CXPlayer (Management) Privacy Policy
Updated: January 26, 2025
Effective: January 26, 2025
Preamble
Welcome to CXPlayer! CXPlayer is a tool product provided by us. To explain how CXPlayer collects, uses, and stores your personal information and what rights you have, we will explain the relevant matters through this policy. CXPlayer is operated by Hefei Weijie Information Technology Co., Ltd. and its affiliated companies (hereinafter referred to as "we", "platform", or "CXPlayer"). We attach great importance to your privacy and personal information protection, and have formulated this "CXPlayer Privacy Policy" ("this Policy") in accordance with the Cybersecurity Law of the People's Republic of China, the Information Security Technology Personal Information Security Specification (GB/T), and related laws and regulations, as an integral part of the "CXPlayer User Agreement." We hope this Policy helps you understand the following:
- How we collect and use your personal information
- How we share, transfer, and publicly disclose your personal information
- How we protect your personal information
- How you manage your personal information
- How we handle the personal information of minors
- Applicable law and jurisdiction
- How this policy is updated
- How to contact us
We are well aware of the importance of personal information to you and will do our best to protect the security of your personal information. The personal information we mention in this privacy policy, including the collection, use, management, sharing and transfer of personal information, includes bolded and underlined sensitive personal information and other personal information. We are committed to maintaining your trust and adhering to the following principles: consistency of rights and responsibilities, purpose clarity, choice and consent, minimization, security assurance, subject participation, and openness and transparency. We promise to adopt corresponding security protection measures in accordance with mature industry standards to protect your personal information. Please read this policy carefully and confirm that you fully understand it before using our services. By clicking to agree, you are deemed to accept the contents of this policy and authorize us to collect, use, store and share your relevant information in accordance with this policy.
To help you quickly understand, we list the business scenarios, purposes, methods, and types of personal information as follows:
| Business Scenario/Purpose | Data Scope (Types) | Collection Method | Is Required | Notes |
|---|
| Account registration/login | Mobile phone number | User input | Required | Used to create an account and verify identity; without it you cannot register/login. |
| Content creation and delivery | Device storage access permission | System permission request | Required | Used to select materials for program creation and delivery; without this permission the related feature is unavailable. |
| Content creation and delivery | Images, videos, text content | User upload/input | Required | Used to generate and deliver program content. |
| Content creation and delivery | Camera and microphone permissions | System permission request | Not required | Used to create camera-based programs; if you do not use this feature, you can deny the permission. |
| Function operation | App installation permission | System permission request | Not required | Used for online updates; without this permission online update is unavailable. |
| Purchase and payment | Order information (product/service info, payment amount, purchase time) | System generated | Not required | Used for settlement and reconciliation; without it, purchase cannot be completed. |
| Security operation and risk control | Device information (model, settings, SN, MAC, unique device identifier, IP address) | System auto-collection | Required | Used for account security, identity verification and anomaly detection. |
| Security operation and risk control | Log information (usage records, crash logs, etc.) | System auto-collection | Required | Used to keep network logs and analyze service usage. |
| Product experience optimization | Usage data, customer service communications, survey responses, etc. | System analytics and user-provided | Not required | Used for experience optimization and service improvement. |
| Below is a detailed description by scenario: | | | | |
(1) User Registration/Login
- Obtaining your phone number: To use CXPlayer, you need to register an account. During this process, you need to provide your mobile phone number and create an account name to fully use CXPlayer functions. If you refuse to provide your phone number, you cannot register.
Purpose: User registration, login, and account verification.
Data Scope: Mobile phone number.
Collection Method: User input.
Is Required: Required.
(2) Normal Use of Functions
External storage access: When you create and deliver programs, we need access to your device storage to select images/videos. Without this permission, the function will not work properly.
Purpose: Read materials for program creation and delivery.
Data Scope: Device storage access permission and selected image/video files.
Collection Method: System permission request.
Is Required: Required.
Uploading content: We store the images, videos and text you upload so the content can be played on screen devices. Your uploaded content is only visible and manageable by you and will not be shared with others. When you delete a material, our servers will also delete it.
