I. How we collect and use your personal information

1. Account data: When you register or log in to our account, you will need to provide us with at least a Mobile number or email address (we will desensitize your mobile number or email address after we collect it) and set up an account password for logging in. You may also choose to provide us with your nickname and custom profile picture information in order to enrich your account information. If you refuse to provide your mobile number or email address, you will not be able to complete registration, login and use TORRAS normally.

During the registration or login process, we also collect the mobile phone device identification information (Android such as ANDROID_ID, UUID, DeviceID, IDFA, OAID, ICCID, GAID, MEID, OpenUDID, MAC address, IMSI, Advertising ID, Serial Number; iOS such as IDFV, IDFA, MAC address, UUID, UDID), hardware serial number, MAC address, IP address, WIFI (address, status and parameters) for network and operation security and notification message pushing.

2.Third party login account data: If you choose to authorize the use of third party account login (WeChat/ Google/ Apple ID) for quick login, we will obtain your shared account information (profile picture, nickname) from the third party to associate with your TORRAS account. We will use your personal information in accordance with the agreement with the third party and the terms of the third party's published privacy policy regarding the sharing of personal information and in compliance with relevant regulations. If you refuse to provide authorization, you will not be able to use your third party account to log into TORRAS.

3.Device interconnection data: When you use the TORRAS App to connect to a TORRAS smart device, we will collect your location information, Bluetooth information, Wi-Fi information with your permission to help you connect your phone to the device and the phone's control of the device. Once connected you can monitor the operating status of your device and control it remotely via the TORRAS App. This is a core business function of the TORRAS App, and if you choose not to provide the above information, you might not be able to use this core function.

4.Feedback: When you provide us with feedback through the "Me - Contact Us" section, you need to provide your feedback content (required), and you can choose to provide us with pictures, videos, contact information, e-mail, etc., so that we understand the specifics of your feedback. If you do not provide feedback content, you will not be able to submit feedback; when we receive your feedback, we will reply to you through the contact information you provide. If you refuse to provide contact information, we will not be able to respond to you, and cannot deal with your problems and equipment failure for you. If you do not provide pictures, videos, you may not be able to well illustrate the problem of your feedback.

5.Information on permissions requested for use in order to provide the service.

In order to provide you with better services, we will apply to you to obtain the following permissions: read camera album permission, network permission, storage permission, Bluetooth permission, location permission, system setting permission, and update and install application permission. If you do not agree to grant the above permissions, you will not be able to use the functions mobile with the permissions, but this does not affect your access to other functions of the TORRAS App. Special note: we only obtain read access and do not collect or use the contents of your local files, nor do we make any changes or edits to them.

In order to provide you with our products and services, we will collect, process and protect your personal information and privacy in strict accordance with the laws and regulations and in compliance with the principles of propriety, legality and necessity. The Personal Information Collection List will help you understand how we collect and use your personal information.

II. How we share your personal information

Please know that some parts of the products/services we provide to you cannot be done alone, so we may share or entrust some of your personal information with third parties such as service providers, and we will take necessary technical and management measures to protect your personal information as much as possible.

III. How you manage your personal information

You can manage your personal information by clicking on " Me - Account Security" in the TORRAS App, including accessing, correcting, withdrawing, deleting your personal information, and canceling your account.

If you have problems managing your personal information, you can contact us. However, please also understand that we may not be able to fully comply with your request due to our obligation to fulfill laws and regulations or the necessity of our service provision

IV. Our protection of personal information of minors

Minors under the age of 18 (or the age of majority according to the user's local relevant laws) ("minors") should obtain the prior express consent of their parents or legal guardians before using our products and/or services. If you are a minor, you should read this Abstract and the TORRAS Privacy Policy together with the supervision and guidance of a guardian before using our products and/or services, and you should use our products and/or services with the express consent and guidance of your guardian. We do not knowingly collect any personal information from minors without such consent and acknowledgement.

