Your trust is of great importance to us. We are well aware of the significance of personal information to you. In accordance with the provisions of laws and regulations, we will take appropriate security measures to protect your personal information and privacy. In light of this, the Duomai Affiliate service provider (referred to as "we" hereafter) has formulated this "Privacy Policy" (referred to as "this Policy" or "this Privacy Policy"):

This Policy is closely related to the Duomai Affiliate services you use, as well as various business functions included in these services (collectively referred to as "our products and/or services"). Before using our products and/or services, please carefully read and thoroughly understand this Policy, especially the clauses marked in bold or bold underline. You should pay special attention to these clauses and use the relevant products or services only after confirming your full understanding and agreement. By using our products and/or services, you indicate that you have fully understood and agreed to this Policy.

In order to provide you with a better product and service experience, we are continuously working to improve our technology. As a result, we may occasionally introduce new or enhanced features that may require the collection and use of new personal information or changes to the purposes or methods of using personal information. In such cases, we will separately explain the collection purposes, scope, and usage methods of the corresponding information to you through updates to this Policy, pop-ups, page prompts, and other means. We will provide you with the option to give your voluntary consent, and we will only collect and use the information after obtaining your explicit consent.

If you have any questions, opinions, or suggestions regarding the content of this Policy, you can contact us through Duomai Affiliate's online customer service.

Part 1: Privacy Policy

This section of the Privacy Policy will help you understand the following:

I. How we collect and use your personal information

II. How we use Cookies and similar technologies

III. How we share, transfer, and publicly disclose your personal information

IV. How we protect your personal information

V. How we store your personal information

VI. How you can manage your personal information

VII. How we handle personal information of minors

VIII. How this Privacy Policy is updated

IX. How to contact us

I. How we collect and use your personal information

In order to provide you with better and more personalized products and services, when you use our products and/or services, we collect and use your personal information based on the following scenarios:

1. Necessary functions for promotion

(a) User registration

In order to provide services through Duomai Affiliate, you need to register as a user and use our services. To complete this registration, you need to provide your mobile phone number, desired account name, and password. We will verify your identity by sending a text message verification code. After registration, you can continue to complete your real name, ID number, mobile phone number, contact email, QQ number, and other personal information within your Duomai Affiliate account.

(b) Real-name authentication

To ensure that we are providing services to you personally, we may verify your identity based on your Duomai Affiliate account information. You may need to provide identification information (ID card, passport, household registration, and other identification documents) and biometric features (static or dynamic facial features) to complete real-name authentication.

(c) Displaying our product/service information to you

During your use of our services, to identify account anomalies, understand product adaptability, provide you with more tailored page displays and search results, we may automatically collect and store your usage information as network log information, including:

Device information: Based on your specific actions during access and/or usage, we will receive and record information related to the device you are using, including device model, operating system version, unique device identifiers (IMEI/Mac/android ID/IDFA/OPENUDID/GUID, SIM card IMSI information), hardware and software characteristics, and location-related information of the device (including GPS location you have authorized, WLAN access points, Bluetooth, and sensor information from base stations).

Service log information: When you use our website or client-provided products or services, we automatically collect detailed usage information about our services, which is stored as network log information. For example, your search query content, IP address, browser type, telecommunications carrier, language used, access date and time, and records of webpages you visit.

Please note that individual device information, device operating information, etc., cannot identify specific individuals. If we combine such non-personal information with other information to identify specific individuals or use it in combination with personal information, during the period of combined use, such non-personal information will be treated as personal information. Except as otherwise provided by your authorization or applicable laws and regulations, such information will be anonymized and de-identified.

If you have any questions or objections regarding the personalized product or service information you receive (if applicable), you can contact us using the contact information provided at the beginning of this agreement for communication and resolution.

(d) Assisting you in placing orders and managing orders

When you order specific products and/or services through our products and/or services, a purchase order for the purchased product and/or service will be generated for you by the system. During the ordering process, you need to provide at least your recipient's name, delivery address, and recipient's contact phone number. The order will also include information about the purchased products and/or services, specific order numbers, order creation times, the amount you need to pay, and other information. We collect this information to help you complete transactions smoothly, ensure transaction security, query order information, provide customer service and after-sales service, and for other purposes explicitly stated by us.

You can order products and/or services for others through the Duomai Affiliate platform, in which case you need to provide the aforementioned personal information of the actual order recipient.

To facilitate your understanding and management of order information, we collect order information generated during your use of our services to display and facilitate your order management.

(e) Assisting in displaying the delivery status of products or services

To keep us informed and verify the progress and status of deliveries, and to provide you with after-sales and dispute resolution services, you agree that we can collect delivery progress-related information from logistics-related service providers.

(f) Assisting you in making balance withdrawals

When the balance in your account reaches the withdrawal amount, you can provide your name, ID number, bank card number, issuing bank, and bank card region to withdraw your balance.

