Vul.AI (hereinafter referred to as "Vul.AI" or "We") is the owner of the online security management platform named "Ai.Radar" (hereinafter referred to as "The Product"). We attach great importance to protecting your privacy and personal information. This Privacy Policy contains terms regarding how we collect, process, store, use, share, transfer, publicly disclose, and protect the personal information (hereinafter referred to as "Information") of users ("You").

This Policy will help you understand the following:

1. How we collect and use your personal information.

2. How we share, transfer, and publicly disclose your personal information.

3. How we store your information.

4. How we protect your personal information.

5. Your rights.

6. International Compliance Statement.

7. How we use Cookies and similar technologies.

8. Protection of children's rights.

9. Changes to this Privacy Policy.

10. How to contact us.

We are fully aware of the importance of personal information to you and will do our utmost to protect your personal information. We are committed to maintaining your trust in us and adhering to the following principles to protect your personal information: the principle of consistency of rights and responsibilities, the principle of clear purpose, the principle of choice and consent, the principle of minimization and necessity, the principle of ensuring security, the principle of subject participation, and the principle of openness and transparency. At the same time, we promise to adopt corresponding security protection measures to protect your personal information in accordance with mature security standards in the industry.

We hope to introduce our processing methods for your personal information through this Privacy Policy. Therefore, we recommend that you read this Privacy Policy completely and carefully to help you understand the appropriate procedures for maintaining your personal information.

If you have any questions about this Privacy Policy, you may contact us via the contact information published in Article 11 of this Policy. If you do not agree with any content of this Privacy Policy, it is recommended that you strictly stop using our products or services immediately. When you start or continue to use any product or service provided by us, we will deem that you have fully understood and agreed to the entire content of this Privacy Policy.

Before using The Product, customers of The Product shall inform their employees that The Product may collect and use employee personal information, require their employees to read this Privacy Policy carefully, and obtain their employees' consent to this Privacy Policy. When a customer of The Product starts or continues to use any product or service provided by us, we deem that the customer has fulfilled the aforementioned obligation to inform employees and obtained their employees' consent. If any employee subsequently makes a claim against us alleging that we have infringed upon their personal information rights, the customer shall be responsible for resolving the liability caused thereby, and the customer shall be responsible for compensating for any losses caused to us.

Article 1: Scope of Application

This Policy applies to personal information provided by customers, potential customers, and the employees, representatives, and agents of the aforementioned parties of The Product, as well as personal information collected from the general public. This Policy applies to our collection, use, storage, and sharing of your personal information through all online platforms (such as the official website of The Product, websites accessible to us, third-party network platforms, mobile applications, social applications, etc.).

Article 2: How We Collect and Use Your Personal Information

Personal information refers to various information recorded electronically or in other ways that can identify a specific natural person or reflect the activities of a specific natural person, either alone or in combination with other information.

We will only collect and use your personal information for the purposes described in this Policy:

(I) Information provided by you when registering to use The Product service

To become our user and member, so that we can provide you with membership services, you provide us with relevant personal information when registering an account, such as phone number, name, email address, etc.. we will also record information provided by you when using our services, such as information you provide when contacting Vul.AI customer service through The Product, and questionnaire response information sent to us when you participate in questionnaire surveys.

(II) Displaying and pushing products or services to you

To improve our products or services and provide you with personalized information search and transaction services, we will extract features such as your browsing and search preferences, behavioral habits, and location information based on your browsing and search records, device information, location information, and order information. We will create indirect crowd portraits based on feature tags to display and push information. If you do not wish to receive commercial advertisements sent by us, you can cancel at any time through the corresponding product unsubscribe function.

(III) Providing products or services to you

1. Information provided by you

To facilitate the delivery of products or services to you, you need to provide a mobile phone number or email address. If we entrust a third party to deliver to you, you agree that we may share the aforementioned information with the third party.

You may also order products or services for others. you need to provide the aforementioned personal information of the actual orderer. Before providing us with the aforementioned personal information of the actual orderer, you must ensure that you have obtained their authorization and consent for you and us to use such personal information.

You can decide not to provide the above information or request the deletion of previously provided information. However, we will be unable to complete the relevant delivery services as a result.

We will also use the above information to provide relevant customer service to you or the actual orderer, or to conduct satisfaction surveys, internal audits, data analysis, and research in a manner consistent with this Privacy Policy.

