Privacy Policy

  • Last updated: October 26, 2022
  • Effective date: October 26, 2022
  • 1. Special Tips

  • Welcome to RootData ! RootData service providers (“we) understand the importance of personal information to you and will do our best to protect the security and reliability of your personal information. We are committed to maintaining your trust in us and handling your personal information in accordance with the principles of lawfulness, propriety, necessity and good faith. Therefore, we have created this Privacy Policy (“ Policy) so that you are fully aware of how we collect, use, store, share and transfer such information when you use RootData, and the ways in which we provide you with access to, update, delete and protect such information.
  • Before you use RootData , please make sure you read this Policy carefully and fully understand the content of each clause, and you can make the choices you deem as appropriate in accordance with the guidelines of this Privacy Policy. The relevant terms covered in this Privacy Policy are stated as concisely as possible, and links to further explanations are provided for your better understanding. If you have any questions, you are welcomed to contact us.
  • This policy will help you understand the following:
  • 1.1. How we collect and use your personal information
  • 1.2. How we use COOKIES or similar technologies
  • 1.3. How we share, transfer, and publicly disclose your personal information
  • 1.4. How we protect your personal information
  • 1.5. How you manage your personal information
  • 1.6. How we handle personal information of minors
  • 1.7. How this Privacy Policy is updated
  • 1.8. How to contact us
  • 2. How we collect and use your personal information

  • 2.1. Personal information is all kinds of information related to identified or identifiable natural persons recorded by electronic or other means, excluding information after anonymization processing. Sensitive personal information is personal information that, once leaked or illegally used, may easily lead to the infringement of a natural person’s human dignity or endanger the safety of his or her body or property, including biometric, religious beliefs, specific identity, medical and health care, financial accounts, trajectory and other information, as well as the personal information of minors under 14 years of age.
  • 2.2. We will collect and use the personal information you voluntarily provide in the course of using RootData or as a result of using RootData, as well as obtain your personal information from third parties, in accordance with the principles of legitimacy, legality and necessity, for the purposes described in this Policy. If we want to use your personal information for other purposes not described in this Policy, or use the information collected for a specific purpose for other purposes, we will inform you in a reasonable manner and obtain your consent again before using it. When you cancel your account, we will stop using and delete the aforementioned information.
  • 2.3. Circumstances in which you must authorize us to collect and use your personal information
    1. 2.3.1. Our RootData includes some core functions, and we may collect, store and use the following information about you in order to implement these functions. If you do not provide the relevant information, you will not be able to enjoy the products and services provided by us. These features include:
      1. Account registration, login and verification
      2. When you register for a RootData account, you will need to provide us with at least the account name, password, and email address you intend to use, and we will verify the validity of your identity information by sending an email verification code.
      3. Safety and security functions
      4. In order to improve the security of your use of our products and services, to protect your or other users’ personal and property safety from infringement, to better prevent phishing sites, fraud, network vulnerabilities, computer viruses and other security risks, and to more accurately identify violations of laws and regulations, we may collect, use or integrate your account information, transaction information, and device information to comprehensively determine your account and transaction risks, conduct identity verification, detection and prevention of security events, and take necessary records, audits, analyses and disposal measures in accordance with the law.
      5. Network Services
      6. RootData automatically receives and records the data on your browser and computer when you use RootData network services or visit RootData platform web pages, including but not limited to your IP address, type of browser, language used, date and time of access, information on hardware and software characteristics and records of web pages you demand.
  • 2.4. Circumstances when you can choose to provide the personal information
    1. 2.4.1. In order to make your use of RootData more convenient or enjoyable, and thus enhance your experience when using it, the following extensions of our functions may be use your personal information. If you do not provide such personal information, you can still use the core functions of RootData, but you may not be able to use the extensions we provide for you or you may need to fill in some information repeatedly. These extensions include:
      1. Login with a third-party account
      2. When you use a third party account (e.g. Twitter, Google) to log into RootData , you need to authorize to read and share your public information (including one or more of nickname, profile, region, gender, contact email) published and recorded on the third party platform, subject to relevant laws and regulations, in order to bind your third party account to your RootData account and to remark your login identity as our user.
      3. Additional account information
      4. After you have registered for an account, you may continue to fill in your information in the profile part, including your birthday, gender, and work organization. Your failure to provide this information will not affect your use of specific technical services.
      5. Change the account password
      6. When you need to change your account password, please enter the new password to complete the resetting. You need to provide your email account and the SMS verification code we sent to you for verification.
      7. Access to third-party applications
      8. When you use the third-party applications that you access in RootData, we may obtain necessary personal information from the developers of such third-party applications and their technical service providers, such as device information and operation behavior log information, for the purpose of providing technical support and other purposes. If your sensitive personal information is involved, we will request separate authorization from you. If you refuse to allow us to collect such personal information, all or part of the functions of the third-party application may not be available, but it will not affect your access to other functions of RootData.
        The developers of such third-party applications and technical service providers may collect and use your personal information directly in accordance with the privacy policies they provide, but we do not have access to such personal information. We recommend that you read and confirm that you understand these privacy policies before accepting the relevant services and providing personal information.
  • 2.5. You are fully aware that we do not require your authorized consent for the collection and use of personal information in the following cases:
    1. 2.5.1. Disclosure to third parties or administrative or judicial bodies in accordance with the relevant provisions of the law, or the requirements of administrative or judicial bodies.
    2. 2.5.2. It is necessary to share your personal information with third parties in order to provide the products and services you have requested
    3. 2.5.3. The personal information collected is disclosed to the public by the subject of the personal information or the guardian himself/herself.
    4. 2.5.4. When your personal information is collected from lawful public disclosures, such as lawful news reports, government information disclosure and other sources.
    5. 2.5.5. Necessary to enter into a contract at your request.
    6. 2.5.6. Necessary for the maintenance of the safe and stable operation of the products and/or services provided, such as the detection and disposal of product and/or service failures.
    7. 2.5.7. When it is necessary for academic research institutions to conduct statistical or academic research in the public interest, and where the results of academic research or descriptions are made available to the public, the personal information contained in the results is de-identified.
  • 2.6. Situations when we obtain your personal information from third parties
    1. 2.6.1. We may obtain personal information from third parties that you have authorized to share, and we will use such personal information in accordance with the agreement with the third party and after confirming the legality of the source of the personal information, and in compliance with relevant laws and regulations.
  • 3. How we use COOKIES or similar technologies

