Introduction
Beijing Hecaiji Technology Co., Ltd. ("Hecaiji", "we", "us", or "our") provides mobile application and mobile game services globally. This Privacy Policy describes how we collect, use, disclose, store, and protect personal information when users access our websites, products, and services.
This Policy is designed to meet global privacy and platform requirements, including developer policy adaptation, app store adaptation, monetization platform adaptation, and age management compliance.
Table of Contents
- Scope and Applicability
- Information We Collect
- How We Use Information
- Developer Policy Adaptation
- Google Play & App Store Adaptation
- Monetization Platform Adaptation
- Global Privacy Law Adaptation
- Global Age Management
- Data Sharing and Disclosure
- International Transfers
- Data Security and Retention
- User Rights and Requests
- Cookies and Tracking Technologies
- Third-Party SDKs and Services
- Changes to this Policy
- Contact Information
1. Scope and Applicability
This Privacy Policy applies to:
- Our corporate website and contact channels.
- Mobile applications and games developed, operated, or co-operated by Hecaiji.
- Services provided to business clients including project operation, R&D outsourcing, and self-developed product operation.
This Policy does not apply to third-party websites or services that are not controlled by Hecaiji.
2. Information We Collect
2.1 Information Provided by Users
- Contact details (name, email, company, country/region) submitted via forms or email.
- Support and business correspondence content.
- Account registration details where applicable.
2.2 Information Collected Automatically
- Device identifiers (subject to platform policy and user consent).
- IP address, device model, operating system, app version, language, and region.
- Usage data such as session duration, events, crashes, and interaction metrics.
- Fraud prevention and security-related telemetry.
2.3 Sensitive Data
We do not intentionally collect sensitive personal information unless legally required and explicitly disclosed with appropriate legal basis and safeguards.
3. How We Use Information
- Provide, maintain, and improve our products and services.
- Respond to business inquiries and technical support requests.
- Enable core app functions such as account services and cloud synchronization where applicable.
- Perform analytics to improve user experience and product stability.
- Prevent abuse, fraud, and security incidents.
- Comply with legal obligations and enforce our Terms of Service.
4. Developer Policy Adaptation
We adapt our privacy and data handling practices to major developer ecosystem requirements, including but not limited to:
- Data minimization and purpose limitation principles.
- Transparent user disclosures before collecting personal data.
- Permission justification and least-privilege permission design.
- User control mechanisms for consent withdrawal and account deletion.
- Security-by-design and privacy-by-design in development lifecycle.
5. Google Play and App Store Adaptation
5.1 Google Play Compliance
- Compliance with Google Play Developer Program Policies.
- Data Safety form alignment with actual data practices.
- Android permission governance including runtime permission request context.
- Advertising ID and ad-related data usage in accordance with policy requirements.
- Use of compliant billing and subscription frameworks where required.
5.2 Apple App Store Compliance
- Compliance with Apple App Store Review Guidelines.
- App Privacy Nutrition Labels reflecting real data usage.
- Tracking transparency compliance, including ATT where required.
- Privacy manifests and required reason APIs adaptation.
- Use of In-App Purchase mechanisms where required by Apple policies.
6. Monetization Platform Adaptation
For apps and games using monetization models (subscriptions, in-app purchases, VIP, ads), we adapt to policy requirements of major monetization platforms and ad mediation systems:
- Clear disclosures regarding ad display and reward mechanics.
- Compliant consent handling for personalized advertising where legally required.
- SDK due diligence, including privacy impact reviews and data mapping.
- Integration controls to disable or restrict certain monetization channels by region, age, or legal scenario.
- Age-appropriate ad experience management and content filtering.
7. Global Privacy Protocol Adaptation
We adapt operations to key global privacy frameworks, as applicable:
- GDPR / UK GDPR: lawful basis, transparency, data subject rights, DPA and SCC mechanisms.
- CCPA/CPRA: notice at collection, right to know, delete, and opt-out where applicable.
- PIPL and related local regulations where services are offered in relevant jurisdictions.
- Regional privacy laws in APAC, LATAM, and MENA as applicable to product distribution.
Where required by law, consent management interfaces are deployed to capture and manage user preferences.
8. Global Age Management Adaptation
We implement age management controls to comply with child and teen privacy and safety regulations globally:
- Age-gating and age screening mechanisms tailored to jurisdictional requirements.
- Parental consent workflows where legally required.
- Restricted data processing and ad personalization for child users.
- Child-directed app safeguards under COPPA and equivalent frameworks.
- Content suitability and feature restrictions based on age category.
9. Data Sharing and Disclosure
We may share personal data with:
- Service providers acting on our instructions (hosting, analytics, support, security).
- Platform operators and app store ecosystems where required for service delivery.
- Monetization and attribution partners, subject to legal and policy requirements.
- Authorities or legal entities when required by applicable law or legal process.
- Successor entities in case of merger, acquisition, or asset transfer.
We do not sell personal information in violation of applicable law.
10. International Data Transfers
Given the global nature of our services, personal data may be transferred across jurisdictions. We implement appropriate safeguards, such as contractual clauses and security controls, as required by applicable law.
11. Data Security and Retention
- Encryption in transit and at rest where appropriate.
- Access control and role-based authorization.
- Operational monitoring and incident response mechanisms.
- Retention schedules aligned with business necessity and legal obligations.
We retain personal data only as long as necessary for the purposes stated in this Policy or as required by law.
12. User Rights and Requests
Depending on your jurisdiction, you may have rights to access, rectify, delete, restrict, or object to processing of your personal data, and to data portability where applicable.
To exercise rights, contact us via:
- Business: xuqilin@hecaiji.com
- Support/Privacy: support@hecaiji.com
We may verify your identity before processing requests.
13. Cookies and Tracking Technologies
Our website and apps may use cookies or equivalent technologies for functionality, analytics, and security. Where required, we provide consent mechanisms and preference controls.
14. Third-Party SDKs and Services
Our products may include third-party SDKs for analytics, crash reporting, attribution, customer support, and monetization. We perform compatibility and compliance reviews, but each third-party provider remains responsible for its own data practices under its privacy policy.
15. Changes to this Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via website notice, in-app notice, or other legally appropriate channels.
16. Contact Information
Beijing Hecaiji Technology Co., Ltd.
No. 211061, No. 7 Juyuan West Road, Mapo Town,
Shunyi District, Beijing, 100000, China
- Business Cooperation: xuqilin@hecaiji.com
- Technical Support / Privacy Inquiries: support@hecaiji.com