Privacy Policy

Last Updated: January 23, 2026

Published: January 23, 2026

Effective: January 23, 2026

The "DREAMENOTE Privacy Policy" (hereinafter referred to as "this policy") applies to the DREAMENOTE products and/or services provided by Shenzhen Photon Transition Technology Co., Ltd. (hereinafter referred to as "we") globally. This policy is designed to comply with applicable privacy laws and regulations, including but not limited to the General Data Protection Regulation (GDPR) for users in the European Economic Area, the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) for users in California, USA, and relevant laws and regulations of the People's Republic of China. Before using our software, please read this policy carefully to understand how we process your personal information. If you are a minor (under 18 years old or under the age of majority in your jurisdiction), please read this policy carefully with the accompaniment of your parents or other guardians, fully understand it, and obtain their consent before using the DREAMENOTE products and/or services.

Important Notice:

  • By consenting to this policy, you acknowledge that you understand the features provided by DREAMENOTE and the personal information needed for these features to work.
  • For sensitive personal information, we will ask for your explicit consent through a pop - up window before collecting it.
  • Device permissions are not enabled by default. For important or sensitive permissions, we will ask for your explicit consent through a pop - up window when you use the related features. You can turn off permissions at any time in the app's settings ("My > Settings > System Permission Settings") or in your device's system settings. If you decline a permission, it will only affect the specific feature that needs that permission, not other unrelated features.

This policy will help you understand the following content:

  1. Definitions and Explanations
  2. How We Collect and Use Your Personal Information
  3. How We Share, Transfer, and Publicly Disclose Your Personal Information
  4. How We Protect Your Personal Information
  5. How We Store Your Personal Information
  6. How You Can Exercise Your Rights to Manage Your Personal Information
  7. How We Protect Minors' Personal Information
  8. How Your Personal Information Is Transferred Globally
  9. How We Update This Policy
  10. How to Contact Us
  11. Other Matters

I. Definitions and Explanations

  1. DREAMENOTE Products and/or Services: Include the DREAMENOTE App (hereinafter referred to as "this software").
  2. DREAMENOTE Services: Refer to the services provided by Shenzhen Photon Transition Technology Co., Ltd., the operator of DREAMENOTE, to users, hereinafter referred to as "our services".
  3. Shenzhen Photon Transition Technology Co., Ltd.: The operator of DREAMENOTE, specializing in intelligent voice and language technology research, software product development, and voice information services. Registered address/common business address: (Pending). Contact number: 18475558718. If you want to know more about our company and platform, you can contact us through the contact information provided in Chapter 11 of this policy.
  4. User: Refers to the user who registers, logs in, and uses this software and enables, browses, or uploads data to the DREAMENOTE services. In this policy, you are more often referred to as "you".
  5. Affiliated Company: Refers to any party that directly or indirectly controls us, is controlled by us, or is under the common control with us. Here, "control" and "be controlled" respectively refer to the right to supervise the management policies of a party through voting rights, contracts, or other means.
  6. Account: Refers to the user account you own after completing real - information registration. You are responsible for keeping this user account secure. You shall be legally liable for all actions taken under your account.
  7. Personal Information: Personal information is various information recorded in electronic or other forms related to an identified or identifiable natural person, excluding information that has been anonymized. For users in California, USA, this includes "Personal Information" as defined under the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA). For the avoidance of doubt, personal information includes but is not limited to sensitive personal information.
  8. Sensitive Personal Information: Sensitive personal information is personal information that, once leaked or illegally used, is likely to infringe on the personal dignity or endanger the personal and property safety of a natural person, including biometric information, religious beliefs, specific identities, medical and health information, financial account information, location tracking information, and the personal information of minors. For California users, this includes "Sensitive Personal Information" as defined under the CCPA/CPRA.
  9. Processing of Personal Information: The processing of personal information includes the collection, storage, use, processing, transmission, provision, disclosure, and deletion of personal information.
  10. Personal Information Processor: A personal information processor is an organization or individual that independently determines the purpose and method of processing personal information in personal information processing activities.
  11. Personal Information Subject: A personal information subject refers to the natural person identified or associated with personal information.
  12. Automated Decision - making: Automated decision - making refers to the activity of automatically analyzing and evaluating an individual's behavior patterns, interests and hobbies, or economic, health, and credit status through a computer program and making decisions.
  13. De - identification: De - identification refers to the process of processing personal information so that it cannot be used to identify a specific natural person without additional information.
  14. Anonymization: Anonymization refers to the process of processing personal information so that it cannot be used to identify a specific natural person and cannot be restored.
  15. Device: A device refers to a device that can be used to access the DREAMENOTE services, such as a desktop computer, laptop, tablet, or smartphone.
  16. Unique Device Identifier: A unique device identifier (exclusive ID or UUID) refers to a string of characters programmed into a device by the device manufacturer, which can be used to uniquely identify the corresponding device (such as the IMEI number of a mobile device). Unique device identifiers have multiple uses, including providing advertisements when cookies cannot be used.
  17. IP Address: Each device connected to the Internet is assigned a number called an Internet Protocol (IP) address. These numbers are usually assigned based on geographical regions. An IP address can usually be used to identify the location of a device when it is connected to the Internet.
  18. SSL: SSL (Secure Socket Layer), also known as the Secure Sockets Layer, is a security protocol implemented on the Transmission Control Protocol/Internet Protocol (TCP/IP). SSL supports various types of networks and provides three basic security services, all of which achieve information confidentiality through the use of public - key and symmetric - key technologies.
  19. Information Collection Technologies: The "automatic collection" described in this policy includes the following methods:
    1. Cookie: A cookie is a small text file that a website server places on the client side (your computer, mobile phone, or other smart terminal) when you browse a web page, which can be used to improve your user experience.
    2. Log Files: Log files store some automatically collected data. This data includes Internet Protocol (IP) addresses, browser types, Internet Service Providers (ISPs), referring/exit pages, operating systems, date/time stamps, and click - stream data.
    3. ET Tag (Entity Tag): An ET Tag is an HTTP header transmitted between an Internet browser and an Internet server, which can be used instead of cookies to track individual users, allowing us to better understand and improve our services.
    4. JavaScript: JavaScript is a programming language used to create more interactive and dynamic web pages. JavaScript can set, read, and delete cookies.
  20. CCPA/CPRA: The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), which provide California residents with specific rights regarding their personal information.
  21. GDPR: The General Data Protection Regulation, which provides users in the European Economic Area with specific rights regarding their personal information.

