Skip to main content

Tingyun RUM Privacy Policy

Tingyun RUM (Real User Monitoring) takes a user experience perspective to solve and optimize "user experience degradation" and "user churn" problems caused by performance bottlenecks. Through network analysis, user experience analysis, anomaly analysis, and other aspects, it comprehensively evaluates and quantifies the actual usage of applications. Since its launch, the product has always been committed to the mission of "letting data drive business," dedicated to IT management innovation services from a user perspective, providing end-to-end complete application chain performance management solutions for different industries, helping enterprises continuously optimize system performance and end-user experience, and assisting enterprises in enhancing brand favorability, user retention, and business conversion rates.

We deeply understand the importance of personal information to you and will do our utmost to protect your personal information securely and reliably. We are committed to maintaining your trust in us and adhere to the following principles to protect your personal information: responsibility consistency, clear purpose, choice and consent, minimal use, security assurance, subject participation, openness and transparency, etc. Please carefully read and confirm that you fully understand the content written in this privacy policy and accept all service terms before using our products or services.

This privacy policy will help you understand the following:

  1. How we collect and use your personal information

  2. How we share, transfer, and publicly disclose your personal information

  3. How we protect your personal information

  4. Your management of personal information

  5. Protection of minors' personal information

  6. How your information is transferred across borders (if applicable)

  7. Revisions to the privacy policy

  8. How to contact us

I. How We Collect and Use Your Personal Information

Personal information refers to various information recorded electronically or in other ways that can identify a specific natural person's identity or reflect the activities of a specific natural person, either alone or in combination with other information. We will only collect and use your personal information for the following purposes stated in this privacy policy:

(I) For Better Analysis of Application Experience

To better assist operations and development personnel in analyzing issues such as crashes, freezes, network anomalies, and other factors affecting user experience during real users' use of the App, we may collect the following information during your use of the mobile App:

  • Device Information: Based on the specific permissions you grant during software installation and use, we will receive and record information related to the device you use, including browser type and version, device manufacturer, device model, operating system name, operating system version, Tingyun SDK version ID, device dimensions, App bundle ID (iOS) or App package name (Android), App name (published name or display name), application version, and distribution channel ID.
    • Collection timing: Collected when the Tingyun SDK is running.
    • Upload frequency: Fixed frequency upload (default 1 minute, must be greater than or equal to 1 minute).
  • User Identifier "Optional": To help developers quickly locate and troubleshoot customer complaint issues, we provide a user unique identifier interface for the host application to call. The transmitted user identifier should preferably be encrypted information, and we do not recommend transmitting phone numbers, emails, or other plaintext identifiers.
    • Collection timing: When developers call the user identifier interface.
    • Upload frequency: Fixed frequency upload (default 1 minute, must be greater than or equal to 1 minute).
  • Hardware Information: To help mobile App developers quickly locate serious performance issues such as crashes and freezes, we collect device hardware information when crashes or freezes occur, including CPU model, CPU instruction set architecture, CPU usage, remaining memory (MB), remaining storage space (MB), remaining battery (%), whether jailbroken or rooted, and application UI orientation.
    • Collection timing: Collected when the application experiences crashes, freezes/ANR, or slow interactions.
    • Upload frequency: Uploaded when crashes or freezes are triggered; slow interactions are uploaded at a fixed frequency (default one minute, must be greater than or equal to 1 minute).
  • Network Information: To understand the network environment, we collect network status information when using the App, including network connection type (GPRS/EDGE/UMTS), mobile network code (e.g., 46001, 46000), and network type (2G, 3G, 4G, 5G, WiFi).
    • Collection timing: Collected when network requests occur and when data is uploaded.
    • Upload frequency: Fixed frequency upload (default one minute).
  • Approximate Location Information: This refers to information about your location collected when you enable the device location feature and use our location-based services, including latitude and longitude information and base station sensor information. Location services are updated based on this information to help developers analyze network quality and performance time consumption in different regions.
    • Collection timing: GPS information is not collected by default; developers need to call an interface to input latitude and longitude information.
    • Upload frequency: Fixed frequency upload (default one minute).
  • Journey Replay: After installing the "User Journey Replay" function plugin, the SDK will redraw the application page content to restore the user's operation scene (please note: this feature is only applicable to SDK version 2.17.5 and higher). You can configure masking for controls involving privacy content, such as input boxes, text boxes, and images. During the masking process, the SDK will add placeholders to replace the original content during the drawing process.