  • 3.1. We may obtain and use your information through the use of COOKIES or similar technologies and store that information as log information.
  • 3.2. By using COOKIES, we provide users with an easy-to-use and personalized web experience. A COOKIE is a small amount of data that is sent from a web server to your browser and stored on your computer's hard drive. We use COOKIES so that users can benefit from them. For example, to make the RootData login process faster, you can choose to store your username in a COOKIES. COOKIES helps us to determine which pages and content you are connecting to, how much time you spend on specific RootData services and which RootData service you have selected.
  • 3.3. COOKIES enables us to serve you better and faster and to personalize your experience with the RootData service. You may refuse or manage COOKIES or similar technologies through your browser or user selection mechanism. However, please note that if you disable COOKIES or similar technologies, we may not be able to provide you with the best service experience and some services may not work properly.
  • 3.4. We use our own COOKIES or equivalent technologies, which may be used for the following purposes:
    1. 3.4.1. Remember who you are.
    2. 3.4.2. Analyze your use of our services.
    3. 3.4.3. Advertising optimization.
  • 3.5. If you wish to disable COOKIES, you can configure your browser: select “Reject COOKIES” or “Notify you when websites send COOKIES”. Since our services are provided through the support of COOKIES, your access to our services may be affected or you may not be able to fully access our services after you complete the process of disabling COOKIES. When you do not disable COOKIES, you may be prompted, for example, whether to retain user information the next time you access this site in order to simplify the login process (e.g., automatic login).
  • 4. How we share, transfer or publicly disclose your personal information

