This policy will help you understand the following by “CleanFlow”:

I. How we collect and use your user information

II. How we use Cookies and basic app permissions

III. How we share, transfer, and publicly disclose your user information

IV. How we protect your user information

V. Your rights

VI. How we handle children's personal information

VII. How your user information is stored and transferred globally

VIII. How this policy is updated

IX. Account cancellation process

X. How to contact us

We understand the importance of user information to you and will do our utmost to protect the security and reliability of your user information. We are committed to maintaining your trust in us and adhere to the following principles to protect your user information: principle of consistency between rights and responsibilities, principle of clear purpose, principle of choice and consent, principle of least privilege, principle of security assurance, principle of subject participation, principle of openness and transparency, etc. At the same time, we promise that we will adopt corresponding security protection measures to protect your user information in accordance with mature industry security standards. Please read and understand this privacy policy carefully before using our products or services.

I. How we collect and use your user information

(I) Information we collect and use during your use of our products or services

We will only collect and use your user information for the business functions described in this policy. The purpose of collecting user information is to provide you with products or services. You have the right to choose whether to provide this information. In most cases, if you do not provide it, we may not be able to provide you with the corresponding services or respond to the issues you encounter:

When you use our services, you allow us to collect the information you provide to us voluntarily or that is necessary to provide you with the service, including: account nickname, password, password protection options, email address, phone number, location information, device information, etc.

The above information provided by you will be continuously authorized for our use during your use of this service. When you stop using push services, we will stop using and delete the above information. We promise to de-identify or anonymize the collected user information in accordance with the law. Information that cannot identify the personal identity of a natural person alone or in combination with other information does not belong to personal information in the legal sense. If we combine non-personal information with other information to identify your personal identity, or use it in combination with your personal information, we will handle and protect such information as your personal information in accordance with this privacy policy during the combination period. For the better operation and improvement of our technology and services, or due to changes in business strategies, when the collection, use, and processing of user information required by the products or services we provide exceed the above scope or when we need to use the information collected for specific purposes for other purposes not specified in this privacy policy, or when we need to use the information collected for specific purposes for other purposes not specified in this privacy policy We will notify you within a reasonable period after obtaining the user information and obtain your authorization and consent.

(II) Exceptions to obtaining authorization and consent

Please understand that according to laws, regulations, and relevant national standards, we do not need to obtain your authorization and consent for the collection and use of your user information in the following situations:

1. Directly related to national security and national defense security;

2. Directly related to public safety, public health, and major public interests;

3. Directly related to criminal investigation, prosecution, trial, and execution of judgments;

4. It is necessary to protect the life, property, and other major legitimate rights and interests of you or other individuals, but it is difficult to obtain the consent of the person concerned;

5. The user information collected is voluntarily disclosed to the public by yourself;

6. User information collected from legally disclosed information, such as legal news reports, government information disclosure, and other channels;

7. Necessary for signing or fulfilling contracts at your request;

8. Necessary to ensure the safe and stable operation of the software and related services, such as discovering and dealing with faults in the software and related services;

9. Necessary for news units that are personal information controllers and are engaged in lawful news reporting;

10. Necessary for academic research institutions to conduct statistics or necessary academic research based on public interests, and when providing academic research or describing the results to the public, the personal information contained in the results is de-identified;

11. Other situations as stipulated by laws and regulations.

II. How we use Cookies and basic app permissions

(I) Cookies

To ensure the normal operation of the website, we will store small data files called Cookies on your computer or mobile device. Cookies usually contain identifiers, site names, and some numbers and characters. With Cookies, websites can store your visit preference data.

We will not use Cookies for any purposes other than those described in this policy. You can manage or delete Cookies according to your preferences. You can clear all Cookies stored on your computer, and most web browsers have the function of blocking Cookies. However, if you do so, you need to manually change the user settings every time you visit our website.

(II) Website beacons and pixel tags

In addition to Cookies, we will also use other similar technologies such as website beacons and pixel tags on the website. For example, the emails we send to you may contain URLs that link to our website content. If you click on this link, we will track this click to help us understand your product or service preferences and improve customer service. Website beacons are usually transparent images embedded in websites or emails. With pixel tags in emails, we can know whether the email has been opened. If you do not want your activities to be tracked in this way, you can unsubscribe from our mailing list at any time.