If you are the guardian of a minor, if you have questions about the personal information of a minor in your custody, you may contact us through the contact information listed in Section V of this Abstract.

V. Contact Us

We have a dedicated personal information protection team and person in charge. If you have any questions, comments or suggestions about this policy or our services, you can contact us by the following ways:

1. you can provide feedback online via "Me - Contact Us - TORRAS Life" of the TORRAS App;

2. By sending an e-mail or a letter to the person in charge of personal information protection:

County/Region: China, Hong Kong SAR, Macau SAR, Chinese Taiwan

E-mail: tlsgbfs@163.com;

Address: C-1009,Zhantao Technology BLDG,Minzhi Avenue, Minzhi ST,Longhua

DIST,Shenzhen,China

Contact number: +86 13048806526

Zip code: 518112

County/Region: The United Kingdom of Great Britain and Northern Ireland, Canada, The United States, State of California, Commonwealth of Australia, Japan, Republic of Korea, Singapore, Malaysia,United Arab Emirates, State of Kuwait, State of Qatar, Kingdom of Bahrain, Arab Republic of Egypt, etc.

E-mail: support@torraslife.com;

Address: C-1403,Zhantao Technology BLDG,Minzhi Avenue, Minzhi ST,Longhua

DIST,Shenzhen,China

Contact number: +86 18818575861

Zip code: 518112

TORRAS Privacy Policy

Date of Publication: February 10, 2023

Effective Date: February 10, 2023

Introduction:

TORRAS is a product and service provided by Shenzhen TORRAS Technology Co.,Ltd. (registered in Shenzhen, Guangdong Province, China, hereinafter referred to as "we" or "TORRAS"). It is our obligation to protect the security of your personal information, and we will provide adequate protection for the security of your personal information in accordance with legal requirements. To this end, we have created the TORRAS Privacy Policy ("this Policy") to help you understand how we handle your personal information and your rights in connection with your use of TORRAS hardware, firmware and software.

Software Name: TORRAS

*The basic function of the software is to "monitor and remotely control the operating status of your device after connecting to a TORRAS smart device using the TORRAS App". The software requires a mobile number to log in, and after logging in and bounding the device, you can use its functional services.

Before you are ready to interact with our TORRAS products via the TORRAS App, please make sure you read this Privacy Policy (especially those marked in bold) carefully and understand the purposes and security measures for which we process your personal information, including how we collect, use, store, share and transfer your personal information. In this Policy, you may enforce your rights related to personal information, such as the right of access, correction, deletion, etc., through our prompts.

At the same time, you have the right to refuse to agree to this Policy, but please be aware that if you choose to refuse, you may not be able to use the relevant services and functions of the TORRAS App in full, or to achieve the results of the services we intend to achieve. Your consent to this Privacy Policy means that you understand the functions provided by the application and the personal information necessary for the operation of the functions, and that you have given the corresponding authorization to collect and use them, but it does not mean that you have separately agreed to the opening of additional functions, the processing of non-essential personal information, the opening of relevant additional functions, the processing of non-essential personal information and the processing of sensitive personal information, we will seek your consent separately according to your actual use. The use of these additional features, the processing of non-essential personal information and the processing of sensitive personal information will be subject to your consent. During the reading process, if you have any questions, comments, suggestions or complaints, please contact us through the contact information in Section IX of this Policy.

This Policy describes:

I. How we collect and use your personal information

II. How we share, transfer and publicly disclose your personal information

III. How you manage your personal information

IV. Safety and security measures

V. Data Retention Period

VI. Protection of personal information of minors

VII. How your personal information is transferred globally

VIII. Statement on policy changes

IX. Contact us

I.How we collect and use your personal information

1.Definition

Personal information: all kinds of information related to identified or identifiable natural persons recorded by electronic or other means, excluding information after anonymization.

Smart device: a non-standard computing device produced or manufactured by hardware manufacturers that can transmit information through wireless networks, such as TORRAS smart devices.