  • 4.1. Entrusted processing
    1. 4.1.1. If we entrust a third party to handle your personal information, we will agree with the trustee on the purpose of the entrusted handling, duration, handling method, types of personal information, protection measures, and the rights and obligations of both parties, and supervise the trustee’s handling activities of personal information handling.
  • 4.2. Sharing
    1. 4.2.1. We will share your personal information in accordance with the principles of “lawfulness and legitimacy, minimum necessity, and clarity of purpose”. At the same time, we will conduct a personal information protection impact assessment of personal information sharing activities in advance and take effective technical protection measures for the form of output, circulation and use. At the level of cooperation agreements, we strictly require the information protection obligations and responsibilities of our partners, and sign protection agreements on data security with our business partners before cooperation.
       We have developed the Third Party Sharing List to provide you with a clear and concise introduction of our main sharing of your personal information.
    2. 4.2.2. We will not share your information with any third party outside of us, except for the following:
      1. (1) Obtain your prior clear consent or authorization.
      2. (2) Share your information externally in accordance with applicable laws and regulations, the requirements of legal process, and mandatory administrative or judicial requirements.
      3. (3) Only by sharing your personal information can we achieve the core functions of our products and services or provide the services you need.
      4. (4) We may share your personal information with our affiliates for the purpose of providing you with relevant products or services based on our offerings, showing you content that may be of interest to you, protecting the security of your account and transactions, etc. We will share your personal information with our affiliates in accordance with this Privacy Policy, but we will only share personal information that is necessary and subject to the purposes stated in this Privacy Policy. If our affiliates wish to change the purposes for which personal information is processed, they will again seek your authorized consent.
      5. (5) We may share your information with third parties, such as partners, to ensure that the services provided to you are completed successfully. However, we will only share your personal information for lawful, legitimate, necessary, specific, and explicit purposes, and only as much personal information as is necessary to provide the services. Our partners are not authorized to use the shared personal information for any other purpose.
      6. (6) Provide based on academic research.
      7. (7) Provide in accordance with the individual service agreement or other legal documents signed with you.
    3. 4.3. Transfer
      1. 4.3.1. Transfer is the process of transferring control of personal information to other companies, organizations or individuals.
      2. 4.3.2. We will not transfer your personal information to any third party outside of the Company, except for the following:
        1. (1) Obtain your prior clear consent or authorization.
        2. (2) As our business continues to grow, in the event of a merger, acquisition or bankruptcy liquidation, your information may be transferred as part of such a transaction. If a transfer of personal information is involved, we will require the new company, organization, or individual holding your personal information to continue to be bound by this Policy, or we will require that company, organization, or individual to seek your authorized consent again.
  • 4.4. Public Disclosure
    1. 4.4.1. We will not publicly disclose your personal information with any third party outside of the Company, except in the following circumstances:
      1. (1) We may disclose your personal information publicly in accordance with laws and regulations, litigation, dispute resolution, or as required by law by administrative or judicial authorities.
      2. (2) Disclose information specified by you in accordance with your needs and in a manner that you have expressly agreed to disclose.
  • 5. How we protect your personal information

  • 5.1. We have always attached great importance to protecting the security of our users’ personal information, and to this end we have adopted industry-standard security technologies and organizational and management protection measures to minimize the risk of disclosure, destruction, misuse, unauthorized access, unauthorized disclosure and alteration of your information.
    1. 5.1.1. Technical measures for data security
    2. We will adopt security measures in accordance with industry standards, including the establishment of reasonable systems, security technologies to prevent unauthorized access to your personal information, use, modification, and avoid damages or losses of data.
    3. Our web services adopt encryption technologies such as transport layer security protocols and provide browsing services via https and other means to ensure the security of user data during transmission.
    4. We adopt encryption technology to encrypt and store users’ personal information, and isolate it by isolation technology.
    5. In the use of personal information, such as the display of personal information and the calculation of the association of personal information, we will use a variety of data desensitization techniques, including content replacement, to enhance the security of personal information in use.
    6. We use strict data access rights control and multiple identity authentication technologies to protect personal information and avoid unauthorized use of data.
    7. We use automatic code security checks and data access log analysis techniques for personal information security audits.
  • 5.1.2. Other security measures we have taken to protect personal information
    1. We manage to regulate the storage and use of personal information by establishing a data classification and grading system, data security management specifications, and data security development specifications.
    2. We maintain full security control over data through confidentiality agreements signed by people reach data, and monitoring and auditing mechanisms.
    3. We establish a data security committee and set up a special department for information protection and a data security emergency response organization to promote and secure personal information.
    4. We hold security and privacy training courses to enhance employees’ security awareness and knowledge of personal information protection policies and related procedures.
  • 5.2. Please be aware that while we will endeavour to ensure the security of any information you send us. However, the Internet environment is not 100% secure and we cannot be held liable for any risks or losses arising from or in connection with it.
  • 5.3. After the unfortunate occurrence of a personal information security incident, we will inform you in a timely manner in accordance with the requirements of laws and regulations: the basic situation of the security incident and the possible impact, the measures we have taken or will take, the suggestions for you to independently prevent and reduce the risk, the remedial measures for you, etc. We will promptly inform you of the procedures related to the incident by email, letter, telephone, push notification, etc. When it is difficult to inform the subject of personal information one by one, we will take reasonable and effective ways to issue announcements. At the same time, we will also report how we handle the personal information security incidents in accordance with the requirements of regulatory authorities.
  • 6. How you manage your personal information