II. How We Collect and Use Your Personal Information

As the personal information processor, we will follow the principles of legality, legitimacy, necessity, and good faith to collect and use your personal information for the following purposes.

Cookies and Similar Technologies

We and our third - party partners may use cookies, web beacons, pixels, and other similar technologies to collect and store information about your use of our services. These technologies help us provide you with a better user experience, improve our services, and analyze usage patterns.

Types of Cookies We Use:

  • Essential Cookies: These cookies are necessary for the basic functioning of our services, such as authenticating users and preventing fraudulent use of accounts. You cannot disable these cookies through your browser settings, as they are essential for the service to work properly.
  • Performance Cookies: These cookies collect information about how you use our services, such as which pages you visit most often and if you encounter any errors. This data helps us improve the performance and reliability of our services.
  • Functional Cookies: These cookies allow our services to remember your preferences, such as your language settings or preferred region, to provide a more personalized experience.
  • Targeting/Advertising Cookies: These cookies are used to deliver relevant advertisements to you and measure the effectiveness of advertising campaigns. They may also be used to limit the number of times you see an advertisement and help us understand how our advertising is performing.

How to Manage Cookies:

  • You can manage or delete cookies through your browser settings. Most web browsers allow you to control cookies through their settings preferences. However, please note that disabling certain cookies may affect the functionality of our services.
  • For mobile devices, you can manage app permissions through your device settings, which may include controls for certain tracking technologies.
  • For California users, you have the right to opt out of the sale or sharing of your personal information, including information collected through cookies and similar technologies. You can exercise this right by contacting us through the channels provided in Chapter X.

Cross - Site Tracking: We do not engage in cross - site tracking of users across different websites or online services for advertising purposes without your explicit consent.

  1. According to applicable laws and regulations, including the "Regulations on the Scope of Necessary Personal Information for Common Types of Mobile Internet Applications" in China, DREAMENOTE is an "utility tool" App. The complete functional services of DREAMENOTE include account registration/login, connecting a recording pen, recording, and voice - to - text conversion. You only need to provide us with the basic and necessary personal information corresponding to each function, except where otherwise required by relevant laws, regulations, and regulatory documents. If you refuse to provide such information, we will not be able to provide you with the corresponding functional services. Please note that if you provide non - personal information, please ensure that you have obtained the consent of the relevant subject. The details of the complete functions of DREAMENOTE and the personal information required for processing are as follows:
    1. Account Registration/Login:
      1. Information Scope
        To ensure the security of your personal space, you need to register and log in to your "DREAMENOTE account" before you can normally use other services after registration and login, including network synchronization and voice - to - text services. When registering and logging in, you need to provide us with your mobile phone number or email address and enter a verification code so that we can verify your user identity. Such information is necessary for this function. If you do not provide it, you will not be able to complete registration/login. Your account and password will be encrypted and stored on our server, and only you can use them. We recommend that you keep your password information safe to prevent your account from being stolen by others.
    2. Connecting a Recording Pen:
      1. Necessary and Non - necessary Information Scope
        When you connect a recording pen, we will collect your connection log data and recording pen device information (device SN and MAC address) to pair and connect this software with the recording pen. Such information is necessary for the function service of connecting a recording pen. Please note that when you encounter problems during use and need our intervention to solve them, we will need you to provide the aforementioned information.

