Crushkey Privacy Policy
Version Update Date: January 17, 2025
Version Effective Date: January 17, 2025
Welcome to using the services provided by Crushkey! Senyan Media (referred to as Hunan Senyan Media Co., Ltd. in this Privacy Policy, hereinafter also called "we") attaches great importance to the protection of your privacy and personal information. This Privacy Policy applies to your access and use of any services provided by Crushkey through any means.
Crushkey is a mobile input method product that helps users improve their language expression and communication skills (hereinafter collectively referred to as "Crushkey products or services"). We will only process the personal information necessary for your use of the products or services.
This Privacy Policy applies to your access and use of our products and services through Crushkey's App, software development kits (SDKs) and application programming interfaces (APIs) for third-party websites and applications. Crushkey includes multiple application versions for iOS, Android, etc. Please select the version that matches the terminal device you have installed when using Crushkey. The personal information that Crushkey may obtain depends on the version of the Crushkey application you are using, the specific type/version of the terminal device you are using, and the functions you are using.
This Privacy Policy is designed to help you understand what personal information we will collect, why we collect this personal information, what we will do with this personal information, and how we will protect this personal information. We will follow the Privacy Policy to collect and use your personal information, but we will not adopt a mandatory bundled approach to collect all your personal information simply because you authorize this Privacy Policy.
We will strictly follow the legal requirements and obtain your separate consent in specific situations. In addition to this Privacy Policy, we may also inform you of the rules for our processing of your personal information through product page notifications, pop-up prompts, and other means. The specific business functions and the corresponding personal information processing situations will be subject to the specific rules, which have the same effect as this Privacy Policy.
In addition, for Apple users, we follow the EULA: https ://www.apple.com/legal/internet-services/itunes/dev/stdeula/
Unless otherwise stipulated by laws and regulations, you have the right to be informed and to make decisions regarding our processing of your personal information. You have the right to restrict or refuse the processing of your personal information by us or any other party. At the same time, you have the right to request us to explain the rules for our processing of your personal information. Please read and understand this Privacy Policy carefully before using Crushkey and related products and services, so as to make appropriate choices.
This Privacy Policy will help you understand the following:
1. The information we collect and the corresponding purposes of use
2. How we use Cookies and similar technologies
3. How we share, transfer, publicly disclose, and entrust the processing of your personal information
4. How we save and protect your personal information
5. Your rights
6. How we handle the personal information of minors
7. Revision of the Privacy Policy
8. How to contact us
We are well aware of the importance of personal information to you and also know that providing effective protection for your information is the cornerstone of the healthy and sustainable development of our business. Thank you for using Crushkey and trusting us! We are committed to maintaining your trust and adhering to the following principles to protect your personal information: the principle of consistency of rights and responsibilities, the principle of clear purposes, the principle of choice and consent, the principle of minimization, the principle of ensuring security, the principle of subject participation, the principle of openness and transparency, etc.
We solemnly promise that we will take corresponding security protection measures to protect your personal information in accordance with the mature security standards of the industry.
1. The information we collect and the corresponding purposes of use
We will follow the principles of legality, propriety, and necessity, and collect and use your personal information. We collect and process your personal information for the purpose of providing you with the corresponding business functions. In the corresponding functions, if the personal information you provide is that of another person, please ensure that you have obtained the authorization of the relevant subject, and we reserve the right to verify the lawful source of such personal information at any time.
You need to provide us with personal information for us to achieve basic business functions such as registration and login (mobile phone number login and third-party platform login, etc.), and payment. The personal information necessary for the basic business functions is necessary personal information. If you refuse to provide this necessary personal information, we will not be able to provide you with the basic business functions and corresponding services.
For your better understanding, we list the business functions, processing purposes, and personal information required as follows:
1.1 Registration and Login of Accounts
When you browse and use the content provided by Crushkey, you need to register and log in to your Crushkey account. You can create an account with your mobile phone number, and you can also complete your account information.
When registering and logging in to your Crushkey account, you need to provide us with your mobile phone number. You can choose to set an account name.
You can also log in to Crushkey using a third-party account (such as WeChat, Apple ID). In this case, you will authorize Crushkey to obtain the public information registered in your third-party account (including your nickname, avatar, and other information you have authorized).
You can choose whether to log in to Crushkey through the "one-click login" method. If you choose this login method, the operator will process your mobile phone number information.
1.2 Usage Information
Usage information mainly includes: clicks, collections, searches, queries, browsing, and other information generated by users when using the App.