Application: the mobile app, TORRAS App (including applications that can be downloaded and installed, and mini programs TORRAS Life that users can use without installation), which is an IoT device app provided by Shenzhen TORRAS Technology Co.,Ltd.

2.The types of personal information we collect and the purposes for which we use it

In the course of your use of the TORRAS service, we will uphold the principle that the collection of information is legal, reasonable and necessary to process the following information necessary to provide the Service in order to fulfill our contractual obligations and to ensure that you can properly use the relevant functions of the application.

(1)Information that you voluntarily provide to us, the purpose of use of such information

Account data: When you sign up for a TORRAS account, you are required to provide us with at least a mobile number or email address (we will desensitize your mobile number or email address after collecting it) and set up an account password for logging in. If you refuse to provide your mobile number or email address, you will not be able to complete the registration, login and use TORRAS App normally; after the registration is completed, you can also improve your nickname and custom profile picture information to get a better experience of using your TORRAS account.

During the registration or login process, we also collect your device identification information (Android such as ANDROID_ID, UUID, DeviceID, IDFA, OAID, ICCID, GAID, MEID, OpenUDID, MAC address, IMSI, Advertising ID, Serial Number; iOS such as IDFV, IDFA, MAC address, UUID, UDID), hardware serial number, MAC address, IP address, WIFI (address, status and parameters) for network and operation security and notification message push.

Third party login account data: If you choose to authorize the use of third party account login (We Chat / Google / Apple ID) for quick login, we will obtain your shared account information (profile picture, nickname) from the third party to associate with your TORRAS account. We will use your personal information in accordance with the agreement with the third party and the terms of the third party's published privacy policy regarding the sharing of personal information and in compliance with relevant regulations. If you refuse to provide authorization, you will not be able to use your third party account to log into TORRAS.

Device interconnection data: When you connect your TORRAS smart device using the TORRAS App, we collect your location information, Bluetooth information, Wi-Fi information with your permission to help you connect your phone to your device and your phone to control your device. Once connected you can monitor the operating status of your device and control it remotely via the TORRAS App. This is the core function of TORRAS App. If you choose not to provide the above information, you might not be able to use this core function.

Feedback: when you feedback through the "Me - Contact Us", you need to provide your feedback content (required), you can choose to provide us with pictures, videos, contact information, e-mail, etc. so that we understand the specifics of your feedback. After we receive your feedback, we will reply to you directly or through the contact information you provide. If you refuse to provide your contact information, we may not be able to respond to you and deal with your problem or equipment failure. If you do not provide pictures, videos, we may not be able to well illustrate the problem of your feedback.

Invoked mobile device permissions

Please note that by turning on any permission, you authorize us to collect and use the relevant personal information to provide you with the corresponding services, once you turn off any permission, you cancel the authorization, we will no longer collect and use the relevant personal information based on the corresponding permission, and cannot provide you with the services corresponding to that permission. However, your decision to close the permission will not affect the collection and use of information based on your authorization.

For an itemized list of the access rights to your mobile device that may be enabled by the implementation of relevant business functions, please refer to the System Permissions Management List.

(1)Information we collect automatically and purpose of use

Mobile device information: In order to bound your TORRAS smart device and ensure the stability and security of the software system operation, we will obtain your phone model, brand, OS version, ROM version and screen resolution.

Log information: To enable secure operation and timely detection of software system problems, system and exception logs are uploaded when you use our applications, including your language of use, operating system version, date or time of access.

(2)Information about the TORRAS Smart Device

Basic information about the TORRAS Smart Device: When you use the TORRAS App to connect to a TORRAS smart device ("Device"), we collect basic information about the Device, including the Device name, Device ID, online status, activation time, firmware version and upgrade information, and system language, in order for the App to connect to the Device, display Device usage information, and update the Device firmware.

