Cloud Privacy Statement

Privacy Statement
"We" fully respect your privacy rights. We hereby formulate this "Privacy Statement";
(hereinafter referred to as "this Statement") to inform you of how we collect, use, disclose,
protect, store, and transmit your personal data. Please read this Statement carefully.If you have
any questions, please let us know.

Personal information refers to various information recorded electronically or otherwise that can
identify the personal identity of a natural person alone or in combination with other information.
This Statement sets out how we handle your personal information, but it does not cover all
processing scenarios. The products or services discussed, mentioned, or introduced in this
Statement vary depending on your device type, model, or geographic location. How specific
products or services handle your personal information, your rights, and how to contact the data
controller will be explained by us in the specific privacy notice or supplementary statement
published with that product or service. In addition to this Statement, we recommend that you
read the relevant privacy notice or supplementary statement when using specific products or
services.
This Statement applies only to our IPC series products and their video surveillance-related
services.
This Statement will help you understand the following:

I. How We Collect and Use Your Personal Information
1. Personal Information We Collect
When you use IPC products or services, you may need to provide personal information, and we
will only collect and use your personal information for the purposes stated in this statement. The
following are examples of the personal information we may collect:

1.1 Information We Obtain During Your Use of The Service
We will collect information about your device and how you and your device interact with our
products and services, including:
A. Device and application information, such as device name, device identifier, hardware model,
application version, software identification code, device and application settings (such as
region/language/time zone/font), etc.
B. Internet Protocol (IP) address.
C. Log information. When you use our services or view content provided by us, we will
automatically collect certain information and store it in logs, such as access time, access times,
access IP, event information (such as errors, crashes, restarts, upgrades), etc.
D. Historical audio and video recordings stored on the IPC or real-time audio and video
recordings from cameras connected to the IPC. When used with a mobile app, historical audio

and video recordings stored on the NVR or real-time audio and video recordings from cameras
connected to the IPC will be uploaded directly to the mobile app to enable remote viewing and
listening of video and audio recordings through the mobile app.

1.2 How We Use Your Personal Information
We will use your personal information for the following purposes:
A. To deliver, activate, or verify the products and services you request, or to modify, provide
technical support, and after-sales services for the above products and services at your request;
B. To send you notifications of application updates and installations;
C. To push video alarm messages to you or provide remote viewing of IPC video monitoring
recordings or real-time video services;
D. To provide you with services to remotely configure or modify IPC device and its attached
camera settings;
E. To conduct internal audits, data analysis, and research, analyze business operation efficiency,
and improve our products and services;
F. To troubleshoot errors when you choose to send us error details;
G. To synchronize and store data uploaded or downloaded by you and perform data uploads and
downloads;
H. To improve our anti-loss and anti-fraud programs;
I. For other purposes with your consent.

2.Face Recognition Algorithm Protocol
Thank you for choosing to use our products, including machine vision intelligent video
equipment, corresponding software platforms, API components, etc. (collectively referred to as
"the Products"), based on the specific needs of the customer (hereinafter referred to as "you").
Given that the Products contain facial recognition algorithms and involve the processing of
sensitive personal information such as biometric data, we have formulated the "Machine Vision
Face Recognition Algorithm Usage Protocol"; (hereinafter referred to as "this Protocol") to clarify
the features and usage specifications of the Products.
You may voluntarily choose whether to enable, invoke, or deploy (collectively referred to as
"use") the facial recognition algorithm or function. Before confirming usage, please carefully read
this Protocol, especially the terms prominently indicated in bold. Once you actually use or choose
to "agree"; you will be deemed to have read and voluntarily accepted the legal effect of this
Protocol's binding.
2.1. In view of the fact that video devices will record real activities under specific conditions and
within a specific time and space range during their use, you understand and confirm that you
should comply with all applicable laws and regulations, fulfill agreements or declarations signed