1.3 Ensuring Safe Operation and Improving Services
In order to ensure the safe operation of the software and services and prevent your personal information from being illegally obtained, and to more accurately prevent fraud and protect account security, we will collect your device information, log information, and other information related to the login environment.
To prevent user tokens from being stolen and used for login, the request interface carries the device ID (AndroidID) to verify the current request device.
Please understand that when you switch Crushkey from the device screen to the background of the device, due to some device models and system reasons, the information collection behavior generated by your previous use of Crushkey functions may not be able to stop immediately, resulting in a brief period of background information collection behavior.
1.4 Exceptions to Prior Consent
Please note: In the following circumstances, the collection and use of personal information do not require prior consent:
Directly related to national security and defense security;
Necessary for the conclusion or performance of a contract in which the individual is a party;
Necessary for the performance of statutory duties or legal obligations;
Necessary to respond to a sudden public health emergency, or to protect the life, health, and property safety of natural persons in an emergency;
Directly related to crime investigation, prosecution, trial, and execution of judgments;
Necessary to protect the significant legitimate rights and interests of you or other individuals, and it is difficult to obtain your consent;
Collected within the scope permitted by laws and regulations from personal information that you have proactively made public or other legally disclosed personal information;
Collected within the scope permitted by laws and regulations from personal information disclosed through legal channels such as lawful news reports and government information disclosure;
Processed within the scope permitted by laws and regulations for news reporting, public opinion supervision, and other activities for the public interest, and the personal information has been anonymized;
Collected by academic research institutions within the scope permitted by laws and regulations for statistical or academic research purposes, and the results of the research or descriptions provided externally have been anonymized;
Other circumstances stipulated by laws and regulations.
1.5 Anonymization of Personal Information
Senyan Media has the right to mine, analyze, and utilize anonymized user databases (including for commercial purposes) without publicly disclosing or providing your personal information, and has the right to statistically analyze the use of products/services and share anonymized statistical information with the public/third parties.
1.6 Device Permission Calls
During the service provision process, to ensure that you can use the product functions normally, we will request the following system device permissions from your device. Before making the request, we will seek your consent, and you may choose to "Allow" or "Deny" the permission request. After your authorization, we will enable the relevant permissions. You may revoke your authorization at any time in the system settings. Revoking your authorization may prevent you from using the related business functions but will not affect your use of other business functions.
The following table shows the system privacy permissions called by various business functions:
| Device Permission | Business Function | Permission Authorization Method | Can it be turned off |
|---|---|---|---|
| Storage | Read and write pictures, files, or cache information | Pop-up query when the user first uses the business function related to storage | Yes |
| Read and write clipboard | One-click search, use of Crushkey, enhance user experience | Pop-up query when the user uses the related business function | Yes |
| Phone (also known as "device information" permission on some models) | Improve and optimize service experience, safeguard your account security | Pop-up query when the user opens Crushkey for the first time and clicks to agree | Yes |
| Wireless Network | Network connection for various business functions | Pop-up query when the user opens Crushkey for the first time | Yes |
| Notification | Send notification messages | Pop-up query when the user opens Crushkey for the first time | Yes |
| Advertising Identifier IDFA | Improve and optimize service experience | Pop-up query when the user opens Crushkey for the first time | Yes |
You can enable or disable some or all permissions at any time through the permission settings provided by your device,
and thus refuse to allow Crushkey to collect the corresponding personal information. The display and shutdown methods for permissions may vary across different devices. For specific instructions, please refer to the guidelines provided by the device and system developers.
Other Purposes for Which You Have Given Separate Consent
If we intend to use the information for purposes not specified in this Privacy Policy, we will seek your prior consent. Similarly, if we intend to use the information collected for a specific purpose for any other purpose, we will also obtain your prior consent.
How We Use Cookies and Similar Technologies
Cookies and anonymous identifier tools. Cookies are a mechanism that allows server-side (or scripts) to store and retrieve information on the client side. When you use Crushkey products or services, we may send one or more Cookies or anonymous identifiers to your device. When you interact with Crushkey services, we permit Cookies or anonymous identifiers to be sent to the Senyan Media server.
We will not use Cookies for any purposes other than those described in this agreement. Most web browsers are set to block Cookies. However, if you do so, you will need to manually change your user settings each time you visit our website, but you may not be able to log in or use services or features of Senyan Media that rely on Cookies.
You can clear your Cookies through [My - Clear Cache], thereby limiting the use of Cookies by Crushkey.