2. Information we collect during your use of the service

To provide you with page displays and search results that better meet your needs, understand product adaptability, and identify abnormal account status, we will collect information about the services you use and how you use them and associate this information. This information includes:

Device Information: We will receive and record information related to the device you use (such as device model, operating system version, device settings, unique device identifiers, and other software and hardware feature information) and information related to the location of the device (such as IP address, GPS location, and sensor information such as WLAN access points, Bluetooth, and base stations that can provide relevant information) based on the specific permissions you grant during software installation and use.

Log Information: When you use the products or services provided by our website or client, we will automatically collect detailed usage of our services and save it as network logs. For example, your search query content, IP address, browser type, telecom operator, language used, access date and time, and records of webpages you visit.

To display the order information of your account, we will collect the order information generated during your use of our services to display to you and facilitate your management of orders. When you contact us, we may save your communication/call records and content or the contact information you leave to contact you, help you solve problems, or record the resolution plans and results of relevant issues. You can decide not to provide the above information or request the deletion of previously provided information. However, if you do so, it may affect your experience or the accuracy of obtaining, using, or purchasing our products or services, or strictly affect the normal operation of our network platform.

3. Your personal information collected through indirect means

To confirm transaction status and provide you with after-sales and dispute resolution services, we will collect your transaction, payment, and logistics information related to transaction progress, services, or products through the trading objects, payment institutions, logistics companies, and third-party platforms selected by you based on the exchange, or share your transaction information with the above service providers.

You can use products or services provided by our affiliates through the link entrance provided by us via The Product account. To facilitate us and our affiliates to jointly provide you with one-stop services based on linked accounts and facilitate your unified management, we centrally display your information or recommend information of interest to you within The Product.

When you use the above services through our products or services, you authorize us to share, aggregate, and analyze your personal information or transaction information that we confirm comes from a legal source or that you have authorized to be provided to us from our affiliates according to actual business and cooperation needs.

You can decide not to provide the above information or request the deletion of previously provided information. However, if you do so, it may affect your experience or the accuracy of obtaining, using, or purchasing our products or services, or strictly affect the normal operation of our network platform.

(IV) Providing security guarantees

To improve the security of your use of services provided by us, our affiliates, and partners, protect the personal and property safety of you, other users, or the public from infringement, better prevent security risks such as phishing websites, fraud, network vulnerabilities, computer viruses, cyber-attacks, and network intrusions, and more accurately identify violations of laws and regulations or relevant agreement rules of The Product, we may use or integrate your membership information, transaction information, device information, relevant network logs, and information obtained by our affiliates and partners with your authorization or shared in accordance with the law to strictly judge your account and transaction risks, conduct identity verification, detect and prevent security incidents, and take necessary recording, auditing, analysis, and disposal measures in accordance with the law.

(V) Other uses

When we want to use information for other purposes not specified in this Policy, we will seek your consent in advance.

When we want to use information collected for a specific purpose for other purposes, we will seek your consent in advance.

(VI) Exceptions to obtaining authorization and consent

According to relevant laws and regulations, collecting your personal information does not require your authorization and consent in the following circumstances:

1. Related to national security and national defense security

2. Related to public safety, public health, and major public interests

3. Related to criminal investigation, prosecution, trial, and execution of judgments

4. For the purpose of safeguarding the major legitimate rights and interests of you or other individuals, such as life and property, but where it is difficult to obtain your consent

5. The personal information collected is disclosed to the public by you yourself

6. Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels

7. Necessary for maintaining the safe and stable operation of the provided products or services, such as discovering and handling faults in products or services

8. Other circumstances stipulated by laws and regulations

(VII) Important Notice

When providing the above information to us, it may contain the personal information of others. You must obtain clear authorization from others agreeing that you and we collect, use, and store their personal information in accordance with this Policy.

Like all companies, considering the characteristics of information technology and cyberspace itself, in certain special circumstances (such as hacker attacks, telecommunication failures, etc.), although we have taken necessary measures stipulated by laws and regulations, there is still a risk of personal information leakage. Unless otherwise provided in this Privacy Policy, to protect your personal or property safety, we specifically advise you not to provide sensitive information involving your personal or property safety, such as your property status, health and physiology, account passwords or verification codes, communication content, etc., to us or any third party providing services to you in our name via public networks.

Article 3: How We Share, Transfer, and Publicly Disclose Your Personal Information

(I) Sharing

Your personal information is an important part of our service to you, and we will follow legal regulations regarding personal information. We will not share your personal information with third parties except in the following circumstances:

1. We will share your personal information with other parties with your explicit consent or authorization.

2. We will share your personal information externally in accordance with laws and regulations or the requirements or authorizations of administrative and judicial authorities.

