WEILAN AlphaDog Privacy Policy

Last Updated: November 30, 2024

This Privacy Policy applies to the products and services provided by Nanjing WEILAN Intelligent Technology Co., Ltd. (hereinafter referred to as "we", "us", or "our") to users worldwide. We are well aware of the importance of personal information to you and will do our utmost to keep your personal information safe and secure. We are committed to maintaining your trust in us and adhering to the following principles to protect your personal information: equal rights and responsibilities, clear purpose, opt-in consent, minimum necessity, security guarantee, participation of personal information subjects, and openness and transparency. At the same time, we undertake that we will take appropriate security measures to protect your personal information in accordance with the industry-proven security standards.

Please read and understand this Privacy Policy carefully before using our products (or services). By clicking "I Agree" to this Privacy Policy online, or using or continuing to use our products or services, or submitting personal information, you agree to our collection, use, storage, entrusted processing, sharing, transfer, and disclosure of your personal information in accordance with this Privacy Policy (including its updates).

1.Collection and Use of Your Personal Information

1.1 Personal information

Personal information means any information relating to an identified or identifiable natural person that is recorded electronically or otherwise, including identifying information, biometric data, and other sensitive data. We may collect your personal information when you use our products or services or interact with us. The specific types of data collected will vary depending on the products and services you use and the content of your interactions with us. You are not obligated to provide us with your personal information. However, in some cases, if you choose not to provide your personal information, we may not be able to provide you with relevant products or services or respond to or resolve the problems you encounter.

In the process of providing you with relevant products or services, we may also collect and summarize statistical data, such as website visits, application downloads, and product sales so as to understand how users use our products and services. For the purposes of this Privacy Policy, the statistical data aforementioned is deemed as non-personal information. We do our best to separate your personal information from your non-personal information and use the two types of data separately. If your personal information is mixed with non-personal information, this information will still be treated as personal information.

We will only collect and use your personal information for the purposes specified in this Privacy Policy. The followings are examples of the personal information we may collect:

1. 1.1.1 Information you provide to us

   You need to register an account with us to enjoy certain features or services. When you register an account with us or log in with your account to shop online, download software, or purchase services, we may ask you to provide relevant personal information, such as your name, email address, mobile phone number, order information, delivery address, and payment method.

   Some of our products allow you to communicate and share information with others. When you use our products to share content with your family and friends, you may need to create a public account profile, including a nickname and avatar. We may also collect information you provide about your family and friends, such as their names, email addresses, and phone numbers. We will take reasonable and necessary measures to ensure the security of these communications.

   To meet the requirements of certain jurisdictions for real-name account registration, Internet payments, etc., we may ask you to provide your identity certification issued by the local government or relevant card or certificate information or personal biometric information that can verify your identity.

2. 1.1.2 Information we obtain during your use of services

   When you use our products and services, we will collect information concerning your device and how you and your device interact with our products and services, including:

   (1) Device and application information, such as the device name, device identifier, device activation time, hardware model, operating system version, application version, software identifier, and device and application settings (such as region/language/time zone/font size).

   (2) Mobile network information, such as the public land mobile network (PLMN) ID, geographical location (cell ID of the area where the device is located), and Internet protocol (IP) address.

   (3) Log information. When you use our services or view the content we provide, we will automatically collect and log some information, such as the time of access, access count, IP address, and event information (such as errors, crashes, restarts, and upgrades).

   (4) Location information. When you access certain location-based services (such as performing a search, using navigation software, or checking the weather at a location), we will collect, use, and process the approximate or exact location of your device. This information may be obtained through GPS, WLAN, or the network ID of the service provider. We will ask you to select the applications for which you want to enable location-based services. You can refuse to share your location information by disabling the corresponding permission in your device settings.

   (5) Content of video recordings. Certain series of our AlphaDogs have the video recording and photo-taking function. This function can help you view the environment in which your AlphaDog's camera is located in real time in the app and steer your AlphaDog to capture photos, record videos, and make real-time calls through the app. In addition, you can view the photos and videos taken by your AlphaDog's camera at any time in the app. Please note that these images, videos and related audio data are generally stored in the cloud , which are encrypted and secure, with your authorization.