To implement the above functions, the Tingyun SDK needs to request the necessary permissions from end users after they open the App with the integrated SDK and authorize the collection of user personal information.

Please note that standalone device information, location information, and log information cannot identify a specific natural person's identity. If we combine this type of non-personal information with other information to identify a specific natural person's identity, or combine personal information for use, then during the combination period, this type of non-personal information will be treated as personal information. Except with your authorization or as otherwise provided by laws and regulations, we will anonymize and de-identify such personal information.

(II) Permission Acquisition Explanation

  • Network Permission (Essential Permission): Used for data interaction with the Tingyun platform. The Tingyun SDK does not actively request this permission and relies entirely on the application's own system permissions.
  • Network Status Permission (Non-essential Permission): Used to obtain the current device's network status and carrier code.
  • Floating Window Permission (Non-essential Permission): To better match business use cases, Tingyun provides a "Visual Naming" feature. When enabled, it displays a floating window on the application page to allow developers or business personnel to easily and quickly add page names and operation names.
  • Approximate Location Permission (Non-essential Permission): Used for regional dimension analysis to help developers understand network performance and availability across different regions.

(III) Storage Period

The information we collect is stored for 14 days to assist developers in analyzing application performance conditions and troubleshooting anomalies. After this period, the collected information will be deleted.

(IV) Other Uses

We may conduct de-identified research, statistical analysis, and prediction on the collected information to improve the performance and user experience of mobile Apps and provide service support for rapid application iteration.

(V) Exceptions

When we need to use information for purposes not stated in this privacy policy, or when we use information collected for specific purposes for other purposes, we will seek your consent in advance. However, within the scope permitted by law, we may collect or use your personal information without obtaining your authorization consent in the following circumstances:

(1) In accordance with the provisions of national laws and regulations;

(2) In accordance with the legal procedures of public security, procuratorial, and judicial authorities;

(3) In accordance with the requirements of government departments and superior regulatory units;

(4) For other purposes reasonably necessary to maintain social public interests, protect our company, our users, or employees' legitimate rights and interests.

II. How We Share, Transfer, and Publicly Disclose Your Personal Information

(I) Sharing

We may share your personal information externally in accordance with legal and regulatory requirements or based on the mandatory requirements of government authorities. Apart from this, we will not unilaterally share your personal information with any company, organization, or individual outside of our partners and affiliates.

(II) Transfer

We will not transfer your personal information to any company, organization, or individual, except in the following situations:

  1. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties;

  2. To meet the requirements of laws, regulations, legal procedures, or mandatory government requirements or judicial rulings;

  3. In the event that we or our affiliates are involved in mergers, divisions, sales, acquisitions, or bankruptcy liquidation, if your personal information is transferred as part of such situations, we will require the new company or organization holding your personal information to continue to be bound by this privacy policy; otherwise, we will require that company or organization to seek authorization consent from you again.

(III) Public Disclosure

We will only publicly disclose your personal information in the following situations:

  1. After obtaining your explicit consent;

  2. Disclosure based on law: We may publicly disclose your personal information in situations required by law, legal procedures, litigation, or government authorities.

(IV) Exceptions

In the following situations, sharing, transferring, or publicly disclosing your personal information does not require prior authorization consent:

  1. Directly related to national security and national defense security;

  2. Directly related to public safety, public health, and major public interests;

  3. Directly related to criminal investigation, prosecution, trial, and judgment execution;

  4. For the purpose of protecting your or other individuals' life, property, and other significant legitimate rights and interests, but it is difficult to obtain the person's consent;

  5. Personal information that you have disclosed to the public;

  6. Personal information collected from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels.

  7. Necessary for signing and performing contracts as requested by the personal information subject;

  8. Necessary for maintaining the safe and stable operation of the provided products or services, such as discovering and handling product or service faults;

  9. Other circumstances stipulated by laws and regulations.

According to legal provisions, sharing, transferring, and publicly disclosing personal information that has undergone de-identification treatment, and ensuring that data recipients cannot restore and re-identify the personal information subject, does not constitute external sharing, transfer, and public disclosure of personal information. The storage and processing of such data will not require additional notification to you or obtaining your consent.