3. Your personal information may be shared with our subsidiaries. We will only share necessary personal information and are bound by the purposes stated in this Privacy Policy. If a subsidiary wants to change the processing purpose of personal information, it will seek your authorization and consent again.

4. For the purposes described in the section "How We Collect and Use Your Personal Information", or to fulfill our obligations and exercise our rights in this Privacy Policy, we may share your personal information with our affiliates, partners, or third parties performing functions on our behalf (e.g., communication service providers sending push notifications on our behalf, payment institutions processing bank cards, etc.). We will only share your personal information for legal, legitimate, necessary, specific, and clear purposes, and will only share personal information necessary to provide services. Our partners have no right to use the shared personal information for any other purpose.

Currently, our authorized partners include the following types:

(1) Authorized partners for advertising and analysis services. Unless we have your permission, we will not share your personally identifiable information (information that can identify you, such as email addresses, through which you can be contacted or identified) with partners providing advertising and analysis services. We will provide these partners with minimized basic information about their advertising coverage and effectiveness (e.g., "Male, 25-29 years old, located in HongKong") to help them understand their audience or customers.

(2) Suppliers, service providers, and other partners. Suppliers, service providers, and other partners who support our business may come into contact with your personal information during the cooperation process. These supports include providing logistics services, technical infrastructure services, analyzing how our services are used, measuring the effectiveness of advertisements and services, providing customer service, facilitating payments, or conducting academic research and surveys.

(3) For companies, organizations, and individuals with whom we share personal information, we will sign strict data protection agreements with them, requiring them to process your personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures.

(II) Transfer

We will not transfer your personal information to any company, organization, or individual, except for the following circumstances:

1. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties.

2. In the case of merger, acquisition, or bankruptcy liquidation involving the transfer of personal information, we will require the new company or organization holding your personal information to continue to be bound by this Policy. otherwise, we will require the company, organization, or individual to seek your authorization and consent again.

(III) Public Disclosure

We will only publicly disclose your personal information under the following circumstances:

1. After obtaining your explicit consent.

2. Disclosure based on law: We may publicly disclose your personal information in the case of mandatory requirements by law, legal procedures, litigation, or government authorities.

(IV) Data Retention

1. We retain different types of information for different periods according to the purpose of data processing, our legitimate business purposes, and requirements under applicable laws. We may retain personal data when necessary to support collection and use purposes under this Policy, as well as other legitimate business purposes, such as storing data, documents, cybersecurity management purposes, legal proceedings, and tax matters.

2. We may store aggregated non-personal data without time limits. In any case, as long as the data subject uses The Product, we will retain information about the data subject unless the law requires us to delete the data subject or the data subject exercises the right to delete personal data.

Article 4: How We Store Your Information

Our main purpose in storing your personal information is to meet the purposes of personal information collection, use, and sharing listed in the Privacy Policy, and also to realize your right of control and right to know.

If the laws applicable to us have clear regulations on the retention period of your personal information, we will comply with such regulations. If there are no clear regulations in the law, we will save your personal information until:

1. The purposes of our collection, use, and sharing of your personal information are fully realized.

2. You terminate the use of our products or services.

3. You explicitly request us to delete your personal information. After the retention of personal information expires, we will take measures to delete, anonymize, or other methods prescribed by law.

We will set up multiple sites worldwide. Your personal information will only be stored on the server in your current region. Without your authorization, your enterprise information will not be stored in a different location. If you have cross-border transmission needs, we ensure that when transmitting your personal information to other regions, such personal information is still controlled by this Company, and local laws will not detract from the protection of your personal information. We will also take all necessary measures to ensure the security of such personal information. If there are clear requirements according to applicable laws, we will conduct regular security assessments on cross-border transmission of personal information and decide whether to continue cross-border transmission of your personal information based on the assessment results.

Article 5: How We Protect Your Personal Information

To ensure the security of your information, we strive to take various physical, electronic, and managerial security measures that comply with industry standards to protect your personal information and prevent your personal information from unauthorized access, public disclosure, use, modification, damage, or loss. We will take all reasonable and feasible measures to protect your personal information. For example, using SSL encryption protection technology when exchanging data (such as credit card information) between your browser and the "Service". providing https secure browsing for the website itself. using encryption technology to ensure data confidentiality. using trusted protection mechanisms to prevent data from malicious attacks. deploying access control mechanisms to ensure that only authorized personnel can access personal information. and holding security and privacy protection training courses to strengthen employees' awareness of the importance of protecting personal information.