   (6) Autonomous exploration information. Our AlphaDogs are capable of autonomous exploration, and the exploration process may involve the collection of information about the surrounding environment, people, sounds, obstacles, etc. The aforesaid information is only used to achieve and improve the biomimetic capabilities, intelligence, and interactivity of AlphaDogs, and will be strictly stored in the local storage of AlphaDogs. You can disable your AlphaDog's autonomous exploration feature through settings, which may affect the use of some features of your AlphaDog.

   (7) Content you store in the cloud. The content you upload to the cloud will be stored on the cloud servers of a professional organization bearing confidentiality obligations, allowing you to quickly access and share content across devices. No one has the right to access and read such content without your permission.

   (8) Multi-modal human-machine interaction (HMI) content. When you successfully connect to our service, you can interact and communicate, through your AlphaDog, with a third-party multi-modal artificial intelligence (AI) system in the service. We and our third-party service providers will automatically receive and record the text/voice/image/radar and other interaction information you input during the interaction with the AI system and use such information to output content to you so as to provide multi-modal HMI services. We and our third-party service providers will also use interaction information to improve the AI system's ability to understand your inputs so as to continuously improve the speed and quality of AI recognition and response and enhance the intelligence of AlphaDogs.

   (9) Multi-modal HMI history. To ensure service quality and user experience, we and our third-party service providers will record your personal interaction records, including the text/voice/image/radar and other interaction information you input, as well as the multi-modal HMI topics generated based on the above information.

3. 1.1.3 Information from third-party sources

   To the extent permitted by local law, we may also obtain other information about you, your device, or your use of the services from legitimate public or commercial sources. For example, we obtain your information from a third party when you log in to our website through a third-party social networking site account or when your contact information is uploaded by others who use our communication services.

1.2 How we use your personal information

We will use your personal information only on a legal basis. In accordance with applicable local law, we may use your personal information based on your consent, as necessary for the performance/conclusion of a contract between you and us, for the protection of your or others' legitimate interests, for the fulfillment of legal obligations, for the legitimate interests of the enterprises, or on any other legal basis, to:

1. (1) Register and activate our products or services that you have purchased;
2. (2) Register an account with us so that you can enjoy a wider range of functions;
3. (3) Deliver, activate, or verify the products and services you request, or make changes to, or provide technical support and after-sales service for, such products and services at your request;
4. (4) Send you notifications of operating system or application updates and installations;
5. (5) Conduct internal audits or data analysis and research, analyze the business's operational efficiency, and measure market shares so as to improve our products and services;
6. (6) Troubleshoot errors if you choose to send us error details;
7. (7) Synchronize and store the data you upload or download, as well as the data required for performing upload and download operations;
8. (8) Improve our loss prevention and anti-fraud programs;
9. (9) Comply with the requirements of applicable local laws and regulations, such as fulfilling e-commerce platform management obligations or complying with lawful government requirements; or
10. (10)Achieve other purposes disclosed in privacy notices of products.

2.How We Use Cookies and Similar Technologies

Our websites, mobile application software, online services, emails, and advertisements may use local storage technologies such as cookies, pixel tags, and web beacons. We treat information collected through cookies and similar technologies as non-personal information. However, if IP addresses or similar identifiers are treated as personal information by local law, we will also treat such identifiers as personal information. In some cases, we may combine non-personal information collected through such technologies with other personal information we hold. We will treat the combined data as personal information for the purposes of this Privacy Policy.

2.1 Cookies

To ensure the proper functioning of our website or related apps, we will store small data files called cookies on your computer or mobile device. Cookies usually contain identifiers, site names, and some numbers and characters. With cookies, the website can store data about your preferences, including:

1. 2.1.1 Necessary cookies

   Login and verification. When you use your account to log in to the website or related apps, cookies can help you navigate from page to page without having to log in again on each page.

   Storage of your preferences and settings. With the help of cookies, the website can save settings, such as the language, font size, shopping cart, and other browsing preferences of your computer or mobile device.

2. 2.1.2 Analytical cookies

   Statistical analysis. With the help of cookies, we can collect information about your use of our website and other applications, such as recording a single visit (using a session cookie) or multiple visits (using a persistent cookie).

3. 2.1.3 Advertising cookies

   Interest-based advertising. We use cookies to collect information about your online activities so as to discover your interests and to send you advertisements that are most relevant to you.

