Legal
Privacy Policy
Beijing DeepFlywheel Technology Development Co., Ltd. (hereinafter referred to as “we”), as the operator of MagicGourd products and services, understands the importance of personal information to you and appreciates your trust. Through the MagicGourd Privacy Policy (hereinafter referred to as “this policy”), we will explain how MagicGourd collects, stores, protects, and uses your personal information, as well as outline the rights you have. Key points are as follows:
1. To help you understand the types of information we need to collect and how it is used while using our services, we will explain each aspect of it in the context of specific services.
2. We will collect, store, protect, and use your personal information based on the principles of legality, appropriateness, necessity, and integrity.
3. If we need to obtain your information from a third party to provide services, we will request the third party to disclose the source of the information and ensure the legality of the information provided. If our personal information processing activities exceed the scope of your original authorization to the third party, we will obtain your explicit consent.
4. You can access and manage your information or file complaints and reports as described in this policy.
How We Collect Information
In accordance with relevant laws, regulations, and national standards, we may process your personal information under the following circumstances: (1) With your consent; (2) When necessary to sign and perform a contract at your request; (3) When necessary to fulfill legal obligations, such as information required by laws and regulations related to anti-money laundering, anti-terrorist financing, and real-name management; (4) When directly related to national security or defense; (5) When necessary to respond to public health emergencies or to protect the life, health, and property safety of individuals in emergencies; (6) When directly related to criminal investigations, prosecutions, trials, and the execution of judgments; (7) When the personal information collected is publicly disclosed by you; (8) When personal information is collected from legally disclosed sources, such as legitimate news reports or government disclosures; (9) When necessary to maintain the safe and stable operation of the services provided, such as detecting and addressing faults in products or services; (10) Other circumstances as stipulated by laws and regulations.
It is important to note that when the processing of your personal information falls under the circumstances described in items (2) through (10) above, we may proceed in accordance with applicable laws and regulations without obtaining your further consent.
While using the MagicGourd services, we need to collect your necessary information under the following circumstances to provide services, improve service quality, and comply with national laws, regulations, and regulatory requirements:
1. To help you register, log in to MagicGourd, and fulfill real-name verification obligations, we need you to provide a phone number and set a password. At the same time, we will collect your avatar, nickname, and generate a user ID to assist you in completing the registration. You may log in and use MagicGourd through a third-party account, and with your consent, we will obtain the necessary registration information from the third-party platform, such as your avatar, nickname, and registered phone number (limited to the information specified on the third-party platform’s authorization page), enabling you to directly log in and use MagicGourd.
2. To ensure the safe and stable operation of the software and services, prevent viruses, trojans, or other malicious programs and websites, and fulfill legal obligations such as anti-telecommunications and online fraud, we need to record your immutable/mutable unique device identifier, basic device information, network information, location, and other service-related log information.
3. You can publish content on MagicGourd (such as web pages, text, images, charts, etc.) and use interactive features like following, bookmarking, liking, and commenting. We need to collect the content you publish as well as the aforementioned browsing records to provide you with document editing, knowledge management, interactive communication, and content search services. In addition, in accordance with laws, regulations, and regulatory requirements, and to foster a green, positive, and healthy online environment, we have the right to review and monitor the content you publish and your activities on MagicGourd.
4. When you share or copy information on the MagicGourd app, the app needs to locally access your clipboard to read the text, links, and other content it contains, in order to enable features or services like quick content insertion. Additionally, if you enable storage or gallery permissions (depending on the operating system of your phone), we may also need to locally access your phone’s gallery to allow you to select and upload or download videos and images. The MagicGourd app will only upload the aforementioned text, links, videos, and images to our servers if you explicitly choose to use them.
5. We may also collect other information you provide, generate, or retain while using our products and/or services. This includes information such as search keywords you enter when using the MagicGourd search feature, information you submit when participating in other product operation activities, as well as log information, service records, browsing history, and more. You have the right to choose not to provide the aforementioned information; however, this may prevent you from using certain services or features, or result in the services not performing as expected.
6. To improve new-user flows, verification-code delivery, feature reliability, and service quality, we collect a minimal set of product diagnostic events by default. These events may include the event name, timestamp, client version, locale, basic browser/device information, irreversible installIdHash, and, when login or registration succeeds, irreversible accountIdHash to connect install-based and account-based funnels. Verification-code diagnostics are limited to recipientMailboxProvider, emailDomainHash (an irreversible hash of the email domain), redacted error codes, and similar necessary metadata. Product diagnostic events do not collect note, webpage, or document content, verification codes, tokens, cookies, full URL queries, raw email addresses, email local parts, raw email domains, raw user IDs, phone numbers, or other reversible identity identifiers. Raw product diagnostic events are retained for 180 days. You can turn off “Product diagnostics” in MagicGourd settings; after it is turned off, the client will stop actively reporting non-essential anonymous product diagnostic events. Security, anti-abuse, and service-necessary logs are not controlled by this product diagnostics switch.
