[Palm Game] Privacy Policy
Updated on: April 11, 2025
Effective Date: April 11, 2025
Version No.: 20250411V1
The [Palm Game] Service (hereinafter referred to as "the Software") is an SDK developed by [SHANGHAI XIAOCHUAN TECHNOLOGY LIMITED] (hereinafter referred to variously as "Game SDK", "we", "us", or "our"), providing app publishers and developers with open capabilities and services for fast, secure, and convenient data analysis.
When a publisher or developer integrates the Game SDK into an application, we may, with your consent or as required by applicable law, provide related services to the end users (hereinafter referred to as "you" or the "user") through the integrated Game SDK and process related data, which may contain your personal information. We fully respect your privacy and make every effort to protect your personal information.
This Privacy Policy (hereinafter referred to as "the Policy") is intended to help you understand how we collect, use, disclose, process, and protect the personal information you provide when using [Game SDK] products or services, your rights with respect to that personal information, and how we safeguard those rights. The Policy applies to all [Game SDK] products and services, including applications, mini-programs, Web pages, software development kits (SDKs), and application programming interfaces (APIs) for third-party websites and applications used on computers and mobile devices, or any other forms that may emerge in the future.
Please note: We require strict compliance with laws, regulations, and relevant compliance guidelines from publishers and developers integrating the Game SDK and handling your personal information. Before they can access and use open capabilities, we require publishers and developers to inform you in their privacy policies of the processing of personal information by the integrated SDK and to obtain your consent or establish other legitimate foundation. We cannot, however, control how publishers and developers manage the personal information they control and are not responsible for their actions. We recommend that you read the applicable user agreements and privacy policies of the publishers and developers and use applications only after confirming you have fully understood and agreeing to how your personal information is processed.
If you have any questions, please feel free to contact us via
[privacy@dlightek.com]
The Privacy Policy will help you understand the following:
I. How We Collect and Use Your Personal Information
II. How We Store and Protect Your Personal Information
III. How We Share, Transfer and Disclose Your Personal Information
IV. How Is Your Personal Information Transferred Across Borders
V. Your Rights to Your Personal Information
VI. How We Process Children's Personal Information
VII. Third-Party Service Providers and Their Services
VIII. Supplements and Updates to the Policy
IX. Joint Controller
X. How to Contact Us
I. How We Collect and Use Your Personal Information
(I) Overview
[Game SDK] believes that fundamental privacy rights must apply equally regardless of where you live. That's why [Game SDK] treats any information that relates to an identified or identifiable individual as "personal information" no matter where that individual may live, particularly name, identity, location, online identifier or physical, physiological, genetic, mental, or any other related characteristics that can reasonably be used to identify the individual.
We only collect the information necessary for special, specific, explicit, and legitimate purposes and shall ensure that your information will not be further processed for any other purposes. We will request your consent again if we intend to use your personal information for any purposes not specified herein.
Along with your personal information, we may also collect the following: 1) information you provide directly to us; 2) information generated during your use of the Software (related to the device information and service log, for example), collected automatically; 3) information we acquire from other sources.
You have the right to decide whether to provide your personal information when using [Game SDK] products or services or when we request it. You are not required to provide personal information to [Game SDK] at any time. However, choosing not to provide it may prevent [Game SDK] from being able to provide you with certain products or services or respond to issues you may encounter and limit [Game SDK]'s ability to resolve them. We will only collect and use your personal information for the purposes stated herein. The following are examples explaining why we collect your personal information:
(II) [Game SDK]'s Main Service Functions and Information Collection and Usage Scenarios
The Game SDK supports cross-platform and multi-device user behavior data analysis, helping app publishers and developers use data to drive operations. We collect your personal information when necessary by calling relevant system interfaces; refusing to provide information deemed necessary will prevent the developer from being able to use the relevant products and/or services on the Platform.
1. Providing basic business functions to ensure the normal operation of services.
(1) To ensure the compatibility of the products and/or services we offer on different devices, we may collect: system operating information (system settings);
(2) To select and optimize network links and ensure the stable provision of products and/or services, we may collect: network status information (network connection status, network operator information, Wi-Fi status, Wi-Fi parameters, and Wi-Fi lists);
(3) To generate desensitized unique identifiers for end-user devices, we will collect one or more of the following device identifiers based on the specific requirements of the operating system running the SDK code in accordance with the principle of minimum necessity: the system account ID, Google Advertising ID (GAID), International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI), or Android ID.