   We will not use cookies for any purpose other than those specified in this Privacy Policy. You may manage or delete cookies according to your preferences. You can clear cookies saved on your computer, and most web browsers have a cookie-blocking feature. However, if you do so, you will need to change your user settings each time you visit our website.

2.2 Web beacons and pixel tags

In addition to cookies, we use other similar technologies such as web beacons and pixel tags on our website. For example, an email we send to you may contain a click-through URL that links to the content of our website.

If you click the link, we will track the click to help us understand your product or service preferences and improve customer service. A web beacon is usually a transparent image embedded in a website or email. With the help of pixel tags in the email, we can know whether the email has been opened. If you do not want your activity to be tracked in this way, you can unsubscribe from our mailing list at any time.

3.How We Entrust Processing of, Share, Transfer, and Publicly Disclose Your Personal Information

3.1 Entrusted and joint processing

To provide you with better products or services or the product or service you have requested, we may entrust third-party service providers or work with them to analyze and process your personal information. Some of our third-party service providers may collect data generated from your use of the product through the software programs integrated in the product. Such third parties may collect your IP address, webpage access records, online customer service consultation data, operational data, problem feedback data, app statistics, HMI dialogues, question-and-answer history, and other information, and use such information for purposes such as optimizing software and products, managing and enhancing customer data, and providing customer service.

We undertake to you that when we entrust third-party service providers or work with them to process your personal information, we will:

1. (1) Ensure that your personal information will be processed only within the scope of your authorization;
2. (2) Evaluate the data security capabilities of such third-party service providers to ensure that they have the data security capabilities required by laws and regulations;
3. (3) Constrain such third-party service providers to fulfill their responsibilities and obligations to ensure their compliance with applicable legal requirements; and
4. (4) Ensure the security of your information and the effective access to and control of your information.

3.2 Sharing and transfer

In principle, we will not share or transfer your personal information to any company, organization, or individual. In the following exceptions, we will share your personal information for lawful, legitimate, and necessary purposes. Third parties who receive data from us have no right to use your personal information for purposes other than those described in this Privacy Policy.

3.2.1 Sharing or transfer for the purpose of providing you with products or services and with your prior explicit authorization or consent

You understand and agree that to provide you with better services or the service that meets your requirements, we may share or transfer your personal information to our affiliates or other third-party service providers after obtaining your explicit authorization or consent.

We undertake to you that when sharing or transferring your personal information to these aforesaid third parties, we will:

• (1) Conduct personal information security impact assessments and take effective measures based on the assessment results to protect personal information subjects;
• (2) Accurately record and save the sharing or transfer of your personal information, including but not limited to the date, scope, and purpose of such sharing or transfer, as well as the basic information of the data recipient; and
• (3) Ensure the security of your information and the effective access to and control of your information, such as access, correction, deletion, and cancellation of account.

We will sign strict non-disclosure agreements with companies, organizations, and individuals with whom we share personal information, requiring them to process such personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures.

Our services may contain links to other websites that are not operated by us. If you click a third-party link, you will be directed to that third party's website. We strongly recommend that you review the privacy policy of each website you visit. We have no control over, nor will we be responsible for, the content, privacy policy, or practices of any third-party website or service.

3.2.2 Information sharing between affiliates

We may share personal information with our affiliates only for specific, explicit, and lawful purposes.

3.3 Disclosure of personal information

1. 3.3.1 Business transactions

   If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

2. 3.3.2 Law enforcement

   In some cases, we may be required to disclose your personal information, for example, if required to do so by law or in response to a valid request from a public authority, such as a court or government agency.

3. 3.3.3 Other legal requirements

   We may disclose your personal information to the extent necessary to:

   • (1) Comply with legal provisions;
   • (2) Protect and defend our rights or property;
   • (3) Prevent or investigate possible misconduct in connection with the services;
   • (4) Protect the personal safety of users of the services or the public; and
   • (5) Protect against legal liability.

4.How We Protect Your Personal Information

4.1 Storage of personal information

4.1.1 Storage location

We offer products or services worldwide, which means that the servers used to process data may be located outside of your country. In such a case, we will take all reasonable measures to ensure that the data collected is processed in accordance with the requirements of this Privacy Policy and applicable laws.

We will store your personal information at a location that best serves your interests and benefits.