Information reported by TORRAS Smart Device: When you connect to a device we serve using the TORRAS App, we collect information reported by the device, including [Android ( e.g. ANDROID_ID, UUID, DeviceID, IDFA, OAID, ICCID, GAID, MEID, OpenUDID, MAC address, IMSI, Advertising ID, Serial Number; iOS such as IDFV, IDFA, MAC address, UUID, UDID), hardware serial number, MAC address, IP address, WIFI (address, status and parameters) ] .

Please note that device information and service log information alone is information that cannot identify a specific natural person. If we combine such non-personal information with other information to identify a specific natural person, or use it in combination with personal information, such non-personal information will be treated as personal information during the period of combined use, and we will anonymize and de-identify such information unless we obtain your authorization or unless otherwise required by law or regulation.

TORRAS provides an itemized list of the information collected and used about you. Please refer to the Personal Information Collection List for specific scenarios of use and purposes of use and storage times.

3.Legal basis for processing personal information

The purposes for which we process your information are as follows:

Services for you: We process your account and profile data, permission information, log information, location information and information related to your smart device, and the legal basis for such processing is our agreement (TORRAS Privacy Policy、TORRAS User Agreement)with you.

Improving our services: We process your device information, usage data, location information and smart device-related information to ensure the functionality and security of our products, to develop and improve our products and services, to analyze the efficiency of our operations, and to prevent and track fraud or misuse. The legal basis for such processing is the performance of our agreement (TORRAS Privacy Policy, TORRAS User Agreement)with you in accordance with our terms of use.

Non-marketing communications: We process your personal information for the purpose of sending you important information related to services, changes to terms/conditions and policies, and/or other administrative information. At the same time, we may also send you notifications related to the services you use, such as alert services. You can manage whether you request to receive such communications by going to TORRAS's "Me - Notifications" and when you choose to turn off push notifications, we will not continue to send you such information. The legal basis for such processing is our agreement with you.

4.Exception for prior authorized consent

Please note that your prior authorized consent is not required for the collection and use of personal information in the following cases:

(1) directly related to national security and national defense security;

(2) directly related to public safety, public health, and significant public interest;

(3) directly related to crime investigation, prosecution, trial, and sentence enforcement;

(4) for the purpose of safeguarding your or other individuals' significant legal rights and interests, such as life and property, but where it is difficult to obtain my consent;

(5) the personal information collected is disclosed by you to the public at your own discretion;

(6) where personal information is collected from legitimate publicly disclosed information, such as legitimate news reports, government information disclosure and other sources;

(7) necessary to enter into and perform the contract at your request;

(8) necessary for maintaining the safe and stable operation of the product or service provided, such as detecting and disposing of malfunctions of the product or service;

(9) necessary for the conduct of legitimate journalism;

(10) where it is necessary to conduct statistical or academic research in the public interest and where it provides the results of academic research or descriptions to the public by de-identifying the personal information contained in the results;

(11) other circumstances specified in laws and regulations.

II.How we share, transfer, and publicly disclose your personal information

1.Who do we share your personal data with?

We will not share your personal information with any company, organization or individual outside of Shenzhen LANHE Technology Co. except as follows:

(1) Sharing with explicit consent: we may share your personal information with other parties after obtaining your explicit consent.

(2) Fulfillment of legal obligations: we may share your personal information to the public in accordance with laws and regulations, or in accordance with mandatory requirements of government authorities.

(3) Sharing with our affiliates: where permitted by law, we may share your information with our affiliated companies in order to provide you with TORRAS products and services. Our affiliated company is Shenzhen LANHE Technology Co. and TORRAS is a brand of Shenzhen LANHE Technology Co. If an affiliated company wishes to change the purpose of processing personal information, it will again seek your authorized consent.