(4) To match you with the appropriate services, we collect device information (device brand, operating system version, screen width, height, and density, OS version, build software version, device model, language, and device usage information) and application information (a list of applications installed, package name information, version information, installation channels), as well as fuzzy location information (MCC, MAC address of the network card—only for devices powered by Android OS, client IP address, and MNC; the same below)
(5) To detect and provide services related to specific regions, we may collect: fuzzy location information.
2. Ensuring data security to provide secure and reliable services.
(1) Providing quantitative analytical services to enhance user experience and improve traffic conversion rates for an application. When the publisher/application developer uses the Services, we collect behavioral data about your usage of their app (such as the number of times you open and exit the app, and the number of times you access pages within the app) and provide reports to the publisher/application developer with a statistical analysis of app activity and retention data that do not contain any personal information. If you do not agree to our collection of this information, we will be unable to provide the Services to the publisher/application developer (the app you use). However, this will not affect your use of other services.
(2) Providing application performance analysis services to help publishers and developers address performance issues such as crashes and unexpected exits. When the publisher/application developer uses the Services, we collect data about abnormal exits and crashes that occur when you use their app and provide reports to the publisher/application with a statistical analysis of app performance that do not contain any personal information. If you do not agree to our collection of this information, we will be unable to provide the Services to the publisher/application developer (the app you use). However, this will not affect your use of other services.
(III) Other Situations where Your Information May Be Collected
Where permitted by laws, we may collect your personal information from other individuals, business entities, public channels, or other third parties indicated by you, other partners who help us provide our products or services or assist us in ensuring information security and preventing frauds, and other legitimate avenues. We will inform you and collect your information with your consent.
We may also collect other information about you, your device, or your use of the Services in other ways that will be described to you at the time of collection for your consent.
To improve our product layout and offer you better services, we may carry out researches, statistical analyses, and predictions on the collected information in an anonymized manner (including machine learning or model algorithm training based on anonymized data). We will take technical measures and other necessary actions to process the collected personal information so that such information cannot identify any individual person and cannot be recovered. As permitted by applicable laws and regulations, we do not need to inform you separately for your consent for the use of such anonymized data.
II. How We Store and Protect Your Personal Information
1. How we store your personal information
We will store your personal information that we collected upon your consent in accordance with the relevant national laws and regulations concerning personal privacy and data protection. We may also store the personal information we collect in countries or regions other than the country in which we do business, provided that local laws and regulations do not prohibit such storage.
Currently, [Game SDK] may store your personal information in: India, Russia, Ireland, and Frankfurt. Specifically:
The personal information we collect and generate in the course of our operations in India will be stored on servers located in India.
The personal information we collect and generate in the course of our operations in Russia will be stored on servers located in Russia.
The personal information we collect and generate in the course of our operations outside India and Russia will be stored on servers located in Ireland and Frankfurt.
We may use the servers in other areas or countries depending on our business development, and in such cases, we will update the Policy accordingly.
Whether personal information is stored in the country where we do business or in another country or region without violating the law, we will store it in accordance with the relevant laws and regulations regarding data storage. We will take necessary security measures considering the characteristics, scope, purposes of personal information processing, the possible risks in processing personal information, and the serious consequences in case of any damages. For example, we will encrypt and de-identify the collected personal information before storage. We will store the information only necessary for our business development within the minimum retention period unless otherwise permitted by laws or you agree to extend the retention period. We will delete or take other appropriate measures to delete data that exceeds the retention period or that you request us to delete, provided that this does not violate the relevant laws and regulations.
2. How we protect your personal information
We will also take other necessary measures to protect your personal information from misuse, unauthorized access, modification, disclosure, or destruction.
We implement security measures designed to protect your personal information and regularly monitor our systems for possible vulnerabilities and attacks, and we use administrative, technical and physical safeguards to protect your personal information by considering the nature, processing methods, and security of the personal information. We will continuously strive to improve these measures to keep your personal data secure.