Purpose: Edit program content.
Data Scope: Images, videos, and text content.
Collection Method: User upload/input.
Is Required: Required.
Camera and microphone permissions: If you need to create programs using the local camera (Add Materials -> Built-in Widgets -> Camera), you must allow access to the local camera. This is not required. If you do not use this feature, you do not need to enable this permission.
Purpose: Edit camera-based programs.
Data Scope: Camera and microphone permissions.
Collection Method: System permission request.
Is Required: Not required.
App installation permission: To provide better services, we may update the app when adding new functions or solving issues. We will request app installation permission. If you refuse this permission, you will not be able to use the online update feature, but it will not affect other functions.
Purpose: Online update and installation.
Data Scope: App installation permission.
Collection Method: System permission request.
Is Required: Not required.
(3) Purchase of Products and Services
Purchase records: When you purchase products and services provided by CXPlayer, we generate an order that includes the product/service information, payment amount, and purchase time. We collect this necessary information to help complete the transaction, ensure transaction security, and allow order queries. Paid order information is stored for later reconciliation; unpaid order information is deleted after the payment timeout.
Purpose: Complete transactions, ensure security, and query orders.
Data Scope: Order information (product/service info, amount, purchase time).
Collection Method: System generated.
Is Required: Not required.
(4) Security Operation
To improve security, protect users and the public from harm, prevent phishing, fraud, network vulnerabilities, viruses, attacks, and intrusions, and detect violations of laws and agreements, we may use or integrate device and log information to assess risks, verify identity, detect and prevent security incidents, and take necessary recording, auditing, analysis and handling measures.
Device information: We receive and record device/user-related information (such as device model, device settings, SN, MAC address, unique device identifier, and other hardware/software features) and device location-related information (such as IP address) based on the permissions you grant.
Purpose: Account security, identity verification, and anomaly detection.
Data Scope: Device model, device settings, SN, MAC, unique device identifier, IP address, etc.
Collection Method: System auto-collection.
Is Required: Required.
Log information: When you use CXPlayer products or services, we automatically collect detailed usage information and keep it as network logs (e.g., time spent using a feature).
Purpose: Keep network logs and analyze service usage.
Data Scope: Usage records, crash logs, etc.
Collection Method: System auto-collection.
Is Required: Required.
Please note that device information and log information alone cannot identify a specific natural person. If such non-personal information is combined with other information to identify a specific person, or combined with personal information, it will be regarded as personal information during the combined use period.
To provide a better experience, we continuously improve our services. We may collect usage and browsing data for analysis to understand service needs. We may also collect other information for reasonable needs of providing and improving services, including information you provide when contacting customer service, questionnaire responses, and information obtained when you interact with our affiliates or partners. Information collected from your devices may be associated to provide consistent services across devices.
Purpose: Experience optimization and service improvement.
Data Scope: Usage data, customer service communications, survey responses, etc.
Collection Method: System analytics and user-provided.
Is Required: Not required.
(6) Third-Party SDK List
To ensure the realization of CXPlayer functions and the safe and stable operation of the application, we may access software development kits (SDKs) provided by third parties for relevant purposes.
We conduct strict security monitoring of SDKs used by partners to protect data security.
We list the third-party SDKs below.
Please note that third-party SDKs may change their data processing types due to version upgrades or policy adjustments; please refer to their official statements.
| SDK Name | Usage Scenario | Purpose | Collection Method | Data Scope | SDK Privacy Policy |
|---|
| Alipay SDK | When users pay with Alipay | Help users use Alipay within the app | SDK auto-collection | Device identification information | https://docs.open.alipay.com/54 |
The specific information processed by the "Alipay Payment" SDK is listed below:
| Data Type | Purpose |
|---|
| Android ID, OAID, AAID, SSID, BSSID | Ensure account and payment security; fulfill legal obligations such as anti-money laundering, counter-terrorist financing, and anti-telecom fraud. |
| System settings, system attributes, device model, device brand, operating system | Ensure account and payment security; fulfill legal obligations such as anti-money laundering, counter-terrorist financing, and anti-telecom fraud. |
| IP address, network type, carrier information, Wi-Fi status, Wi-Fi parameters, Wi-Fi list | Optimize network link selection and improve user experience. |
(7) Usage Rules
After collecting your personal information, we will strictly use it in accordance with the following rules:
- We will strictly comply with laws and regulations and this privacy policy when using your personal information.