(4) Sharing with authorized partners: Some of our services will be provided by authorized partners only to fulfill the purposes stated in this policy. We may share some of your personal information with our partners in order to provide better customer service and experience. We will only share your personal information for purposes that are legal, legitimate, necessary, specific, and explicit, and only as much personal information as is necessary to provide the services. Our partners do not have the right to use the personal information shared for any other purpose.Currently our authorised partners are：

Third party SDK service providers : In order to ensure the stable operation and function of the application, so that you can use and enjoy more services and functions, we will embed the third party's SDK in the application. This privacy policy only applies to the information we collect from you, not to the products or services provided to you by the third party alone, and we are not responsible for how the third party's products or services collect, use, or process your personal information. We are not responsible for how third party products or services collect, use, or process your personal information. When you use the products or services provided by the third party alone, the third party may collect your personal information; when you use the third party products or services, please also carefully read and fully understand the privacy policy of the products or services provided by the third party; please refer to the valid version provided by the third party when you use the third party products or services. In order to provide you with more services, ensure the stability and quality of services or upgrade the relevant functions, we may need to adjust the third-party SDK/API that we access, and we will update the directory of the third-parties that TORRAS app accesses in a timely manner to explain to you the latest situation involving the third-party SDK so that you can check the third-party data usage rules.

Please refer to the Third Party Information Sharing List for the third-party SDKs embedded in the platform .

2.Transfer

We will not transfer your personal information to any company, organization or individual unless we obtain your explicit consent, or in the case of a merger, acquisition or bankruptcy and liquidation involving the transfer of personal information, we will require the new company or organization holding your personal information to continue to be bound by this Privacy Policy, otherwise we will require the company or organization to seek authorized consent from you again.

3.Public Disclosure

We will only disclose your personal information publicly when.

(1) After obtaining your express consent.

(2) Disclosure based on law: we may disclose your personal information publicly if compelled to do so by law, legal process, litigation or governmental authority.

4.Exceptions to Prior Authorized Consent

Prior authorized consent of the subject of personal information is not required for sharing, transferring, or publicly disclosing personal information in the following cases:

(1) directly related to national security or national defense security;

(2) directly related to public safety, public health, and significant public interest;

(3) directly related to crime investigation, prosecution, trial, judgment execution, etc;

(4) for the purpose of safeguarding the life, property and other significant legitimate rights and interests of the subject of personal information or other individuals but it is difficult to obtain his or her consent;

(5) personal information disclosed to the public by the subject of personal information himself/herself;

(6) personal information collected from information that is lawfully and publicly disclosed, such as lawful news reports, government information disclosure and other channels.

III.How you manage your personal information

You have the right to manage your information, including

1.Access to your personal information

(1) Your personal information

Path: Me - Personal Information

You can access or edit the personal information in your account. For information that cannot be accessed through the above path, you can contact us at any time through the contact information in Section IX of this policy, and we will respond to your request for access within fifteen(15) business days after verifying your identity information.

(2) Your other personal information

Path: Me - Privacy Management Rules - Personal Information Collection List/p>

You can learn about the information we collect about you by reviewing the Personal Information Collection List./p>

2.Correction of your personal information

Path: Me - Personal Information (you can edit your profile picture, nickname, gender, and, change your password)

If you find that we have processed your personal information incorrectly, and for information that cannot be corrected through the above path, you may contact us at any time through the contact information in Section IX of this Policy, and we will respond to your request for correction within fifteen (15) business days after verifying your identity information.

3.Deletion of your personal information

You may delete your personal information yourself by the following means: Me - Personal Information./p>

Your personal information will not be recovered after seven (7) days of deletion. If we have processed your personal information in violation of laws and regulations, or if we have collected or used your personal information without your consent, or if you no longer use our products or services and cancel your account, and you need to delete your personal information, you may submit a request to delete your personal information to us through the contact information in Section 9 of this Policy, and we will respond to your request for deletion within fifteen (15) business days. When your information is executed for deletion, we will no longer use the data, but may not be able to delete it immediately to accommodate necessary related legal policy requirements or to protect the integrity of the data necessary for the proper operation of the service, and may store or back up the data within the necessary time period, but we will delete it promptly after that time period.

