个人信息保护政策

欢迎您使用深圳市广联智通科技有限公司（下称“广联智通”或“我们”）提供的服务！我们深知个人信息对您的重要性，并会尽全力保护您的个人信息安全可靠。我们致力于维持您对我们的信任，恪守以下原则，保护您的个人信息：权责一致原则、目的明确原则、选择同意原则、最小必要原则、确保安全原则、主体参与原则、公开透明原则等。同时，我们承诺，我们将按法律法规要求，仅收集必要的信息，并采取相应的安全保护措施来保护您的个人信息。请在使用我们的产品或服务前，仔细阅读并了解本《个人信息保护政策》。

本政策将帮助您了解以下内容：

• 我们如何收集和使用您的个人信息
• 我们如何共享、转让、公开披露您的个人信息
• 我们如何保护您的个人信息
• 您的权利
• 我们如何处理儿童的个人信息
• 个人信息的储存地点、期限及转移
• 本政策的变更
• 如何联系我们

一、我们如何收集和使用您的个人信息

（一）我们可能会收集您的登录账号信息、手机相关信息、IP 地址、智能设备相关信息、以及GL账号和智能设备的关联信息。这些信息将用于为您提供智能设备快连、连接、发现附近设备和设备管理的功能。上述信息详细列举如下：

1、登录账号信息：GL账号、昵称、头像信息；

2、手机相关信息：硬件设备标识(imsi、imei、meid、设备硬件序列号、SIM 卡标识、OAID、Mac 地址、Android ID)、手机型号、系统版本信息、系统语言、手机所设置的国家或地区、应用商店的版本号、手机屏幕尺寸及分辨率、CPU 及显示设备相关信息；

3、连接智能设备过程中收集的信息：基于您需要链接的智能设备的类型，我们可能会收集：

（1）通过 Wi-Fi 连接的智能设备：Wi-Fi 信息（SSID、BSSID、 Wi-Fi 的 Mac 地址、Wi-Fi 密码）、设备 Mac 地址、设备 ID；

（2）通过蓝牙建立本地连接后，通过 Wi-Fi 连接的智能设备：Wi-Fi 信息（SSID、BSSID、Wi-Fi 的 Mac 地址、Wi-Fi 密码）、设备 Mac 地址、设备蓝牙 Mac 地址；

（3）通过蓝牙连接的智能设备：设备蓝牙 Mac 地址、设备 ID；

（4）通过 Zig-bee 方式连接的智能设备：设备 Mac 地址、设备 ID。

（二）为了使您持续享受最新的拉法尔服务，我们在固件升级时会使用您拉法尔应用的版本信息、手机型号，用于为您提供拉法尔应用的升级服务。同时，我们可能收集您已连接的智能设备列表和版本号信息，用于为您提供智能设备的升级功能，以确保您可以使用最新版本的服务（包括固件版本）。

（三）我们可能收集您反馈的问题、填写的电话号码或邮箱、添加的图片或视频、提交的问题日志，这些信息将用于让我们更好的了解您遇到的问题，以及联系您。

（四）在您使用拉法尔时可能会触发以下设备权限。为使您更好地管理您的个人信息，我们会在开启权限前告知您该权限的使用目的以及如您不开启该权限可能对您使用对应服务的影响，请您仔细查阅。您在使用特定功能前，可选择是否授权开通以下权限，获得您的授权后我们才会使用该权限，如您不同意授权开通该权限，可能会对特定功能或服务的使用产生影响，但不影响拉法尔应用整体的正常使用。同时，您可以随时通过设备的权限设置页面更改授权情况。

1、读写设备存储权限（Android 版本）：用于在扫一扫、用户反馈等功能中读写设备上的照片及文件；

2、地理位置权限（Android、iOS 版本）：用于提供智能设备自动化、设备快连时获取 WLAN 和蓝牙列表、发现附近设备的功能；同时用于智能场景中自动化地理围栏等功能（限 iOS 版本）；