- We will encrypt, de-identify, or anonymize your personal information by technical means in accordance with the law.
- When you cancel your account, we will delete or anonymize your personal information.
- When we need to use your personal information for other purposes not stated in this policy, we will seek your consent again.
(8) Exceptions to Authorized Consent
According to relevant laws and regulations, collecting your personal information in the following situations does not require your authorized consent:
- Related to national security and defense security;
- Related to public safety, public health, and major public interests;
- Related to criminal investigation, prosecution, trial, and execution of judgments;
- For the purpose of safeguarding the life, property and other major legitimate rights and interests of the personal information subject or other individuals, but it is difficult to obtain your consent;
- The personal information collected is disclosed to the public by you yourself;
- Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels;
- Necessary for signing a contract according to your requirements;
- Necessary for maintaining the safe and stable operation of the products or services provided, such as discovering and handling failures of products or services;
- Necessary for legal news reports;
- Academic research institutions conduct statistical or academic research based on public interests, and when providing academic research or description results to the outside world, they de-identify the personal information contained in the results;
- Other circumstances stipulated by laws and regulations.
Please understand that the functions and services we provide are constantly updated and developed. If a function or service is not described above and collects your information, we will separately explain the content, scope, and purpose of the information collection through page prompts, interactive processes, announcements, etc., to obtain your consent. If we stop operating CXPlayer, we will promptly stop collecting your personal information, notify you of the cessation in the form of individual delivery or announcement, and delete or anonymize the personal information we hold.
(1) Sharing
We will not share your personal information with companies, organizations, or individuals other than CXPlayer platform service providers, except in the following circumstances:
- Sharing with explicit consent: With your explicit consent, we will share your personal information with other parties.
- Sharing under legal circumstances: We may share your personal information in accordance with laws and regulations, the needs of litigation dispute resolution, or the requirements of administrative and judicial authorities.
- When you use your CXPlayer mobile account to log in to other platforms operated by us and our affiliates, to facilitate your use, we will share all information collected in Article 1 of this policy with the aforementioned products or services (e.g., remaining membership time, usage frequency, etc.).
- Sharing with affiliates: All information collected in Article 1 may be shared with affiliates of Hefei Weijie Information Technology Co., Ltd. Their use and processing is subject to this policy. If affiliates change the purpose of processing, they will seek your consent again. Our affiliates include: Hefei Weijie Information Technology Co., Ltd. and its branches and subsidiaries; we and our affiliates are collectively referred to as "CXPlayer."
- Sharing with authorized partners: We may entrust the following types of authorized partners to provide relevant services or perform functions on our behalf. We will only share your information for the legitimate, justified, necessary, specific and clear purposes stated in this policy. Authorized partners can only access information necessary to perform their duties and may not use it for any other purpose.
Currently, our authorized partners include the following types and purposes:
- Specific functions. When software service providers, smart device providers, or system service providers jointly provide services with us (e.g., authentication services, SMS services), in order to achieve this function, we may collect your device information (such as hardware model, operating system version, IMEI, MAC) after de-identification and provide it to the aforementioned providers.
- Product analysis. To analyze service usage and improve user experience, we may share statistical data on product usage (crashes, crashes) with third parties. Such data is difficult to combine with other information to identify your personal identity.
(2) Transfer
We will not transfer your personal information to any company, organization, or individual, except in the following circumstances:
- With your explicit consent, we will transfer your personal information to other parties;
- In the event of a merger, acquisition, or bankruptcy liquidation, if personal information transfer is involved, we will require the new company or organization holding your personal information to continue to be bound by this privacy policy; otherwise we will require them to seek your authorized consent again.