4.1.2 Storage period

In general, we will only retain your personal information as long as is necessary to fulfill the purposes for which it was collected or as required by applicable laws. If our products or services are no longer available, we will inform you by way of push notifications or announcements and delete or anonymize your data within a reasonable period of time.

4.2 Transfer of personal information

Your information, including personal information, is processed at our operating offices and other locations where parties involved in the processing are located. This means that such information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ from those in your jurisdiction.

Your consent to this Privacy Policy and your submission of such information constitutes your consent to such transfer.

We will take all the steps reasonably necessary to ensure that your data is processed securely and in accordance with this Privacy Policy, and no transfer of your personal information will take place to another organization or country unless adequate controls, including data security and other personal information safeguards, are in place.

4.3 Security of personal information

The security of your personal information is very important to us, but please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. Although we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

5.Your Rights

5.1 You have the right to withdraw your consent to our processing of your data at any time if required by applicable law. However, the withdrawal of the consent will not affect the legality and validity of our processing of your data based on your consent given before its withdrawal, nor will it affect the legality and validity of our processing of your data based on other appropriate and justifiable grounds.

(1) Request for access to your personal information: You have the right to access the information we hold about you. Where possible, you can access your personal information directly in the settings of your account. If you are unable to perform these operations yourself, please contact us for assistance. This also enables you to obtain a copy of the personal information we hold about you.

(2) Request for correction of personal information: You have the right to correct incomplete or inaccurate information we hold about you.

(3) Objection to the processing of your personal information: You have the right to object to the processing of your personal information where we are relying on a legitimate interest, and there is something about your particular situation that makes you want to object to processing on this ground. You also have the right to object to our use of your personal information for direct marketing purposes.

(4) Request for deletion of your personal information: You have the right to require us to delete or remove your personal information when there is no good reason for us to continue processing it.

(5) Request for deletion of your personal account: You can delete your registered account at any time. After you delete your account, we will cease providing you with products or services. Unless otherwise provided by laws and regulations, we will delete your personal information at your request.

(6) Request for transfer of your personal information: We will provide your personal information in a structured, commonly used, and machine-readable format to you or a third party designated by you. Please note that this right only applies to the automated information that you initially provided consent for us to use or where we used the information to perform a contract with you.

(7) Withdrawal of your consent: You have the right to withdraw your consent to the use of your personal information. If you withdraw your consent, we may not be able to provide you with certain particular features of our services.

For security purposes, you may need to provide a written request or otherwise prove your identity. We may ask you to prove your identity before processing your request. We will respond to your request within 30 days.

For your reasonable request, we do not charge fees in principle. However, for repeated requests that exceed reasonable limits, we will charge a certain cost according to the situation. We may reject requests that are unnecessarily repetitive, require excessive technical means (e.g., the development of new systems or fundamental changes to existing practices), pose a risk to the legitimate rights and interests of others, or are highly impractical. In addition, you understand that due to security considerations, applicable legal and regulatory requirements, or technical limitations, we may not be able to respond to some of your requests, such as under the following circumstances:

1. (1) The request is related to the personal information controller's fulfillment of the obligations prescribed by laws and regulations.
2. (2) The request is directly related to national security or national defense security.
3. (3) The request is directly related to public security, public health security, or material public interests.
4. (4) The request is directly related to criminal investigation, prosecution, trial, enforcement of judgments, etc.
5. (5) The personal information controller has sufficient evidence that you have subjective malice or abuse of rights.
6. (6) The request is for protecting the life, property, or other major legitimate rights and interests of the personal information subject or other individuals, but it is difficult to obtain their consent.
7. (7) Responding to your request will cause serious damage to your legitimate rights and interests or those of any other individual or organization.
8. (8) The request involves a trade secret.

6.General Data Protection Regulation (GDPR) Privacy Policy

6.1 Legal bases for processing personal information under GDPR

1. (1) Consent: You have given consent to the use of your personal information for one or more specific purposes.
2. (2) Performance of a contract: Provision of personal information is necessary for the performance of an agreement between you and us and/or of any pre-contractual obligations.
3. (3) Legal obligations: Processing personal information is necessary for our fulfillment of legal obligations.
4. (4) Vital interests: Processing personal information is necessary in order to protect your vital interests or those of other natural persons.
5. (5) Public interest: Processing personal information is related to a task that is carried out in the public interest or in the exercise of official authority vested in us.
6. (6) Legitimate interests: Processing personal information is necessary for the legitimate interests pursued by us.