3、相机权限（Android、iOS 版本）：用于扫描二维码以进行设备安装、账号登录等功能；

4、读取电话权限（Android 版本）：用于在客户端在本地生成手机的设备标识符；

5、开启 WLAN 权限（Android版本）：用于在为您的智能设备连接网络或连接智能设备发出的WIFI；

6、相册权限：用于用户在扫一扫、用户反馈等功能中读写设备上的照片及视频。

二、我们如何共享、转让、公开披露您的个人信息

（一）共享

除非获得您的明确同意，我们不会与本公司以外的任何公司、组织和个人分享您的个人信息。当您在第三方网站/应用使用我们的账号登录时，且您授权同意后，我们会将您的昵称、头像等信息（取决于该第三方的服务和产品性质以及您同意授权的信息）传给该第三方。若您不同意该第三方获得您的个人信息，请您不要同意授权。

（二）转让 我们不会将您的个人信息转让给任何公司、组织和个人，但以下情形除外： 1、在获取明确同意的情况下转让：获得您的明确同意后，我们会向其他方转让您的个人信息； 2、在涉及合并、收购或破产清算时，如涉及到个人信息转让，我们会向您告知接收方的名称或者姓名、联系方式等，并要求接收方继续受此个人信息保护政策的约束，否则我们将要求该接收方重新向您征求授权同意。

（三）公开披露 我们仅会在以下情形下，公开披露您的个人信息：

1、获得您明确同意后；

2、基于法律的披露：在法律、法律程序、诉讼或政府主管部门强制性要求的情况下，我们可能会公开披露您的个人信息。

三、我们如何保护您的个人信息

我们会采取各种预防措施来保护您（或您的孩子）的个人信息，以保障您的个人信息免遭丢失、盗用和误用，以及被擅自取阅、披露、更改或销毁。为确保您个人信息的安全，我们只会在法律法规允许、您明确同意下使用您的个人消息，我们有严格的信息安全规定和流程，并有专门的信息安全团队在公司内部严格执行上述措施。我们会采取合理可行的措施，尽力避免收集无关的个人信息。若发生个人信息泄露等安全事件，我们会启动应急预案，阻止安全事件扩大，并以推送通知、公告等形式告知您。

但互联网环境并非百分之百安全，尽管我们有上述措施，请注意在互联网上不存在“完善的安全措施”，我们将尽力确保或担保您发送给我们的任何信息的安全性。

四、您的权利

按照中国相关的法律、法规、标准，以及其他国家、地区的通行做法，我们保障您对自己的个人信息行使以下权利：

（一）访问您的个人信息

您有权访问您的个人信息，法律法规规定的例外情况除外。如果您需要访问您的个人信息，您可以通过以下方式访问您的用户名和密保资料：登录拉法尔应用-【个人】-【个人中心】。

（二）更正您的个人信息

如您需更改您的用户名和密保资料时，您可登录拉法尔应用-【个人】-【个人中心】进行更改或删除，或您可根据本协议第八条的联系方式，咨询我们进行修改。

（三）删除您的个人信息

如您需更改您的用户名和密保资料时，您可登录拉法尔应用-【个人】-【个人中心】进行更改或删除，或您可根据本协议第八条的联系方式，咨询我们进行修改。

在以下情形中，您可以向我们提出删除个人信息的请求：

1、如果我们处理个人信息的行为违反法律法规；

2、如果我们收集、使用您的个人信息，却未征得您的同意；

3、如果我们处理个人信息的行为违反了与您的约定；

4、如果您不再使用我们的产品或服务，或您注销了账号；

5、如果我们不再为您提供产品或服务。

（四）撤回您授权同意的范围

如果您想撤回相关权限的授权，您可以在您的硬件设备本身操作系统中关闭对应权限以达到撤回授权同意的目的。但特定的业务功能和服务将需要您的信息才能得以完成，当您撤回授权后，我们将不再收集和处理您对应的个人信息，也无法为您提供未授权对应的功能或服务。但您收回授权的决定，不会影响此前基于您的授权而开展的个人信息处理。

（五）个人信息主体注销账户

如您需要注销您的个人账号，您可登录拉法尔应用-【个人】-【个人中心】操作注销您的个人账户，或者您可根据本协议第八条中的联系方式与我们联系，并提供相应的信息与资料，且确保提供的信息与资料合法、真实、有效，以便客服核对您的身份，并为您注销账号。在注销账户之后，我们将停止为您提供产品或服务，并依据您的要求，删除您的个人信息，法律法规另有规定的除外。