4.Cancellation of your account

You can cancel your account at anytime. Once you cancel your account on the TORRAS App, you will not be able to use the TORRAS services of remote monitoring and operation of smart devices, we will delete or anonymize your personal data as required by applicable law, and the relevant data will not be recoverable after seven (7) days of your account cancellation, so please proceed with caution!

Cancellation path: Me - Account Security - Cancel your account

You can also apply to the third party to cancel your account. However, you may also contact us through the contact information in Section IX of this policy and we will respond to your cancellation request by deleting your personal information under the account bounded with your registered mobile number within fifteen (15) business days after verifying your identity information.

5.Copy of Personal Information

You have the right to obtain a copy of your personal information by sending a request to the email address: support@torraslife.com

After an individual user cancels, the system may delete personal information and we will not be able to provide a complete copy of personal information.

6.Constraint information system automatic decision making

In some business functions, we may make decisions based solely on non-manual automated decision-making mechanisms, including information systems and algorithms. If these decisions significantly affect your legitimate interests, you have the right to request an explanation from us and we will provide appropriate remedies.

7.Right to withdraw consent

You can revoke the association of your TORRAS account with a third party account in the TORRAS App by following the revocation path: Me - Account Security.

Where we have relied on your consent to process data, you have the right to withdraw that consent at any time by going to: Me - Account Security - Cancel your account.

If you wish to withdraw your consent to this Privacy Policy, you may do so by modifying your personal permission settings via the TORRAS App. Path: Me - Privacy Management Rules - Privacy Policy- Withdraw consent . When you withdraw your consent, we will not be able to continue to provide you with the corresponding services and will no longer process your personal information. However, your decision to withdraw your consent or authorization will not affect the personal information processing activities previously carried out on the basis of your consent.

8.Restrictions on processing

In some cases, you have the right to request that we stop processing your personal information and only store such information. However, we may process your personal information if we have a legitimate reason to do so (for example, to defend a legitimate request or to protect others).

If we agree to stop processing personal information, then we will take reasonable steps to do so. Please inform any third party to whom we have disclosed the personal information in question so that they may also stop processing it.

You may request that we stop processing the personal information we hold about you and only store it if

you believe that the personal information is inaccurate and that the data, whose accuracy is in doubt, may lead to a loss of self-interest of the data subject;

we process data and for purposes that are deemed unlawful by an official body, such as a court of law (you want us to retain personal information in storage form only); or

we no longer need the personal data for the purposes of the data processing activities, but at that time you have a legal claim, and in order to bring, exercise or defend that legal claim, you have the right to exercise the right to restrict processing against the data controller in order to ensure that the data subject's legal claim can be successfully pursued.

9.To respond to your request as described above

For security purposes, you may be required to provide a written request or otherwise prove your identity. We may ask you to verify your identity before we process your request. We will respond within fifteen (15) business days. (However, in certain circumstances, such as when the request involves a large amount of information or a complex situation, this may be extended for an additional two (2) months)

In principle, we do not charge a fee for your reasonable requests. We may deny requests that are unwarrantedly repetitive, require excessive technical means (for example, requiring the development of new systems or fundamental changes to current practices), pose a risk to the legal rights of others, or are highly impractical (for example, involving information stored on backup tapes).

If you are a user located in one of the following countries or regions: Hong Kong, China, Macau, China, Taiwan, United Kingdom, Canada, United States and California, Australia, Japan, Korea, Malaysia, Singapore, United Arab Emirates, Qatar, State of Kuwait, Bahrain or Egypt, then the terms set out in the Supplementary Terms under your jurisdiction apply to you in addition to the terms set out in our Privacy Policy.

