Neocrm Privacy Statement

Update Date: August 28,2023
Effective Date: August 28,2023

Beijing Ingage App Internet Technology Ltd. Co. (collectively, "we", "us", or "our") respects your privacy. Therefore, we have developed a Privacy Statement (hereinafter referred to as "this Statement") that covers how we collect, use, disclose, protect, store and transfer your personal information. Please take a moment to read and understand our privacy statement and your rights about your personal information.

This Statement applies to functions, products, and services provided by Neocrm (Domain name: www.xiaoshouyi.com or www.neocrm.com ) both in the Neocrm system and our affiliates’ systems without separate privacy statements.

Company/organization users should obtain explicit consents of relevant individual users in advance before uploading their contact, personal, and external business contact information. The information must be used only for operation and management of the company/organization, and related individual users must be fully informed of the purpose, scope and usage method of the data. Please understand that Neocrm is the data processor, and company/organization users are the actual controllers of your data and we only manage data control permissions for them on request. If you contact us, we will forward your request to company/organization users and assist them with your request within a reasonable time limit when needed.

This Statement does not apply to services provided by third parties (collectively, "third-party services") through the Neocrm platform (hereinafter referred to as "this Platform"), such as third-party services you have opened and used through relevant application portals and payment-related functions provided by payment companies on this Platform. The information you provide to third-party service providers is not protected by this Statement. Therefore, you should fully understand third-party services’ product functions and privacy policies before using them.

This Statement describes:
  1. Basic Definitions
  2. What Types of Personal Information We Collect
  3. How We Use Cookies and Similar Technologies
  4. How We Share & Transfer & Disclose Your Personal Information
  5. How We Store Your Personal Information
  6. How We Protect Your Personal Information
  7. How You Can Manage Your Personal Information
  8. Updates to This Statement
  9. How to Contact Us
  10. How We Protect Minors’ Personal Information
  11. Applicability Statements of Other Countries
  12. Miscellaneous
1. Basic Definitions
  • Company/Organization Users: Neocrm users registered by companies/organizations. The company/organization administratorswill upload employees’ contact information to build company/organization structures, and to open, manage, and use Neocrm services on behalf of their companies/organizations. The Neocrm company/organization users include, but are not limited to, legal persons, government agencies, other organizations, partners or individual businesses.
  • Company/Organization Administrators: Individual users authorized or appointed by companies/organizations to manage company/organization systems, and can open, manage, and use Neocrm services on behalf of their companies/organizations.
  • Individual Users: Members of companies/organizations without administrator rights, orexternal users created by company/organization administrators, hereinafter collectively referred to as "you".
  • Personal Information: All kinds of information related to identified or identifiable natural persons recorded by electronic or other means, excluding the information processed anonymously.
  • Sensitive Personal Information: Personal information that is likely to result in damage to the personal dignity of any natural person or damage to his or her personal or property safety once disclosed or illegally used, including such information as biometric identification, religious belief, specific identity, medical health, financial account and whereabouts and tracks, as well as the personal information of minors under the age of 14.
  • Children: For the description of children, please refer to the following table.
No. Country/Region Description
1 China Minors under the age of 14
2 The United States (California) Minors under the age of 13
3 India Minors under the age of 18
  • Anonymization: The Process in which personal information is processed so that it is impossible to identify certain natural persons and that it cannot be recovered.
2. What Types of Personal Information We Collect 2.1 Personal Information Collected from You We may collect your personal information directly from you when you:

1) If you are interested in obtaining more information about our service in the following scenarios:

  • Request our customer support (online customer services included).
  • Use our telephone consultation services or similar functions.
  • Apply for free trials or demos.
  • Register for webinars.
  • Subscribe to our emails.
  • Fill out questionnaires or participate in offline activities.
  • Download product content (such as product white papers).

We may ask you to provide your contact information, including your name, mobile number, company name, job title, address, email address, and username.

2) When you use our platform, we may need to collect your mobile number and/or email address for identity verification. If you do not provide the above information to us, you cannot use this platform.

To complete registration of your Neocrm account, you agree that the operator sends a SMS message containing a verification code to your personal mobile number.