7. Please understand that the services we provide to you are continuously updated and evolving. Based on service purposes, we may need to collect additional information from you, or service updates may lead to significant changes in how your personal information is processed. We will explain the scope, purpose, and methods of information collection through page prompts, interactive processes, or contractual agreements, and obtain your consent. We will use, store, and protect your information in accordance with this policy and relevant service agreements. If you choose not to provide the aforementioned information, you may be unable to use certain services or parts of the services, but this will not affect your ability to use other services we provide.
How We Access Device Permissions
In order to provide services and help you publish and store content (including but not limited to web pages, text, images, charts, etc.) via the MagicGourd app, the app may need to request access to the following permissions within the necessary scope. Please rest assured that the MagicGourd app will not enable these permissions by default and will only request authorization for specific features or services as needed. The app will only access these permissions once you actively confirm them.
It is important to note that granting the MagicGourd app access to a specific permission does not necessarily mean the app will collect your related information. Even if you confirm access to the app, MagicGourd will only collect relevant information within the legal, legitimate, and necessary scope.
1. Read and Write Storage Permissions: When you need to read or store images or other attachments, the MagicGourd app will request this permission to help you read and store the content you need. The app promises to only read or cache necessary information. If you choose not to enable this permission, you will not be able to use certain features related to this permission, but it will not affect your ability to use other services provided by the MagicGourd app.
2. Read Phone Status Permission: When you install the MagicGourd app, we will request this permission to read your device identification information, immutable/mutable unique device identifiers, basic device information, and network information. This is to determine your device’s online/offline status in order to provide services, reduce security risks, and perform data analysis to improve the app’s performance. If you choose not to enable this permission, you may still use the app’s services, but you may not be able to pass certain security verifications in some features.
3. Camera and Gallery Permissions: When using features such as avatar image settings or image uploads, you will need to enable camera and/or gallery permissions (depending on the specific feature you use) to take photos in real-time or upload images/videos. If you choose not to enable these permissions, you will not be able to use features related to real-time photography or image/video uploads, but it will not affect your ability to use other services provided by the MagicGourd app.
How We Store and Protect Information
1. The personal information we collect and generate within the People’s Republic of China will be stored within China. If, due to product or service updates, we need to transfer your personal information abroad, we will comply with the laws, regulations, and requirements of relevant regulatory authorities, and take effective measures, such as signing agreements and on-site inspections, to ensure that overseas institutions maintain the confidentiality of your personal information. We will retain your personal information only for the necessary duration of the purposes outlined in this policy and in accordance with legal and regulatory time limits.
2. To ensure the security of your information, after collecting it, we will take various reasonable and necessary measures to protect it. For example, in the technical development environment, we will use only de-identified information for statistical analysis. When providing external research reports, we will de-identify the information contained in the reports. We will store de-identified information separately from information that can be used to re-identify individuals, ensuring that personal identification is not restored during the subsequent processing of de-identified information.
3. We commit to ensuring that our information security protection meets industry-leading standards. To safeguard your information, we are dedicated to using various security technologies and supporting management systems to minimize the risks of your information being leaked, lost, damaged, misused, accessed without authorization, disclosed without authorization, or tampered with. Measures include encrypted transmission via Secure Sockets Layer (SSL), encrypted information storage, strict data center access controls, and the use of dedicated network channels and proxies.
4. We have established a department responsible for personal information protection, conducting personal information security impact assessments. At the same time, we have implemented internal control systems that follow the principle of minimal authorization for staff who may have access to your information. We systematically monitor staff behavior when processing your information and continuously provide staff with training on relevant laws, regulations, privacy security guidelines, and security awareness. Additionally, we organize an annual security examination for all staff. Each year, we also engage external independent third parties to assess our information security management systems.
5. We have developed an emergency response plan for personal information security incidents and regularly organize internal staff for emergency response training and drills to ensure they understand their responsibilities and emergency handling strategies and procedures. In the unfortunate event of a personal information security incident, we will inform you in a timely manner as required by laws and regulations, providing information on the basic situation of the incident, its potential impact, the measures we have taken or will take, suggestions on how you can prevent and reduce risks, and any remedies available to you. We will notify you of the incident through app notifications, emails, or SMS. If it is difficult to notify individual data subjects, we will issue a public notice through reasonable and effective means. Additionally, we will report the incident to the relevant regulatory authorities as required. If your legitimate rights are harmed, we will assume the corresponding legal responsibility.
