Release Date: September 19, 2023

Effective Date: September 19, 2023

Summary

Yi Zhao (Shenzhen) Co., Limited (hereinafter referred to as "We/Us") is fully cognizant of the importance of personal information to you. This summary is designed to transparently and succinctly demonstrate how we process and protect your personal information. For more detailed information, please refer to the complete OpenRock Privacy Policy.

1.Collection and Use of Your Personal Information

1.1 Firmware Upgrades:

In order to facilitate headphone firmware upgrades, it is necessary to enable your mobile device's network (WLAN switch or mobile data switch) and Bluetooth permissions. This action allows us to gather your headphone's name, model, and firmware version information for cloud data validation, determining whether a firmware update is needed. Our APP employs your device's Bluetooth function to locate headphones and collect specific information like the headphone name, model, and firmware version to ensure compatibility and the requirement of a firmware update.

1.2 APP Update Reminder and Download:

For maintaining up-to-date functionality, the APP checks for the latest version upon launch, provided there is an internet connection. It thus requires network permissions (WLAN switch or mobile data switch) to access the APP version number, assessing the necessity for an update. Furthermore, mobile phone storage services are utilized to house APP data and update packages. Downloading a newer version of the APP will proceed only with your consent.

2.Protection of Minors

We are incapable of determining users' ages actively and do not collect, store, use, transfer, or disclose personal information for individuals under the age of fourteen (or as per your country/region's specified age) via the internet or other means. Users under the age of fourteen must procure written approval from parents or legal guardians before using our services.

3.Sharing with Third Parties

Your personal information will remain exclusive to Yi Zhao (Shenzhen) Co., Limited and will not be shared with any third parties, barring legal requirements, entrusted processing, transfer, public disclosure, or your clear consent.

4.Managing Your Data

For ease of accessing, correcting, and deleting your personal information while using the "OpenRock" APP, as well as revoking permission for the use of personal information, we have embedded relevant operational settings within our product design. For further inquiries regarding your data subject rights, or if you have questions, comments, or suggestions, reach out to us via the "Contact Us" section of this Policy to exercise your rights.

5.Contact Us

For queries, comments, or suggestions regarding this Policy or our services, feel free to contact us by:

(1) Email: info@openrock.com

(2) Mail: 12/F, Tower C, Jiazhaona Creative Building, Western Silicon Valley, Bao'an District, Shenzhen

(3) Phone: 400-870-0835

OpenRock Privacy Policy

The "OpenRock" product (or APP) is operated by Yi Zhao (Shenzhen) Co., Limited (registered at Room 609-610, 6/F, T3 Creative Building, Shenzhen Colorful Huiwei Cultural and Creative Expo City, 5010 Bao'an Avenue, Caowei Community, Hangcheng Sub-district, Bao'an District, Shenzhen, hereinafter referred to as "We/Us" or "Yi Zhao"), and it provides services for OpenRock wireless headphone firmware updates, EQ adjustments, adaptive volume control, limiting high volumes, timeout wearing reminders, headphone controls, spatial sound effects, volume balance, automatic shutdown, and headphone location tracking. Yi Zhao places great importance on your personal information and privacy protection. We are committed to providing appropriate security measures for your personal information in accordance with legal requirements and industry-standard security practices.

Before using our product (or APP), please carefully read and understand this OpenRock Privacy Policy. By agreeing to this Policy and not expressing a contrary opinion through the appropriate channels, you indicate that you fully understand and consent to this Policy. You have the right to refuse to agree to this Policy, but please be aware that refusing may result in your inability to fully use the related services and features of OpenRock or achieve the intended service effects.

This Policy will help you understand the following:

1.Collection and Use of Your Personal Information

2.Protection of Minors

3.Sharing with Third Parties

4.Managing Your Data

5.Data Storage Location and Period

6.Protection of Your Personal Information

7.Amendments to Privacy Policy

8.Contact Us

1.Collection and Use of Your Personal Information

We will collect and use your personal information based on the principles of legality, legitimacy, necessity, and transparency, and for the purposes described in this Policy. If we use your personal information for purposes not described herein or collect your personal information for other specific purposes, we will inform you in a reasonable manner and obtain your consent before use. The core functional services of the OpenRock APP and the personal information collected are as follows:

1.1. Firmware Upgrades

Firmware upgrades involve the transmission of firmware that matches your headphones to the headphones via Bluetooth. Once the headphones receive the complete firmware and verify its integrity, they will execute the corresponding upgrade process to complete the firmware update.