After you log in to your account, you can also choose whether to upload your avatar to enhance your personalized display, and to further provide your nickname, gender, title, employee number, report object, and company email address.

3) If you interact with our website or email, we will use cookies, web beacons, or similar technologies to automatically collect information about your device and your use of our website or email (such as an Internet Protocol [IP] address or other identifiers related to your personal information).

4) If you use products or services provided by Neocrm portals, we will use logs and other technologies to automatically collect information about your device and your use of our services, and some of the information may be your personal information, such as your IP address (or proxy server information), hardware model, OS type/version, device screen size/resolution, serial number of the hardware, MAC address, international mobile equipment identity (IMEI), time zone, language setting, and search content.

5) If you contact us by phone, the call content may be recorded.

6) If you visit our office, you may need to register as a visitor and provide your name, mobile number, company name, and date and time of arrival. In addition, you may need to provide information about your health condition due to COVID-19, including your body temperature, COVID-19-related symptoms, history of close contact with people infected with COVID-19, and recent travel history.

7) If you need to use functions related to work orders, you need to authorize us to obtain your location information through your SIM card, IP address, and GPS (longitude, latitude) so that we can provide you with location-based services. If you refuse to provide it, we will not provide you with such services, but other functions and services will not be affected.

8) We will use permissions obtained from your software installation and usage to receive and record your device-related information (such as your device model, OS version, device setting, and other software and hardware information), location-related information (such as your IP address, call record, address book list, read-write calendar, GPS location [longitude, latitude]), and sensor information such as Wi-Fi access points and base stations.

9) To provide smarter marketing (marketing through phones, SMS or emails), we will collect your enterprise WeChat accounts (WeChat Union ID, avatar), QQ/MSN and microblog accounts with your consent. If you refuse to provide the above information, you cannot use the above service, but you can use other functions and services of the platform.

10) We will collect your e-mail address, title, mobile number, behavior data, and IP address to deliver targeted marketing, to send marketing emails and event promotions, and to verify your eligibility and contact information.

If you provide other individuals’ personal information, you indicate that you have the right to do so; or you have obtained legal authorization, and confirmed that you can use the data in accordance with this Statement. If you believe the personal information has been provided improperly, or want to exercise your rights related to your personal information, please contact us via the channels provided in "How to Contact Us".

2.2 Personal Information Collected from Other Sources

We may also collect your personal information from other sources, and associate it with the data you provide to update, expand, and analyze our records, to identify new customers, and to deliver targeted marketing. Personal information we collect from other sources includes identifiers, major- or employment-related/educational/business/visual/Internet activity information, and inferences about your preferences and behaviors. In particular, we may collect such personal information in the following circumstances:

  • To complete payments on Neocrm portals, we need your payment account information (including your nickname and account name) from payment companies to bind the Neocrm client to your payment account. In order to protect your legitimate rights and interests, to prevent risks such as frauds and gambling, and to maintain safe and stable operation of Neocrm services and payment-related functions, we need to obtain user identification information of the payment account you actually use from a third-party payment institution.
2.3 Device Permission Calls

To ensure the normal use of relevant business functions, we need to call the corresponding necessary permissions according to specific business scenarios and ask you in the pop-up window before calling. For specific permission call, please refer to the APP Permission List.

2.4 Exceptions to Obtaining Authorized Consent

Please notice that we do not need your consent to collect and use personal information under the following circumstances:

1) where it is necessary for the conclusion or performance of a contract to which the individual concerned is a party;

2) where it is necessary for the performance of statutory duties or statutory obligations;

3) where it is necessary for the response to a public health emergency or for the protection of the life, health and property safety of a natural person in an emergency;

4) where such acts as news reporting and supervision by public opinions are carried out for the public interest, and the handling of personal information is within a reasonable scope;

5) where it is necessary to process the personal information disclosed by the individual concerned or other personal information that has been legally disclosed within a reasonable scope in accordance with the provisions of this Law; and

6) other circumstances prescribed by laws and administrative regulations.