How We Share, Transfer, Publicly Disclose, and Entrust the Processing of Your Personal Information, as well as the Third Parties We Connect With
Some of our services are provided by authorized partners. To achieve the purposes stated in this Privacy Policy, we may share certain personal information with our partners to provide better customer service and user experience. We will only share personal information for legitimate, proper, necessary, specific, and clear purposes, and will only share the personal information necessary to provide the services. Unless otherwise authorized by you or required by laws and regulations, our partners are not allowed to use the shared personal information for any other purposes.
3.1 Sharing
Unless we have obtained your prior separate consent or in other circumstances stipulated by laws and regulations, we will not share your personal information with any third party outside of Senyan Media, except for information that has been processed to the extent that it cannot identify specific individuals and cannot be restored.
For the companies, organizations, and individuals with whom we share personal information, we will investigate their data security environment and enter into a strict confidentiality agreement with them, requiring them to handle personal information in accordance with the law and to take confidentiality and security measures.
In the following situations, we may share your personal information with the following third parties:
3.1.1 Third-party product or service providers.
Crushkey integrates a wide range of third-party services. When you use third-party services integrated with Crushkey, you may need to submit your personal information. We will provide your personal information to the third party providing the service based on your valid authorization or where it is necessary for the conclusion or performance of a contract in which you are a party. For specific details on how third-party services collect and use your personal information, we recommend that you refer to the relevant service agreements and privacy policies of the third-party services.
3.1.2 Third parties with whom you proactively choose to share personal information
You can use the sharing function of Crushkey to share with WeChat friends, including but not limited to content generated by you on the platform. Before using third-party services or sharing functions, please fully consider the credibility of the information recipient and we recommend that you review the personal information processing rules (such as privacy policies) of the social networks or third-party service providers you utilize to understand how they handle your information and make prudent decisions.
3.2 Transfer
We will not transfer your personal information to any company, organization, or individual outside of Senyan Media except in the following circumstances:
Obtaining your explicit prior consent or agreement;
Complying with legal requirements, legal procedures, mandatory government requirements, or judicial orders;
In the event of a merger, division, liquidation, or asset/business acquisition or sale of us or our affiliated companies, your personal information may be transferred as part of such transactions. We will ensure the confidentiality of the information during transfer, notify you of the name or surname and contact details of the recipient, and make every effort to ensure that the new holder of your personal information continues to be bound by this Privacy Policy. Otherwise, we will require the company or organization to obtain your prior consent again.
3.3 Public Disclosure
We will only publicly disclose your personal information in the following circumstances:
Obtaining your separate consent;
Required by laws and regulations, legal procedures, litigation, or mandatory requirements of government authorities.
When imposing penalties on违规accounts and违规behaviors, we will disclose the information of the relevant accounts, which may inevitably include account-related authentication information and the details of the violations.
3.4 Exceptions to Obtaining Prior Consent for Sharing, Transferring, and Publicly Disclosing Personal Information
In the following circumstances, sharing, transferring, and publicly disclosing personal information does not require prior consent from the data subject:
Directly related to national security and defense security;
Necessary for the conclusion or performance of a contract in which the individual is a party;
Necessary for performing statutory duties or legal obligations;
Directly related to public safety, public health, and significant public interests. For example: In response to突发public health emergencies, or to protect the life, health, and property safety of natural persons in紧急situations;
Directly related to crime investigation, prosecution, trial, and judgment execution;
Necessary to protect the significant legitimate rights and interests of the data subject or other individuals when it is difficult to obtain consent;
Processed within a reasonable scope of personal information that the data subject has proactively made public or that has been legally disclosed, such as through lawful news reporting and government information disclosure channels;
Other circumstances stipulated by laws and regulations.
To better provide you with services, we may entrust third-party partners to process your personal information. We will only entrust the processing of your information to third-party partners for legitimate, proper, necessary, specific, and clear purposes. We strictly limit the purposes for which the entrusted party processes the information and require them to implement adequate data security measures. If the third-party partner uses your information for purposes beyond our entrustment, they will obtain your separate consent. The authorized partners we entrust include advertising and analytics service partners. In compliance with industry-standard security technologies, we entrust these partners to process information related to advertising delivery, effectiveness, and reach rates. Without your valid consent, we will not entrust third-party partners with directly identifiable personal information. If you proactively provide your contact details, address, or other personal information to specific third-party partners for them to contact you, they will directly process your personal information.