        After completing the pairing and connection of the recording pen, we will only conduct real - time data transmission via Bluetooth when you use this software, including transmitting the recording pen device information directly obtained from the recording pen and the voice information recorded by the recording pen. Such information is necessary for the file transfer service. If you refuse to provide this information, you will not be able to use the file transfer service, but it will not affect your ability to connect the recording pen. The rules for the recording pen product to process your personal information apply to the separate privacy policy supporting the recording pen. If there is no separate privacy policy, please refer to this policy for its processing rules.
      2. Scope of Invoked Permissions
        When you first connect a recording pen, we need to invoke your Bluetooth permission, storage permission, and location permission (Android only). The Bluetooth permission is necessary for the connection and communication between the recording pen and the mobile phone. The storage permission is necessary for caching the binding code for the security verification of the recording pen and storing call records and upgrade package files to ensure the normal operation of related functions. The location permission is necessary for starting the ultra - low - power Bluetooth protocol to identify devices in the area and establish a connection when this Bluetooth component is running. All of the above permissions are system permissions necessary for using the device to connect the recording pen to the mobile phone for normal use. If you refuse, you will not be able to use the corresponding functions.
    3. Recording (After Connecting a Recording Pen):
      1. Information Scope
        When you use the recording function service, we will collect your voice information and/or other recording content you provide. Such information is necessary for recording. If you refuse to provide it, you will not be able to use the recording function. After the recording is completed, the audio data will be stored locally on the recording pen. You can import the audio data from the recording pen into this software by connecting the recording pen to this software.
      2. Scope of Invoked Permissions
        When you use the recording storage function service, we need to invoke your storage permission/SD card permission to store your voice information. This is a system permission necessary for this function service. If you refuse, you will not be able to use the recording storage function.
      3. Third - Party SDKs Used
        The recording location marking function is implemented through the Gaode Map Location SDK, which will directly collect and process your location information to mark the recording location during recording. You can prevent it from collecting your location information by refusing the system permission.
        The payment function is implemented through the WeChat Pay SDK, which will collect and process your payment information to complete the payment process. You can prevent it from collecting your payment information by refusing to use the payment function.
    4. Recording to Text Conversion (After Connecting a Recording Pen):
      1. Information Scope
        When you use the recording to text conversion function service, we will collect your voice information and/or other recording content for voice transcription on the cloud server. At the same time, we will collect the transcribed text information so that you can view the text conversion results. Such information is necessary for the voice - to - text function. If you cannot provide it, you will not be able to use the voice - to - text function.
      2. Scope of Invoked Permissions
        The permissions invoked by this function service are the same as those of the recording function service.
    5. Firmware Gray - scale Upgrade:
      1. Information Scope
        In order to allow some users to experience new hardware functions, we will send new - version firmware to some users in a targeted manner. Therefore, we need to obtain your device serial number.
      2. Scope of Invoked Permissions
        After you agree to this privacy policy, we need to obtain your device information permission. This is a system permission necessary for this function service. If you refuse, you will not be able to use the corresponding function.
    6. Problem Troubleshooting and Security Maintenance:
      1. Information Scope
        When you use the DREAMENOTE products and/or services, we will receive and record your relevant device information based on the specific permissions during software installation and use, including in silent state/or background operation, for installation conflict detection, problem troubleshooting and location, and to ensure the security of your account and use. The relevant necessary information includes IP address, mobile phone hardware model, mobile phone system information, mobile phone screen information, operating system information, DREAMENOTE App installation information, MAC address, software installation list, IMEI, DFV (iOS), CCID (Android), IMSI (Android), sensor information, service provider network ID, access network method, type and status, and unique device identification code (Android ID/IDFA/OPENUDID/GUID). This is necessary information for problem troubleshooting and security maintenance. If you refuse us to collect the above information, we will not be able to perform security monitoring on this software, which may affect the security of your account use and the timely troubleshooting of related problems.
    7. Operational Statistics and Analysis
      1. Information Scope
        When you use the DREAMENOTE products and/or services, we will automatically collect the detailed information of your use of the DREAMENOTE products and/or services and save it as network log information. The relevant necessary information includes the DREAMENOTE App software version number, input box type, input text type, search query content, network status, operator, language used, access date and time, device crashes, system activities, browsing records, download records, and click records. This is to help us统计 (statistically analyze) the usage of the DREAMENOTE products and/or services, troubleshoot problems, ensure service stability and network security, and conduct operational analysis, improvement, and optimization of the product interaction experience through data statistics. This is necessary information for operational statistics and analysis. If you refuse us to collect the above information, we will not be able to perform problem troubleshooting and operational statistics for the DREAMENOTE App, which may affect your use security and experience.
  2. Personal Information Processing Instructions
    1. To help you better understand the details of how the above - mentioned function services invoke your personal information through permissions, you can refer to the list below for details. Please note that enabling any permission means that you authorize us to collect and use relevant personal information to provide you with the corresponding service. Once you turn off any permission, it means that you revoke the authorization. We will no longer collect and use relevant personal information based on the corresponding permission, and we will not be able to provide you with the service corresponding to that permission. However, your decision to turn off the permission will not affect the information collection and use that has already occurred based on your previous authorization.