10.In accordance with legal and regulatory requirements, we will not be able to respond to your request for correction or deletion of information in the following cases:

(1) directly related to national security or national defense security;

(2) directly related to public safety, public health, or significant public interest;

(3) directly related to crime investigation, prosecution, trial, execution of judgments, etc.;

(4) where we have sufficient evidence of subjective malice or abuse of rights (such as where your request would jeopardize public safety and the legitimate rights and interests of others, or where your request is beyond the scope of what can be covered by ordinary technical means and commercial costs);

(5) responding to the request of the subject of personal information will lead to serious damage to the legitimate rights and interests of you or other individuals or organizations;

(6) where commercial secrets are involved.

IV.Safety and security measures

1.The security of data collection

We confirm the legality, legitimacy and necessity of data collection through personal information security impact assessment, identify and inform and obtain your consent in a clear and accurate manner, and we will record your authorized consent in the log; we will use technical measures to identify the source party collecting or generating the data to ensure the accuracy and resistance to denial of the data source.

2.Secure transmission of data

We will use a secure channel to transmit your personal information, and securely encrypt and desensitize it through strict encryption algorithms to ensure the confidentiality and integrity of personal information during data transmission.

3.Safe storage of data

We implement a classification and grading management system for data storage, and adopt different information storage strategies in response to the results of data classification and grading; for the confidential storage of sensitive personal information, we ensure that the data security use norms can be implemented; we strengthen the control of the rights of the database where personal information is stored; we regularly backup and restore personal information to ensure the integrity of personal information in the process of storage and use.

4.Safe destruction of data

We set the minimum available period of personal information storage according to the requirements of laws and regulations and actual business needs, and process the expired data through safe deletion technology to ensure that the destroyed data cannot be recovered, technical means include but not limited to data complete erasure program, disk destruction, physical destruction, etc.

5.Personal information leakage incident

In the unfortunate event of a personal information leakage security incident, we will, in accordance with the requirements of laws and regulations, promptly inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, your independent prevention and risk reduction recommendations, remedial measures for you, etc. We will promptly inform you of the event-related situation in one or more ways, such as email, telephone, SMS, push notification, etc. When it is difficult to inform the subject of personal information one by one, we will take a reasonable and effective way to issue an announcement. At the same time, we will also take the initiative to report the disposition of personal information security incidents in accordance with the requirements of the regulatory authorities.

6.The Internet is not an absolutely safe environment, and even if we do our best to strengthen security protection measures, we cannot always guarantee the absolute safety of information. Please understand that when you use our products and services, there may be malicious attacks and security problems outside our control, etc.

7.Your Cooperation

Although we have taken reasonable and effective measures as described above and have complied with the standards required by relevant laws and regulations, we cannot guarantee the security of your personal information when it is communicated through insecure means. Therefore, you should take active measures to ensure the security of your personal information, such as: setting complex passwords, changing your account password regularly, and not disclosing your account password information to others to help us keep your account and personal information secure. If you discover that your personal information has been compromised, especially your account or password, please contact us immediately at the contact information provided at the end of this Privacy Policy so that we can take appropriate measures to protect the security of your information.

V.Data Retention Period

We will continue to store your personal information for the duration of your use of the TORRAS App for the time specified in the Personal Information Collection List. If you need to delete your personal information, you can delete it yourself via "Personal - Personal Information" or by contacting us as described in Section IX of this policy. After your personal information is deleted, the copy of relevant data will be kept for seven (7) days. In addition, we will delete or anonymize your personal information after the above retention period, except as expressly provided by law or regulation. If we are unable to destroy the data for technical reasons, we will take appropriate measures to prevent further use of your personal data.

VI.Protection of personal information of minors

We attach great importance to the protection of children's (or minors') personal information. If you are under the age of 18 (or the age of majority according to the user's relevant local laws), it is important to obtain the prior written consent of your parent or legal guardian before using our services. Shenzhen TORRAS Technology Co.,Ltd. will protect children's personal information in strict accordance with the provisions of the relevant laws and regulations of each country or region. Please note that if we discover that personal information of children has been collected without the prior consent of a verifiable parent or legal guardian, we will attempt to delete the relevant personal information as soon as possible. If a guardian has reason to believe that we have collected personal information from a minor without the guardian's consent, please contact us through the contact information in Section IX of this policy and we will delete the relevant data as soon as possible upon your request.