In joint processing scenarios, we also sign relevant agreements in compliance with laws and regulations with the cooperating parties and fulfill our personal information protection obligations as required by law.
3.5 Third-party Software Development Kits (SDKs) We Integrate
To adapt Crushkey for use on different mobile devices and third-party platforms, and to enable features such as one-click login with your phone number, login to third-party platform accounts, sharing information via third-party platforms, and third-party payments, Crushkey integrates third-party SDKs. These third-party SDK providers include mobile device manufacturers, social platforms, telecommunications operators, and third-party payment institutions. Some third-party SDKs may invoke device permissions and obtain relevant information to allow you to use the corresponding functions normally on different mobile devices or third-party platforms. The types of device permissions invoked and the information obtained may vary across different third-party SDKs, potentially including access to your location, read/write access to external storage cards, reading of phone status and identity, viewing of WLAN connections, retrieval of running applications, and retrieval of installed application lists. For specific types of device permissions invoked by third-party SDKs and details on how they collect and use personal information, please refer to the relevant service agreements and privacy policies of the third-party SDKs. If you wish to learn more about the third-party SDKs we integrate, please refer to the Third-party SDK Directory.
Third-party SDK Directory
1. NetEase Yi Dun
Purpose: To provide one-click login functionality with a phone number
Usage Scenario: Login using one-click login
Third-party Name: NetEase Company
Personal Information Involved: Network status information, phone number, application list information, SIM card identifier (ICCID), device identifiers (iOS Advertising Identifier (IDFA), International Mobile Equipment Identity (IMEI), Anonymous Device Identifier (OAID), International Mobile Subscriber Identity (IMSI), SIM card serial number), application list information, base station information, WiFi router MAC address (BSSID), WiFi scan results
Third-party Official Link: https://dun.163.com/product/phone-verification
Privacy Policy: https://dun.163.com/clause/privacy
2. OpenInstall SDK
Purpose: To collect and analyze App operation data such as user activity and new user acquisition
Usage Scenario: When the user operates the APP
Third-party Name: Shenzhen Fenmiao Network Technology Co., Ltd.
Personal Information Involved: iOS Advertising Identifier (IDFA and IDFV), Android Advertising ID, network card address (MAC), IP address, International Mobile Equipment Identity (IMEI), running processes, Mobile Equipment Identifier (MEID), Anonymous Device Identifier (OAID), device hardware information, system information, operating environment information, risk control information, WiFi router MAC address (BSSID), WiFi scan results
Official Link: https://www.openinstall.io/
Privacy Policy: https://www.openinstall.io/privacy.html
Information Collection Method: SDK collection
3. Getui SDK
Purpose: To provide APP push notification functionality
Usage Scenario: When the user operates the APP
Third-party Name: Hangzhou Epushing Interactive Technology Co., Ltd.
Personal Information Involved: Device platform, device manufacturer, device brand, device model and system version, OAID, AndroidID, WiFi connection information, carrier information, DHCP, SSID, BSSID, IMEI, MAC, Google Advertising ID (GAID), Serial Number, IMSI, ICCID, IP address, base station information
Official Link: https://www.getui.com/
Privacy Policy: https://www.getui.com/privacy
Information Collection Method: SDK collection
4. Alipay SDK
Purpose: To enable users to use Alipay within the application
Usage Scenario: When the user makes a payment via Alipay
Third-party Name: Alipay (Hangzhou) Information Technology Co., Ltd.
Personal Information Involved: Device identifiers (for Android, such as IMEI, MEID, IMSI, Android ID, Serial, ICCID, OAID; for iOS, such as IDFV, IDFA), MAC address, IP address, WLAN access points, WiFi router MAC address (BSSID), WiFi scan results
Official Link: https://www.alipay.com/
Privacy Policy: https://opendocs.alipay.com/open/54/01g6qm#%E6%94%AF%E4%BB%98%E5%AE%9D%20App%20%E6%94%AF%E4%BB%98%E5%AE%A2%E6%88%B7%E7%AB%AF%20SDK%20%E9%9A%90%E7%A7%81%E6%94%BF%E7%AD%96
Information Collection Method: SDK collection
5. WeChat Pay SDK
Purpose: To enable users to use WeChat Pay within the application
Usage Scenario: When the user makes a payment via WeChat Pay
Third-party Name: Tenpay (Shenzhen) Technology Co., Ltd.