      System Permission Corresponding Business Function Purpose of Invoking Permission Permission Request Timing
      Bluetooth Recording Pen Connection Function Used to connect the recording pen and communicate with it When connecting the recording pen
      Storage Permission Recording Pen Connection Function, Recording Used to cache the binding code for the security verification of the recording pen to ensure normal connection to the recording pen, and to store upgrade package files to ensure the normal operation of related functions When connecting the recording pen, when storing recordings
      SD Card Permission Recording Store upgrade package files to ensure the normal operation of related functions; When storing recordings
      Location Permission Recording Pen Connection Function, Recording Start the ultra - low - power Bluetooth protocol to ensure normal connection to the recording pen; provide recording location marking service When connecting the recording pen, when using the recording location marking service
      Notification Permission Recording/Message Push Enable quick access to the recording state through push notifications and push important messages After completing a recording
      Floating Window Permission Subtitle Floating Window Allow users to view transcribed content through the subtitle floating window even when they exit the app When clicking the subtitle floating window button
    2. According to applicable laws and regulations, we will technically process your personal information so that it cannot be used to accurately identify a specific user. We will conduct academic research or statistical analysis on the anonymized or de - identified information (including using anonymized or de - identified voice information for model algorithm training) to better improve product functions and service capabilities.
    3. According to relevant laws and regulations, in the following situations, processing your personal information does not require your consent:
      • It is necessary for concluding or performing a contract to which the individual is a party, or for implementing human resources management in accordance with legally formulated labor rules and regulations and legally concluded collective contracts;
      • It is necessary for performing legal duties or obligations;
      • It is necessary for responding to a sudden public health event or protecting the life, health, and property safety of natural persons in an emergency;
      • It is for the purpose of public interest, such as news reporting and public opinion supervision, and the personal information is processed within a reasonable scope;
      • It is for processing personal information that an individual has publicly disclosed on their own or that has already been legally disclosed, within a reasonable scope as stipulated by this law;
      • Other situations stipulated by laws and administrative regulations.
    4. You can click to view the "DREAMENOTE Personal Information Collection List" to quickly understand the basic situation of our collection of your personal information, including the types of information, purposes of use, and usage scenarios.
    5. Other Instructions
      • To ensure that this app can receive client - pushed information normally when it is closed or running in the background, this app must use the (auto - start) function. There will be a certain frequency of actions to wake up this app for auto - start or associated start through system - sent broadcasts. This is necessary for achieving the functions and services.
      • When you open content - type push messages, after obtaining your explicit consent, you will be redirected to open the relevant content. Without your consent, there will be no auto - start or associated start.
      • When you open files downloaded inside this app, a third - party app will be associated and started.