（六）响应您的上述请求

如您需要通过第八条联系方式联系我们以处理以上请求，为保障安全，您可能需要提供书面申请，或以其他方式证明您的身份。我们可能会先要求您验证自己的身份，然后再处理您的请求。我们将在十五个工作日内作出答复。

对于您合理的请求，我们原则上不收取费用，但对多次重复、超出合理限度的请求，我们将视情收取一定成本费用。对于那些无端重复、需要过多技术手段（例如需要开发新系统或从根本上改变现行惯例）、给他人合法权益带来风险或者非常不切实际的请求，我们可能会予以拒绝。 在以下情形中，我们将无法响应您的请求：

1、与个人信息控制者履行法律法规规定的义务相关的；

2、与国家安全、国防安全直接相关的；

3、与公共安全、公共卫生、重大公共利益直接相关的；

4、与刑事侦查、起诉、审判和执行判决等直接相关的； 5、个人信息控制者有充分证据表明个人信息主体存在主观恶意或滥用权利的；

6、出于维护个人信息主体或其他个人的生命、财产等重大合法权益但又很难得到本人同意的；

7、响应个人信息主体的请求将导致个人信息主体或其他个人、组织的合法权益受到严重损害的；

（七）投诉举报

如果您认为您的个人信息权利可能受到侵害，或者发现侵害个人信息权利的线索，您可以根据本协议第八条中的联系方式与我们联系，我们核查后会在十五个工作日内反馈您的投诉与举报。

五、我们如何处理儿童的个人信息

我们的产品、网站和服务主要面向成人。如果没有父母或监护人的同意，儿童不应创建自己的个人信息主体账户。对于经父母同意而收集儿童个人信息的情况，我们只会在受到法律允许、父母或监护人明确同意或者保护儿童所必要的情况下使用或公开披露此信息。

尽管当地法律和习俗对儿童的定义不同，但我们将不满 14 周岁的任何人均视为儿童。 如果我们发现自己在未事先获得可证实的父母同意的情况下收集了儿童的个人信息，则会设法尽快删除相关数据。

六、个人信息的储存地点、期限及转移

1、 存储信息的地点

我们遵守法律法规的规定，将中华人民共和国境内收集的用户个人信息存储于中华人民共和国境内。

2、 存储信息的期限

一般而言，我们仅为实现目的所必需的最短时间保留您（或您的孩子）的个人信息。但在下列情况下，我们有可能因需符合法律要求，更改个人信息的存储时间：

(1) 为遵守适用的法律法规等有关规定；

(2) 为遵守法院判决、裁定或其他法律程序的规定；

(3) 为遵守相关政府机关或法定授权组织的要求；

(4) 我们有理由确信需要遵守法律法规等有关规定；

(5) 为执行相关服务协议或本协议、维护社会公共利益，为保护我们的客户、我们或我们的关联公司、其他用户或雇员的人身财产安全或其他合法权益所合理必需的用途。

(6) 当我们的产品或服务发生停止运营的情形时，我们将采取例如，推送通知、公告等形式通知您，并在合理的期限内删除或匿名化处理您的个人信息。

七、本政策的变更

我们可能适时更新、修订本协议内容。

我们会在本页面上发布对本政策所做的任何变更。对于重大变更，我们还会提供更为显著的通知（包括对于某些服务，我们会通过页面弹窗等更显著的方式发送通知，说明个人信息保护政策的具体变更内容）。 本政策所指的重大变更包括但不限于：

1、 我们的服务模式发生重大变化。如处理个人信息的目的、处理的个人信息类型、个人信息的使用方式等；

2、 我们在所有权结构、组织架构等方面发生重大变化。如业务调整、破产并购等引起的所有者变更等；

3、 个人信息共享、转让或公开披露的主要对象发生变化；

4、 您参与个人信息处理方面的权利及其行使方式发生重大变化；

5、 我们的联络方式及投诉渠道发生变化时。

八、如何联系我们

如有任何疑问、意见或建议，您可随时与我们联系：

联系方式：lafaer@gl-inet.com

联系地址：深圳市宝安区石岩街道松白路创维数字大厦305、306室

我们将于十五个工作日内受理并处理您的问题。

This Personal Information Protection Policy has been translated from Chinese using translation software. In case of dispute, the Chinese version should be considered the official and authoritative version for interpreting the policy.