Personal Information Involved: Device identifiers (for Android, such as IMEI, MEID, IMSI, Android ID, Serial, ICCID, OAID; for iOS, such as IDFV, IDFA), MAC address, IP address, WLAN access points, WiFi router MAC address (BSSID), WiFi scan results
Official Link: https://pay.weixin.qq.com/index.php/core/home/login?return_url=%2F
Privacy Policy: https://pay.weixin.qq.com/index.php/core/home/pay_pact_v4
Information Collection Method: SDK collection
6. Conversion SDK
Purpose: For ad placement cooperation, attribution, anti-cheating, statistical analysis to improve performance and user experience
Usage Scenario: After the user downloads the app, registers, and makes a payment
Third-party Name: Beijing Bytedance Network Technology Co., Ltd.
Personal Information Involved: Device brand, model, software system version, resolution, network signal strength, device language, accelerometer, magnetometer, gyroscope, gravity sensor, AndroidID, IP address, wireless network SSID name, WiFi router MAC address (BSSID), WiFi scan results, device MAC address, device identifiers (IMEI, MEID, IMSI, ICCID, OAID, GAID (for GMS services only), device serial number build_serial, etc., which may vary due to different hardware and software versions); developer app name, app package name, version number, app foreground/background status, app list information, running process information; interaction data such as ad impressions, clicks, and conversions; location information; crash data, performance data; carrier information, device time zone.
Privacy Policy: https://open.oceanengine.com/labels/8/docs/1708428054592516
Information Collection Method: SDK collection
7. 360加固SDK
Purpose: For detecting APP faults and diagnostics, APP security reinforcement protection, and anti-piracy services
Third-party Name: Beijing Qihoo Technology Co., Ltd.
Personal Information Involved: Device MAC address, software installation list, contacts, SMS, SD card data, etc.
Privacy Policy: https://jiagu.360.cn/#/global/help/322
8. Huawei Push
Purpose: To send push notifications
Third-party Name: Huawei Terminal Co., Ltd.
Personal Information Involved: Basic application information, in-app device identifiers, device hardware information, system basic information, and system settings information
Privacy Policy: https://developer.huawei.com/consumer/cn/doc/development/app/20213
Information Collection Method: Encryption and anonymization
9. Xiaomi Push
Purpose: To send push notifications
Third-party Name: Xiaomi Push
Personal Information Involved: Device identifiers (such as Android ID, OAID, GAID), device information
Privacy Policy: https://dev.mi.com/console/doc/detail?pId=1822
Information Collection Method: Encryption and anonymization
10. OPPO Push
Purpose: To send push notifications
Third-party Name: Guangdong Huantai Technology Co., Ltd.
Personal Information Involved: Device identifiers (such as IMEI, SIM card serial number, IMSI, Android ID, GAID), application information (such as app package name and version number, running status), network information (such as IP or domain connection results, current network type)
Privacy Policy: https://open.oppomobile.com/wiki/doc#id=10288
Information Collection Method: Encryption and anonymization
11. VIVO Push
Purpose: To send push notifications
Third-party Name: BBK Mobile Communication Co., Ltd.
Personal Information Involved: Device identifiers (such as IMEI, SIM card serial number, IMSI, Android ID, GAID), application information (such as app package name and version number, running status), network information (such as IP or domain connection results, current network type)
Privacy Policy: https://dev.vivo.com.cn/documentCenter/doc/366
Information Collection Method: Encryption and anonymization
12. Mobile Smart Terminal Supplementary Device Identifier SDK
Purpose: To obtain OAID device identifier
Third-party Name: Mobile Security Working Committee
Personal Information Involved: The SDK does not invoke any device permissions. The information collected by the SDK is not stored locally or transmitted over the network. It is only obtained during SDK interface calls and is immediately destroyed by the program upon completion of the interface function. There is no storage, sharing, transfer, or public disclosure of data.
Privacy Policy: https://msa-alliance.cn/col.jsp?id=122
13. Chuangshanjia Advertising SDK
Purpose: To provide personalized ad recommendations
Third-party Name: Beijing Bytedance Network Technology Co., Ltd.