To facilitate headphone firmware upgrades, we need to enable your mobile device's network permissions (WLAN switch or mobile data switch) and Bluetooth permissions to obtain your headphone name, model, and firmware version information. This information is used for cloud data validation to determine whether the current firmware version of your headphone needs to be updated. The APP utilizes the Bluetooth function of your mobile device to search for headphones and retrieve information such as the headphone name, model and firmware version. This information is used to determine whether the headphone model matches the firmware in the APP and whether the firmware version of the headphone can be updated. If you do not provide this information, the APP will not be able to detect the device, and you will not be able to update the headphone firmware.

1.2. APP Update Reminder and Download

To ensure timely updates, the APP actively checks whether it is the latest version when opened while connected to the internet. Therefore, it requires network permissions (WLAN switch or mobile data switch) to collect the APP version number for assessing whether an update is necessary. Additionally, the system will utilize mobile phone storage services to store APP data and update packages. Downloading a new version of the APP will be initiated with your consent. If you do not grant these permissions, it will not affect your use of the APP, but the software will not prompt you to update, and you may not receive the latest features of the APP in a timely manner.

1.3. OpenRock provides a detailed list of the information collected and used for each specific scenario or purpose. Please refer to the List of Collected Personal Information for specific usage scenarios or purposes:

1.4. To enable certain business functions, you may need to grant permissions on your mobile device. For specific permission details, please refer to the following List of Permission Information:

Please be aware that enabling any of these permissions authorizes us to collect and use the related personal information to provide the corresponding services. If you decide to disable any of these permissions, it means you are revoking your authorization. As a result, we will cease to collect and use the related personal information based on that permission, and we will be unable to provide you with services associated with that permission. However, your decision to disable permissions will not affect the previous collection and use of personal information based on your authorization.

2.Protection of Minors

We cannot actively identify the age of users, and we do not engage in activities involving the collection, storage, use, transfer or disclosure of personal information for children under the age of fourteen (or the age specified by your country/region) through the internet or other means. If you are under the age of fourteen, it is essential to obtain written consent from your parents or legal guardians before using our services. If you are a parent or legal guardian and discover that we have collected, stored or used information that may include personal information of children through other means, you can promptly contact us using the contact information described "Contact Us" section in this Policy, and we will make efforts to delete the related data as soon as possible.

3.Sharing with Third Parties

We will not share your personal information with any companies, organizations or individuals other than Yi Zhao (Shenzhen) Co., Limited, except in the following cases:

3.1. With your explicit consent, we may share or transfer your personal information to third parties. This could occur in cases of acquisition, merger, restructuring, or bankruptcy, wherein the transfer of personal information is necessary. In such scenarios, we will inform you of the situation and require the receiving party to abide by the terms of this Policy.

3.2. We may disclose your personal information either with your explicit consent or as required by law, for legitimate reasons such as regulatory requirements

3.3. Entrusted processing: In order to provide you with more comprehensive and high-quality services, we may hire service providers to provide technical services. We will require the entrusted cooperating party to comply with strict confidentiality obligations through a written agreement as required by laws and regulations, and supervise their processing activities regarding personal information. Currently, our entrusted partners include third-party service providers who provide us with APP development.

3.4. Other scenarios that are entrusted for processing, transfer, public disclosure or with your consent as allowed by law.

4.Managing Your Data

If you have further requests regarding your data subject rights or if you have any questions, opinions or suggestions, you can contact us using the methods described in the "Contact Us" section of this Policy and exercise your related rights.

To make it more convenient for you to access, correct and delete your personal information during your use of the "OpenRock" APP and to ensure your right to revoke your permission for the use of personal information, we have provided related operational settings in our product design. You can refer to the following guidelines for these actions.

4.1. Deleting Information

You can delete the pairing records of the software and headphone device by going to the top right corner of the OpenRock software page "..." > "Delete Device". You can also clear the pairing records of the headphones themselves by using the button on the charging case. If you need to delete other information, you can request the deletion of personal information through the contact information as specified in this Policy.

You hereby agree that once a deletion request is processed, your personal information will be deleted or anonymized, unless otherwise provided by laws and regulations or normative documents. Please understand that after you or we assist in deleting related information, we may not be able to immediately delete the corresponding information from the system due to applicable legal and security technical restrictions. We will securely store your personal information and restrict any further processing until it can be deleted or anonymized.

