Mahalo Weather Privacy Policy

1. Overview

Mahalo Weather (hereinafter referred to as “this Product”) is a weather product developed, operated and managed by Qilin Hesheng Network Technology Co., Ltd. (hereinafter referred to as “APUS”, “we”, “us” or “our"). We fully respect and protect users’ personal privacy. While providing you with quality services, we will collect, use, disclose, store and protect your personal data in accordance with this Privacy Policy (hereinafter referred to as “Policy”).

We will explain how we process your personal data in this Policy and how you may access and control your personal data.

Please completely read and fully understand this Policy before using this Product. If you have any questions about this Policy, or have any complaints or suggestions, please contact us via the methods as described in this Policy. This policy will help you understand the followings:

2. How We Collect and Use Your Personal Data

We may collect your personal data as follows while we are providing services. These data is critical for us to realize various functions of this Product. We will use these data to help us develop and improve our products to provide better services. We will use your personal data in strict compliance with the purposes set forth in this Policy. We will inform you in advance and obtain your consent before we use these data for any other purposes than set forth in this Policy or we use the personal data collected for specific purposes for other purposes.

2.1. Category and purpose of your personal data we collect

This Product is a full functionality weather product with rich content and services. We will collect different categories of your personal data in different scenarios according to various product features, and will use these data to realize such product features.

2.1.1. Pre-activation service

In order to strictly comply with the laws and policies of the relevant countries or regions, we need to use pre-activation services to know your country or region. During pre-activation, we will send your IP address, country code (MCC), mobile phone language, system version and other information to our server. This information is only used to know your country or region, thus providing you with agreements and services that comply with that country or region. This information will be deleted within a short period of time after knowing your country or region, and will not be permanently saved.

2.1.2. Weather Forecast

In order to facilitate you to get real-time weather information, we provide you with accurate weather forecast function. You can view weather forecast anywhere in the world, and adjust your schedule based on weather information and life index information. In order to provide these services, we need to access your location information data to help determine the current city and accurately display the future weather conditions of your current location.

2.1.3. Cloud service

We provide you with a wealth of features and services through cloud service interfaces, such as news, video, navigation, event, website security detection, and product updates. In order to ensure the operation of cloud services, we need to collect some necessary data, including: application information such as application package name, application version, and application installation time; system information such as country code, system language, and system time zone; screen resolution and other devices Information; network information such as operators.

2.1.4. Service quality measurement

In order to measure the quality of service of a product and thus provide you with better services experience and other new services, we will collect the following information during your use of the service, and the information obtained will only be used for this purpose.

Activation information: application information including application package name, application version, and application installation time; system information such as Android ID, country code, system language, system version, system time zone, and Google service version; screen resolution, mobile phone brand, mobile phone model, etc.; Network card information and other devices information; network types, operators and other network information.

Usage information: application information including application package name, application version, and application installation time; system information such as country code, system language, and system time zone; screen resolution and other device information.

2.1.5. Provide stable services

In order to provide you with a stable service, we will collect the following related information for locating, analyzing ,and improving problems in the event of product. And the information is only used for this purpose.

Crash information: When our product crashes, you can choose whether to upload crash information. Then we will get the uploaded crash information, including application name, application version, application installation time, application signature and other application information; country code, system language, system time zone, memory information and other system information; screen resolution, mobile phone brand, horizontal screens, vertical screens and other information; crash process name, crash time, system non-sensitive log at crash, and crash log of this application.

Feedback: If you have any questions or suggestions about this policy, you can give us feedback through the product’s feedback function. We will get your feedback, including email address, feedback content, mobile phone brand, mobile phone model, system version and other information.

2.1.6. Anti-Fraud and Anti-Cheating

To prevent fraud and cheating, in order to ensure the normal operation of our business that provide you with better services and ecological environment, we need to obtain some necessary data, including: application package name, application version, application installation time, application signature and other applications Information; Android ID, country code, startup time, system time, memory information, system version, power, volume information, Bluetooth information, SIM card status and identification information, storage information and other system information; screen resolution, mobile brand, mobile phone Type, sensor information, camera information, CPU information, GPU information and other device information; location information, headset pluggable information, application installation and use information, screen unlocking information, Wi-Fi list information, network information and other user use information. The information obtained is used only for this purpose and is stored on the server as a pseudonym.

2.2. Your personal data we obtain from a third party

For now, we do not obtain your personal data from any third party. If certain services may require your personal data from a third party, we will notify you in advance and obtain your consent.