Personal Information Involved: Device MAC address (for iOS, applicable to versions below iOS3200), device identifiers (such as IMEI, Android ID, OAID, IMSI, ICCID, GAID (for GMS services only), MEID, hardware serial number build_serial, etc., which may vary due to different hardware and software versions), device identifiers (such as IDFA, which may vary due to different hardware and software versions), software list information, accelerometer, magnetometer, rotation vector sensor, accelerometer, gyroscope sensor, precise location information, approximate location information (WiFi list, WLAN access points (such as SSID, BSSID), base stations)
Privacy Policy: https://www.csjplatform.com/terms/privacy-policy
To better serve you, we may entrust third-party partners with the processing of your personal information. We will only entrust the processing of your information to third-party partners for lawful, legitimate, necessary, specific, and explicitly defined purposes. We strictly limit the purposes for which the entrusted party may process the information and require them to implement adequate data security measures. If the third-party partner uses your information for purposes beyond our entrustment, they will obtain your separate consent. The authorized partners we entrust include advertising and analytics service partners. In compliance with industry-standard security technologies, we entrust these partners with processing information related to advertising delivery, effectiveness, and reach rates. Without your valid consent, we will not entrust third-party partners with directly identifiable personal information. If you proactively provide your contact details, address, or other personal information to specific third-party partners for them to contact you, they will directly process your personal information.
In joint processing scenarios, we also sign relevant agreements in compliance with laws and regulations with the cooperating parties and fulfill our personal information protection obligations as required by law.
How We Save and Protect Your Personal Information
4.1 Retention Period
We will retain your personal information for the period necessary to provide our services. However, in cases where laws and regulations stipulate a different retention period, you agree to a longer retention period, it is necessary to ensure the security and quality of our services, to resolve disputes, or where technical limitations make deletion impractical, we will extend the retention period in accordance with the law, contractual agreements, or within a reasonable scope.
After the retention period has expired, we will delete your personal information or anonymize it in accordance with the law.
4.2 Place of Storage
In principle, personal information collected and generated within the People's Republic of China will be stored within the country. If your personal information needs to be transferred to a jurisdiction outside the country where you use our products or services, or accessed from such jurisdictions, we will strictly fulfill our legal obligations and obtain your separate consent in accordance with the law. These jurisdictions may have different data protection laws, or none at all. In such cases, we will transfer your personal information in accordance with the current laws of China and ensure that it receives protection equivalent to that within the country. For example, we will request your consent for the cross-border transfer of personal information or implement data anonymization and other security measures prior to such transfers.
4.3 Security Measures
We adhere to the principle of "minimization" in collecting, using, storing, and transmitting user information, and inform you of the purpose and scope of information usage through user agreements and privacy policies.
We place great importance on information security. We have established dedicated teams responsible for researching and applying various security technologies and procedures. We conduct security background checks on individuals in security management roles and key security positions. We have also established comprehensive information security management systems and internal mechanisms for responding to security incidents. We implement appropriate industry-standard security measures and technical means to store and protect your personal information, preventing its loss, unauthorized access, public disclosure, misuse, damage, or leakage. We employ encryption technologies to ensure data confidentiality and trusted protection mechanisms to guard against malicious attacks.
We provide data security awareness training and capability assessments for our employees to strengthen their understanding of the importance of protecting personal information. We conduct identity verification and access control for employees handling personal information and sign confidentiality agreements with such employees and partners, clarifying their roles and behavioral standards. Only authorized personnel are permitted to access personal information. Any violation of the confidentiality agreement will result in the immediate termination of the cooperation with Senyan Media and the pursuit of legal responsibilities. Confidentiality requirements are also imposed on personnel handling personal information upon their departure.
Please note that the internet is not an absolutely secure environment. When you interact with other users through third-party social software embedded in Crushkey, sharing your location or other tracking information, the transmission of such information by the third-party software may not be fully encrypted. Please ensure the security of your personal information.
We also ask for your understanding that due to technological limitations and rapid development, as well as potential malicious attack methods, even with our best efforts to enhance security measures, we cannot guarantee 100% security of information. Please be aware that the systems and communication networks you use when accessing our products and/or services may have security vulnerabilities beyond our control.
According to our information security management system, personal information breaches, damages, or losses are classified as the most severe security incidents. Upon occurrence, we will activate the highest-level emergency response plan and collaborate with the emergency response team to address the situation.
4.4 Security Incident Notification
We have developed a cybersecurity incident emergency response plan to promptly address security risks such as system vulnerabilities, computer viruses, network attacks, and network intrusions. In the event of a cybersecurity incident, we will immediately activate the emergency response plan, take corresponding remedial actions, and report to the relevant authorities as required by law.
Personal information breaches, damages, or losses are considered company-level severe security incidents. We are responsible for regularly organizing emergency response drills to prevent such incidents. In the unfortunate event that one occurs, we will activate the emergency response plan with the highest priority, form an emergency response team, and trace the cause and mitigate losses in the shortest possible time.