The Internet is not an absolutely secure environment. We strongly recommend that you assist us in ensuring the security of your account through secure means. Users should take measures to prevent unauthorized access to their passwords, mobile phones, and computers. In addition, log out after using a shared computer, choose a strong password that others do not know or cannot easily guess, and keep login and password credentials private.

We also regularly monitor our systems to prevent possible vulnerabilities and attacks and regularly seek new technologies and methods to further enhance the security of our products and protect user information.

Although we strive to protect privacy, we cannot guarantee that this website will not be subject to any misconduct, unauthorized access, public disclosure, tampering, destruction, failure, illegal interception or access, or other types of abuse and misuse.

After the unfortunate occurrence of a personal information security incident, we will inform you in a timely manner in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, suggestions for you to prevent and reduce risks on your own, remedial measures for you, etc. We will promptly inform you of the relevant situation of the incident by email, letter, telephone, push notification, etc. When it is difficult to inform the personal information subjects one by one, we will take reasonable and effective ways to publish announcements.

At the same time, we will also proactively report the disposal of personal information security incidents in accordance with the requirements of regulatory authorities.

Article 6: Your Rights

In accordance with relevant local laws, regulations, and standards of the enterprise, as well as common practices in other countries and regions, we guarantee your exercise of the following rights regarding your personal information:

(I) Access your personal information

You have the right to access your personal information, subject to exceptions provided by laws and regulations. If you want to exercise the right of data access, you can access it yourself through the following ways:

Account Information: If you wish to access or edit the profile information and payment information in your account, change your password, add security information, or close your account, you can perform such operations by visiting the relevant web pages of The Product.

Order Information: You can view your order records, transaction records, etc., in The Product. If you cannot access this personal information through the above links, you can contact our customer service at any time. We will respond to your access request as soon as possible.

(II) Correct your personal information

When you find that there are errors in the personal information we process about you, you have the right to ask us to make corrections. You can submit a correction application through the methods listed in "(I) Access your personal information".

(III) Delete your personal information

In the following circumstances, you can make a request to us to delete personal information:

1. If our handling of personal information violates laws and regulations.

2. If we collect and use your personal information without obtaining your explicit consent.

3. If our handling of personal information strictly violates the agreement with you.

4. If you no longer use our products or services, or you actively cancel your account.

5. If we strictly no longer provide products or services to you permanently.

If we decide to respond to your deletion request, we will also notify the subjects who obtained your personal information from us as much as possible, requiring them to delete it in a timely manner, unless otherwise provided by laws and regulations, or these subjects have obtained your independent authorization.

When you delete information from our services, we may not immediately delete the corresponding information from the backup system, but we will delete or anonymize this information when the backup is updated.

(IV) Change the scope of your authorization and consent

Each business function requires some basic personal information to be completed (see Article 2 of this Privacy Policy). In addition, regarding the collection and use of additional personal information, you can give or withdraw your authorization and consent at any time.

You can contact us at any time through the contact information published in Article 11 of this Policy. To ensure security, you may need to provide a written request or prove your identity in other ways. We may ask you to verify your identity before processing your request. We will respond to your request to change authorization consent or not to receive commercial advertisements sent by us within 30 days.

After you withdraw your consent, we will no longer process the corresponding personal information. However, your decision to withdraw consent will not affect the personal information processing previously carried out based on your authorization.

For your reasonable requests, we do not charge fees in principle, but for repeated requests that exceed reasonable limits, we will charge a certain cost fee depending on the situation. We may reject requests that are groundlessly repetitive, require excessive technical means (for example, requiring the development of new systems or fundamentally changing current practices), bring risks to the legitimate rights and interests of others, or are strictly impractical.

In the following circumstances, in accordance with the requirements of laws and regulations, we will be unable to respond to your request:

1. Related to our fulfillment of obligations stipulated by laws and regulations.

2. Directly related to national security and national defense security.

3. Directly related to public safety, public health, and major public interests.

4. Directly related to criminal investigation, prosecution, trial, and execution of judgments.

5. There is sufficient evidence that you have subjective malice or abuse of rights.

6. For the purpose of safeguarding the major legitimate rights and interests of you or other individuals, such as life and property, but where it is difficult to obtain your consent.