6.2 Your rights under the GDPR

In accordance with this Privacy Policy and the GDPR, you have the following rights:

1. (1) Request for access to your personal data: You have the right to access, update, or delete the information we hold about you. Where possible, you can access, update, or request deletion of your personal data directly in the settings of your account. If you are unable to perform these operations yourself, please contact us for assistance. This also enables you to obtain a copy of the personal data concerning you we hold.
2. (2) Request for correction of personal data: You have the right to correct incomplete or inaccurate information we hold about you.
3. (3) Objection to the processing of your personal data: You have the right to object to the processing of your personal information where we are relying on a legitimate interest, and there is something about your particular situation that makes you want to object to processing on this ground. You also have the right to object to our use of your personal information for direct marketing purposes.
4. (4) Request for erasure of your personal data: You have the right to require us to delete or remove your personal information when there is no good reason for us to continue processing it.
5. (5) Request for transfer of your personal data: We will provide your personal information in a structured, commonly used, and machine-readable format to you or a third party designated by you. Please note that this right only applies to the automated information that you initially provided consent for us to use or where we used the information to perform a contract with you.
6. (6) Withdrawal of your consent: You have the right to withdraw your consent to the use of your personal information. If you withdraw your consent, we may not be able to provide you with certain particular features of our services.

You can contact us via [support@weilan.com] to exercise the right to access, correct, erase, or object to the processing of your personal data. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will do our best to respond as soon as possible.

6.3 International data transfer

Your personal data may be transferred to China, the European Economic Area (EEA), the United States, the United Kingdom, or other locations outside of your country or region for the purposes of our global services and operations. We will transfer data in strict compliance with the GDPR requirements to ensure that data transfer complies with the GDPR data protection standards.

7.California Consumer Privacy Act (CCPA) Privacy

The policy in this section applies to users in California and is intended to supplement and improve this Privacy Policy.

7.1 Categories of personal information collected

Below is a list of the categories of personal information we may collect from users in California.

Please note that the following categories and examples are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact collected by us but reflects that some of that information from the applicable category may have been collected by us.Certain categories of personal information may only be collected if you provide them directly to us.

Category A: Identifiers

Examples: A real name, alias, postal address, unique personal identifier, online identifier, Internet protocol address, email address, account name, driver's license number, passport number, or other similar identifiers.

Collected: Yes.

Category B: Personal information categories listed in the California Customer Records statute (Cal.Civ.Code § 1798.80(e))

Examples: A name, signature, Social Security number, physical characteristics or description, address, phone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

Collected: No.

Category C: Protected classification characteristics under California or federal law

Examples: Age (40 years or older), race, color, ancestry, national origin, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, or genetic information (including familial genetic information).

Collected: No.

Category D: Commercial information

Examples: Records or history of products or services purchased or considered.

Collected: Yes.

Category E: Biometric information

Examples: Genetic, physical, behavioral and biometric characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

Collected: No.

Category F: Internet or other similar network activity

Examples: Interaction with our service or advertisement.

Collected: Yes.

Category G: Geolocation data

Examples: Approximate physical location.

Collected: Yes.

Category H: Sensory data

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

Collected: No.

Category I: Professional or employment-related information

Examples: Current or past job history or performance evaluations.

Collected: No.

Category J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))

Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

Collected: No.

Category K: Inferences drawn from other personal information

Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Collected: No.

7.2 Under the CCPA, personal information does not include:

• Publicly available information from government records.
• De-identified or aggregated consumer information.
• Information excluded from the CCPA's scope, like:
  • health or medical information covered by the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
  • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

7.3 Sources of personal information

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you. For example, from forms you complete on our services, from preferences you express or provide through our services, or from your purchases on our services.
• Indirectly from you. For example, from observing your actions on our services.
• Automatically from you. For example, through cookies we or our service providers set on your device when you use our services.
• From service providers. For example, from third-party providers that monitor and analyze the use of our services, third-party providers that deliver targeted advertising to you, third-party providers that process payments, or other third-party providers that we use to provide services to you.