(III) Do Not Track

Many web browsers have a Do Not Track feature, which can send Do Not Track requests to websites. Currently, major internet standard organizations have not established relevant policies to specify how websites should respond to such requests. However, if your browser enables Do Not Track, then all our websites will respect your choice.

(IV) Basic app permissions

Category Permission Description

Storage READ_EXTERNAL_STORAGE Read data from external storage, basic data storage capability

Storage WRITE_EXTERNAL_STORAGE Write data to external storage, technical data reading capability

Camera CAMERA Use the camera to take photos or record videos, users upload pictures to publish information, etc.

Contacts READ_CONTACTS Access to your contacts to identify duplicate contacts and emails, helping users manage their information efficiently. This information is not stored or uploaded, ensuring user privacy and data security.

3. How do we share, transfer, and publicly disclose your user information?

(1) Sharing: We will not share your user information with any other companies, organizations, or individuals, except in the following circumstances:

1. Sharing with explicit consent: With your explicit consent, we will share your user information with other parties.

2. Legal obligations: We may share your user information externally as required by laws, regulations, or mandatory requests from government authorities.

3. Sharing with affiliated companies: Your user information may be shared with our affiliated companies. We will only share necessary user information, subject to the purposes stated in this privacy policy. If affiliated companies intend to change the purposes of user information processing, they will seek your authorization again.

4. Sharing with authorized partners: For the purposes stated in this policy, some of our services may be provided by authorized partners. We may share certain user information with partners to provide better customer service and user experience. We will only share user information necessary for providing services for legitimate, necessary, specific, and explicit purposes. To improve operations and services, you agree that we and authorized partners may use collected information for other services and purposes in compliance with relevant laws and regulations. The following are specific authorized partners, along with links to their privacy policies. We recommend you read the privacy policies of these third parties:

(1) Third-party SDK: Firebase

Purpose: Tracking user behavior

Types of data collected: Device information (IMEI/MAC/Android ID/IDFA/OpenUDID/GUID/SIM card IMSI/geographical location, etc.)

Explanation: Privacy policy link: https://policies.google.com/privacy

(2) Third-party SDK: Google Ads

Purpose: Advertisement delivery

Types of data collected: Device information (IMEI/MAC/Android ID/IDFA/OpenUDID/GUID/SIM card IMSI/geographical location, etc.)

Explanation: Privacy policy link: https://support.google.com/adspolicy

(2) Third-party SDK: Admob

Purpose: Advertising Monetization

Types of data collected: Device information (IMEI/MAC/Android ID/IDFA/OpenUDID/GUID/SIM card IMSI/geographical location, etc.)

Explanation: Privacy policy link: https://policies.google.com/privacy

We will sign strict confidentiality agreements with companies, organizations, and individuals with whom we share user information, requiring them to handle user information in accordance with our instructions, this privacy policy, and any other relevant confidentiality and security measures.

(2) Transfer: We will not transfer your user information to any company, organization, or individual except in the following circumstances:

1. With explicit consent: With your explicit consent, we will transfer your user information to other parties.

2. In cases of merger, acquisition, or bankruptcy liquidation involving the transfer of user information, we will require the new company or organization holding your user information to continue to be bound by this privacy policy. Otherwise, we will require the company or organization to obtain your authorization again.

(3) Public Disclosure: We will only disclose your user information under the following circumstances:

1. With your explicit consent.

2. Based on legal requirements: In cases where disclosure is required by law, legal procedures, litigation, or mandatory requests from government authorities.

Exceptions to obtaining authorization for sharing, transferring, and publicly disclosing information:

Please understand that according to laws, regulations, and relevant national standards, we do not need to obtain your authorization for sharing, transferring, or publicly disclosing your user information in the following circumstances:

1. Directly related to national security and national defense security.

2. Directly related to public safety, public health, and significant public interests.

3. Directly related to criminal investigation, prosecution, trial, and execution of judgments.

4. Necessary to protect the life, property, and other significant legitimate interests of you or other individuals, but it is difficult to obtain your consent.

