Official Site: xianpotech.com Business Support: support@xianpotech.com | Key Accounts: fenggang1@xianpotech.com

Privacy Agreement

Effective date: May 15, 2026. Applies to this website and all mobile applications published or operated by Jiangsu Xianpo Technology Co., Ltd.

Our commitment to data protection: This agreement covers all personal data collected through our website and mobile applications. We comply with GDPR, CCPA, COPPA, LGPD, APPI, PDPA, and DPDP frameworks and apply privacy-by-design principles to all our digital products.
Global privacy compliance and data protection visual

1. Company Identity and Contact

This Privacy Agreement is issued by Jiangsu Xianpo Technology Co., Ltd, office located at 201, Building 14, Zhongjiao Zhihui Port Industrial Park, No. 1738 Daming North Road, Tiann ing District, Changzhou, 213000, CN.

Privacy and data requests can be submitted to support@xianpotech.com. Key account privacy escalation can be addressed to fenggang1@xianpotech.com.

2. Scope of This Privacy Agreement

This agreement applies to:

  • The corporate website xianpotech.com and all pages under this domain.
  • Mobile applications distributed through Google Play, Apple App Store, and additional app marketplaces where our products are available.
  • Services related to new energy technology research and development, technical consulting, technical promotion, equipment sales and installation, enterprise management consulting, and business information consulting.
  • Data processing related to app-based operation management, including user account operations, service tasks, project workflows, and analytics.

3. Information We Collect

3.1 Information you provide directly

  • Identity and contact details: name, company, role, email, phone, business address.
  • Service content: project requirements, procurement requests, consulting questions, support records.
  • Account data: login credentials, profile metadata, preferences, language and locale settings.

3.2 Information collected automatically

  • Device data: model, operating system, app version, locale, device identifiers and resettable advertising identifiers (where allowed).
  • Usage data: pages viewed, feature events, crash traces, performance logs, service request patterns.
  • Network data: IP address, coarse location from IP, timestamp and security logs.

3.3 Information from third parties

  • App stores and distribution partners.
  • Advertising and attribution providers.
  • Payment, anti-fraud, and risk intelligence providers.
  • Enterprise customers sharing authorized user data for service delivery.

4. Purposes and Legal Bases

  • Contract performance: deliver services, process requests, provide updates, and maintain operations.
  • Legitimate interests: security, fraud prevention, service optimization, and business continuity.
  • Legal obligations: taxation, accounting, legal requests, regulatory duties, and consumer rights processing.
  • Consent: advertising personalization, specific analytics uses, push notifications, and optional features where consent is required.

5. App Store Policy Alignment

For apps distributed via Google Play and Apple App Store, we implement policy controls including but not limited to:

  • Store listing transparency for data safety, data use, and privacy labels.
  • Permission minimization and purpose limitation.
  • User disclosure and consent before collecting sensitive data where applicable.
  • Age rating and content declarations aligned with platform rules.
  • SDK inventory review and third-party data-sharing controls.

6. Advertising and Monetization Compliance

Some applications may include monetization components. If ads are used, ad placements can include app open ads, rewarded video ads, interstitial ads, and banner ads. We apply lawful and policy-compliant controls, including consent collection where required.

Ad and monetization technology may involve the following platforms, depending on product and region: Google AdMob, Google Ad Manager, AppLovin MAX, Unity Ads, ironSource, Meta Audience Network, Pangle, Mintegral, Chartboost, InMobi, Liftoff Monetize (Vungle), Start.io, Smaato, Fyber, Moloco, PubMatic, BidMachine, Digital Turbine, and other approved mediation and demand platforms.

For ad integrations, we maintain:

  • SDK governance and data mapping by purpose.
  • Consent mode and opt-out handling where legally required.
  • Child and teen protection filters and restricted data processing settings.
  • Ad disclosures in-app and in store listing documentation.

7. Cookies, Tracking, and Similar Technologies

We and authorized partners may use cookies, SDK event tags, local storage, and similar technologies for security, session persistence, analytics, and service optimization. Where required by law, we request consent before non-essential tracking.

8. Data Sharing and Recipients

  • Cloud hosting and infrastructure providers.
  • Analytics, communication, customer support, and security providers.
  • Advertising and attribution partners where applicable and lawful.
  • Professional advisers and legal authorities when required by law.
  • Corporate affiliates or transaction parties during lawful restructuring, merger, or asset transfer.

9. International Data Transfers

Where data is transferred across borders, we apply suitable safeguards such as contractual clauses, transfer impact checks, minimization controls, and technical security protections in accordance with applicable laws.

10. Security Measures

  • Access controls, role-based authorization, and audit logs.
  • Encryption in transit and security hardening for storage systems.
  • Vulnerability management, incident response, and disaster recovery controls.
  • Vendor due diligence and contractual data protection obligations.

11. Data Retention

We retain personal information only for as long as needed for the purposes stated in this agreement, legal obligations, dispute handling, security needs, and enforceability of contractual rights. Retention periods vary by data category and jurisdiction.

12. Children and Age-Related Protections

Our services are not directed to children where prohibited. We implement age-screening, age-gating, and restricted processing controls as required by law and platform policy. When mandatory, verifiable parental consent or equivalent mechanisms are applied.

  • United States: COPPA and applicable state youth protections.
  • European Economic Area and United Kingdom: child consent rules under GDPR and UK GDPR.
  • Other regions: local age-related data standards as applicable.

13. Regional Rights and Compliance Mapping

Depending on user location, legal framework, and service context, rights may include access, correction, deletion, portability, restriction, objection, withdrawal of consent, and appeal.

  • European Economic Area: GDPR rights, including complaint rights to supervisory authorities.
  • United Kingdom: UK GDPR and Data Protection Act rights.
  • Switzerland: Swiss FADP rights.
  • United States: CCPA/CPRA rights, Colorado, Virginia, Connecticut, Utah, and other state privacy rights where applicable.
  • Canada: PIPEDA and provincial privacy rights frameworks.
  • Brazil: LGPD rights for data subjects.
  • Australia: Privacy Act rights and complaint channels.
  • Japan: APPI rights and disclosure obligations.
  • South Korea: PIPA compliance rights.
  • Singapore: PDPA rights and consent governance.
  • India: Digital Personal Data Protection Act rights where applicable.
  • Other countries: rights required by local privacy and consumer protection laws.

14. Sensitive Data

We do not intentionally process sensitive personal information unless required for lawful and explicit service purposes. Where sensitive processing is unavoidable, we implement additional safeguards and legal basis checks.

15. Do Not Track and Consent Preferences

Browser or device privacy signals are respected where technically supported and legally required. Users can modify consent choices through app settings, cookie controls, operating system permissions, and contact channels.

16. Data Breach and Incident Response

If a personal data incident occurs, we assess risk, contain impact, notify affected parties and regulators as required by law, and maintain remediation records.

17. Updates to This Agreement

We may update this agreement to reflect legal, technical, or business changes. The latest version will be posted on this website with updated effective date information.

18. Contact and Rights Requests

To submit a privacy request, complaint, or rights exercise request, contact support@xianpotech.com and include enough detail for identity and request verification. Key account channels can also be coordinated through fenggang1@xianpotech.com.