6. While we take strict measures to protect your personal information, it is important that you properly safeguard your identity credentials. We use these credentials to verify your identity when you use MagicGourd. If you disclose such information, you may suffer losses or other negative consequences. If you believe that your identity credentials may have been or have been compromised, please contact us immediately so that we can take timely measures to avoid or mitigate any potential losses.
7. After you cease using MagicGourd, we will stop collecting and using your personal information, except as required by laws, regulations, or regulatory authorities. If we cease operations, we will promptly stop the collection and use of your personal information, notify you of the cessation either individually or by public notice, and delete or anonymize the personal information we hold.
How We Use Information
In order to comply with national laws and regulations, as well as related regulatory requirements, provide services, improve service quality, and ensure your account security, we will only use your information under the following circumstances. Unless otherwise stipulated by laws and regulations, if we intend to use your information for purposes not listed in these terms, we will obtain your additional consent in accordance with legal and national standards, through confirmation agreements or text prompts in specific scenarios.
1. Achieve the purposes described in the sections “How We Collect Information” and “How We Access Device Permissions” of this policy.
2. To provide services tailored to you, send service status notifications, and continuously maintain and improve these features, we will analyze, process, or otherwise handle your information.
3. Report to or cooperate with relevant authorities in accordance with legal and regulatory requirements.
4. To inform you of service-related matters or recommend better services to you, we may send or notify you via pages, emails, client notifications, SMS, phone calls, etc., regarding service notices, marketing activities, or other commercial electronic information. If you feel disturbed by the marketing or other commercial electronic information sent to you, you can opt out by providing feedback through customer service channels mentioned in this policy or by following the instructions in the message to unsubscribe.
5. To ensure the stability and security of services, protect your account, and fulfill legal obligations, we may also use your information for identity verification, security precautions, the prevention or prohibition of illegal activities, risk reduction, risk prevention, and for archival and backup purposes.
6. In accordance with applicable laws, we may anonymize your personal information through technical and other necessary measures, and use the processed data for research, statistical analysis, and forecasting, to support product or service-related business decisions, and to improve our products and services (e.g., machine learning or model algorithm training). We do not need to notify you separately or obtain your consent for the use of this anonymized data.
7. We may work with partners involved in advertising and content promotion, entrusting them to process information related to the coverage and effectiveness of advertisements. However, unless we have your permission, we will not share information that can identify you personally. We will only provide our partners with processed information that cannot identify you to help them improve the effectiveness of content delivery without identifying you personally.
How We Share Information
We are committed to keeping your personal information strictly confidential. Except as required by laws, regulations, and regulatory authorities, we will only share your personal information with third parties under the following circumstances. These third parties may include our affiliates and partners. If it is necessary to share your information with a third party in order to provide services, we will assess the legality, appropriateness, and necessity of the third party’s information collection. We will require third parties to take reasonable and necessary protective measures and to strictly comply with relevant laws, regulations, and regulatory requirements.
1. When we have obtained your explicit additional consent.
2. Information sharing necessary for providing you with services. Certain products or services may be provided by third parties or jointly by us and third parties. Therefore, sharing your information is necessary to provide the products or services you require.
3. To improve service efficiency, reduce service costs, or enhance service quality, we may entrust affiliates or professional institutions (collectively referred to as “entrusted institutions”) to assist in performing certain services or duties of the MagicGourd app. For example, we may entrust them to collect your information or analyze, process, and handle your information for risk control, service maintenance, or improvement purposes. We may also entrust them with customer-related services (e.g., surveys, inquiries, hotline support). To this end, we will provide your information to the entrusted institutions within the necessary scope of the related services. We will require entrusted institutions to comply with strict confidentiality obligations and adopt effective confidentiality measures, prohibiting them from using the information for purposes not authorized by you. We will bear corresponding responsibility for the security of your information.
4. If you choose to participate in joint activities conducted by us and third parties, such as lotteries, competitions, or similar promotional activities, we may share the necessary information generated during the activities with the third party to enable them to promptly distribute prizes or provide services to you. In accordance with legal requirements or national standards, we will clearly inform you on the event rules page or through other means of what personal information needs to be provided to the third party. Except for displaying desensitized information (such as phone numbers or login names) when publishing the list of winners, we will not publicly disclose your information. If public disclosure is necessary, we will inform you of the purpose of the disclosure, the type of information to be disclosed, and any sensitive information involved, and we will obtain your explicit consent.