(3) Public Disclosure
We will only publicly disclose your personal information in the following circumstances:
- With your explicit consent;
- Disclosure based on law: In the event of mandatory requirements by law, legal procedures, litigation, or government authorities, we may publicly disclose your personal information.
(4) Exceptions to Prior Consent for Sharing, Transfer and Public Disclosure
In the following circumstances, sharing, transferring, and publicly disclosing your personal information does not require your prior authorized consent:
- Related to national security and defense security;
- Related to public safety, public health, and major public interests;
- Related to criminal investigation, prosecution, trial, and execution of judgments and other judicial or administrative law enforcement;
- For the purpose of safeguarding the life, property and other major legitimate rights and interests of you or other individuals, but it is difficult to obtain the consent of the person;
- Personal information that you voluntarily disclose to the public;
- Collecting personal information from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels.
- We use security measures that comply with industry standards to protect your personal information from unauthorized access, public disclosure, use, modification, damage, or loss. For example, we provide HTTPS secure browsing, use encryption technologies, deploy access control mechanisms, use trusted protection mechanisms to prevent malicious attacks, and provide security and privacy training.
- We will avoid collecting irrelevant personal information and retain your personal information only for the period necessary to achieve the purposes stated in this policy or the statutory period, unless the retention period must be extended or is permitted by law.
- We allow only employees and partners who need to know this information to access personal information, and set strict access control, approval processes, and monitoring mechanisms. We require all personnel who may access personal information to fulfill confidentiality obligations. If a third party fails to fulfill confidentiality obligations, we may pursue legal liability and terminate cooperation.
- The Internet is not an absolutely secure environment. We strongly recommend that you do not send personal information via unencrypted methods such as email or instant messaging. Please use complex passwords to help secure your account.
- In the event of a personal information security incident, we will inform you in accordance with laws and regulations of the basic situation and possible impact, disposal measures, suggestions for risk mitigation, and remedial measures. We will notify you via email, letter, phone, push notification, etc. When it is difficult to notify individually, we will issue a public notice. We will also report the handling of the incident to the relevant regulators as required.
- Please note that this system is mainly used for the management, distribution, and synchronization of materials, programs, and related content, and is not a long-term or permanent storage service for your important data. You must timely and completely back up the relevant data and materials by yourself. We may clean up materials or related data on the server based on system operating conditions, server disk space, storage resources, and service operation needs. Therefore, we cannot commit to retaining your important data for the long term. Any consequences such as loss of data or materials, or inability to restore them, caused by your failure to back up or failure to back up in time, shall be borne by you.
We attach great importance to your management of personal information and protect your rights to access, correct, withdraw consent, and delete your personal information. Your rights include:
You may request deletion in the following situations:
- Our processing of personal information violates laws and regulations;
- We collect or use your personal information without your consent;
- Our processing of personal information violates our agreement with you;
- You cancel your CXPlayer account;
- We terminate the service and operation.
If we decide to respond to your deletion request, we will also notify third parties who have obtained your personal information from us and require them to delete it in a timely manner, unless otherwise stipulated by laws or those third parties have obtained your authorization. When you delete information from our services, we may not immediately delete the corresponding information in backup systems, but will delete it when the backup is updated.
(2) Change the Scope of Your Authorized Consent
Each business function requires some basic personal information to be completed. In addition, if you wish to withdraw your consent to additional collection, use, and disclosure of personal information, you can contact us to withdraw your consent.
After you withdraw consent, we will no longer process the corresponding personal information. However, your decision to withdraw consent does not affect processing carried out based on your prior authorization.
If you do not want to receive commercial advertisements from us, you can reply to unsubscribe via SMS prompts or use other methods we provide.
(3) Account Cancellation
You can cancel your CXPlayer account at any time. You can apply to cancel in our product or contact us for assistance. After cancellation, we will stop providing products or services and delete your personal information as required, unless otherwise stipulated by laws and regulations.