(g) Functions necessary for ensuring transaction security

To enhance the security of our system when you use our products and/or services, prevent phishing website fraud and protect account security more accurately, we may use methods such as understanding your browsing information, order information, device information (including MAC addresses) to assess the risk of your account. We may also record links ("URLs") that we consider risky. We will also collect your device information for analyzing Duomai Affiliate system issues, statistically analyzing traffic, and identifying potential risks, as well as for investigation when you choose to send us abnormal information.

(h) Providing you with other additional services

To provide you with more convenient, higher-quality, and personalized products and/or services, and to improve your experience, we may collect and use your personal information in the following additional services we provide to you. If you do not provide this information, it will not affect your use of basic services, but you may not be able to enjoy the user experience provided by these additional services. You can check the status of these permissions individually in your device settings and decide to enable or disable them at any time.

Please note that when you enable any of these permissions, it means you authorize us to collect and use the relevant personal information to provide corresponding services. Once you disable any permission, it means you revoke your authorization, and we will no longer collect and use the relevant personal information based on that permission or provide the corresponding service. However, your decision to disable permissions will not affect the collection and use of information previously conducted based on your authorization.

To ensure your awareness, we present the list of relevant operating system permissions that products may apply for and use. You can manage these permissions based on your actual needs:

Android operating system application permission list

Permission Name Permission Function Explanation Usage Scenario or Purpose

WRITE_EXTERNAL_STORAGE Write to Storage Provide the ability to write to external storage. Allows the app to write/download/save/modify/delete images, files, crash logs, etc.

(i) Other rules for collecting and using personal information

1. If the information you provide includes the personal information of other users, you must ensure that you have obtained legal authorization before providing this personal information to us.

2. If we use your personal information for purposes not specified in this policy, or if we use information collected for specific purposes for other purposes, or if we obtain your personal information from third parties, we will obtain your consent in advance.

If we indirectly obtain your information from third parties, we will clearly require the third party to collect personal information in writing with your consent, inform you of the shared information, and if it involves sensitive information, obtain your explicit confirmation before providing it to us. We will also require the third party to make commitments on the legitimacy

and compliance of the source of personal information. In the event of any violations by the third party, we will clearly request them to assume corresponding legal responsibilities. At the same time, our professional security team will enhance the security of personal information (including reporting sensitive information, encrypting sensitive information storage, access control, etc.). We will protect indirectly obtained personal information using protection measures and methods that are no less protective than those used for our own users' personal information.

3. Exceptions to obtaining authorization

You fully understand and agree that in the following situations, we may collect and use your personal information without your authorization, and we may not respond to your requests for correction/modification, deletion, account cancellation, withdrawal of consent, or information access:

(1) Related to national security and national defense security;

(2) Related to public safety, public health, major public interests;

(3) Related to criminal investigations, prosecutions, trials, and execution of judgments in judicial or administrative enforcement;

(4) Necessary to protect your or other individuals' lives, property, etc., but it is difficult to obtain your consent;

(5) Personal information that you publicly disclose to the public;

(6) Personal information collected from lawful public disclosures, such as legal news reports, government information disclosure, etc.;

(7) Necessary for the conclusion and performance of agreements or other written documents signed with you;

(8) Necessary for the secure and stable operation of the products and/or services we provide, such as discovering and dealing with malfunctions in products and/or services;

(9) Necessary for legal news reports;

(10) Necessary for academic research conducted by academic research institutions based on public interests, and when providing the results of academic research or descriptions to the public, personal information contained in the results will be de-identified;

(11) Other circumstances stipulated by laws and regulations.

Please note that according to applicable laws, if we process personal information using technical measures and other necessary measures that prevent the data recipient from reidentifying specific individuals and cannot be restored, or if we may de-identify the collected information for research, statistical analysis, and forecasting purposes, to improve the content and layout of the Duomai Affiliate platform, provide support for business decisions, and improve our products and services, we do not need to separately notify you of the use of such processed data or obtain your consent.

II. How we use Cookies and Similar Technologies

(1) Cookies

To ensure the smooth and efficient operation of our website, provide you with a more convenient browsing experience, and recommend content that you may be interested in, we store relevant information on your computer or mobile device. This information may include Cookies, Flash Cookies, or other local storage provided by your browser or associated applications (collectively referred to as "Cookies").

Please understand that some of our services can only be achieved through the use of Cookies. If your browser or browser add-ons allow, you can modify your acceptance of Cookies or reject our Cookies. However, rejecting our Cookies may affect your secure access to our website and the use of the services we provide in certain cases.

If your browser or browser add-ons allow, you can modify your acceptance of Cookies or reject our Cookies. However, if you do so, it may affect your secure access to our website, and you may need to change user settings each time you visit our website.

(2) Website Beacons and Pixel Tags

In addition to Cookies, we also use other similar technologies on our website, such as website beacons and pixel tags. For example, the emails we send to you may contain links to our website content. If you click on such a link, we will track this click to help us understand your product or service preferences, enabling us to improve the customer service experience proactively. Website beacons are typically transparent images embedded in websites or emails. By using pixel tags in emails, we can determine whether an email has been opened. If you do not want your activities to be tracked in this manner, you can unsubscribe from our mailing list at any time.