Personal information protection policy

Welcome to use the services provided by Shenzhen Guanglian Zhitong Technology Co., Ltd. (hereinafter referred to as “Guanglian Zhitong” or “we”)! We are fully aware of the importance of personal information to you and will do our best to protect the safety and reliability of your personal information. We are committed to maintaining your trust in us and abiding by the following principles to protect your personal information: principle of consistency of rights and responsibilities, principle of clear purpose, principle of choice and consent, principle of minimum necessity, principle of ensuring security, principle of subject participation, principle of openness and transparency, etc. At the same time, we promise that we will only collect necessary information in accordance with the requirements of laws and regulations, and take corresponding security protection measures to protect your personal information. Please read and understand this “Personal Information Protection Policy” carefully before using our products or services.

This policy will help you understand the following:

1. How we collect and use your personal information
2. How we share, transfer and publicly disclose your personal information
3. How we protect your personal information
4. Your rights
5. How we process children’s personal information
6. Storage location, period, and transfer of personal information
7. Changes to this policy
8. How to contact us

1. How we collect and use your personal information

1.1 We may collect your login account information, mobile phone-related information, IP address, smart device-related information, and information related to your GL account and smart device. This information will be used to provide you with smart device quick connection, connection, discovery of nearby devices, and device management functions. The above information is detailed as follows: a. Login account information: GL account, nickname, avatar information; b. Mobile phone-related information: hardware device identification (imsi, imei, meid, device hardware serial number, SIM card identification, OAID, Mac address, Android ID), mobile phone model, system version information, system language, country or region where the mobile phone is set, app store version number, mobile phone screen size and resolution, CPU and display device-related information; c. Information collected during the process of connecting to smart devices: Based on the type of smart device you need to connect to, we may collect:

• Smart devices connected through Wi-Fi: Wi-Fi information (SSID, BSSID, Wi-Fi Mac address, Wi-Fi password), device’s Mac address, device’s ID;
• Smart devices connected via Wi-Fi, after establishing a local connection through Bluetooth: Wi-Fi information (SSID, BSSID, Wi-Fi Mac address, Wi-Fi password), device’s Mac address, device’s Bluetooth Mac address;
• Smart devices connected via Bluetooth: Device’s Bluetooth Mac address, device’s ID;
• Smart devices connected via Zig-bee: device’s Mac address, device’s ID.

1.2 In order for you to continue to enjoy the latest Lafaer services, we will use your Lafaer application version information and mobile phone model when upgrading the firmware to provide you with Lafaer application upgrade services. At the same time, we may collect the list and version number information of your connected smart devices to provide you with the upgraded functionality of your smart devices to ensure that you can use the latest version of the service (including the firmware version).

1.3 We may collect your feedback questions, phone number or email address, imported pictures or videos, and submitted problem logs. This information will be used to allow us to better understand the problems you encounter and contact you.

1.4 The following device permissions may be triggered when you use Lafaer. In order to enable you to better manage your personal information, we will inform you of the purpose of using the permission before turning on the permission and the possible impact on your use of the corresponding services if you do not turn on the permission. Please read it carefully. Before using specific functions, you can choose whether to authorize the following permissions. We will only use the permissions after obtaining your authorization. If you do not agree to authorize the permissions, it may affect the use of specific functions or services, but it will not affect the normal usage of the Lafaer application as a whole. At the same time, you can change the authorization status at any time through the device’s permission settings page.

a. Read and write device storage permissions (Android version): used to read and write photos and files on the device in functions such as scanning and user feedback;

b. Geolocation permissions (Android, iOS versions): used to provide smart devices Automation, the function of obtaining WLAN and Bluetooth lists and discovering nearby devices when the device is quickly connected; it is also used for functions such as automated geofencing in smart scenes (iOS version only);

c. Camera permission (Android, iOS version): used to scan the QR code for device installation, account login and other functions;

d. Read phone permission (Android version): used to generate the device identification of the phone locally on the client

e. Turn on WLAN permission (Android version): used to connect your smart device to the network or connect to the WIFI issued by the smart device;

f. Album permission: used for users to read and write in functions such as scanning and user feedback. Photos and videos on your device.