III. How We Share, Transfer, and Publicly Disclose Your Personal Information

  1. Entrusted Processing
    To provide you with more comprehensive and high - quality products and services, we may entrust third parties (including companies, organizations, and individuals) to process some of your personal information. These third parties may include cloud service providers, payment processors, analytics providers, and customer support services. For the third parties we entrust to process your personal information, we will sign strict data processing agreements with them, clearly specifying the purpose, duration, processing method, types of personal information, protection measures, and the rights and obligations of both parties. We will also supervise the personal information processing activities of third parties and require them to process your personal information only in accordance with our requirements, this policy, and other relevant confidentiality and security measures, and not to process personal information beyond the agreed purpose and method. If you refuse our third - party service providers to collect the personal information necessary for providing services, you will not be able to enjoy the services provided by these third parties during your use of the DREAMENOTE products and/or services.
  2. Sharing
    We will not share your personal information with third parties (including companies, organizations, and individuals) except in the following situations:
    1. Sharing with explicit consent: After obtaining your explicit consent, we will share your personal information with third parties.
    2. Sharing in legal situations: We will share your personal information with third parties in accordance with the requirements of laws, regulations, litigation disputes, or administrative and judicial authorities.
    3. Sharing with affiliated companies: To integrate with our other products or services and provide you with better services, or to protect the personal and property safety of our affiliated companies, other users, or the public, your information may be shared within our affiliated companies. We will only share your personal information within our affiliated companies for specific, clear, and legal purposes within the scope stated in this policy, and only share the information necessary for providing services. For the information shared with affiliated companies, we will require them to take protection measures no less than those stated in this policy and strictly comply with relevant laws, regulations, and regulatory requirements. If an affiliated company wants to change the purpose of personal information processing, it will need to seek your authorization and consent again.
    4. Sharing with authorized partners: Only for the purposes stated in this policy, some of our services will be provided jointly by us and authorized partners. These partners may include but are not limited to:
      • Map service providers (e.g., Gaode Map) for location - based features;
      • Cloud storage providers for data backup and synchronization;
      • Analytics providers for improving our services;
      • Customer support platforms for handling inquiries.
      We will share your personal information with partners to provide better customer service and user experience. We will only share your personal information for legal, legitimate, necessary, specific, and clear purposes, and only share the personal information necessary for providing services. Our partners have no right to use the shared personal information for any other purposes.
    For the companies, organizations, and individuals with whom we share personal information, we will sign strict confidentiality agreements with them, requiring them to process personal information in accordance with our instructions, this policy, and other relevant confidentiality and security measures, not to process personal information beyond the agreed purpose and method, and to ensure that their processing activities comply with applicable data protection laws and regulations, including the CCPA/CPRA for California users and the GDPR for users in the European Economic Area. In principle, the companies, organizations, and individuals with whom we share personal information have no right to use the personal information we share for any other purposes outside of this policy.
  3. Transfer
    We will not transfer your personal information to any third parties (including companies, organizations, and individuals) except in the following situations:
    1. Transfer with explicit consent;
    2. Transfer as required by applicable laws, regulations, legal procedures, mandatory administrative or judicial requirements;
    3. In the event of a merger, acquisition, or bankruptcy liquidation of the provider of this product service, or other situations involving merger, acquisition, or bankruptcy liquidation, if personal information transfer is involved, we will notify you of the name or full name and contact information of the recipient and require the new recipient holding your personal information to continue to be bound by this policy. If the recipient changes the original purpose or method of processing, we will require the recipient to seek your authorization and consent again.
  4. Public Disclosure
    We will only publicly disclose your personal information in the following situations:
    1. With your separate consent or based on your active choice, we will publicly disclose your personal information;
    2. In the case of legal requirements, legal procedures, litigation, or mandatory requirements from government authorities, we will publicly disclose your personal information.
    3. If we determine that you have violated laws, regulations, or the relevant agreement rules of this product seriously, or to protect the personal and property safety of users of this product and its affiliated companies or the public, we will disclose your personal information in accordance with laws, regulations, or the relevant agreement rules of this product, including relevant violations and the measures we have taken against you.
  5. Exceptions to Prior Authorization Consent for Entrusted Processing, Sharing, Transfer, and Public Disclosure of Personal Information
    In the following situations, prior authorization consent is not required for entrusted processing, sharing, transfer, and public disclosure of your personal information.
    1. It is related to our performance of obligations stipulated by laws and regulations;
    2. It is directly related to national security and national defense security;
    3. It is directly related to public safety, public health, and major public interests;
    4. It is directly related to criminal investigation, prosecution, trial, and judgment execution;
    5. It is for the purpose of protecting your or other individuals' major legitimate rights and interests such as life and property, but it is difficult to obtain your consent;
    6. You have publicly disclosed your personal information to the public on your own;
    7. It is for collecting personal information from legally publicly disclosed information, such as through legal news reports and government information disclosure channels.
    Please note that according to the law, the external entrusted processing, sharing, transfer, and public disclosure of anonymized personal information do not fall under the scope of personal information processing activities. The storage and processing of such data do not require additional notice to you and your consent.

IV. How We Protect Your Personal Information

  1. We take your privacy and personal information protection very seriously. We use a combination of security technologies and processes to protect your information from unauthorized access, use, or disclosure. Your personal information is encrypted both when stored and when transmitted between our systems. We will not share your personal information with third parties without your permission, except as required by law or as described in this policy.
  2. We may analyze anonymized user data to improve our services, but we will never disclose any individual user's personal information in these analyses.
  3. Data Security Measures
    1. We use industry - standard security practices, including secure network architecture, access controls, and encryption, to protect your information from unauthorized access, use, or modification.
    2. We only collect the personal information that is necessary for our services and retain it only for as long as needed or required by law.
    3. Please note that the Internet is not completely secure. We recommend that you do not share sensitive personal information through unencrypted channels like email or instant messaging, and that you use a strong, unique password for your account.
    4. While we take reasonable steps to protect your information, no security measure is perfect. If a security incident occurs that affects your personal information, we will notify you as required by law, explaining what happened, what information was involved, and what steps we are taking to address it. We will also report the incident to the appropriate regulatory authorities.
    5. Our data breach notification process complies with applicable laws, including requirements for timely notification to affected users and regulators. If we can take steps to effectively mitigate the harm from a breach, we may delay notification as permitted by law.

V. How We Store Your Personal Information

DREAMENOTE products and/or services are provided globally. We store and process your personal information in accordance with applicable laws and regulations of the jurisdictions where you are located and where our servers are operated.