3. How We Use Cookies and Similar Technologies

We use cookies or other similar technologies (collectively, "cookies") to improve your usage experience. When you use our services, we may send one or more necessary cookies (such as session cookies or authentication cookies) to your device to collect and store your visit and usage information (device information), helping us provide better services and experience to you. We also use advertising Cookies to track your activities on websites to learn about your interests, and to deliver precise marketing.

Most web browsers automatically accept cookies, and you can configure whether to accept them through related settings. You understand and agree that we may store absolutely necessary cookies that are needed for platform operation, including those allowing you to log in to secure areas of this Platform.

4. How We Share & Transfer & Disclose Your Personal Information 4.1 How We Share Your Personal Information

We will not share or transfer your personal information to any third party without your prior authorization or consent, unless the personal information shared or transferred has been anonymized,and the shared third party cannot re-identify the data subject.

(1) We will follow the rules below to share your personal information:

Authorization Rule: We will not share your personal information without your prior consent, unless the shared data is anonymized, and the shared third party cannot re-identify the data subject. If the data usage purpose is beyond the scope of the original authorization, the third party will need to obtain your consent again.

Legality & Minimum Necessary Rule: Shared information must be used for legitimate purposes, and minimal and relevant to what is necessary in relation to the purposes for which they are processed.

Security & Prudence Rule: We will carefully evaluate third parties’ data usage purposes, conduct comprehensive assessments of their security capabilities, and require them to comply with cooperative legal agreements. We will conduct strict security monitoring on application programming interfaces (APIs) through which our partners obtain data to ensure data security.

(2) Internal sharing in the group

Subsidiaries and Affiliates: We disclose your personal information to our subsidiaries and affiliates for purposes described in this Statement. Neocrm is the party responsible for managing the shared personal information.

(3) Engaging the data processor

In order to provide you with products and services, we may entrust a third-party service provider to help us provide relevant operation and service support. In this process, based on the purpose of providing services to you by the third-party service provider, we will share the personal information necessary for providing services with the third-party service provide to realize the functions of our products and/or services. When we cooperate with the above service providers, we do not and will not permit them to use the information we share with them for any other purpose. The service providers process the personal information in the following situations:

We sign contracts with other companies and personnel, performing tasks on our behalf, sharing your personal information with some of them, providing you with products or services, or communicate with you in other ways, such as providing promotions on our behalf. For example, we remove duplicate information from the customer list, analyzing data, providing marketing assistance, billing, processing credit card payments, providing technical support for our services, providing customer services, and performing analysis related to our products or services. We also provide agents and service providers with your personal information to verify or summarize the summary usage data we provide to partners. When we share this information in this way, we require agents or service providers to maintain the privacy, confidentiality and security of personal information.

(4) Third-party SDKs

If you use services provided by third-party service providers on this Platform, they may share some of your personal information with us. You can check their privacy policies in Third-Party SDKs Directory to learn about the data that may be shared.

(5) Sharing with other third party

  • Verification Services: You agree that operators will provide us with SMS verification codes based on your personal mobile numbers, otherwise your Neocrm accounts cannot be registered successfully.
  • Payment Service Providers (WeChat Pay): In order to protect your legitimate rights and interests, to prevent frauds, gambling and other risks, and to maintain safe and stable operation of this Platform and payment-related functionalities, we need to obtain your payment account information from third-party service providers.
  • Location Service Providers (Google Maps, Baidu Map, or Amap): We will send your de-identified location information to location service providers (Google Maps, Baidu Map, or Amap) to provide you with better location-based services in visits and work orders.
  • Third-Party Business Partners: Neocrm cooperates closely with various business partners to promote or sell products or services, and these partners provide their services on our website in some cases. For the above-mentioned purposes, we may disclose your personal information to them. Some of our third-party business partners co-sponsor events and other products with us, so when you register for events or products, we may share your personal information with these co-sponsors to allow them to deliver targeted marketing permitted by applicable laws.
  • Neocrm Blog and Social Media Pages: You can also disclose your personal information through websites, message boards, chats, profile pages, blogs, and other services where you can post information and materials. The data can be displayed in a public way, such as through search engines or other publicly available platforms, and can be "captured" or searched by third parties. Please do not post any information you do not want to disclose to the public.