7. Responding to your request will cause strictly damage to the legitimate rights and interests of you or other individuals or organizations.

8. Involving trade secrets.

Article 7: International Compliance Statement

China: We comply with the provisions of laws and regulations such as the Cybersecurity Law, the Data Security Law, and the Personal Information Protection Law, and perform localized storage of personal information and important data collected within China. When it is necessary to provide personal information overseas for business needs, we will conduct a security assessment and obtain relevant certifications or permits in accordance with the regulations of the cyberspace administration department.

Hong Kong, China: We comply with the provisions of laws and regulations such as the Critical Infrastructure (Computer Systems) Bill and the Personal Data (Privacy) Ordinance, and collect, hold, process, use, and transfer relevant data and information in accordance with relevant requirements.

Other Countries/Regions: We will pay attention to and comply with the data privacy laws and regulations of other countries and regions. When processing local user data, we ensure compliance with local legal requirements and fully guarantee users' privacy rights and interests.

Article 8: How We Use Cookies and Similar Technologies

(I) Cookies

A Cookie is a piece of data that a website can send to your browser, which may then be stored on your computer in the form of an anonymous tag to identify computer information. Some pages of The Product use Cookies or other technologies sent by The Product to provide better services when you visit the website again.

You can set your browser to notify you before receiving Cookies, giving you the chance to decide whether to accept them. You can also set your browser to turn off Cookies. However, if you do so, some website functions may not work properly.

(II) Web Beacons and Pixels

The Product's webpages may contain electronic images called "Web Beacons" (sometimes also called single-pixel images), which facilitate us to count the number of users who have visited these pages and provide co-branded services. Web Beacons are tools we use to compile website usage and relevant consolidated statistical data. Web Beacons collect only a limited set of information, including Cookie numbers, page viewing time and date, and a description of the page where the Web Beacon resides.

Article 9: Protection of Children's Rights

We attach great importance to the protection of children's personal information. Our website and services are primarily intended for adults. Children may not create their own user accounts without the consent of a parent or guardian. Therefore, we recommend that children encourage their parents or guardians to read this Privacy Policy, and we advise children to seek the consent and guidance of their parents or guardians before submitting personal information. In cases where children's personal information is collected with parental consent, we will only use or publicly disclose this information when permitted by law, with the explicit consent of the parent or guardian, or when necessary to protect the child. If we discover that a child has collected personal information of a child without verifiable prior parental consent, we will try to delete the relevant data as soon as possible.

We protect children's personal information in accordance with applicable laws. Although local laws and customs define children differently, we treat anyone under the age of 14 as a child.

Article 10: Changes to This Privacy Policy

To provide you with better services, our business will change from time to time, and this Privacy Policy will be adjusted accordingly. We will remind you of updates to relevant content by issuing an updated version on our official website or by other means. Please also visit us to keep abreast of the latest Privacy Policy. In the aforementioned circumstances, if you continue to use our services, you agree to accept and be bound by the modified Policy.

We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any changes made to this Policy on this page.

For major changes, we will also provide more prominent notice, which you can view at any time on The Product's official website.

Major changes referred to in this Policy include but are not limited to:

1. Significant changes in our service model. Such as the purpose of processing personal information, the type of personal information processed, the use of personal information, etc..

2. Significant changes in our ownership structure, organizational structure, etc. Such as changes in owners caused by business adjustments, bankruptcy, mergers and acquisitions, etc..

3. Changes in the main objects of personal information sharing, transfer, or public disclosure.

4. Significant changes in your rights regarding personal information processing and how they are exercised.

5. When our responsible department for personal information security, contact information, and complaint channels change.

6. When the personal information security impact assessment report indicates a high risk.

We will also archive old versions of this Policy for your review.

Article 11: How to Contact Us

If you have any questions about this Privacy Policy or regarding your personal information or privacy while using our services, you can contact us through the following methods:

Email: radar@huaun.com

In addition, we have established a Personal Information Protection Officer, whom you can contact via the publicly available contact information. We accept your complaints regarding personal information protection and will reply within fifteen days from the date of receiving the complaint.

If you are not satisfied with our reply, especially if you believe that our personal information processing behavior has damaged your legitimate rights and interests, you can also seek solutions through the following external channels: the court in the jurisdiction where the personal information controller is located, an independent agency certifying the personal information controller's privacy policy, industry self-regulatory associations, or relevant government administrative agencies.