5. Information you voluntarily disclose to the public.

6. Information collected from legally disclosed information sources, such as legal news reports and government information disclosure channels.

4. How do we protect your user information?

(1) We have implemented industry-standard security measures to protect the user information you provide from unauthorized access, disclosure, use, modification, damage, or loss. We will take all reasonable measures to protect your user information. For example, data exchange between your browser and the service is protected by SSL encryption; we also provide the website with HTTPS secure browsing; we use encryption technology to ensure the confidentiality of data; we use trusted protection mechanisms to prevent data from malicious attacks; we deploy access control mechanisms to ensure that only authorized personnel can access user information; and we conduct security and privacy protection training courses to enhance employees' awareness of the importance of protecting user information.

(2) We will take all reasonable measures to ensure that irrelevant user information is not collected. We will only retain your user information for the period necessary to achieve the purposes stated in this policy, unless the retention period needs to be extended or permitted by law.

(3) The Internet is not an absolutely secure environment, and methods of communication such as email, instant messaging, and communication with other users are not encrypted. We strongly recommend that you do not send user information through such methods.

(4) We will regularly update and publicly disclose the relevant contents of security risk, user information security impact assessment reports, etc. You can obtain them through the following channels: Additional security risk disclosure methods.

(5) The Internet environment is not 100% secure, and we will do our best to ensure the security of any information you send to us. Even though we make great efforts and take all reasonable and necessary measures, it is still possible that your user information may be illegally accessed, stolen, tampered with, or destroyed, leading to damage to your legitimate rights and interests. Please understand the above risks of the information network and voluntarily bear them.

(6) In the event of a user information security incident, we will promptly inform you in accordance with legal requirements: the basic situation of the security incident and its possible impact, the measures we have taken or will take, suggestions for you to independently prevent and reduce risks, and your remedial measures. We will inform you of the relevant situation in a timely manner through email, letters, phone calls, push notifications, etc. When it is difficult to inform each user individually, we will publish announcements in reasonable and effective ways. At the same time, we will also report to the regulatory authorities proactively in accordance with their requirements on the disposal of user information security incidents.

5. Your rights

In accordance with relevant laws, regulations, standards, and common practices in other countries and regions, we ensure that you can exercise the following rights regarding your user information:

(1) Access to your user information: You have the right to access your user information, except for exceptions provided by laws and regulations. If you wish to exercise your data access rights, you can access it through the following methods: Additional user information access methods. If you cannot

access this user information through the above links, you can contact us using our web form or by sending an email to {imagistizcs@gmail.com}. We will respond to your access request within 30 days. For other user information generated during your use of our products or services, we will provide it to you as long as it does not require excessive investment from us. If you wish to exercise your data access rights, please send an email to {imagistizcs@gmail.com}.

(2) Correction of your user information: When you find errors in the user information we process about you, you have the right to request correction. You can submit a correction request through the methods listed in "Access to your user information." If you cannot correct this user information through the above links, you can contact us using our web form or by sending an email to {company email}. We will respond to your correction request within 30 days.

(3) Deletion of your user information: You can request the deletion of user information in the following circumstances:

1. If our processing of user information violates laws and regulations.

2. If we collect or use your user information without your consent.

3. If our processing of user information violates our agreement with you.

4. If you no longer use our products or services, or if you cancel your account.

5. If we no longer provide products or services to you. We will evaluate your deletion request and take appropriate steps if it meets the relevant provisions. When you submit a deletion request to us, we may ask you to verify your identity to ensure the security of your account. After you delete information from our services, due to applicable laws and security technologies, we may not immediately delete the corresponding information from the backup system. We will securely store your information until the backup can be cleared or anonymized.

(4) Changing the scope of your authorized consent: Each business function requires some basic user information to be completed (see Part One of this policy). You can give or withdraw your consent to the collection and use of user information at any time. You can operate it yourself through the following methods: Additional ways to change user information access. After you withdraw your consent, we will no longer process the corresponding user information. Please note that revoking consent may have certain consequences, such as us being unable to continue providing you with certain services or specific features. However, your decision to revoke consent will not affect the user information processing conducted based on your authorization before.