4.2. Revoking Consent or Changing Authorization

To change the authorization of system permissions: You can either disable or enable the corresponding permissions through your mobile device's system settings, or you can uninstall the APP to terminate your authorization for the APP.

Once you revoke your consent, we will no longer process the corresponding personal information. However, your decision to revoke consent will not affect the personal information processing carried out based on your previous authorization. If you encounter any operational issues during this process, you can contact us through the contact information described in the "Contact Us" section in this Policy.

4.3. Obtaining a Copy of Personal Information by Personal Information Subject

You have the right to obtain a copy of your personal information by sending an application to the email: info@openrock.com.

If you have deleted personal information, we may not be able to provide a complete copy of personal information.

4.4. Restricting Information System Automated Decisions

In certain business functions, we may make decisions based solely on non-human automatic decision-making mechanisms such as information systems and algorithms. If these decisions significantly affect your legitimate rights and interests, you have the right to contact us through the contact information described in "Contact Us" section of this Policy to request an explanation, and we will provide appropriate remedies.

4.5. Responding to Your Above Requests

To ensure security, you may need to provide a written request or prove your identity through other means. We may require you to verify your identity before processing your request. We will respond within fifteen working days to your reasonable requests.

We generally do not charge fees for your reasonable requests. However, we may refuse requests that are repetitive, require excessive technical means (e.g., the need to develop new systems or fundamentally change existing practices), pose risks to the legitimate rights and interests of others, or are highly impractical.

5.Data Storage Location and Period

The information described in this Policy will not be transmitted to any servers.

6.Protection of Your Personal Information

6.1. Security in data collection: We confirm the legality, legitimacy and necessity of data collection through an impact assessment of personal information security. We inform you clearly and accurately and obtain your consent.

6.2. Security in data transmission: We use secure channels to transmit personal information and use appropriate encryption algorithms for secure encryption and desensitization processing to ensure the confidentiality and integrity of personal information during data transmission.

6.3. Security in data storage: We use a data classification and grading management system and adopt different information storage strategies based on the results of data classification and grading. We strengthen permission control for databases that store personal information. We regularly back up and recover personal information to ensure its integrity during storage.

6.4. Security in data deletion: We process data that has expired through secure deletion technology in accordance with legal requirements and business needs to ensure that deleted data is irrecoverable.

6.5. In the event of a personal information security incident, we will promptly notify you of the basic situation and potential impacts of the security incident, the disposal measures we have taken or will take, suggestions for self-prevention and risk reduction, and remedies available to you in accordance with legal requirements. We will notify you of the incident-related information via email, phone, SMS, push notifications, letters, or other means. If it is difficult to notify personal information subjects one by one, we will publish the information in a reasonable and effective manner. At the same time, we will actively report to regulatory authorities on the disposal of personal information security incidents as required.

6.6. The internet is not an entirely secure environment, and despite our best efforts to strengthen security measures, we cannot guarantee the absolute security of information at all times. Please understand that when you use our products and services, there may be security issues beyond our control, such as malicious attacks.

7.Amendments to Privacy Policy

We may amend or update this Policy from time to time to reflect changes in the law, data collection and usage practices, the characteristics of our services, or technological advancements. You are required to regularly review this Policy and check the "Effective Date" first set forth above to see if this Policy has changed since your last review. By continuing to use our services, you acknowledge that you have read and understood the latest version of this Policy. If we make significant amendments to this Policy, we will notify you through our services or other means so that you have the opportunity to review such amendments before they take effect in accordance with applicable legal requirements.

8.Contact Us

8.1 If you have any questions, opinions or suggestions about this Policy or our services, you can contact us by:

(1) Email: info@openrock.com

(2) Mail: 12/F, Tower C, Jiazhaona Creative Building, Western Silicon Valley, Bao'an District, Shenzhen

(3) Phone: 400-870-0835

8.2 To ensure efficient handling of your questions and timely feedback to you, you are required to provide proof of identity, valid contact information, written requests and related evidence. We will process your request within fifteen working days after verifying your identity.

8.3 If you are dissatisfied with our response, especially if you believe that our personal information processing has harmed your legitimate rights and interests, you can first negotiate with us. If you are still dissatisfied with the negotiation result, you can apply for arbitration with the Shenzhen Court of International Arbitration. This Policy and related issues, including performance, interpretation and dispute resolution, shall be governed by the laws of Mainland China (excluding Hong Kong, Macau, and Taiwan).