2.3. What permissions do we use to get your data

2.3.1. Get your location (GPS and network-based)

This permission allows Mahalo Weather to provide weather service. The location we get includes your location relative to and within third party merchant locations, which is only used to provide corresponding weather service, not used for any other purposes unless your consent to do so. If you utilize the weather forecast feature, Software may access your phone’s location information to show the local weather. We do not utilize your location information for any other purpose. This information can’t be traced back.

2.3.2. View Wi-Fi connections

This permission is used for smart download according to Wi-Fi connection status. Mahalo Weather may view information about your Wi-Fi networking, such as whether Wi-Fi is enabled and names of connected Wi-Fi devices. We will collect such information through these uses and interactions with our Software, services, mobile or otherwise to us.

2.3.3. Read phone status and identity

This permission allows Mahalo Weather to smartly recommend weather forecast to display and other content to you. It does not require any user personal identified information.

2.3.4. Read, modify or delete the contents of your storage as your instructions

We use this permission so that you can download or save pictures etc. to your SD card.

2.3.5. Access to Photos/Media/Files

This permission allows users to choose their favorite photos, making beautiful weather cards, share to friends.

2.3.6. SMS, contact and account information

(1) Read your contacts

Used to display contact name of missed calls or SMS on lock screen. No contact identified information will be collected.

(2) Send and view SMS

Used in messaging service in Smart Locker, including receive, reply. No Message content will be collected.

(3) Read call log

Used in phone call service in Smart Locker, including display phone number and time of missed calls, and users can spontaneously change status of missed calls. No calls information will be collected.

(4) Information you give us

Many of our services require you to sign up for a Account. When you do, we’ll ask for personal information, like your name, email address, telephone number to store with your account.

2.3.7. Find accounts on the devices

This permission allows Mahalo Weather to check if users have logged in Google Play and provide relative app installation service for users.

2.3.8. Find log information

The only purpose for using this permission is to help check the manner relating to upgrades and updates to our Software, including the time of the upgrade and the version of the upgrade. When you use our services and Software, we may automatically collect and store certain information on our servers related to your use of our services and Software.

2.3.9. Obtain unique application numbers

Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) may be sent to Google when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.

This permission allows us to collect such information through these uses and interactions with our Software, services, mobile or otherwise to us.

2.3.10. Get local storage data

This permission allows Mahalo Weather to collect and store information (including personal information) locally on your device using mechanisms such as application data caches.

2.3.11. Get other Infos

(1) Collecting city notes information to make it easier to recommend users with popular notes vocabulary;

(2) Collect the number of users to add the city and name, analysis of the general number of users on the city and the distribution of the city statistics, targeted to provide better, more accurate weather service;

(3) Read information about your usage of our services and Software, which allows us to collect information about our services and Software that you use and how you use them. This information may include, for instance, information about your device, the version of the software installed on your device, details about your usage patterns, limited details about your Internet usage stored temporarily to provide our services and Software, files and risks such as malware, and information that may be included in a virus or malware sample that we collect from your mobile device for review;

(4) The information you provide, produce or remained when you use our service. We may record some details about how you use our product and service, such as clicking events, pages appearing and sliding pages during your usage of our product and service. We will collect these information to analysis user habits, adjust and optimize product functionality based on user behavior.

Cookie is a small piece of text sent to a browser by a website visited by a user. It helps the browser to record user access information, such as preferred language and other settings. In this way, users will have an easier and more practical experience when they visit the same website the next time. Cookie play a vital role. Without cookie, the user’s experience of Internet will be greatly reduced, and some website features or services may not even work properly. We use cookies to provide you with a complete web browsing service. We do not collect cookie information ourselves. Please note that the websites you visit may use cookie to store your preferences, settings, login status, etc. For example, when you visit a webpage that has a login function for the first time, you need to enter a user name and password to log in. After logging in, the website will record your login status, When you switch different pages under the site, you do not need to re-enter the user name and password, you can directly browse the content of the web page. Websites may use cookie to recommend advertisements. For example, some websites use cookie to record websites that you click on to prevent you from seeing duplicate advertisements. We provide the ability to disable and delete cookies. You can disable or delete cookies.

To make it easier for you to open web pages, we provide web page caching. We allow websites you visit to store some web page data, such as web page pictures and other information. When you visit the site next time, the site will directly read the saved data for display, thereby to open the webpage faster. The cache will expire due to expiration or manual removal. We will not upload any cached content.

4. How We Share, Transfer and Disclose Your Personal Data

We will share with or transfer or disclose your personal data to a third party with your consent or explicit instructions. In addition, to improve the quality of our service, we may also share with or transfer or disclose your personal data to a third party under the following circumstances.