  1. Location of Information Storage
    We store your personal information on servers located in various regions, including but not limited to the People's Republic of China, the United States, and other countries/regions where we operate data centers. For users in California, USA, we take reasonable measures to ensure compliance with the CCPA/CPRA regarding data storage and processing. The following situations may involve cross-border data transmission:
    • To provide you with global services and functionality;
    • To comply with applicable laws and regulations;
    • We have obtained your explicit authorization;
    • You take active actions such as cross-border transactions via the Internet;
    • To provide services through our global affiliated companies or trusted third-party service providers.
    When transferring personal information across borders, we will take appropriate measures to ensure that your personal information receives adequate protection, including but not limited to signing standard contractual clauses, obtaining your explicit consent, or complying with applicable cross-border data transfer mechanisms.
  2. Duration of Information Storage
    Generally speaking, we will retain your personal information for the period necessary to achieve the processing purposes described in this policy during your use of the DREAMENOTE products and/or services, unless otherwise stipulated by applicable laws, regulations, or regulatory requirements in your jurisdiction. Specific reference regulations include:
    1. For users in China: Article 21, Chapter 3 of the "Cybersecurity Law" stipulates that technical measures shall be taken to monitor and record the network operation status and network security incidents, and the relevant network logs shall be retained for no less than six months as required;
    2. For users in China: Article 31, Chapter 2 of the "E - Commerce Law" stipulates that commodity and service information and transaction information shall be kept for no less than three years from the date of completion of the transaction;
    3. For users in California, USA: In accordance with CCPA/CPRA requirements, we retain personal information as needed to fulfill the purposes for which it was collected or as required by law.
    After the above - mentioned period expires, or when you actively request to delete your personal information or cancel your account, we will delete or anonymize your personal information as soon as possible in accordance with the requirements of applicable laws and regulations, unless applicable laws, regulations, or regulatory documents require the information to be retained for a longer period. However, in the following situations, we will change the storage time of personal information to comply with legal requirements:
    • To comply with applicable laws, regulations, and other relevant provisions;
    • To comply with court judgments, rulings, or other legal procedures;
    • To comply with the requirements of relevant government agencies or legally authorized organizations;
    • We have reasonable grounds to believe that it is necessary to comply with laws, regulations, and other relevant provisions;
    • For purposes reasonably necessary to enforce relevant service agreements or this policy, safeguard the public interest, and protect the personal and property safety or other legitimate rights and interests of our customers, us, other users, or employees.

After you discontinue using DREAMENOTE, we will stop collecting and using your information, except as otherwise provided by laws, regulations, or regulatory authorities in your jurisdiction.

When the relevant services of DREAMENOTE cease operation, we will notify you by means including sending notices and announcements, and delete or anonymize your personal information retained on the server within the time limit required by laws and regulations.

VI. How You Can Exercise Your Rights to Manage Your Personal Information

  1. According to applicable laws and regulations, including but not limited to relevant laws and regulations of the People's Republic of China, the CCPA/CPRA for California users, and the GDPR for users in the European Economic Area, you have several rights in personal information processing activities, including:
    • Right to Know: You have the right to know what personal information we collect, use, disclose, and share about you;
    • Right to Access: You have the right to request access to the personal information we hold about you;
    • Right to Correct: If you find that your personal information is inaccurate or incomplete, you have the right to request the correction or supplementation of your personal information;
    • Right to Delete: You have the right to request the deletion of your personal information under certain circumstances, such as when the information is no longer necessary for the purposes for which it was collected;
    • Right to Data Portability: You have the right to request the transfer of your personal information to a personal information processor you designate, in a structured, commonly used, and machine-readable format;
    • Right to Opt-Out: For users in California, USA, you have the right to opt out of the sale or sharing of your personal information, as well as the right to opt out of automated decision-making and profiling;
    • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights, such as by charging different prices or providing different quality of services;
    • Right to Restrict Processing: You have the right to request the restriction of the processing of your personal information under certain circumstances;
    • Right to Withdraw Consent: You have the right to withdraw your consent to the processing of your personal information at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
    • Right to Lodge a Complaint: You have the right to lodge a complaint with the relevant supervisory authority if you believe that we have violated applicable data protection laws.
  2. We ensure that you can exercise the aforementioned rights over your personal information and provide you with relevant operation paths. Specifically, you can refer to the following steps for related operations:
    1. View, correct, and supplement your personal information:
      • Click "Settings" in the bottom navigation bar.
      • Click on your account name.
      • Click on the data you need to edit.
    2. Obtain a copy of your personal information
      You have the right to obtain a copy of your personal information. You can contact our customer service in the manner described in Chapter XI of this policy, and we will process your request within 15 business days.
    3. Transfer your personal information
      You have the right to request the transfer of your personal information to a personal information processor you designate. If the conditions specified by the national cyberspace administration are met, we will provide you with a transfer channel. You can contact our customer service in the manner described in Chapter XI of this policy, and we will process your request within 15 business days.
    4. Change the scope of your authorized consent or withdraw authorization
      You can withdraw your authorization by changing the privacy settings in this software. Specifically, you can operate as follows: Android users:
      • Go to "Settings" - "App Management" on your phone.
      • Find DREAMENOTE and click to enter.
      • Click "Permissions" to enter the permissions page of DREAMENOTE, where you can set all invoked permissions.
      iOS users:
      • Go to "Settings" on your phone.
      • Find DREAMENOTE and click to enter, where you can set all invoked permissions.
      Please note that the specific closing methods may vary depending on the device model and system version you use.