  • 6.1. We take the management of your personal information very seriously and make every effort to protect your access, correction, deletion, withdrawal of consent and other legal rights with respect to personal information so that you have full ability to maintain your privacy and the security of your personal information.
  • 6.2. Access and correction of your personal information
    1. 6.2.1. Except as provided by law or regulation, you have the right to access and correct your personal information at any time, which specifically include:
      1. (1) Account information.
      2. (2) Attention to information.
    2. 6.2.2. Please contact us at any time if you need access to or correction of any other personal information generated in the course of using our products and services. We will respond to your request in the manner and within the time period set forth in this Privacy Policy.
  • 6.3. Deleting your personal information
    1. 6.3.1. You may make a request to us to delete personal information in the manner set out in this Policy in the following circumstances.
      1. (1) If we handle personal information in violation of laws and regulations.
      2. (2) If you no longer use our products and services, or if you cancel your account.
      3. (3) If we stop providing products and services, or if the retention period has expired.
      4. (4) If you withdraw your consent.
      5. (5) If the purpose for which we process personal information has been achieved, cannot be achieved, or is no longer necessary.
  • 6.4. Changing or withdrawing your consent
    1. 6.4.1. You may change the scope of your authorization for us to continue to collect personal information or withdraw your authorization by deleting information, turning off device features, making privacy settings on the RootData website or in the software, etc. You may also withdraw your authorization for us to continue to collect your personal information in its entirety by canceling your account.
    2. 6.4.2. Please understand that RootData may need to collect the necessary personal information to provide you with services. If you withdraw your consent, we will not be able to continue to provide you with the services for which you have withdrawn your consent, but this will not affect the personal information processing services previously carried out on the basis of your authorization.
  • 6.5. Cancellation of your account
    1. 6.5.1. You may cancel your previously registered account at any time by:
      1. (1) Cancellation of accounts
      2. (2) Contacting us
    2. 6.5.2. After you cancel your account, the content, information, data and records under the account will be deleted or anonymized (except when otherwise provided by laws and regulations or required by regulatory authorities). At the same time, once account cancellation is completed, it can not be restored.
  • 6.6. Respond to your request above
    1. 6.6.1. If you are unable to exercise your rights in the manner described above, you may contact us using the contact information set forth in this Policy. To protect the security of your account, when you make a request to us as described above, we may ask you to verify your identity before processing your request.
    2. 6.6.2. In principle, we do not charge a fee on your reasonable requests, but we will charge a cost fee for repeated requests that exceed reasonable limits as appropriate. We may reject requests that are repeated for no reason, require excessive technical means, pose a risk to the legal rights of others, or are very impractical.
    3. 6.6.3. Exceptions to the response situation
    4. We will not be able to respond to your request in the following cases:
      1. (1) In connection with the performance of our obligations under laws and regulations.
      2. (2) Directly related to national security and national defense security.
      3. (3) Directly related to public safety, public health, and significant public interest.
      4. (4) Directly related to criminal investigation, prosecution, trial and execution of judgments, etc.
      5. (5) If we have sufficient evidence of subjective malice or abuse of rights by the subject of personal information.
      6. (6) For the purpose of safeguarding the life, property and other significant legitimate rights and interests of the subject of personal information or other individuals, while it is difficult to obtain the consent of the individual.
      7. (7) Responding to the request of the subject of personal information will result in serious damage to the legitimate rights and interests of the subject of personal information or other individuals or organizations.
      8. (8) Involve trade secrets.
  • 7. How we handle personal information of minors

  • Our products, website and services are primarily intended for adults. Children are not permitted to create their own user accounts without the consent of their parents or guardians.
  • In the case of personal information collected from children with parental consent, we will use or publicly disclose this information only as permitted by law, with the clear  consent of the parent or guardian, or as necessary to protect the children.
  • Although local laws and customs define children differently, our company considers anyone under the age of 18 as a child.
  • If we find that we have collected personal information from children without prior verifiable parental consent, we will seek to delete the relevant data as soon as possible.
  • 8. How this Privacy Policy is updated

  • 8.1. Our privacy policy may change from time to time. We will post any changes to this Privacy Policy on the name of the Populated Platform. For material changes, we will provide more prominent notice of the specific changes to our Privacy Policy, such as through a special notice on the viewing page. We will not reduce your rights under this Privacy Policy without your express consent.
  • 8.2. Material changes within the meaning of this Privacy Policy include, but are not limited to:
    1. 8.2.1. Significant changes in our service model.
    2. 8.2.2. There is a change in the main target of personal information sharing, transfer or public disclosure.
    3. 8.2.3. Significant changes in your rights to participate in the processing of personal information and how they are exercised.
    4. 8.2.4. Our contact information and complaint channels have changed.
    5. 8.2.5. When the personal information security impact assessment report indicates a high risk.
  • 8.3. We will keep an older version of this Privacy Policy on file for your review.
  • 9. How to contact us

  • 9.1. If you have questions regarding privacy protection, policy implementation or website operation, please send your suggestions or questions to us at
  • 9.2. In general, we will reply within fifteen working days. If you are not satisfied with our reply, especially if our personal information processing behavior has harmed your legitimate rights and interests, you can also file a complaint or report to the supervisory departments of network information, telecommunications, public security and industry and commerce, or seek a solution by filing a lawsuit to the court with jurisdiction in the domicile of Beijing Shouyi Information Technology Co.