It should be noted that no measures can absolutely guarantee the avoidance of data storage security incidents. In the event of a security breach, we will report to the appropriate regulator in accordance with the requirements of relevant laws and regulations, and provide the type of personal data involved in the data breach, the number of data subjects, the possible consequences of the data breach, and the remedial measures we intend to take in accordance with the requirements of the supervisory authorities. We will take all possible measures to remedy or mitigate the damages and consequences caused by a data breach. If permitted or required by laws, we will promptly inform you of the consequences or significant damage that may be caused to you as a result of a data breach, so that you can take appropriate measures to protect your rights to the greatest extent.
Since no website, Internet transmission, computer system, or wireless connection is absolutely secure, in addition to the necessary security measures we take, users need to be more aware of privacy and security risks. For example, if you are redirected to a third party's website, link, product, or service through our service, please be careful and read the terms of agreement of such website, link, product, or service carefully for the security of any data information collected by such website, link, product or service, and we will not be liable for any data security issues caused by such third party. If you find that certain content, advertisements, or features of our website, products, or services may be provided by third parties and may endanger your privacy and security, please contact us promptly and we will give priority to dealing with them in accordance with the law.
III. How We Share, Transfer and Disclose Your Personal Information
We will share, transfer, and disclose your personal information to the minimum extent and only when it is necessary for operations or required by laws. We will not share, transfer, or disclose your personal information unless otherwise required or permitted by applicable laws and regulations in the following circumstances:
1. How we share your personal information
We do not sell any personal information to third parties. To offer you timely service, we may share your personal information with [Game SDK]'s affiliates. We will only share your information with [Game SDK]'s affiliates for lawful purposes clearly stated and only as necessary to provide the Services subject to the purposes stated in this Privacy Policy. For any purposes not covered herein, we will make explicit statements in the privacy policy or notice for the specific product or service.
We may share necessary personal information with authorized third-party partners (including data storage service providers, third-party SDK service providers, etc.) to perform certain functions or provide you with better service and user experience. Specifically, our cloud service providers provide us with cloud storage services to ensure the normal operation of the Service.
We will share that information to the minimum extent and only when it is necessary for operations or required by law. Before sharing, we will sign stringent confidentiality agreements with our authorized partners, requiring them to take relevant confidentiality and security measures to process personal information in accordance with the Policy and the applicable laws of your jurisdiction. Moreover, we will require them to provide data security functions and information security qualifications (such as classified protection assessment, information security management system, etc.). When embedding SDKs or any other similar applications of our authorized partners in the Software, we will do our due diligence to request the SDKs that obtain the information to protect the security of your data. Specifically:
We may also share your non-personal information with third parties to provide evaluation, analysis, or other business services. For example, we may use the aggregated information to help our partners (such as advertising service providers) understand the effectiveness, feedback, and usage trends of their services.
In the event of a merger, acquisition or bankruptcy and liquidation, transfer of assets, or other related transactions involving the transfer of personal information, we will require by agreement or other appropriate measures that the company or organization newly holding your personal information continues to be bound by the Policy and that such subject takes confidentiality and security measures no less stringent than those required by the Policy to handle personal information.
2. How we transfer your personal information
[Game SDK] will not transfer your information to any other party without:
(1) your express consent is obtained.
(2) posting a prominent notice via email and/or our website or by means of another appropriate method to inform you of any changes in your ownership of, rights to, and choices regarding your personal information when [Game SDK] is involved in a merger, acquisition, or sale of all or part of its assets that may affect your personal information.
(3) the transfer has been stated in the Privacy Policy or otherwise notified to you.
3. How we disclose your personal information
[Game SDK] may disclose your personal information as required by law, due process, litigation, and/or government departments and authorities. We may also disclose your personal information if the disclosure is necessary or appropriate for national security, law enforcement, or other matters of public importance.
In addition, we may share your personal information with the following people:
(1) our lawyers, accountants, auditors, or similar consultants, when we request them to provide professional advice.
(2) investors and other related third parties, if actual or potential sales or other transactions with another company occur and are related to entities within the TECNO group.
(3) other third parties, for example, when specific information is disclosed to them under your authorization.
IV. How Is Your Personal Information Transferred Across Borders
For the purposes described in the Privacy Policy, we may transfer your personal information to the resources or servers mentioned in Section III of the Policy for storage or processing, and we may also transfer your personal information to third-party service providers and business partners, and therefore your data may be transferred to other countries or regions, subject to compliance with applicable laws and regulations in your region and with your authorized consent. The privacy laws in these countries or regions may differ, and the jurisdictions in which these servers are located may or may not protect personal information to the same extent as those in your jurisdiction. However, we will still strive to protect your personal information based on our Privacy Policy and carry out the cross-border transfer and other processing of corresponding information as required by the laws of the country or region where the personal information is located.