5. When you file a complaint against others or are the subject of a complaint, in order to fulfill our legal obligations and protect the legitimate rights and interests of you and others, we may provide your name, valid identification number, contact information, and complaint-related details to consumer rights protection departments and regulatory authorities for timely resolution of the dispute, except where laws and regulations explicitly prohibit such sharing.
6. To meet internal audit requirements, we may provide the necessary information to our audit institutions.
7. Due to regulatory inspections or in response to legitimate requests from administrative and judicial authorities.
How You Can Exercise Your Personal Information Rights
1. We will take appropriate technical measures to ensure that you can access, copy, supplement, correct, and retrieve your personal information. However, for security and identity verification purposes (such as number appeal services) or due to mandatory legal provisions, you may be unable to modify the initial registration information and other verification data provided at the time of registration.
2. You can view your personal information, such as your nickname, avatar, and registration information, by accessing the “Me” section. If you find that the personal information we have collected or stored about you is incorrect or incomplete, or if you believe our collection and use of your personal information violates laws, regulations, or agreements with you, you can contact us to request corrections, supplements, or deletion.
3. You can deactivate your MagicGourd account via the “Me—Delete Account” function in the app. Once you meet the conditions for account deactivation and delete your MagicGourd account, we will delete all personal information in that account or anonymize it in accordance with legal requirements. However, if the retention period for certain personal information as required by laws and regulations has not yet expired, or if deletion or anonymization is not legally appropriate, we will cease further processing of that data except for storage and necessary security protection measures.
4. Despite the aforementioned provisions, in accordance with relevant laws, regulations, and national standards, we may be unable to respond to your request under the following circumstances: (1) When related to our fulfillment of legal obligations; (2) When directly related to national security or defense; (3) When directly related to public safety, public health, or significant public interests; (4) When directly related to criminal investigations, prosecutions, trials, and execution of judgments; (5) When there is sufficient evidence to show that you are acting in bad faith or abusing your rights; (6) When responding to your request would cause significant harm to the legitimate rights and interests of other individuals or organizations.
5. When we collaborate with third-party institutions to provide services to you, the third-party institution will inform you of the relevant details of the personal information processor in accordance with its published privacy policy or other terms you may have signed. The third party will strictly protect your information and inform you of how to exercise your personal information rights in accordance with applicable requirements. Please read the relevant policies and terms carefully; if you have any questions, you can consult the third party based on the services you are using.
6. If you have any questions about the above terms regarding information processing and protection, or if you have any complaints or opinions about the processing of your personal information, please contact us via the “Me—Feedback and Help” section in the MagicGourd app, and we will respond to you promptly.
To ensure information security, we will need to verify your identity and credentials before responding to the above requests. We have established a customer complaint management system, including a tracking process. After verification, we will respond within five working days, or in special circumstances, no later than fifteen working days or the time frame specified by laws and regulations.
Applicability and Updates of This Policy
1. The MagicGourd services are subject to this policy, except where specific products or services have independent privacy policies or special provisions in their respective user service agreements.
2. We will update this policy in a timely manner if the following major changes occur: (1) Our basic situation changes, such as a change in ownership due to mergers, acquisitions, or reorganizations; (2) The scope, purpose, rules, or methods of collecting, storing, or using personal information changes; (3) The recipients, scope, purpose, or methods of providing personal information to third parties changes; (4) Changes occur in how you access and manage your personal information; (5) Changes occur in data security capabilities or information security risks; (6) The channels and mechanisms for user inquiries and complaints, as well as the external dispute resolution institutions and contact information, change; (7) Any other changes that may significantly impact your personal information rights.
3. Since we have a large number of users, if this policy is updated, we will notify you through app notifications, pop-up prompts, text messages, or by posting an announcement on our official website. The updated content will take effect on the date specified in the notification. To ensure that you receive these notifications in a timely manner, we recommend that you inform us promptly if your contact information changes.
Definitions of Key Terms in This Policy
1. Explanation of Key Concepts: (1) Mutable Unique Device Identifier: This refers to unique device identifiers that can be reset, changed, or disabled by the user, such as Android ID, OAID, SSID, BSSID. (2) Immutable Unique Device Identifier: This refers to hardware identifiers that do not change due to factory reset, secure uninstall of applications, or user actions, such as IMEI, IMSI, MAC address, device serial number, hardware serial number (e.g., sensor hardware serial number), SIM card serial number, ICCID. (3) Basic Device Information: Information related to the device model, typically used for functionality adaptation and stability, such as system settings, system properties, device model, device brand, device screen density, and operating system. (4) Network Information: Such as IP address, network type, carrier information, WiFi status, WiFi parameters, WiFi list.
2. The term “identity elements” in this policy refers to the information elements used by MagicGourd to identify your identity, including but not limited to your user identifier, phone number, password, and other information.