7.4 Use of personal information for business purposes or commercial purposes

We may use or disclose the personal information we collect for "business purposes" or "commercial purposes" (as defined in the CCPA), including the following examples:

• To operate our services and provide you with our services.
• To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our services.
• To meet the reason you provided the information. For example, if you share your contact information to ask a question about our services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery.
• To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• As described to you when collecting your personal information or as otherwise set forth in the CCPA.
• For internal administrative and auditing purposes.
• To detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activities, including, when necessary, to prosecute those responsible for such activities.

Please note that the above examples are illustrative only and are not intended to be exhaustive. For more details on how we use such information, please refer to the "Collection and Use of Your Personal Information" section.

We will update this Privacy Policy if we decide to collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes.

7.5 Disclosure of personal information for business purposes or commercial purposes

We may use or disclose the following categories of personal information for a business or commercial purpose:

• Category A: Identifiers
• Category B: Personal information categories listed in the California Customer Records statute
• Category D: Commercial information
• Category F: Internet or other similar network activity

Please note that the above categories are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact disclosed by us.

When we disclose personal information for a business or commercial purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not to use it for any purpose except performing the contract.

7.6 Sale of personal information

Under the CCPA, a "sale" or "selling" is defined as the selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer's personal information to a third party in exchange for valuable consideration. This means that we may receive some kind of benefit from sharing personal information, but not necessarily a monetary benefit.

Please note that the following categories are those defined in the CCPA. This does not mean that all examples of that category of personal information were in fact sold but it reflects our good faith belief, to the best of our knowledge, that some of that information from the applicable category may have been shared for value in return.

We may sell the following categories of personal information:

• Category A: Identifiers
• Category B: Personal information categories listed in the California Customer Records statute
• Category D: Commercial information
• Category F: Internet or other similar network activity

7.7 Sharing of personal information

We may share the above categories of personal information with the following categories of third parties:

• Service providers
• Payment processors
• Our affiliates
• Our business partners
• Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you

7.8 Sale of personal information of minors under the age of 16

We will not sell the personal information we collect from minors under the age of 16 unless we have obtained explicit authorization from minors between the ages of 13 and 16 or from the parents or guardians of minors under the age of 13. Parents or guardians of minors who opt in to the sale of personal information may opt out at any time (the "right to opt-out"). To exercise the right to opt-out, please contact us.

If you have reason to believe that a child under the age of 13 (or 16) has provided us with personal information, please contact us with sufficient details to enable us to delete that information.

7.9 Your rights under the CCPA

The CCPA provides California residents with specific rights regarding their personal information. If you are a California resident, you have the following rights:

(1) Right to be notified: You have the right to be notified of which categories of personal information are being collected and the purposes for which personal information is being used.

(2) Right to request:Under the CCPA, you have the right to request that we disclose information to you about our collection, use, sale, disclosure for a business purpose, and sharing of personal information. Once we receive and confirm your request, we will disclose to you:

• The categories of personal information we collected about you;
• The categories of sources for the personal information we collected about you;
• Our business or commercial purpose for collecting or selling that personal information;
• The categories of third parties with whom we share that personal information; and
• The specific pieces of personal information we collected about you.

If we sold your personal information or disclosed your personal information for a business purpose, we will disclose to you:

• The categories of the personal information sold; and
• The categories of the personal information disclosed.

(3) Right to opt-out: You have the right to direct us to not sell your personal information. To submit an opt-out request, please contact us.

(4) Right to delete: You have the right to request deletion of your personal information, subject to certain exceptions. Once we receive and confirm your request, we will delete (and instruct our service providers to delete) your personal information unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

• Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activities, or prosecute those responsible for such activities;
• Debug products to identify and repair errors that impair existing intended functionality;
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent;
• Enable solely internal uses that are reasonably aligned with consumer expectations;
• Comply with a legal obligation; or
• Make other internal and lawful uses of that information.

(5) Non-discrimination: You have the right not to be discriminated against for exercising any consumer rights, including by:

• Denying goods or services to you;
• Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
• Providing a different level or quality of goods or services to you; or
• Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

7.10 Exercising your CCPA data protection rights

To exercise any of your rights under the CCPA, if you are a California resident, you may contact us by email at support@weilan.com.

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.

Your request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

If we are unable to:

• Verify your identity or your authority to make the request;
• Confirm that the relevant personal information is related to you;

We will not be able to fulfill your request or provide the requested information.