We will only share the data necessary in relation to the purposes for which they are processed with third parties, and you understand and authorize our data sharing behaviors in this case. If a third party needs to use your personal information for business needs beyond aforementioned purposes, it will need to seek your consent again.

Before cooperating with a third party, we will make commercially reasonable efforts to test its security capabilities, to evaluate legitimate necessities of sharing relevant data, to sign a confidentiality agreement with it, to conduct technical monitoring on its data inquiry, and to make commercially reasonable efforts to urge it to comply with confidentiality and security provisions stipulated in laws, regulations, and agreements.

4.2 How We Transfer Your Personal Information

With the continuous development of our business, we may carry out mergers, acquisitions, and asset transfers, and your personal information may be transferred in these cases. In the event of aforementioned changes, we will continue to protect or require data successors to protect your personal information in accordance with laws, regulations, and security standards not lower than requirements in this Statement, otherwise we will require successors to re-obtain your authorization.

4.3 How We Disclose Your Personal Information

We will not publicly disclose your personal information without your consent. However, in cases where we must provide your personal information, we may disclose it to administrative law enforcement or judicial agencies in accordance with laws, regulations, rules, other normative documents, mandatory administrative law enforcement or judicial requirements based on types of the personal information requested and disclosure methods. When we receive a disclosure request, we will require related agencies to provide corresponding legal certificates under the premise of compliance with laws and regulations. We only provide the data that is used for investigation and can be obtained with legitimate rights by law enforcement or judicial agencies. As permitted by laws and regulations, the documents we disclose are protected by encryption measures.

Please understand that in the following circumstances, according to Chinese laws, regulations, and standards, we can share, transfer, and publicly disclose your personal information stored in data centers in China (5.1 Storage Location) without your prior consent:

  • where it is necessary for the conclusion or performance of a contract to which the individual concerned is a party;
  • where it is necessary for the performance of statutory duties or statutory obligations;
  • where it is necessary for the response to a public health emergency or for the protection of the life, health and property safety of a natural person in an emergency;
  • where such acts as news reporting and supervision by public opinions are carried out for the public interest, and the handling of personal information is within a reasonable scope;
  • where it is necessary to process the personal information disclosed by the individual concerned or other personal information that has been legally disclosed within a reasonable scope in accordance with the provisions of this Law; and
  • other circumstances prescribed by laws and administrative regulations.

According to relevant laws, it does not belong to data sharing, transfer, or public disclosure behaviors to share and transfer the personal information that has been anonymized and whose subject cannot be re-identified. Therefore, we will not notify you or obtain your consent in these circumstances.

We will do our best to protect your personal information in the above sharing, transfer and public disclosure links, such as conducting security assessment or signing a legal agreement with a third party, and desensitizing your personal information. If your personal rights and interests are damaged due to our reasons, we will bear corresponding legal liabilities.

5. How We Store Your Personal Information 5.1 Storage Location

We store your personal information collected and generated during operations in different data centers in accordance with laws and regulations in mainstream countries and regions. The belonging data center for a tenant is determined when it is registered, and once determined, it cannot be changed. We will not transfer your personal information across borders by default; if we do, we will follow relevant national regulations or ask for your consent.

You can confirm the data center where your data is stored through the domain name you use to register or login. If you register or log in as required, you indicate that you have clearly understood and agreed that your personal information will be stored in this data center.