2. How we share, transfer and publicly disclose your personal information

2.1 Sharing We will not share your personal information with any company, organization or individual outside our company unless we obtain your explicit consent. When you log in with our account on a third-party website/application, and you authorize and agree, we will transfer your nickname, avatar and other information (depending on the nature of the third-party’s services and products and the information you agree to authorize). to that third party. If you do not agree to the third party obtaining your personal information, please do not agree to authorize it.

2.2 Transfer We will not transfer your personal information to any company, organization or individual, except in the following circumstances:

a. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties;

b. When a merger, acquisition, or bankruptcy liquidation is involved, if personal information is transferred, we will inform you of the name of the recipient, contact information, etc., and require the recipient to continue to be bound by this personal information protection policy, otherwise We will require the recipient to re-obtain your authorization and consent.

2.3 Public disclosure We will only publicly disclose your personal information under the following circumstances:

a. After obtaining your explicit consent;

b. Disclosure based on law: We may publicly disclose your personal information when required by laws, legal procedures, lawsuits, or mandatory requirements from government authorities.

3. How we protect your personal information

We will take various precautions to protect your (or your children’s) personal information to protect it from loss, theft, and misuse, as well as unauthorized access, disclosure, alteration, or destruction. To ensure the security of your personal information, we will only use your personal information as permitted by laws and regulations and with your explicit consent. We have strict information security regulations and processes, and have a dedicated information security team to strictly implement the above measures within the company. We will take reasonable and feasible measures to try our best to avoid collecting irrelevant personal information. If a security incident such as personal information leakage occurs, we will activate an emergency plan to prevent the security incident from expanding, and inform you in the form of push notifications, announcements, etc.

However, the Internet environment is not 100% safe. Although we have the above measures, please note that there are no “perfect security measures” on the Internet. We will try our best to ensure or guarantee the security of any information you send to us.

4. Your rights

In accordance with relevant Chinese laws, regulations, standards, and common practices in other countries and regions, we guarantee that you can exercise the following rights with respect to your personal information:

4.1 Access your personal information You have the right to access your personal information, except for exceptions provided by laws and regulations. If you need to access your personal information, you can access your username and password information in the following ways: Log in to the Lafaer App - [Personal] - [Personal Center].

4.2 Correct your personal information If you need to change your username and confidential information, you can log in to the Lafaer App - [Personal] - [Personal Center] to change or delete it, or you can consult us according to the contact information in Article 8 of this Agreement for revision.

4.3 Delete your personal information If you need to change your username and confidential information, you can log in to the Lafaer App - [Personal] - [Personal Center] to change or delete it, or you can consult us according to the contact information in Article 8 of this Agreement for revision. You can make a request to us to delete personal information under the following circumstances:

a. If our processing of personal information violates laws and regulations;

b. If we collect and use your personal information without your consent;

c. If our processing of personal information violates our agreement with you;

d. If you no longer use our products or services, or you cancel your account;

e. If we no longer provide you with products or services.

4.4 Scope of withdrawing your authorization and consent If you want to withdraw the authorization of relevant permissions, you can turn off the corresponding permissions in the operating system of your hardware device itself to withdraw the authorization consent. However, specific business functions and services will require your information to be completed. When you withdraw your authorization, we will no longer collect and process your corresponding personal information, and we will not be able to provide you with unauthorized corresponding functions or services. However, your decision to withdraw your authorization will not affect the previous processing of personal information based on your authorization.

4.5 Personal account cancellation If you need to cancel your personal account, you can log in to the Lafaer App - [Personal] - [Personal Center] to cancel your personal account, or you can contact us according to the contact information in Article 8 of this Agreement, which you can provide corresponding information and materials, and ensure that the information and materials provided are legal, authentic, and valid so that customer service can verify your identity and cancel your account. After canceling your account, we will stop providing products or services to you and delete your personal information according to your request, unless otherwise provided by laws and regulations.