Upon verifying your identity, we will provide the requested information free of charge within 45 days of receiving your verifiable request. If necessary, the time to provide the information may be reasonably extended once (by an additional 45 days), but we will notify you in advance.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt.

For data portability requests, we will select a format that is readily useable to provide your personal information and should allow you to transmit the information from one entity to another entity without hindrance.

7.11 Opt-out of the sale of your personal information

You have the right to opt out of the sale of your personal information. Once we receive and confirm your verifiable consumer request, we will cease selling your personal information. To exercise your right to opt-out, please contact us.

The service providers with whom we work may use the technologies in the services to sell personal information as defined in the CCPA. If you wish to opt out of the use of your personal information for interest-based advertising purposes and potential sales, please follow the instructions below.

Please note:

• Your opt-out applies only to the browser or device you are currently using.
• If you use multiple browsers or devices, you may need to perform the opt-out process separately on each browser or device.

7.12 "Do Not Track" policy required by the California Online Privacy Protection Act (CalOPPA)

• Our services do not respond to Do Not Track (DNT) signals.
• However, some third-party websites do track your browsing activities. If you visit such websites, you can set preferences in your web browser to inform the websites that you do not want to be tracked. You can enable or disable the DNT feature by visiting your browser's preferences or settings page.

8.Children's Privacy

We value the privacy of children and are committed to protecting their personal information. In accordance with the Children's Online Privacy Protection Act (COPPA) and the General Data Protection Regulation (GDPR), this Privacy Policy applies to all people at and under the age of 13 and is intended to inform parents and guardians of how we collect, use, disclose, and protect children's personal information.

8.1 Collection of children's personal information

We may collect the following information from children:

• Identifiers, such as name, email address, postal address, and telephone number.
• Usage data, such as access time, frequency of use, and other use-related information.
• Location data, such as the approximate geographical location of the child (with parental consent).

8.2 Use of children's personal information

We collect personal information from children for the following purposes:

• To provide service and support.
• To manage and improve our services.
• To comply with laws and regulations.

8.3 Disclosure of children's personal information

We do not sell children's personal information to any third party, nor do we share such information with third parties without the consent of a parent or guardian, unless required by law or for the purpose of protecting the safety of the child.

8.4 Parental rights

Parents or guardians have the right to:

• Access the personal information we collect about their children.
• Request deletion of their children's personal information.
• Withdraw consent previously given.

To exercise the above rights, please contact us at support@weilan.com.

8.5 Limitation of liability

• Disclaimer: We take strict security measures regarding the collection of children's data, but we cannot guarantee absolute security. We are not liable for data breaches resulting from Internet transmissions. Parents or guardians shall supervise their children's interactions. If parental consent is not obtained, certain functions of AlphaDogs will be disabled to avoid unnecessary data collection.
• Parental supervision: Parents and guardians are responsible for supervising their children's use of our services. We encourage parents to monitor their children's online activities and the information they share.
• Usage restrictions: Our services are designed for children who have obtained parental consent. If a parent or guardian believes that we have collected their child's personal information without verifying parental consent, please contact us promptly, and we will take measures to delete the information.
• Extent of liability: We shall not be liable for any indirect, incidental, or consequential damages arising from the use of our services, including but not limited to any claims relating to data breaches or unauthorized access to personal information.
• Third-party links: Our services may contain links to websites that are not operated by us. We are not responsible for the privacy practices of such websites and encourage users to review their privacy policies. Our policy does not apply to third-party services.
• Informed consent: By using our services, users and their parents or guardians acknowledge that they have read and understood this Privacy Policy. Parents agree to indemnify us for any claims arising from their children's use of our services.

8.6 Data security

We take appropriate security measures to protect children's personal information from unauthorized access, disclosure, alteration, or destruction. We will only store children's personal information when necessary and take reasonable measures to ensure its security.

9.Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes hereto by posting a new privacy policy on this page.

Before such changes take effect, we will notify you by email and/or at a prominent location on our services and update the "Last Updated" date at the top of this Privacy Policy.

We recommend that you periodically review this Privacy Policy for any changes. Changes to this Privacy Policy will take effect when they are posted to this page.

10.Contact Us

If you have any questions about this Privacy Policy, you can contact us by email at support@weilan.com.