Role System Current Data Center Country&Region Cloud Domain Name
Data Controller Official Website Official Website China Tencent Cloud https://www.xiaoshouyi.com
https://xiaoshouyi.com
https://www.neocrm.com
https://www.ingageapp.com
Data Processor CRM P01-Tencent Pod Guangzhou, China Tencent Cloud Business Domain Name:
crm-tencent.xiaoshouyi.com
Login Domain Name:
login.xiaoshouyi.com
Data Processor CRM P03-Alpha Pod Beijing, China Tencent Cloud Business Domain Name:
crm-gray.xiaoshouyi.com
Login Domain Name:
login.xiaoshouyi.com
Data Processor CRM P04-Sandbox Pod Beijing, China Tencent Cloud Business Domain Name:
crm-sandbox.xiaoshouyi.com
Login Domain Name:
login-sandbox.xiaoshouyi.com
Data Processor CRM P05 Pod Beijing, China Tencent Cloud Business Domain Name:
crm-p05.xiaoshouyi.com
Login Domain Name:
login.xiaoshouyi.com
Data Processor CRM P06 Pod Beijing, China Tencent Cloud Business Domain Name:
crm.xiaoshouyi.com
Login Domain Name:
login.xiaoshouyi.com
Data Processor CRM P08 Authentication Center (AC) Pod Beijing, China Tencent Cloud Login Domain Name:
login.xiaoshouyi.com
(This data center is only used for login authentication.)
Data Processor CRM Large Corporation Pod Beijing, China AWS China Business Domain Name:
crm-ent.xiaoshouyi.com
Login Domain Name:
login.xiaoshouyi.com
Data Processor CRM P11-Automobile Industry Pod Guangzhou, China Tencent Cloud Business Domain Name:
crm-auto.xiaoshouyi.com
Login Domain Name:
login.xiaoshouyi.com
Data Processor CDP Shanghai CDP Business Cluster Shanghai, China Tencent Cloud Business Domain Name:
cdp-p02.xiaoshouyi.com
cdp-p02.txscrm.com
Login Domain Name:
login.xiaoshouyi.com
Data Processor CRM P10-Singapore Cluster Singapore AWS Singapore Business Domain Name:
crm-p10.xiaoshouyi.com
Login Domain Name:
login-p10.xiaoshouyi.com
Data Processor CRM P15-Indonesia Cluster Indonesia AWS Indonesia Business Domain Name:
crm-p15.xiaoshouyi.com
Login Domain Name:
login-p15.xiaoshouyi.com
Data Processor CRM P18-Singapore Cluster Singapore Huawei Cloud Singapore Business Domain Name:
crm-p18.xiaoshouyi.com
Login Domain Name:
login-p10.xiaoshouyi.com
Data Processor CRM P20-European Cluster Frankfurt,Germany Tencent Cloud Frankfurt Business Domain Name:
crm-p20.xiaoshouyi.com
Login Domain Name:
login-p10.xiaoshouyi.com

If you are redirected to this page from a domain name other than the above mentioned ones, it may be because you are using a system cluster privately deployed by your company. For more information on data storage locations, please consult operation engineers of your company.

5.2 Storage Period

We will continuously save your personal information during your use of this Platform, and retain it for no longer than is necessary for providing services, unless extending the retention period is required or permitted by law. After you terminate the use of this Platform or corresponding authorization, we will delete or anonymize your personal information after 60 days unless laws and regulations provide otherwise. If we stop providing services of this Platform, we will delete or anonymize your personal information in accordance with applicable laws within a reasonable period of time.

After the retention period is exceeded, we will delete your personal information or make it anonymous according to the requirements of applicable laws. When you voluntarily cancel your account, we will process the data according to the requirements of laws and regulations.

6. How We Protect Your Personal Information (1) Building Security Systems

We take the security of your personal information very seriously. At present, Neocrm has passed the ISO 27001 information security management system certification, established data security system specifications, and implemented technical security measures to avoid unauthorized access and modification of your personal information, data damage, and data loss. Our network service adopts encryption technologies such as transport layer security protocols to ensure the security of your data during transmission in networks.

(2) Data Protection Capabilities

We provide strict data processing permission control to prevent data from being used in violation of regulations, de-identification technologies such as character masks to enhance data security, encryption technologies that are widely used in the industry, and data isolation technologies to isolate tenants.

(3) Improving Users’ Security Awareness

Although we have taken the reasonable and effective measures above and complied with relevant laws and regulations, please understand that it is impossible to ensure absolute data security due to technical limitations and various malicious methods. We endeavor to ensure the security of your personal information. Please be aware and understand that there may be problems in the systems and the communication network you use to access our services due to factors beyond our control. Therefore, we strongly recommend that you take active measures to protect the security of your personal information, including but not limited to using complex passwords, regularly changing passwords, and not disclosing personal information such as your account or password to others.