4.6 Response to your above request If you need to contact us through the contact information in Article 8 to handle the above request, for safety, you may need to provide a written application or prove your identity in other ways. We may ask you to verify your identity before processing your request. We will respond within fifteen working days. In principle, we do not charge fees for your reasonable requests, but for repeated requests that exceed reasonable limits, we will charge a certain cost depending on the circumstances. We may reject requests that are unreasonably repetitive, require excessive technical means (for example, require the development of new systems or fundamentally change existing practices), pose risks to the legitimate rights and interests of others, or are highly impractical. We will not be able to respond to your request under the following circumstances:

a. Relevant to the personal information controller’s performance of obligations stipulated in laws and regulations;

b. Directly related to national security and national defense security;

c. Directly related to public safety, public health, and major public interests;

d. Directly related to criminal investigation, prosecution, trial, and execution of judgments;

e. The personal information controller has sufficient evidence to show that the personal information subject has subjective malice or abused rights;

f. To protect the life, property, and other major legitimate rights and interests of the personal information subject or other individuals but it is difficult to obtain the consent of the individual;

g. Responding to the request of the personal information subject will cause serious damage to the legitimate rights and interests of the personal information subject or other individuals or organizations;

4.7 Complaints and reports If you think your personal information rights may have been infringed or find clues that your personal information rights have been infringed, you can contact us according to the contact information in Article 8 of this Agreement, and we will give you feedback on your complaints and reports within fifteen working days after verification.

5. How we handle children’s personal information

Our products, websites, and services are primarily intended for adults. Children should not create their own personal information subject account without the consent of a parent or guardian. For cases where we collect personal information from children with parental consent, we will only use or publicly disclose this information as permitted by law, with the explicit consent of the parent or guardian, or as necessary to protect the child.

Although local laws and customs may define children differently, we consider anyone under the age of 14 to be a child.

If we discover that we have collected personal information from children without first obtaining verifiable parental consent, we will seek to delete the data as quickly as possible.

6. Storage location, period, and transfer of personal information

6.1 Where information is stored We abide by laws and regulations and store users’ personal information collected in the People’s Republic of China in the People’s Republic of China.

6.2 Period for storing information Generally speaking, we only retain your (or your child’s) personal information for the minimum period necessary to fulfill the purpose. However, under the following circumstances, we may change the storage time of personal information in order to comply with legal requirements:

a. To comply with applicable laws, regulations, and other relevant provisions;

b. To comply with court judgments, rulings, or other legal procedures;

c. To comply with the requirements of relevant government agencies or legally authorized organizations;

d. We have reason to believe that we need to comply with laws, regulations, and other relevant requirements;

e. Reasonably necessary purposes to implement relevant service agreements or this agreement, safeguard social and public interests, and protect the personal and property safety or other legitimate rights and interests of our customers, us or our affiliates, other users, or employees.

f. When our products or services cease operations, we will notify you through push notifications, announcements, etc., and delete or anonymize your personal information within a reasonable period.

7. Changes to this policy

We may update and revise the content of this Agreement from time to time. We will post any changes to this policy on this page. For major changes, we will also provide more prominent notices (including for some services, we will send notices through more prominent means such as page pop-ups to explain the specific changes in the personal information protection policy).

Major changes referred to in this policy include but are not limited to:

a. Our service model has undergone major changes. Such as the purpose of processing personal information, the type of personal information processed, the use of personal information, etc.;

b. We have undergone major changes in ownership structure, organizational structure, and other aspects. Such as changes in owners caused by business adjustments, bankruptcy mergers, etc.; c. The main objects to whom personal information is shared, transferred, or publicly disclosed change;

d. Significant changes in your rights to participate in the processing of personal information and how you exercise them;

e. When our contact information and complaint channels change.

8. How to contact us

If you have any questions, comments, or suggestions, you can contact us at any time:

Contact information: lafaer@gl-inet.com

Contact address: Room 305 and 306, Skyworth Digital Building, Songbai Road, Shiyan Street, Bao’an District, Shenzhen City

We will accept and handle your issues within fifteen working days.