(3) Use of SDKs

To ensure the stable operation and functionality of our client applications, allowing you to use and enjoy more services and features, we may embed SDKs or similar applications from authorized partners in our applications. Click here to view details about the SDKs from our authorized partners.

We conduct strict security testing on application programming interfaces (APIs) and software development kits (SDKs) used by authorized partners to obtain relevant information. We also require authorized partners to implement strict data protection measures in accordance with this policy and any other relevant confidentiality and security measures to handle personal information.

III. How we Share, Transfer, and Publicly Disclose Your Personal Information

(1) Sharing

We will not share your personal information with any companies, organizations, or individuals outside of Duomai Affiliate, except in the following cases:

1. Sharing with your explicit consent: With your explicit consent, we may share your personal information with other parties.

2. Sharing under legal circumstances: We may share your personal information with external parties as required by laws and regulations, legal disputes, or administrative or judicial authorities.

3. Sharing based on your active choice: If you purchase goods or services through Duomai Affiliate, we may share necessary transaction-related information from your order with relevant product or service providers based on your choice, to fulfill your transaction and after-sales service needs.

4. Sharing with affiliated companies: To facilitate the provision of services jointly to you through associated accounts, recommend information you may be interested in, identify account anomalies, or protect the personal and property safety of Duomai Affiliate's associated companies, other users, or the public, your personal information may be shared with our affiliated companies. We will only share necessary personal information, subject to the purposes stated in this Privacy Policy. If we share your sensitive personal information or if affiliated companies change the use and processing purposes of personal information, we will seek your authorization and consent again.

5. Sharing with authorized partners: Only to achieve the purposes stated in this Privacy Policy, some of our services will be jointly provided by us and authorized partners. We may share certain personal information with partners to provide better customer service and user experience. We will only share user information for legitimate, lawful, necessary, specific, and clear purposes, and only share the necessary information to provide services. Our partners are not allowed to use the shared user information for any other purposes.

Currently, our authorized partners include the following types: suppliers, service providers, and other partners. We send information to suppliers, service providers, and other partners who support our business, including providing basic technical services, customer services, consulting, analysis, and other professional services.

For companies, organizations, and individuals with whom we share user information, we will sign strict data confidentiality agreements with them, requiring them to handle personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures.

(2) Transfer

We will not transfer your personal information to any company, organization, or individual, except in the following cases:

1. With your explicit consent or authorization in advance;

2. As required by applicable laws, regulations, legal procedures, or mandatory administrative or judicial requirements;

3. In accordance with the relevant agreements you have signed (including electronically signed agreements and corresponding platform rules) or other legal documents;

4. In cases of mergers, acquisitions, asset transfers, or similar transactions, if personal information transfer is involved, we will require the new entity holding your personal information to continue to be bound by this Privacy Policy. Otherwise, we will ask the new entity to obtain your authorization and consent again.

(3) Public Disclosure

We will only publicly disclose your personal information in the following cases and subject to industry-standard security measures:

1. Disclosure based on your request: If you request the disclosure of specific personal information and consent to the disclosure method, we may disclose the designated personal information as per your request.

2. Disclosure required by law or regulations: In cases where it is required by law, regulations, or mandatory administrative law enforcement or judicial requirements, we may publicly disclose your personal information in accordance with the requested type and method of personal information. We will request the issuance of corresponding legal documents, such as subpoenas or investigation letters, as required, under the premise of complying with applicable laws and regulations. We firmly believe that for any information requested from us, it should be kept as transparent as possible within the limits allowed by law. We carefully review all requests to ensure their legal basis and limit them to data that law enforcement agencies have the lawful right to access for specific investigation purposes. Personal information disclosed under law and regulations is protected under encryption keys.

(4) Exceptions to Obtaining Prior Authorization and Consent for Sharing, Transferring, and Publicly Disclosing Personal Information

In the following cases, obtaining prior authorization and consent for sharing, transferring, and publicly disclosing your personal information is not required:

1. Cases related to our fulfillment of legal obligations;

2. Cases related to national security or defense security;

3. Cases related to public safety, public health, significant public interests;

4. Cases related to criminal investigations, prosecutions, trials, and execution of judgments;

5. Cases where it is difficult to obtain your consent but necessary to protect your or other individuals' major legitimate rights such as life and property;

6. Personal information that you voluntarily disclose to the public;

7. Cases where personal information is collected from lawful public disclosures, such as legal news reports and government information disclosures.

According to legal requirements, sharing, transferring, and publicly disclosing de-identified personal information, which ensures that the data recipient cannot restore and reidentify the individual's identity, does not fall under the scope of sharing, transferring, and publicly disclosing personal information. The retention and processing of such data do not require separate notification and consent.