In the event of a personal information security incident, we will promptly inform you of the basic details of the incident, its potential impact, the measures we have taken or will take, suggestions for you to independently prevent and mitigate risks, and remedies available to you, in accordance with legal requirements. We will notify you of the incident-related information through in-site notifications, SMS, phone calls, emails, or other contact methods you have provided. If it is difficult to notify each individual, we will make reasonable and effective public announcements. We will also report the handling of the personal information security incident to the regulatory authorities as required. Please understand that in accordance with legal provisions, if the measures we take can effectively prevent harm caused by information leakage, tampering, or loss, we may choose not to notify you of the personal information security incident unless the regulatory authorities require it.
Your Rights
In accordance with relevant Chinese laws, regulations, standards, and common practices in other countries and regions, we safeguard the following rights you have regarding your personal information:
6.1 Right to Correction and Supplement
If you discover that the personal information we process about you is incorrect or incomplete, after verifying your identity and provided that the correction does not affect the objectivity and accuracy of the information, you have the right to correct or supplement the information. You may do so自行 in the Crushkey app through [My - Personal Information] or submit your correction or supplement request to us via feedback and error reporting.
6.2 Right to Deletion
You may request the deletion of your personal information in the following circumstances:
If we process your personal information in violation of laws and regulations or our agreement with you;
If our processing purpose has been fulfilled, is no longer achievable, or is no longer necessary;
If we cease to provide products or services, or if the storage period has expired;
If you withdraw your consent;
Other circumstances stipulated by laws and administrative regulations.
After you delete information from our services, we may not immediately remove the corresponding information from our backup systems, but we will delete it upon backup updates. Please be aware that if the retention period stipulated by laws, administrative regulations, or outlined in this Privacy Policy has not expired, or if technical limitations make deletion impractical, we will cease all processing activities except for storage and necessary security protection measures.
6.3 Right to Withdraw Consent
While certain basic personal information is necessary for the functionality of our services, you may grant or withdraw consent for the collection and use of additional personal information at any time.
You can directly disable system permissions such as the camera and storage (or photo album) in your device settings to change the scope of consent or withdraw your authorization.
After withdrawing your consent, we will no longer be able to provide the services corresponding to the withdrawn consent and will cease using your related personal information. However, this decision will not affect the processing of personal information conducted prior to the withdrawal of your consent.
6.4 Right to Account Deletion
You may delete your previously registered account.
You can delete your account in Crushkey through the following path: [My] - [Settings] - [Account Settings] - [Delete Account].
If you logged into Crushkey using a third-party account (such as WeChat or Apple ID), you will need to request account deletion from the third party.
6.5 Right to Replication and Portability
You have the right to obtain a copy of the personal information we collect about you. Under the conditions stipulated by laws and regulations and in compliance with the directives and conditions set by the national cybersecurity authority, if technically feasible, you may also request that we transfer your personal information to a subject of your designation.
6.6 Right to Prior Notification of Service Cessation
Crushkey aims to accompany you for the long term. However, in the event of special circumstances leading to the cessation of Crushkey products or services, we will notify you within a reasonable period via the main interface of the product or service or through other appropriate means of communication. We will also cease the collection of your personal information and, in accordance with the law, delete or anonymize the personal information we have collected.
6.7 Right to Explanation
You have the right to request an explanation of our personal information processing rules. You may contact us through the methods outlined in Section 8.
6.8 Exceptions to the Exercise of Rights
We may be unable to respond to your requests to access, correct, supplement, delete, copy, port, be informed about, or make decisions regarding your data in the following circumstances:
Matters directly related to national security and defense security;
Matters directly related to public safety, public health, and significant public interests;
Matters directly related to crime investigation, prosecution, trial, and judgment enforcement;
If we have sufficient evidence that you have malicious intent or are abusing your rights (e.g., your request may endanger public safety and the legitimate rights and interests of others, or your request exceeds the scope of general technical and commercial cost coverage);
If responding to the data subject's request would cause serious harm to the legitimate rights and interests of you or other individuals or organizations;
Matters involving trade secrets;
Other circumstances stipulated by laws and administrative regulations.
6.9 How We Respond to Your Rights Requests
To ensure security, you may need to provide a written request or otherwise verify your identity. We may first require you to authenticate your identity before processing your request. After verification, we will respond within fifteen working days. You may contact us by sending an email to lianzhidao@caicaikan.com.