VII.How your personal information is transferred globally

In principle, personal information collected and generated by us in the People's Republic of China will be stored in the People's Republic of China. Because we provide our products or services through resources and servers located around the world, this means that your personal information may be transferred to, or accessed from, jurisdictions outside the country where you use the product or service, with your expressly authorized consent. Such jurisdictions may have different data protection laws or even no such laws. In such cases, we will ensure that your personal information is adequately protected to the same extent as it is in the People's Republic of China. For example, we may request your consent for cross-border transfers of personal information or implement security measures such as data de-identification prior to cross-border data transfers. Data transfers to users in the EU will be in accordance with the European Commission's model contract for the transfer of personal data to third countries.

VIII.Statement on policy changes

We may make changes to this Policy from time to time. We will not reduce your rights under this Policy without your express consent. We will post any changes to this Policy on this page. For material changes, we will notify you by pop-up information, email, etc., and ask for your consent again.

Material changes referred to this policy include, but are not limited to:

1.significant changes in our service model. Such as the purpose of processing personal information, the type of personal information processed, and the way personal information is used;

2.significant changes in our ownership structure, organizational structure, etc. such as changes in ownership due to business restructuring, bankruptcy and mergers, etc.;

3.changes in the primary recipients of personal information sharing, transfer or public disclosure;

4.significant changes in your rights to participate in the processing of personal information and in the manner in which it takes place;

5.in the event of a change in the department responsible for handling the security of personal information, our contact information and complaint channels;

6.when the personal information security impact assessment report indicates a high risk.

By continuing to use the service after we update this Policy, you agree to the contents of this Policy (including the updated version) and consent to our collection, use, retention, disclosure, and transfer of information about you in accordance with this Policy.

IX.Contact Us

1.We have established a dedicated personal information protection team and person in charge. If you have any questions, comments or suggestions regarding this policy or our services, you can contact us through the following ways:

(1) you can provide online feedback through the TORRAS App "Me - Contact Us - TORRAS Life";

(2) send an email or a letter to the person in charge of personal information protection: name of the person in charge (legal representative): Huang Guowen (コウコクブン);

County/Region: China, Hong Kong SAR, Macau SAR, Chinese Taiwan

E-mail: tlsgbfs@163.com;

Address: C-1009,Zhantao Technology BLDG,Minzhi Avenue, Minzhi ST,Longhua DIST,Shenzhen,China

Contact number: +86 13048806526

Zip code: 518112

County/Region: The United Kingdom of Great Britain and Northern Ireland, Canada, The United States, State of California, Commonwealth of Australia, Japan, Republic of Korea, Singapore, Malaysia,United Arab Emirates, State of Kuwait, State of Qatar, Kingdom of Bahrain, Arab Republic of Egypt, etc.

E-mail: support@torraslife.com;

Address: C-1403,Zhantao Technology BLDG,Minzhi Avenue, Minzhi ST,Longhua DIST,Shenzhen,China

Contact number: +86 18818575861

Zip code: 518112

(3)contact us by phone:

Tel: +86 13048806526; +86 18818575861

2.In order to ensure that we handle your problem efficiently and provide you with timely feedback, you are required to submit proof of identity, valid contact information, a written request and relevant evidence, and we will process your request within fifteen (15) business days after verifying your identity.

If you are not satisfied with our response, especially if you think our personal information processing behavior has harmed your legitimate rights and interests, you can first consult with us, and if you are not satisfied with the results of the consultation, you can apply to the Shenzhen International Arbitration Court for arbitration. The laws of Mainland China (excluding Hong Kong, Macau and Taiwan) shall apply to all issues related to this Privacy Policy, including performance, interpretation and dispute resolution. Please note that if you are a resident of EEA, UK, you have the right to file a complaint with the data protection authority in your country.