III. How We Protect Your Personal Information

(I) We have used security protection measures that comply with industry standards to protect the personal information you provide, preventing data from unauthorized access, public disclosure, use, modification, damage, or loss. We will take all reasonable and feasible measures to protect your personal information. For example, ensuring that vulnerabilities that may lead to information leakage are promptly patched; taking necessary measures to prevent computer viruses, network attacks, and network intrusions; data exchanged between your browser and the "service" is protected by SSL encryption; we also provide HTTPS secure browsing for account websites; we use encryption technology to ensure data confidentiality; we use trusted protection mechanisms to prevent data from malicious attacks; we deploy access control mechanisms to ensure that only authorized personnel can access personal information; and we conduct security and privacy protection training courses to enhance employees' awareness of the importance of protecting personal information.

(II) We will take all reasonable and feasible measures to ensure that no irrelevant personal information is collected. We will only retain your personal information for the period necessary to achieve the purposes stated in this privacy policy, unless an extension of the retention period is required or permitted by law.

(III) The Internet is not an absolutely secure environment, and email, instant messaging, and communication with other users are not encrypted. We strongly recommend that you do not send personal information through such methods. Please use complex passwords to help us ensure the security of your account.

(IV) In the unfortunate event of a personal information security incident, we will promptly inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the measures we have taken or will take, recommendations for you to independently prevent and reduce risks, remedial measures for you, etc. We will promptly notify you of the incident-related situation by email, letter, phone, push notification, etc. When it is difficult to inform each personal information subject individually, we will adopt a reasonable and effective way to publish an announcement. At the same time, we will also proactively report the handling of personal information security incidents in accordance with the requirements of regulatory authorities.

IV. Your Management of Personal Information

  1. According to the laws and regulations applicable to your country or region, you may request access to, correction of, or deletion of the personal information we hold about you.

  2. You can change the scope of your authorization consent or withdraw your authorization. When you change the scope of authorization or withdraw authorization, we will no longer be able to provide you with the services corresponding to the changed authorization or withdrawn authorization, nor will we continue to process your corresponding information. Generally, if you need to access, correct, delete, or terminate authorization for some or all information, you should first contact the controller of the software (App) that uses and integrates the Tingyun SDK service, and submit a request to exercise data subject rights to them. When the App controller verifies your identity and agrees to your request, they will send us a request to access, correct, delete, or withdraw authorization. We will complete the corresponding operation within one week of receiving such a request and provide feedback.

V. Protection of Minors' Personal Information

  1. We attach great importance to the protection of personal information of minors. If you are a minor under the age of 18, you should obtain the consent of your guardian before using our products or services. We protect the personal information of minors in accordance with relevant national laws and regulations.

  2. We will not actively directly collect personal information from minors. For situations where personal information of minors is collected with the consent of guardians, we will only use, share, transfer, or disclose this information when permitted by law, with guardian consent, or when necessary to protect minors.

VI. How Your Personal Information is Transferred Globally

In principle, personal information collected and generated within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China. If our products or services involve cross-border activities and we need to transfer your personal information abroad, we will strictly follow the provisions of laws and regulations and ensure the security of your personal information.

VII. How This Privacy Policy is Updated

Our privacy policy may be updated or modified from time to time to adapt to legal, technical, or business developments. If such changes result in a substantial reduction of your rights under this privacy policy, we will provide notice of any changes made to this privacy policy on the page before the changes take effect. For significant changes, we will also provide more prominent notice (including, for some services, sending email notifications explaining the specific changes to the privacy policy). Significant changes referred to in this privacy policy include but are not limited to:

  1. Significant changes in our service model, such as the purpose of processing personal information, the type of personal information processed;

  2. Significant changes in our ownership structure, organizational structure, etc., such as changes in ownership due to business adjustments, bankruptcy, mergers and acquisitions, etc.;

  3. Changes in the main objects of personal information sharing, transfer, or public disclosure;

  4. Significant changes in your rights to participate in personal information processing and how to exercise them;

  5. Changes in our department responsible for handling personal information security, contact information, and complaint channels;

  6. When the personal information security impact assessment report indicates high risks.

If you do not agree with such changes, you can stop using our products and services; if you continue to use our products or services, it means you agree to be bound by the revised privacy policy.

VIII. How to Contact Us

If you have any questions, comments, suggestions, or complaints about this privacy policy, please contact our customer service hotline at 400-898-9580. Please read this privacy policy carefully to ensure that you are fully aware of its contents and the corresponding legal consequences and fully understand them.

To ensure that we efficiently handle your issues and provide timely feedback, you need to submit proof of identity, valid contact information, and written requests and relevant evidence. We will process your request after verifying your identity and will maintain your personal information in accordance with relevant laws and regulations and this privacy policy.