with stakeholders, respect international conventions, social morality, public order, and good
customs while using the Products, and avoid infringing on the legitimate rights and interests of
other organizations and individuals, including but not limited to the right to privacy, the right to
portrait, and personal information rights.
2.2. You understand and confirm that all data and personal information (including biometric
information) that you handle independently during the use of the Products meet the
requirements of all applicable laws and regulations and have fulfilled legal obligations in practical
terms, including but not limited to: fully informing relevant individuals, the public, and regulatory
agencies of data and personal information processing related to the use of the Products; having a
lawful basis for processing data and personal information, such as obtaining consent (including
separate consent) from relevant subjects in a legal manner.
2.3. You understand and confirm that we only provide the Products, and unless you
independently entrust us to process data in accordance with the law, we will not access, collect,
or store data such as videos, images, and personal information captured by the Products.
2.4. Considering that the data generated by video equipment during use carries the rights
protection requirements, value propositions, or other demands of various stakeholders,
protecting the product from intrusion, network security, and data security is crucial. You
understand and confirm that as a user, network operator, or data processor of the product, you
should take reasonable and necessary measures to ensure network security and data security in
accordance with the law, to avoid data leakage, improper disclosure, and illegal use.
2.5. Given that the use of the product is determined by you independently, as the manufacturer
of the product, we cannot control the object or scope of product use, nor can we effectively
control the specific use behavior of customers, nor can we guarantee the legality, correctness,
completeness, truthfulness, or quality of customer content or your use method and purpose.
Therefore, you should independently assume the obligation to comply with the law for your own
behavior. We do not provide any compliance guarantee or assurance for your behavior, and the
provision of the product and any terms of this agreement should not be understood as providing
any form of help or convenience for your behavior.
2.6. You understand and confirm that our product is provided in accordance with existing laws
and regulations, technology, and conditions. If any applicable laws or regulations would
substantially affect (1) the provision of part or all of the product's functions or (2) our ability to
provide such functions in accordance with the law, we may decide unilaterally to immediately
terminate the provision of such algorithms, functions, or products and give notice as early as
possible on the official website, relevant software interface, or user manual. In this case, it will
not be considered a breach of contract by us, and we will not be liable to you.
2.7. You understand and confirm that if any complaints, claims, fines, lawsuits, or other disputes
arise from your use of the product, you should be responsible for handling and assume all
responsibilities, and at the same time, ensure that we are exempt from any losses or damages
arising from this. If we have to bear any responsibility due to you, you should eliminate the
impact and compensate us for all losses.
2.8. You understand and confirm that we reserve the right to update or modify this agreement
from time to time. If you do not accept the relevant updates, you should immediately stop using
the product. Otherwise, you will be deemed to have accepted the updated content.

II. How We Entrust, Share, Transfer, and Disclose Your Personal Information

1. Entrustment
In some cases, we may entrust other companies to process your personal information on our
behalf. For example, companies that handle our hotline, send emails, or provide technical
support. These companies may only use your personal information to provide services on our
behalf.
We will sign strict confidentiality agreements or personal information processing terms with the
entrusted parties and require them to process personal information in accordance with this
statement and to take relevant confidentiality and security measures.
2. Sharing
Sharing refers to the process by which we provide personal information to other personal
information controllers, where both parties have independent control over the personal
information. We will not share your personal information with third parties except in the
following cases:
2.1. Sharing with your explicit consent: With your explicit consent, we will share the information
you authorize us to share with a third party you designate.
2.2. Sharing in legal circumstances: We may share your personal information with third parties
according to legal requirements, dispute resolution needs, or requests made by administrative or
judicial authorities.
3. Transfer
Transfer refers to the process of transferring control over personal information from us to
another personal information controller. We will not transfer your personal information to any
company, organization, or individual, except in the following cases:
3.1. Transfer with your explicit consent: With your explicit consent, we will transfer your
personal information to other parties.
3.2. In the event of a merger, acquisition, or bankruptcy liquidation, if personal information
transfer is involved, we will require the new holder of your personal information to continue to
be bound by this statement. Otherwise, we will require the company or organization to seek
your authorization again.
4. Disclosure
We will only disclose your personal information in the following circumstances:
4.1. With your explicit consent.
4.2. Based on legal or reasonable grounds for disclosure: In the event of legal proceedings,
lawsuits, or requests from public or government authorities, we may disclose your information in
accordance with legal and regulatory requirements.

III. How We Protect Your Personal Information

We value the security of personal information and take industry-standard practices to protect
your personal information from unauthorized access, disclosure, use, modification, damage, or
loss. To this end, we have taken the following measures:
1. We take all reasonable and feasible measures to ensure the minimization of personal
information collection and do not collect personal information that is irrelevant to the purpose.
We will only retain your personal information for the period necessary to achieve the purposes
stated in this statement, unless an extension is needed or permitted by law;
2. We use encryption technology to ensure the confidentiality of data transmission and
storage. We use trusted protection mechanisms to prevent malicious attacks on data and
storage servers;
3. We deploy access control mechanisms to ensure that only authorized personnel can access
personal information; and based on business needs and personnel hierarchy, we control the
number of authorized personnel and manage their permissions in a hierarchical manner. Access
to personal data is logged;
4. We strictly select business partners and service providers and implement requirements for
personal information protection in both parties' business contracts or audit, assessment, and
other activities;
5. We organize security and privacy protection training courses, testing, and promotional
activities to strengthen employees' awareness of the importance of protecting personal
information.