4.1. Subsidiary Products

We may share your personal data with our subsidiary products to provide a more consistent experience and better service. We guarantee that our subsidiary products will treat your personal data in accordance with the purposes and requirements shown in this Policy. We will obtain your prior consent again if our subsidiary products wish to use your personal data for purposes other than those set forth in this Policy.

4.2. Affiliated Company

We may share your personal data with our affiliated companies and will ensure their processing of your personal data is in compliance with the purposes and requirements of this Policy. We will obtain your prior consent again if affiliated companies intend to use your personal data for other purposes than set forth in this Policy.

4.3. Third party service provider

We may engage third party service providers to provide specific services. Third party service providers may collect data when providing services, and we will ensure that they follow our instructions, follow the purposes and requirements set out in this policy to process your personal data, and take appropriate confidentiality and security measures to safeguard data security.

4.3.1. Weather Forecast

In order to provide you with comprehensive weather services, we have established cooperative relationships with a number of overseas well-known weather service providers. The weather service providers we use include: Yahoo, The Weather Channel and their corresponding contracting agencies. You can choose the city that you are automatically located or search for the city you are concerned about. We will use your location information of the city to go to the partner weather server or its corresponding contract agency company server to inquire, and finally display the weather query results to you.

4.3.2. Attribution of installation channel

In order to attribution of installation channel and provide you with better services, we use the services of a third party service provider. The service needs to obtain your information including: application package name, application version, application installation time and other applications Information; Android ID, country code , language, system version and other system information; power, charging type, sensor information, mobile brand, mobile phone Type, network information, CPU information and other device information. The information obtained is only used for this purpose.

4.3.3. Anti-fraud and Anti-Cheat

In order to prevent fraud and prevent cheating, and to provide you with better services and better ecological environment, we use Digital Union’s services. The service needs to obtain your information including: application package name, application time information, application version number, installation path, application size and other application information; CPU, screen resolution, total memory information and other hardware general information; country code, start-up time, system time and other system information; mobile phone brand, mobile phone model, memory, CPU and other equipment hardware information. The information obtained is only used for this purpose.

4.4 Share of your personal data as required by law

Subject to compliance with this Policy, we may be required to share or disclose your personal data under certain circumstances, such as in accordance with laws and regulations, and compulsory requirements of government orders; to safeguard the legitimate rights and interests of yours, ours, and third parties; and to prevent or deal with fraud, secure or technical problems.

4.5 Change of organization and existing status of our company

For any change of the organization or existing status of our company (such as restructuring, merger or bankruptcy), your personal data may be transferred to the company entity after change or our affiliated company (the “Data Transferee”). The Data Transferee will continue to be bound by this Policy.

5. Process Your Personal Data Using Third Party Services

The Product may contain a hyperlink directing to third party products or services, such as a hyperlink to another website. You may click the hyperlinks in this Product to access third party products or services. Meanwhile, we may also embed third party links in this Product and you may click these links to access or use third party products or services on the interface of this Product. We hereby remind you that when you access or use third party products or services via the above methods whereby your personal data will be obtained by such third party products or services, the privacy policies of such third party products or services will apply to such personal data.

6. How We Store and Protect Your Personal Data

6.1. Security protection of personal data

We are committed to protecting your personal data. We have adopted all possible security technologies and procedures to protect your personal data against unauthorized access, use, revision, damage, destruction or disclosure. These security measures mainly include the following:

a) Your personal data is stored in the computer systems located in a controlled site with security measures such as encryption.

b) Only APUS employees who have the necessity to process relevant data for the purpose of product operation are authorized to access your personal data and such employees are required to comply with strict confidentiality obligations.

c) We are constantly striving to ensure the security of your personal data, and we adopt encryption technologies during data transmission to prevent your information against unauthorized access, use, revision, damage, destruction or disclosure.

d) We are more prudential when we transmit and store special categories of your personal data and adopt encryption technologies and other security measures to ensure data security.

In case of personal data security incident, according to the requirements of relevant laws and regulations, we will promptly inform you via push notification, announcement, etc. the basic situations and possible influence of the security incident, response measures we have taken or will take, suggestions for you regarding self-prevention and risk reduction, remedial measures for you, etc. We will timely deal with system vulnerabilities, cyber-attacks, virus intrusion, and other security risks.

6.2. Personal data storage term

We will store your personal data for the necessary period for data collection and processing purposes. Beyond the above-mentioned period, we will delete or anonymize personal data.

Browsing history, bookmarks, web page data, cookie, downloading file information, and search history are all stored locally and are available throughout the application lifecycle. You can manually clear this data at any time.

The access records, application execution logs, and application debug logs of the cloud service are stored on the server for a short period of time, typically 7 days. If this period expires, we will delete or anonymize the data.

