’ Apps integrated with Data SDK) are able to track your device’s AAID. On the other hand, if you turn on “Opt out of Ads Personalization”, AAID will not be tracked.
  
  Users are able to reset or delete device’s AAID to avoid being targeted.
  
  Open “Settings” → “Privacy” à “Ads.” → “Reset advertising ID” or “Delete advertising ID”

• iOS Users
  To use the IDFA tracking option, follow the instructions provided by Apple HERE.
  
  
  • iOS (prior to version 14)
    Prior to iOS 14, iOS system offers two methods for users to opt out the tracking of IDFA.
    
    

    (1) Limit Ad Tracking (LAT): If you turn off LAT, mobile applications (not only the App Owners’ Apps integrated with Data SDK) will be allowed to see and track your device’s IDFA. On the other hand, if users turn on LAT, mobile applications will not be able to track your device’s IDFA.

    (2) Reset Advertising Identifier (IDFA): Users are able to reset IDFA by turning off LAT and then turn it on again, to avoid being targeted in the setting page of the device.

    LAT and Reset Advertising Identifier page can be accessed via Setting → Privacy →Advertising.

  • iOS (version 14 and above)
    Starting with Apple’s iOS 14 update, LAT was replaced with ATT.
    
    

    (1) App Tracking Transparency (ATT): Apple’s opt-in privacy framework requires all iOS applications to ask users for permission to share their data. App users must agree with the data tracking via a pop-up (prompt) that App displays to authorize the permission of the collection of IDFA. Without the consent, valid IDFA will not be collected.

    (2) Reset Advertising Identifier (IDFA): In the Privacy setting page, turn off “Allow Apps to Request to Track”, and then turn it on to reset IDFA.

    ATT setting page can be found via Setting → Privacy → Tracking.

2.Geolocation information
Users can choose to grant permission for geolocation data collection. Please refer to the procedures described below.

• Android Users
  For Android users, the first time a mobile application tries to access your location, a pop-up (prompt) will show to explain which application is asking for permission to use your location and provide options for you to control the access to your device’s location data. When the “Deny” option is selected, applications will not be able to track your location data. Users can also adjust the location permission of respective mobile applications or change the relevant settings via Setting → Location → App location permission.
  
  

  For more information about the use of your Android device’s location, please reach out to Google Support HERE.

• iOS Users
  For iOS, the first time a mobile application tries to access your location, a pop-up (prompt) will show to explain which application is asking for permission to use your location as well as the reason for requesting it, and provide options for you to control the access to your device location data. When the “Don’t allow” option is selected, applications will not be able to track your location data. Users can also turn Location Services on or off or change the relevant settings of each mobile application via Setting → Privacy → Location Services.
  
  

  For more information about iOS Location Services, please reach out to Apple’s official website HERE.

For Users in EEA or UK

Please note that Vpon does not collect or intend to collect any information from members of the European Economic Area (“EEA”) and United Kingdom (“UK”). If Vpon is aware of any information incidentally collected that is associated with any IP address in EEA or UK, Vpon will delete the information from its database. If you are a user in EEA or UK and subject to the protection of GDPR, but are aware that Vpon collects your information, please contact Vpon immediately or opt out from the services following the opt-out procedure mentioned in Section G.

Children’s Privacy and Sensitive Information

Vpon is very sensitive about the issue of the privacy rights of children. Vpon’s Services generally are neither developed for, nor directed at, children. We do not knowingly collect information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at privacy.support@vpon.com. If we become aware that a child under 13 has provided us with information, we will delete such information from our files.

Vpon does not collect, nor does it permit the targeting of advertising based on sensitive information regarding medical and health-related matters.

Security Precautions

Vpon makes significant efforts to maintain the security of its network and the data we collect. We use various technologies, including, in certain instances, encryption, to ensure high security standards. Any data that is stored on Vpon’s servers is treated as confidential and is not available to the public. Please keep in mind, however, that the Internet is not a 100% secure medium. Therefore, although we use reasonable efforts to protect information, the possibility of an individual defeating our security measures does exist.

Compliance with Laws and Law Enforcement

Vpon may release information (including PII) when necessary to government and law enforcement officials, to enforce and comply with the law. We will disclose any information about you to government or to law enforcement officials when we, at our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), or to protect Vpon’s rights, property, or other interests, including those of its customers or users, or to prevent illegal activities.

Acceptance of Privacy Statement

You acknowledge that you have read this Privacy Statement. BY USING, ACCESSING, INTERACTING WITH OUR SERVICES, AND OUR PARTNERS’ SERVICES AND APPS, YOU ACCEPT THE PRACTICES SET OUT IN THIS PRIVACY STATEMENT.

Changes to Privacy Statement

We may find it necessary or be legally obligated to update this Privacy Statement from time to time. When we do, we will update the effective date so that you are always aware of the information we collect, how we use it, and under what circumstances we disclose it. Your continued use, access, and interaction with our Services and our partners’ services and Apps following posting of the updated Privacy Statement will constitute your acceptance of the changes, unless your consent to the changes is required by applicable law.

Effective Date

This Privacy Statement (Data SDK) has become effective as of 5 September 2023.

For more information or to ask questions about this Privacy Statement, please contact us at:

【Vpon Big Data Group】
7F., No. 337, Fuxing N. Rd., Songshan Dist., Taipei City 105, Taiwan (R.O.C.)
privacy.support@vpon.com