In summary, we will do our best to protect your personal information. However, no measures
can be foolproof, and there is no product or service, website, data transmission, computer
system, or network connection that is completely secure.
To address the risks of personal information leaks, damage, and loss, we have established
various systems and control measures. We have established clear classification and grading
standards for security events and vulnerabilities, as well as corresponding processing procedures,
and set up dedicatedsecurity notice and warning pages.We have also established a specialized
emergency response team for security incidents, and according to the requirements of security
incident disposal norms, we initiate security plans for different security incidents, including stop-
loss, analysis, positioning, remedial measures, retrospective investigation, and strikeback in
collaboration with relevant departments.
In the event of a personal information security incident, we will inform you in accordance with
legal requirements about the basic situation and potential impact of the security incident, the
measures we have taken or will take to address it, suggestions for your own risk prevention and
reduction, and your remedial measures. We will notify you of the incident-related information
via email, SMS, push notifications, or other reasonable and effective means. If it is difficult to
inform individuals one by one, we will issue a public notice in a reasonable and effective manner.
Additionally, we will report the handling of personal information security incidents to regulatory
authorities as required.

IV. How You Can Manage Your Personal Information

1. Access, Correction, and Deletion
In some countries/regions where we offer our products and services, legislation provides
individuals with the right to access, correct, and delete their personal information that we retain.
In these countries/regions, individuals or their authorized representatives may submit requests
(hereinafter referred to as "Requests") to access, correct, or delete their relevant personal
information held by us.
1.1. Ways and Channels to Submit Requests
Requests must be submitted in writing. Even if the requester does not specify the legal basis for
the request, it is still valid. Generally, verbal requests for access are invalid, but if the laws of
some countries also recognize the validity of verbal requests, we will follow such provisions.
1.2. Validity of Requests
Most laws require individuals to make requests in specific ways. This statement requires
individuals to do the following:
A. Submit requests through our designated channels for personal information subjects;
B. Provide sufficient information to us to verify their identity (to ensure that the requester is the
personal information subject or their authorized representative);
C. The request content is specific and executable.
1.3. Deadline for Processing Requests
We will make every effort to respond to a data subject access request within one month of its
submission. If necessary, this deadline may be extended by two months in consideration of the
complexity and number of requests. If we are unable to meet this deadline, we will inform the
data subject of the circumstances and the reason for the delay. If the deadline set forth in this
paragraph conflicts with local law, the local law shall prevail.
1.4. Results of Requests
After a data subject makes a request, one of the following outcomes may occur:
A. Request Denied
In certain cases, a data subject's request may be denied, including but not limited to the
following:
a. When local law does not grant the data subject relevant rights;
b. When the identity of the requester cannot be verified;
c. When the data subject's request cannot be verified or is beyond the scope of what can be
provided, particularly if the request is repetitive;
d. When disclosure of the information involved may harm our interests, such as in the context of
compensation or damages we may be liable for in a dispute;
e. When retention of the information is solely for statistical or research purposes, and the

publication of the results of such statistical or research activities would not disclose the identity
of the data subject;
f. Other situations as provided by law.
If we deny a data subject's access request, we will provide a formal explanation of the reason(s)
for the denial to the requester.
B. Request Granted
If none of the circumstances described in A above occur, we will fulfill the data subject's request.
To increase the likelihood of a successful request, please provide as much detailed information
as possible, such as the category and specific content of the request, relevant information about
the data holder (such as the name of the product or service you use), and the time range for the
generation or processing of the information (the smaller the time range, the higher the likelihood
of success).
1.5. Special Notice
A. No one has the right to access another person's personal information unless they are
authorized or a guardian.
B. Most legal provisions clearly state that organizations may not provide data to data subjects in
certain circumstances. These circumstances include situations in which providing data would
undermine efforts to combat terrorism, the data subject has made multiple repetitive requests,
or obtaining and providing the data would require disproportionate resources.
C. In principle, we will not provide the following information:
a. Information about other individuals - Data subject access requests may involve data about
individuals other than the data subject. Unless the individuals concerned have given their
consent, we will not provide such information.
b. Repetitive requests - When a requester submits the same or similar request concerning the
same data subject, and the data has not changed over a certain period of time, and we have
already provided the data, we generally will not provide copies of the data. Additionally, we are
not obligated to provide information that has already been made public.
c. Confidential opinions given under secrecy - If information about the data subject is given under
confidentiality, we are not obligated to provide such information.
d. Special files - Any special information we hold will not be disclosed to data subjects upon
request. Generally, special information includes any confidential documents (such as direct
communication between clients and their lawyers) and information obtained or given to obtain
the corresponding legal advice (whether in the litigation itself or in the process of the court
litigation).

V. How This Statement Is Updated
We reserve the right to update or modify this statement from time to time.