Shiyan Xiheng TechnologyInnovation-Driven, Global by Design

Legal Document

Privacy Policy

Effective Date: January 13, 2026

Last Updated: January 13, 2026

Shiyan Xiheng Technology Co., Ltd ("we," "our," "us," or "Xiheng Technology") respects and protects the privacy rights of all users of our applications, websites, and related digital services (collectively, the "Services"). This Privacy Policy explains how we collect, use, store, share, and safeguard personal information, and what rights you may have regarding your personal data.

Important Notice: Some Services may include third-party advertising monetization features. Please review the sections on advertising platform data processing carefully.

1. Scope and Commitment

This Privacy Policy applies when you access or use our Services via any device. We are committed to internationally recognized privacy principles and compliance with applicable regulations, including GDPR, CCPA/CPRA, PIPL, and platform requirements of Google Play and Apple App Store where applicable.

2. Information We Collect

2.1 Information You Provide Voluntarily

  • Account registration details, such as name, email address, and phone number.
  • Messages sent through customer support and feedback channels.
  • Business inquiry details submitted through contact forms or email.

2.2 Information Collected Automatically (SDKs, APIs, and Logs)

  • Device information: model, operating system, language, and device identifiers (for example, Android ID, IDFA, or IDFV where applicable).
  • Technical logs: IP address, access time, crash diagnostics, clickstream signals, and feature usage frequency.
  • Location information: approximate or precise geolocation only when explicit permission is granted.
  • Advertising identifiers: identifiers used for ad delivery and measurement where lawful and permitted.

2.3 Sensitive Information

We do not intentionally collect highly sensitive personal information such as biometric templates, payment passwords, contact lists, SMS contents, or call records, unless explicitly required by law or authorized by you with separate consent.

3. Purposes of Processing

  • Deliver, operate, maintain, and improve the functionality of our Services.
  • Analyze performance and user behavior to improve user experience and reliability.
  • Support advertising and monetization where enabled, including non-personalized or personalized ad delivery according to user choice and legal basis.
  • Comply with legal obligations, enforce rights, and respond to valid requests from public authorities.

4. Third-Party SDKs and Advertising Compliance (IAA)

Some Services may adopt an In-App Advertising model and integrate third-party advertising solutions such as Google AdMob. As a publisher, we disclose relevant data collection, sharing, and usage related to such advertising services.

4.1 Data Sharing with Third Parties

  • Google AdMob: may process device information, ad identifiers, and IP address for ad serving and measurement.
  • Ad bidding partners: in mediated environments, selected data may be transmitted to participating ad networks for real-time bidding.

4.2 GDPR and TCF Compliance for EEA Users

  • We use consent management mechanisms before processing personal data for ad personalization in applicable regions.
  • We align with IAB Europe Transparency and Consent Framework requirements where required by our ad technology chain.
  • If you decline consent, only non-personalized or limited ads may be displayed, potentially reducing ad relevance and monetization outcomes.
  • For narrowly defined anti-fraud and security purposes, processing may rely on legal bases other than consent, subject to transparency obligations.

4.3 CCPA/CPRA Rights for California Residents

  • Right to opt out of sale or sharing of personal information where applicable.
  • Right to submit requests through recognized privacy controls, including Global Privacy Control signals where technically supported.
  • Right to request deletion of personal information, subject to legal exceptions.

5. Age Restrictions and Child Protection

Our Services are not directed to children under 13 years of age, and we do not knowingly collect personal data from children under that age without legal authorization.

  • If we become aware of unauthorized collection from a child, we will promptly delete relevant data.
  • Where child consent is required by law, verifiable parental consent mechanisms are implemented.
  • When age verification is used, we process only data needed for age determination and retain it only for the minimum necessary period.
  • For minors under 14 in China, guardian consent and enhanced safeguards are applied according to PIPL requirements.

6. Data Storage and Security

  • Storage Locations: data may be stored in Mainland China or on compliant global infrastructure operated by approved service providers.
  • Security Controls: TLS encryption in transit, access controls, firewall policies, and operational monitoring are applied to reduce unauthorized access risk.
  • Retention: personal data is retained no longer than necessary for stated purposes or legal obligations.

7. Your Privacy Rights

Right Description Typical Legal Reference
Right of Access Request a copy of personal data we hold about you. GDPR Art. 15 / CCPA
Right to Rectification Request correction of inaccurate or incomplete personal data. GDPR Art. 16
Right to Erasure Request deletion of personal data under legal conditions. GDPR Art. 17 / CCPA
Right to Restrict Processing Request temporary limitation of data processing. GDPR Art. 18
Right to Data Portability Receive your personal data in a structured format. GDPR Art. 20
Right to Object Object to certain processing, including profiling in legal contexts. GDPR Art. 21
Right to Withdraw Consent Withdraw previously granted consent at any time. GDPR / PIPL
Right to Opt Out of Sale/Sharing Opt out of personal information sale/sharing where applicable. CCPA / CPRA

To exercise these rights, contact us using the details in Section 10. We generally respond within 30 days unless extended by law.

8. Cross-Border Data Transfers

When international service providers are engaged, personal data may be transferred outside your home jurisdiction, including to countries that may have different legal protections. We apply legally recognized safeguards such as Standard Contractual Clauses, technical controls, and contractual data protection obligations.

9. Policy Updates

We may revise this Privacy Policy from time to time. For material changes, we provide prominent notice through the relevant Service interface or other appropriate channels. Continued use of the Services after an effective date may constitute acceptance of the updated policy where legally permitted.

10. Contact Us

If you have questions, complaints, or requests related to this Privacy Policy:

  • Company: Shiyan Xiheng Technology Co., Ltd
  • Data Protection Contact: Hou Xinpei
  • Email: support@syxiheng.com
  • Address: No. 49, Group 1, Liudong Village, Liudong Town, Yunyang District, Shiyan, Hubei, China