(4) Security Incident Plans

In the event of incidents that endanger network security, we will take remedial measures in a timely manner in accordance with security incident plans. If our physical facilities or technical protection measures are damaged, causing your personal information to be leaked, illegally provided or abused, and damages to your legitimate rights and interests, we will assume corresponding responsibilities in strict accordance with laws and regulations.

(5) Security Incident Notifications

If any personal information incident, such as data leakage, illegal providing or abuse occurs, we will notify you without undue delay, pursuant to relevant legal and regulatory requirements, of the basic information about the security incident and its possible impact, measures that we have taken or will take, suggestions about active defense and risk mitigation, and remedial measures. The notification may take the form of an email and a phone call. If it is difficult to notify data subjects one by one, we will take appropriate and effective measures to release a Security Notice. In addition, we will also report the handling status of personal information security incidents as required by supervisory authorities.

7. How You Can Manage Your Personal Information 7.1 How You Can Access & Rectify Your Personal Information

(1) Company administrators have rights to access, rectify, or supplement company information. This can be done in the following way:

Log in to the Neocrm web portal and click Settings > System Settings > Basic Settings to query and correct the company information.

(2) Individual users have rights to access, rectify, or supplement their own information. This can be done in the following ways:

  • Log in to the Neocrm web portal, and click Settings > Preferencesto query or rectify their personal and account-related information, such as the name, avatar, mobile number, gender, email, WeChat account, QQ account, and Weibo account.
  • Log in to the Neocrm mobile portal, and click Meto query or rectify their personal information, such as the name, profile picture, and mobile number.
  • Log in to the Neocrm mobile portal, and clickMe > Online Consultation to obtain online customer services (8:00-23:00), or click Me > Settings > Contact Us to call the customer service hotline (4000-122-980), or send emails to privacyofficer@neocrm.com to request us to assist in information query, rectification, and supplement.
7.2 How You Can Delete Your Personal Information You can delete your information with the methods listed in "How You Can Access & Rectify Your Personal Information". In the following circumstances, you can require us to delete your personal information by contacting our online customer services, calling our customer service hotline (4000-122-980) or sending emails to privacyofficer@neocrm.com.
  • If our handling of your personal information violates laws and regulations.
  • If we collect and use your personal information without obtaining your explicit consent.
  • If our handling of your personal information seriously violates our agreement with you.
  • If you no longer use our products or services, or you voluntarily delete your account.
  • If we permanently do not provide products or services to you.

If we decide to delete your personal information, we will also notify the subjects who have obtained your personal information from us as much as possible at the same time, and require them to delete your personal information in a timely manner (unless otherwise stipulated by laws and regulations, or these subjects have independently obtained your authorization).

When you delete or we assist you in deleting your personal information, we may not be able to delete it from our backup systems immediately due to applicable laws and security technologies. We will safely store your personal information, and not process it any further until it is cleared or anonymized.

7.3 How You Can Withdraw Your Authorization

You can change the authorized collection and processing scope of your personal information which is not necessary for normal platform operation.

  • As a Neocrm customer, you can refuse to receive marketing emails by clicking Unsubscribein the lower right corner of a marketing email.
  • You can log in to the Neocrm mobile portal and click Me> Settings > Contact Us to contact our customer service representatives to withdraw your authorization, or change settings of your smart mobile device to withdraw your authorization on your own.
  • Company/organization administrators can visit the official homepage of Neocrm (xiaoshouyi.com),and enter their accounts and passwords to log in to the Neocrm system. After successful login, they can click Settings > System Settings to enter the Neocrm background to enable/disable company/organization users’ permissions to use basic applications, third-party applications or manually-created applications of Neocrm.

After you withdraw your authorization, we will no longer process corresponding personal information, but the lawfulness of the processing activities based on consents granted prior to such withdrawal will not be affected.