      Please understand that after you perform the above operations, we will no longer be able to provide you with the services corresponding to the withdrawn consent or authorization, but it will not affect the personal information processing that has already been carried out based on your previous authorization.
    5. Cancel your account
      You have the right to cancel your DREAMENOTE account. You can contact our customer service in the manner described in Chapter XI of this policy to assist you in canceling your account. After receiving your request, we will need you to provide your account (mobile phone number) and SMS verification code to verify your identity. After successful verification, we will complete the cancellation for you within 15 business days. To ensure security, we need you to provide corresponding means to prove your identity and the legitimacy of your request. After your successful cancellation, we will delete your personal information as soon as possible in accordance with the requirements of laws and regulations.

      You can also cancel your account by following these steps:
      • Click "Settings" in the bottom navigation bar.
      • Click on your account name.
      • Click the "More" button in the upper - right corner.
      • Click the "Cancel Account" button in the "More" menu.
      Please note that to ensure the security of customer service and online/offline activities and traceability of responsibilities, according to the time requirements of the activities you participate in (including but not limited to theme activities and points - for - gifts activities) (for example, the same user cannot participate in an activity repeatedly within half a year), we will continue to retain the personal information you provided in customer service and activity participation for half a year or for the time period specified by the relevant activities you participated in. After reaching the aforementioned time limit, we will delete this information.
    6. Turn off message notifications
      You have the right to turn off message notifications in this product. Specifically, you can refer to the following steps for related operations:
      • Go to "Settings" - "Notifications" on your phone.
      • Find DREAMENOTE and click to enter. You can choose to turn off or turn on notifications on this interface.
    7. Respond to your above requests
      We will adopt appropriate technical measures to ensure that you can view, supplement, correct, delete, or copy and transfer your personal data, or apply to us to supplement, correct, delete, copy, or transfer relevant information through the feedback or complaint channels published by the DREAMENOTE products and/or services. After receiving your application, we will process it according to the procedure. To ensure security, we will first ask you to verify your identity. We need you to provide your account (mobile phone number) and SMS verification code. After successful verification, we will process your request. We will respond within 15 business days. In principle, we will not charge a fee for your reasonable requests, but for multiple repeated requests beyond a reasonable limit, we will charge a certain cost fee as appropriate. We will reject requests that are unreasonably repetitive, require excessive technical means (for example, developing a new system or fundamentally changing the current practice), pose risks to the legitimate rights and interests of others, or are highly impractical (for example, involving information stored on backup tapes).

      If you are unable to view, supplement, correct, delete, copy, transfer your personal information, change the scope of your authorized consent or withdraw authorization, cancel your account, turn off message notifications, or if you need to view, supplement, correct, delete, copy, transfer other personal information generated during your use of DREAMENOTE, or if you believe that we have violated any laws, regulations, or agreements regarding the collection or use of your personal information, you can contact us through the official feedback channels of the relevant products or services we have announced.

Please note that in the following situations, we will not be able to respond to your requests:

  1. Related to our fulfillment of obligations stipulated by laws and regulations;
  2. Directly related to national security and national defense security;
  3. Directly related to public safety, public health, and major public interests;
  4. Directly related to criminal investigation, prosecution, trial, and judgment execution;
  5. We have sufficient evidence to show that you have subjective malice or abuse your rights;
  6. To protect your or other individuals' major legitimate rights and interests such as life and property, but it is difficult to obtain your consent;
  7. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations;
  8. Involving trade secrets.

VII. How We Protect Minors' Personal Information

  1. We take the protection of minors' personal information very seriously and comply with applicable laws, including the Children's Online Privacy Protection Act (COPPA) for users in the United States.
  2. The age of majority varies by jurisdiction. For users in the United States, we consider anyone under 18 years old to be a minor. For users in the European Economic Area, we follow GDPR requirements for minors.
  3. For children under the age of 13 (or the equivalent age in your jurisdiction), we will only collect, use, or disclose personal information with the verifiable consent of a parent or legal guardian, in accordance with COPPA and other applicable laws.
  4. For minors between the ages of 13 and 17 (or the equivalent in your jurisdiction), we may collect personal information with the consent of the minor or their parent/guardian, depending on applicable laws.
  5. If we learn that we have collected personal information from a child without proper parental consent, we will delete that information as soon as possible.
  6. Parents or guardians of minors have the right to review, correct, or delete their child's personal information, and to revoke consent for further collection or use. To exercise these rights, please contact us through the channels provided in Chapter X.