(4) Responding to Your Requests
To ensure security, you may need to provide a written request or otherwise prove your identity. We may ask you to verify your identity before processing your request.
In principle, we do not charge fees for reasonable requests, but may charge a certain cost fee for repeated requests that exceed reasonable limits. We may refuse requests that are unreasonably repetitive, require excessive technical means (e.g., developing new systems or fundamentally changing current practices), pose risks to the legitimate rights and interests of others, or are impractical.
In the following situations, we will not be able to respond to your request according to laws and regulations:
- Related to the personal information controller's performance of obligations stipulated by laws and regulations;
- Directly related to national security and defense security;
- Directly related to public safety, public health, and major public interests;
- Directly related to criminal investigation, prosecution, trial, and execution of judgments;
- The personal information controller has sufficient evidence to show that the personal information subject has subjective malice or abuse of rights;
- For the purpose of safeguarding the life, property and other major legitimate rights and interests of the personal information subject or other individuals, but it is difficult to obtain the consent of the person;
- Responding to the personal information subject's request will cause serious damage to the legitimate rights and interests of the personal information subject or other individuals or organizations;
- Involving trade secrets.
- Our products, websites and services are mainly for adults. Minors may not create their own user accounts without the consent of their parents or guardians. If you are a minor, we recommend that you read this privacy policy carefully with your parents or guardians, and use our services or provide us with information with their consent.
- For the collection of personal information of minors with the consent of parents or guardians to use our products or services, we will only use, share, transfer or disclose this information with the express consent of parents or guardians or when necessary to protect minors.
- If we find that we have collected personal information of minors without obtaining verifiable consent in advance, we will try to delete the relevant data as soon as possible.
- In principle, personal information we collect and generate in the People's Republic of China will be stored in the People's Republic of China.
- Since we provide products or services through resources and servers worldwide, this means that after obtaining your consent, your personal information may be transferred to overseas jurisdictions in the country/region where you use the product or service, or be accessed from those jurisdictions.
- Such jurisdictions may have different data protection laws, or even no relevant laws. In such cases, we will ensure that your personal information receives sufficient equivalent protection in the People's Republic of China. For example, we will request your consent for cross-border transfer of personal information, or implement security measures such as data de-identification before cross-border transfer.
8. Updates to This Policy
- To provide better services, CXPlayer and related services may be updated from time to time. We will revise this policy accordingly. Such revisions are part of this policy and have the same effect as this policy. However, without your explicit consent, we will not reduce your rights under the current policy.
- After this policy is updated, we will release the updated version in the CXPlayer mobile client and, before the updated terms take effect, notify you in an appropriate manner (such as notification or announcement) so that you can understand the latest version in time. If you continue to use our services, you agree to accept the updated policy. If the update involves collecting new sensitive personal information, we will again obtain your consent in a prominent manner.
- For major changes, we will provide more prominent notice (including via email for certain services), explaining the specific changes, including but not limited to:
- Significant changes in service mode, such as processing purposes, types of personal information, or usage methods;
- Significant changes in ownership structure or organization, such as business adjustments, bankruptcy, or mergers and acquisitions;
- Changes in the main objects of personal information sharing, transfer, or public disclosure;
- Changes in your rights related to personal information processing and how to exercise them;
- Changes in the department responsible for personal information security, contact methods, or complaint channels;
- High risks identified by personal information security impact assessments. We will also archive old versions of this policy for your reference.
- If you have any questions, opinions, or suggestions about this policy or about your use of our services, you can contact us:
- Company name: Hefei Weijie Information Technology Co., Ltd.
- Registered address: Room B403, No. 602 Huangshan Road, Hefei, Anhui, China
- Mailing address: Room B403, No. 602 Huangshan Road, Hefei, Anhui, China (Attn: Mr. Chen), Postal Code: 230031
- Contact: CXPlayer Privacy Protection Email: cxplayer666@hotmail.com
- We will review your request as soon as possible and, after verifying your identity, respond within the time limit prescribed by laws and regulations (no later than 15 days).