7.4 Get a copy of your information

You can log in to the mobile client and submit your personal mailbox through the "Settings - Privacy Security" page to obtain a copy of your personal information.

7.5 How You Can Delete Your Account

When your company/organization deletes its account, we will delete your relevant personal account, and delete or anonymize your personal information in accordance with applicable laws and regulations.

  • If your company/organization is a paying user, and its purchased Neocrm products/services have expired and been unavailable for 60 days without any renewal application, we have the right to delete its account; if it is a free user, we will delete its account after taking the account back in accordance with the Neocrm Service Agreement. Your company/organization can also call our customer service hotline (4000-122-980, 7*15 hours [8:00-23:00]), or send emails to privacyofficer@neocrm.com to apply for account deletion.
  • You can request your system administrator to delete your personal account, or to delete it when your company/organization’s account is deleted.
7.6 How We Respond to Your Requests

You may need to provide a written request or prove your identity in other ways to ensure the security of your personal information, and we will generally reply to your request within 7 days after verifying your identity.

For reasonable requests, we do not charge any fee in principle, but for repeated requests that exceed reasonable limits, we will charge a certain fee as appropriate. For requests that are unrealistic, not directly related to your identity, unreasonably duplicate, need excessive technical means (for example, developing a new system or fundamentally changing existing practices), or bring risks to legitimate rights and interests of others, we may refuse.

7.7 Stop operation and announcement

If we stop operation, we will stop collecting your personal information in time, notify you of the notice of stopping operation in the form of one by one delivery or announcement, and delete or anonymize your personal information held.

8. Updates to This Statement

Should this Statement be revised from time to time, we will release the change notice via various channels, for example, posting the latest version on our official website: https:///www.xiaoshouyi.com and you should check this Statement regularly to review the changes. We will also update Update Date and Effective Date at the top of this Statement. If you continue to access or use our platform after this Statement is updated, you indicate that you accept the updated Privacy Statement. If you do not accept the updated Privacy Statement, please stop accessing or using this Platform.

We will remind you of the update of relevant content by sending an updated version on our website or mobile terminal or in other ways. Please also visit us to keep abreast of the latest privacy policy. Under the foregoing circumstances, if you continue to use our services, you agree to accept and be bound by the revised policy.

9. How to Contact Us

If you have any questions, comments, or suggestions related to this Statement, please call our customer service hotline (4000-122-980, 7*15 hours [8:00-23:00]), or send emails to privacyofficer@neocrm.com.

Contact Address: 8th Floor, SK Tower, 6A, Jianguomenwai Street, Chaoyang District, Beijing Contact Email: privacyofficer@neocrm.com 10. How We Protect Minors’ Personal Information

Our website is intended for adults, and we do not intend to collect children’s personal information unless (a) we have obtained the consent of the holders of parental responsibility; (b) an agreement about collection of children’s data has been signed; (c) children visit our website accidentally. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us via channels disclosed in this Statement, and we will take measures to delete his or her personal information from our system.

11. Applicability Statements of Other Countries A. California Residents (The United States)

Pursuant to laws and regulations related to data protection and privacy, you can obtain a copy of your specific personal information collected in the past 12 months from the date you make a verifiable consumer request through privacyofficer@neocrm.com.

After submitting a verifiable consumer request, you can request us to delete your personal information, unless it must be retained due to necessary factors or laws. Please also note that we will not sell your personal information. B. India

If you use our services in India, the following additional terms shall apply. If there is any conflict between the following additional terms and provisions of this Statement, the following terms shall prevail.

We will not process your sensitive or key personal information outside of India, except for exceptional cases where medical services are needed.

We will store your sensitive and key personal information in India, and not transfer it to areas outside of India before obtaining your explicit consent.

C. Singapore

When conducting business in Singapore, we will comply with the requirements of Singapore PDPA, PDPR and other regulations and guidelines. In order to protect the data security and privacy rights of data subjects, we will take necessary security measures to ensure that the protection standards for personal data are equivalent to those of PDPA.

12. Miscellaneous

This Statement may exist in multiple languages. If this Statement of different language versions are inconsistent or conflict, the Chinese version shall prevail.