VIII. How Your Personal Information Is Transferred Globally

We may transfer your personal information across borders to provide our services, including to our affiliated companies, third-party service providers, and other entities that assist us in operating our business. These transfers may involve sending your personal information to countries or regions outside the one where you are located, including but not limited to the People's Republic of China and the United States.

When transferring your personal information across borders, we will take appropriate measures to ensure that your personal information receives adequate protection, which is no less protective than the protection required by the laws and regulations in the jurisdiction where you are located. These measures may include:

  • Signing standard contractual clauses approved by relevant data protection authorities;
  • Obtaining your explicit consent before transferring your personal information across borders;
  • Complying with applicable cross-border data transfer mechanisms, such as the EU-US Data Privacy Framework;
  • Ensuring that our affiliated companies and third-party service providers adhere to the same level of data protection standards as specified in this policy.

For users in California, USA, we comply with the CCPA/CPRA requirements regarding cross-border data transfers. For users in the European Economic Area, we ensure that cross-border data transfers comply with the GDPR.

Please note that the jurisdictions to which we transfer your personal information may have different data protection laws. However, we remain committed to ensuring that your personal information is adequately protected regardless of where it is processed.

IX. How We Update This Policy

  1. To provide you with better services, the DREAMENOTE products and/or services will be updated and changed from time to time. We will revise this policy accordingly, and these revisions will form part of this policy. However, without your explicit consent, we will not reduce the rights you should enjoy under this policy.
  2. After this policy is updated, we will release the updated version on DREAMENOTE and remind you again to read the updated privacy policy through announcements of new version features in the app store or pop - up windows so that you can keep abreast of the latest version of this policy. If you disagree with this policy or have objections to the modified or updated content of this policy, you can choose to stop using the DREAMENOTE products and/or services or cancel your DREAMENOTE account. However, please note that your actions and activities before account cancellation or service discontinuation will still be governed by this policy.
  3. For major changes, we will also provide more prominent notifications (we will explain the specific changed parts of this policy through methods including but not limited to emails, text messages, or special prompts on the browsing page).

    Major changes referred to in this policy include but are not limited to:
    1. Significant changes occur in our service model. Such as the purpose of personal information processing, the types of personal information processed, and the way personal information is used;
    2. Significant changes occur in our ownership structure, organizational structure, etc. Such as changes caused by business adjustments, bankruptcy mergers and acquisitions, etc.;
    3. The main objects of personal information sharing, transfer, or public disclosure change;
    4. Significant changes occur in your rights and the ways to exercise them in personal information processing;
    5. The department responsible for personal information security, contact information, and complaint channels change;
    6. The personal information security impact assessment report indicates high risks;
    7. Changes are made in response to national policies or legal norms with the release and implementation of policies or laws.

X. How to Contact Us

To better protect your personal information, we have established a dedicated department for network security and personal information protection. If you have any questions or suggestions regarding this policy or your personal information during your use of Dreame Note, please contact us through the following contact information:

For Global Users:

General Inquiry Email: 183762859@qq.com

Data Protection Officer Email: 183762859@qq.com

For Users in China:

Contact Phone: 0755-86966848

Contact Email: 183762859@qq.com

Contact Address: 1501, 15th Floor, Building 2, Yongxin Times Factory, Intersection of Dongbin Road and Nanguang Road, Dengliang Community, Nanshan Street, Nanshan District, Shenzhen

Person in Charge Phone: 15323821740

Response Time:

We will respond to your inquiry within 15 business days. For users in California, USA, we will comply with CCPA/CPRA requirements regarding response times.

Complaint Channels:

If you are not satisfied with our response, especially if you believe that our personal information processing behavior has damaged your legitimate rights and interests, and we cannot provide you with a satisfactory response and refuse to improve after you have provided feedback to us, you can file a complaint and report to the relevant regulatory authorities in your jurisdiction, such as:

  • For users in the European Economic Area: Your local data protection authority
  • For users in California, USA: The California Attorney General's Office
  • For users in China: The Cyberspace Administration of China

XI. Other Matters

Any disputes related to this policy shall be resolved through friendly negotiation between the two parties. If negotiation fails, you agree to submit the dispute or controversy to the people's court with jurisdiction at the place where this privacy agreement is signed.

If any court with jurisdiction rules or judges that any provision of this policy is invalid, that provision will be removed from this policy, but the invalidity of that provision will not affect the validity of the remaining provisions of this policy. The remaining provisions of this policy will continue to be enforced.