(5) Account cancellation by the user: You can cancel the account you registered at any time. You can operate it yourself through the following methods: Additional account cancellation methods. After canceling your account, we will stop providing products or services to you and, upon your request, delete or anonymize your information, except as required by law and regulations. This may also result in you losing access to the data in your account, so please proceed with caution.

(6) User information subject obtains a copy of user information: You have the right to obtain a copy of your user information. You can operate it yourself through the following methods: Additional methods to obtain a copy of user information. If technically feasible, such as data interface matching, we can also directly transmit a copy of your user information to a third party specified by you at your request.

(7) Constraint on information system automated decisions: In some business functions, we may make decisions only based on non-human automated decision-making mechanisms such as information systems and algorithms. If these decisions significantly affect your legitimate rights and interests, you have the right to request an explanation from us, and we will also provide appropriate remedies.

(8) Responding to your above requests: For security reasons, you may need to provide a written request or other proof of your identity. We may first require you to verify your identity before processing your request. We will respond within thirty days. If you are dissatisfied, you can also complain through the following channels: Additional appeal channels. For your reasonable requests, we generally do not charge a fee. However, for repeated requests that exceed a reasonable limit, we may charge a certain cost depending on the situation. For requests that are unjustified, require excessive technical means (such as developing new systems or fundamentally changing current practices), pose risks to the legitimate rights and interests of others, or are very impractical, we may refuse. Also, please understand that due to security considerations, legal and regulatory requirements, or technical limitations, we may not be able to respond to certain requests from you, such as in the following situations:

1)Related to the user information controller's fulfillment of legal obligations.

2)Directly related to national security and national defense security.

3)Directly related to public safety, public health, and significant public interests.

4)Directly related to criminal investigation, prosecution, trial, and execution of judgments.

5)The user information controller has sufficient evidence to show that the user information subject has subjective malice or abuses rights.

6)Necessary to protect the life, property, and other significant legitimate interests of the user information subject or other individuals but is difficult to obtain the consent of the individual.

7)Responding to the user information subject's request will cause serious damage to the legitimate rights and interests of the user information subject, other individuals, or organizations.

8)Involving trade secrets.

6. How do we handle children's personal information?

We attach great importance to the protection of children's personal information. Our products, websites, and services are mainly aimed at adults. Without the consent of parents or guardians, children should not create their own user accounts. Although the definition of children varies according to local laws and customs, we will regard anyone under 14 years old as a child. For cases where children's user information is collected with the consent of parents or guardians, we will only store, use, or disclose this information when permitted by law, with explicit consent from parents or guardians, or when necessary to protect the child. Otherwise, we will try to delete the relevant data as soon as possible. Due to the limitations of existing technology and business models, it is difficult for us to proactively identify children's personal information. If you find that we have collected children's personal information without your knowledge or without obtaining verifiable consent from the guardian in advance, you can contact us promptly. We will try to delete it upon discovery, and if we find such cases ourselves, we will also promptly delete them, except as required by law to retain them.

7. How is your user information stored and transferred globally?

In principle, user information collected and generated within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China. We will only retain your user information for the period required by the purposes and uses stated in this policy and for the shortest period required by laws and regulations. After the above retention period, we will delete your user information or anonymize it in accordance with the requirements of applicable laws and regulations. Except where otherwise provided.

8.How this policy is updated

We may periodically update our Privacy Policy to reflect changes to our products, business practices, or changes in legal requirements. Updated Privacy Policies will be posted on our website and notified to users through appropriate means, such as push notifications, emails, or in-app messages. We encourage users to regularly review our Privacy Policy to stay informed of any changes.

Effective Date:[2024/7/11]

9.Account cancellation process

Send an email to {imagistizcs@gmail.com} to apply for cancellation. We will process it as soon as possible after receiving it. But please note that once the application is cancelled, it is irrevocable and all data will be stored and cannot be restored. Please operate with caution.

10. How to contact us

If you have any questions, feel free to contact us by sending content directly to: imagistizcs@gmail.com

Agreement effective date: 2024/7/11

Agreement modification date: 2024/7/11