If we transfer personal information outside of your jurisdiction, whether to our affiliates or to a third-party service provider, we will comply with the relevant applicable laws. We will take appropriate security and protection measures to ensure that all such transfers are subject to the requirements of applicable local data protection laws.
V. Your Rights to Your Personal Information
As a data subject, you have a number of rights with respect to personal information such as confirmation, access, correction, deletion, withdrawal of consent, complaints (hereinafter referred to as "requests"), etc. We fully understand and respect these rights, which are also subject to specific exclusions and exceptions in accordance with applicable law. We will also take active steps to ensure that your rights are effectively guaranteed. However, please understand and note that for security reasons, we may need to verify your identity before processing your request. In principle, we charge no fees for your legitimate requests. However, for repeated requests exceeding reasonable limits, we will charge a reasonable fee to the extent permitted by applicable laws based on actual administrative costs as appropriate. We may deny requests that are unwarrantedly repetitive, require excessive technical means (for example, requiring the development of new systems or fundamental changes in current practices), pose a risk to the legal rights of others or are highly impractical, or violate mandatory legal requirements.
5.1 Right to confirm and access: We inform you of how we collect and process personal information through the Privacy Policy or in the form of a privacy policy or notice of the specific product or service. You have the right to confirm or reject such collection and processing by checking the box or via other methods. However, if you reject the service, some functions that require your express authorized consent before use may no longer be available. The personal information you have provided to us can be accessed directly from the interface of our products or services. In case of failure to access, you can email us at [privacy@dlightek.com], and we will deal with it promptly.
5.2 Right to correct and delete: When your personal information is changed, or when you find that your personal information collected and processed by us is inaccurate or incomplete, you have the right to ask us to make corrections or additions. For some of your personal information, you can correct and amend it directly on the relevant function page of the product or service. You have the right to request us to delete your personal information when we have achieved the purpose of collecting your personal information or it is no longer necessary, or when you find that we have collected or processed your personal information in violation of the provisions of laws and regulations or the terms of the Privacy Policy. For any information that you have no access to correct or delete, you can email us at [privacy@dlightek.com] to request for correction or deletion.
It should be noted, however, that we may not be able to approve your request for deletion in certain cases, such as the deletion of transaction data, as [Game SDK] is legally obliged to keep records of transactions in compliance with applicable local laws. Please also note that if you request the deletion of your information from our products and services, due to certain applicable local laws and technical limitations, we may not immediately delete the corresponding information from our backup systems, but we will securely store your personal information and prevent its further processing until the backup systems are updated and your information can be deleted or anonymized.
5.3 Right to withdraw consent: To achieve the respective features of our various products or services, we will require necessary personal information in accordance with the applicable local laws. This is described in "How We Collect and Use Your Personal Information" of the Privacy Policy. You may withdraw consent previously granted to us for specific purposes, including the collection, use, and/or disclosure of your personal information in our possession or control, by deleting the information, disabling the functionality of the device, or withdrawing the consent request. You can email us at [privacy@dlightek.com] for relevant operations. We will process your request within a reasonable time after you send it, and then will not collect, use, and/or disclose your personal information according to your request.
Withdrawing your consent may result in an inability to continue to access certain and/or all [Game SDK] product and service functions. The withdrawal of your consent or authorization will not affect the validity of our previous processing activities based on your consent.
5.4 Right to complain: You have the right to email us at [privacy@dlightek.com] for a complaint. We will respond promptly to your complaint. If you are not satisfied with our response, especially if our personal information processing practices have harmed your legitimate rights and interests, you may also file a complaint or report to the local statutory personal data protection authority, or file a lawsuit with a court of competent jurisdiction.
5.5 Right to control your privacy settings
You have the right to control your privacy settings, which allow you to restrict our collection, use, disclosure, or processing of your personal information. For example, you can choose to turn on or off the functions and permissions of Location Access, Camera, and SMS. You can also get more detailed information about the security status of your device in Settings. If you have previously agreed to enable the corresponding permissions or agreed to our use of your personal information based on the aforementioned business scenario, you can change the permission via Settings > Application Management > Permission Management or by contacting us at [privacy@dlightek.com].