Application usage data is pseudo-persistently stored on the server for data analysis. You can access, edit or delete your data in the manner described in section 7. : How to Access and Control Your Personal Data.

After you cancel your account, we may not be able to delete your personal data immediately due to technical reasons; however, we will delete it during the next system update, and we undertake not to process your personal data during the period between cancellation of your account and the next system update.

7. How You Access and Control Your Personal Data

7.1. Access and revise your personal data

You may access and edit your personal data online through APUS User Information Center.

7.2. Change of your authorization scope

You may select on the page of APUS User Information Center to change your authorization scope for us to process your personal data. Please be minded that since all functions of the Product need certain basic personal data for normal operation, certain functions of the Product may not operate normally when you withdraw your consent to processing of some personal data.

When we receive your withdrawal of consent, we will no longer process your corresponding personal data.

7.3. Rejection of personalized advertising

You may always choose whether to receive promotional emails, messages, calls, and mails from us or third parties. You may also choose to no longer receive personalized advertisements through APUS User Information Center.

We will no longer use your personal data for the above-mentioned commercial promotion purposes when you refuse to receive interest-based advertisements. Non-personalized ads don’t use mobile ad identifiers for ad targeting, they do still use mobile ad identifiers for frequency capping, aggregated ad reporting, and to combat fraud and abuse.

7.4. Delete your personal data

You may submit a request to us to delete your personal data when:

a) Your personal data is no longer necessary for data collection or processing;

b) You have withdrawn your consent to our processing of your personal data ;

c) Your personal data has been processed illegally;

d) We are obligated to delete your personal data in accordance with the laws of EU members.

We may not be able to delete your personal data immediately due to technical reasons. We will delete it during the next system update. We will not process your personal data in any way during the period between your request of deleting your personal data and the next system update.

7.5. Respond to your requests

We may first verify your identity upon receipt of your request, and may request you to provide the necessary information for authentication.

We will respond to your request on the 30th day after we receive your request and communicate with you in an appropriate way. If necessary, we may extend it (by an additional 30-day at most), and will inform you of the reason for the extension of the deadline on the 30th day after receiving your request. If we have reasonable reasons to believe that no measures are needed to respond your request, we will inform you of our decision 30 days from the date of receipt of your request and provide you with appropriate explanation.

We will use best efforts to help you resolve relevant problems. If you are not satisfied with the response you received, you may refer the complaint to the relevant regulatory authority, or file a lawsuit before a competent judicial authority.

8. How We Process the Minor’s Data

This Product is not intended for a minor under 16 years old (or equivalent minimum age set by the laws of EU members). We will only process the information of these minors to the extent permitted by law and with the consent of their guardians.

We will implement relevant technical measures and make our best efforts to verify whether the processing of minors’ information has been approved by their guardians. We will try to delete relevant data as soon as possible if we are aware that we have collected the personal data of a minor without the prior consent of their certified guardians.

9. Contact Us

If you have any questions or suggestions about this policy, or you need to do your data management power to manage your privacy data, please feel free to contact us: weahelp@gmail.com.

If you find any violation of this policy, please feel free to contact our DPO: MahaloWeather@outlook.com.

10. Update of Privacy Policy

We reserve the right to revise or modify this Policy. For any update of this Policy, we will send you notice on the interface of this Product to remind you of relevant updates and indicate the updated provisions for your ease of reading. Please do completely read and fully understand the updated Privacy Policy. By continuing to use this Product, you will be deemed to have accepted the updated version of this Policy. We will not reduce your rights under this Policy without your explicit consent.

11. How Your Personal Data Is Transferred Globally

We provide APUS products and services around the world, which means to conduct business globally, your personal data might be transmitted to a jurisdiction or accessed from such jurisdiction outside of the country/region where you use this Product. These jurisdictions include but are not limited to Singapore, United States, and China.

Please note that we only return demographic information to China and we do not include information on individual user identities. At the same time, in order to provide you with better services, our third party partners may transmit your data to other countries. For example, in order to detect robots or cheating, we have purchased a Chinese supplier’s traffic monitoring service. The merchant may return the user information to China in order to assist us in analyzing whether there is cheating in the user.

Personal data protection legislation in such jurisdiction might be different or even absent. Under such circumstance, we will adopt various measures to ensure security of your personal data. For instance, we will ask you for your explicit consent before transmission of your personal data, or implement security measures such as encryption and pseudonymisation during data transmission; when your personal data is transferred to such jurisdictions, we will apply the same protection of your personal data in accordance with the Policy. We will endeavor to protect your personal data with the measures stipulated in Article 46 and Article 47 of the EU General Data Protection Regulation.

Last updated: 19 May 2018