We generally do not charge fees for reasonable requests. However, for repeated or excessive requests, we may charge a reasonable cost. We may refuse requests that are baseless, require excessive technical measures (e.g., developing new systems or fundamentally altering current practices), pose risks to the legitimate rights and interests of others, or are impractical (e.g., involving information stored on backup tapes).
How We Handle Personal Information of Minors
Senyan Media places great importance on the protection of minors' information.
Our products and services are primarily intended for adults. We will only process the personal information of minors with the permission of laws and regulations and with the consent of parents or guardians.
If you are a minor under the age of 14, please have your parents or other legal guardians carefully read this Privacy Policy, or read it together under their supervision and guidance, and obtain their consent before using the products and services of Crushkey and providing us with information.
If we discover that we have collected the personal information of minors under the age of 14 without prior verifiable consent from parents or other legal guardians, we will take measures to delete such information as soon as possible. If a guardian has reason to believe that we have collected the personal information of a minor without their consent, please send the relevant information to bd@caicaikan.com.
Revision of the Privacy Policy
Our Privacy Policy may be subject to change.
Without your explicit consent, we will not diminish the rights you are entitled to under this Privacy Policy. We will publish any changes to this Privacy Policy on this page.
For material changes, we will notify you via the main interface of the product or service, in-site messages, or by sending you an email or other appropriate means of communication. If you disagree with these changes, please cease using the products and services of Crushkey immediately.
Material changes referred to in this agreement include, but are not limited to:
Significant changes to our service model, such as the purpose of processing personal information, the types of personal information processed, and the manner in which personal information is used;
Significant changes in our ownership structure or organizational framework, such as business adjustments, bankruptcy, mergers, etc., leading to changes in ownership;
Changes to the primary recipients of personal information disclosed, transferred, or publicly shared;
Significant changes to your rights in the processing of personal information and the manner of exercising such rights;
Changes to the department responsible for personal information security, contact details, or complaint channels;
When personal information security impact assessment reports indicate high risks.
How to Contact Us
The growth of Crushkey would not be possible without the collective efforts of all our users. We sincerely appreciate your contributions to data updates and feedback on Crushkey.
You may provide feedback on Crushkey and report any issues encountered during use through [My - Feedback]. This helps us optimize product features and services, making our products and services more accessible to users.
To ensure efficient handling of your issues and timely feedback, please submit proof of identity, valid contact information, a written request, and related evidence. We will process your request after verifying your identity.
If you are dissatisfied with our response, particularly if you believe our personal information processing activities have infringed upon your legitimate rights and interests, you may also seek solutions through external channels: by filing a lawsuit with the People's Court in the location of our company.
Appendix: Definitions
Personal Information refers to various types of information recorded electronically or otherwise, that pertain to an identified or identifiable natural person, excluding information that has been anonymized. Personal information includes name, date of birth, ID number, personal biometric information, address, communication contact details, communication records and content, account passwords, financial information, credit information, location tracking, accommodation information, health and physiological information, transaction information, etc.
Sensitive Personal Information refers to personal information that, if disclosed or used illegally, is likely to lead to the infringement of a natural person's dignity or pose a risk to their personal or property safety. This includes biometric data, religious beliefs, specific identity, medical health, financial accounts, location tracking, etc., as well as personal information of minors under the age of fourteen.
Device Information may include device attribute information of the terminal device used to install and run the Crushkey SDK (such as hardware model, operating system version and status, device configuration, International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI), network device hardware address (MAC), Advertising Identifier (IDFA), Vendor Identifier (IDFV), Mobile Equipment Identifier (MEID), Anonymous Device Identifier (OAID), Integrated Circuit Card Identifier (ICCID), Android ID, hardware serial number, etc.), device connection information (such as browser type, telecom operator, language used, WLAN information), and device status information (such as application installation list, device sensor information).
Log Information refers to the requests automatically recorded by our servers when you access Crushkey, such as your IP address, browser type and language used, hardware device information, operating system version, network operator information, dates, times, and durations of your access to our services, and other information generated, formed, or retained during your use of our products or services.
De-identification refers to the process of processing personal information so that it cannot identify a specific individual without additional information.
Anonymization refers to the process of technically processing personal information so that the data subject cannot be identified and the processed information cannot be restored. Information obtained after anonymization is not considered personal information.
Thank you again for your trust and use of Crushkey!
Hunan Senyan Media Co., Ltd.