5.6 Right to cancel a service or an account
You may request account cancellation by following the path provided within the Services or by contacting us at [privacy@dlightek.com]. Please be careful when you cancel your account. You understand that after you cancel your account, we will stop providing products and services based on that account. Unless otherwise required by applicable laws in your region, we will delete the corresponding personal data under your account at the same time. If you sign in to the Services through a third-party account, please request the third party to cancel your account.
5.7 Right in some jurisdictions
Please pay attention that you may have the following data subject rights under applicable laws in certain jurisdictions:
(1) Right to restriction of processing. You have the right to request our restriction on your personal information processing. We will review the reasons for your request. If the reasons are in accordance with applicable data protection laws, we will process your personal information only to the extent permitted by such laws and will notify you before lifting the restriction on processing.
(2) Right not to be subject to automated decision-making. You have the right to refuse automated processing of your information, including performance analysis and other automated processing that may have a legal or similar impact on you.
(3) Right to data portability. You have the right to request the transfer of your personal information to another data controller in a structured and commonly used format.
While we also have the right to refuse to process your request, we may reject some of your requests where an exemption applies or where we comply with applicable laws. For example, some requests are manifestly unfounded or excessive or require disclosure of third-party information.
VI. How We Process Children's Personal Information
We do not provide products and services for children under the age of 14 or the equivalent legal age under the law in your jurisdiction (the legal definition of a child varies from country to country, and we will define a child based on the laws and regulations of the country or region in which we do business). We do not actively collect personal data from children and do not use it for marketing purposes. If you find that you have transferred information about such children to us, email us at [privacy@dlightek.com], and we will remove the information as soon as possible. If we find that we have collected children's personal information, we will also remove the relevant content as soon as possible.
VII. Third-Party Service Providers and Their Services
When using [Game SDK] products or services (such as life service and online customer service), you may receive links to third-party websites or content and services provided by third parties other than us, and some products or services may be provided in the form of SDKs or other means. You can choose whether to access or accept websites, products, and services provided by third parties based on your judgment. Our Privacy Policy does not apply to products and services provided by any third party. Since we do not have substantial control over a third party, we cannot be responsible for the collection and processing of your personal information by that third party. When you submit any information to that third party, please be aware of that third party's privacy policy and take care to protect your personal information.
VIII. Supplements and Updates to the Policy
We reserve the right to update or modify the Policy from time to time as our business, technology, applicable laws, and operations change. In the event the Policy is modified, we will publish the latest version here (on this page) or notify you separately through other means. Please regularly check this page or the notifications we send you to stay informed of updates to the Privacy Policy. The Privacy Policy is subject to change, but we will not diminish your rights under the Policy without your express consent.
We will seek your express consent as required by applicable laws before we collect other information from you or use or disclose your information for a new purpose. If you continue to use products and services on the website, mobile device, and/or any other devices, you will be bound by the updated Privacy Policy.
The content of [Game SDK] products or services stated in the Agreement may change depending on the type of product and system version you are using, or the requirements of local laws and regulations.
IX. Joint Controller
[AFMOBI TECHNOLOGY HK LIMITED] is responsible for processing your personal information together with us as joint controllers. [SHANGHAI XIAOCHUAN TECHNOLOGY LIMITED] and [AFMOBI TECHNOLOGY HK LIMITED] have clarified their respective responsibilities for joint processing under applicable laws, including the GDPR. Please see Section X How to Contact Us, to find out how you can reach us for more information about joint control.
X. How to Contact Us
If you have any suggestions, questions, or concerns about our Privacy Policy or practices regarding the protection of personal information, contact us at:
Email: [privacy@dlightek.com] (Note: The email is used for receiving emails related to our Privacy Policy or our information protection only)
We will review your request regarding privacy or personal information as soon as possible and reply to you within 15–30 days after verifying your user identity. If your request involves complex or significant issues, we may ask you for further information.
If you are not satisfied with our response, especially if your legitimate interests have been violated by us, you can seek a solution from the relevant data protection supervisory authority in your jurisdiction. If you make the above inquiry to us, we will provide you with information on the relevant complaint channels that may apply to your case.
Thank you for your time to read our Privacy Policy!