Skip to main content

Tingyun RUM Privacy Policy

Tingyun RUM (Real User Monitoring) takes a user experience perspective to address and optimize performance bottlenecks that lead to "user experience degradation" and "user churn." It comprehensively evaluates and quantifies actual application usage through network analysis, user experience analysis, anomaly detection, and more. Since its launch, the product has been committed to the mission of "driving business with data," innovating IT management services from a user-centric perspective. It provides end-to-end performance management solutions for various industries, helping enterprises continuously optimize system performance and end-user experience, thereby enhancing brand affinity, user retention, and business conversion rates.

We understand the importance of your personal information and are dedicated to ensuring its security and reliability. We uphold the following principles to protect your personal information: consistency of rights and responsibilities, clarity of purpose, choice and consent, minimum necessity, security assurance, subject participation, openness and transparency, and more. Before using our products or services, please carefully read and confirm your full understanding and acceptance of all service terms outlined in this privacy policy.

This privacy policy will help you understand the following:

  1. How we collect and use your personal information
  2. How we share, transfer, and publicly disclose your personal information
  3. How we protect your personal information
  4. Your rights to manage personal information
  5. Protection of personal information of minors
  6. Cross-border transfer of your information (if applicable)
  7. Revision of the privacy policy
  8. How to contact us

1. How we collect and use your personal information

Personal information refers to various information recorded electronically or otherwise that can identify specific natural persons individually or in combination with other information, reflecting specific activities of natural persons. We only collect and use your personal information for the following purposes outlined in this privacy policy:

(1) For better analysis of application experience

To assist operations and development teams in analyzing issues such as crashes, freezes, and network anomalies affecting user experience during app usage, we may collect the following information:

  • Device Information: Depending on specific permissions granted during software installation and usage, we receive and record device-related information including Device model, device manufacturer, operating system name, operating system version, disk usage, memory usage, CPU information (model, architecture, usage), network traffic, whether jailbroken/rooted, battery level.
    • Collection Timing: Collected during Tingyun SDK runtime.
    • Upload Frequency: Fixed upload frequency (default every 1 minute, must be equal to or greater than 1 minute).
  • User Identification (optional): To assist developers in quickly identifying and troubleshooting user complaints, we provide a user unique identification interface for the host application to call. The transmitted user identifier is preferably encrypted information, and it is not recommended to transmit plaintext identifiers such as phone numbers or emails.
    • Collection Timing: Called by developers through the user identification interface.
    • Upload Frequency: Fixed upload frequency (default every 1 minute, must be equal to or greater than 1 minute).
  • Application information: In order to know the terminal application information, we will collect application name, application package name, application version, application UI orientation, and application channel ID.
    • Collection Timing: Collected during Tingyun SDK runtime.
    • Upload Frequency: Fixed upload frequency (default every 1 minute, must be equal to or greater than 1 minute).
  • Network Information: To understand the network environment, we collect network status information during app usage, including network connection type (GPRS/EDGE/UMTS), mobile network code (e.g., 46001, 46000), network type (2G, 3G, 4G, 5G, WiFi)、IP Address.
    • Collection Timing: Collected when network requests occur and during data uploads.
    • Upload Frequency: Fixed upload frequency (default every 1 minute).
  • Rough Location Information: Refers to information about your location collected when you enable device location services and use our location-based services, including latitude and longitude information and base station sensor information. This information updates location services to assist developers in analyzing network quality and performance latency across regions.
    • Collection Timing: GPS information is not collected by default and requires developers to call an interface to transmit latitude and longitude information.
    • Upload Frequency: Fixed upload frequency (default every 1 minute).
  • Journey Backtracking: With the installation of the "User Journey Backtracking" plugin, the SDK redraws application page content to restore user operational context (note: this feature is only applicable to SDK version 2.17.5 and higher). Configuration can mask privacy-sensitive controls such as input fields, text boxes, and images with placeholders during the drawing process.

To achieve the above functionalities, the Tingyun SDK needs to request necessary permissions from end-users when they open the integrated SDK App.

Note that individual device information, location information, and log information cannot individually identify specific natural persons. If we combine such non-personal information with other information to identify specific natural persons or combine and use personal information, during the combination period, such non-personal information will be treated as personal information. Except with your authorization or as otherwise provided by laws and regulations, we will anonymize or de-identify such personal information.

(2) Explanation of Permission Acquisition

  • Network Permissions (necessary permissions): Used for data interaction with the Tingyun platform. The Tingyun SDK does not proactively request this permission and relies entirely on the application's system permissions.
  • Network Status Permissions (non-essential permissions): Used to obtain the current device's network status and operator code.
  • Floating Window Permissions (non-essential permissions): For better alignment with business use cases, Tingyun provides a "visual naming" function. When enabled, it displays a floating window on the application page to facilitate developers or business personnel in quickly adding page and operation names.
  • Obtain Rough Location Permissions (non-essential permissions): Used to analyze regional dimensions and assist developers in understanding network performance and availability across different regions.

(3) Storage Period

The information we collect is stored for a period of 14 days to assist developers in analyzing application performance and troubleshooting anomalies. After this period, collected information will be deleted.

(4) Other Purposes

We may de-identify collected information for research, statistical analysis, and forecasting to improve mobile app performance and user experience, providing service support for rapid application iteration.

(5) Exceptional Circumstances

When we use information for purposes not specified in this privacy policy or use information collected for specific purposes for other purposes, we will seek your consent in advance. However, within the scope permitted by law, we may collect or use your personal information without obtaining your authorization in the following circumstances:

  1. According to national laws and regulations;
  2. According to legal procedures of public security, procuratorial, judicial and other law enforcement departments;
  3. According to requirements from government departments or higher regulatory authorities;
  4. Necessary for the maintenance of social public interests, protection of our company, our users or employees' legitimate rights and interests.

2. How we share, transfer, and publicly disclose your personal information

(1) Sharing

We may share your personal information with external parties as required by laws and regulations or mandatory requirements of government supervisory departments. Apart from this, we will not share your personal information with any companies, organizations, or individuals outside of our cooperation and affiliate companies.

(2) Transfer

We will not transfer your personal information to any company, organization, or individual except under the following circumstances:

  1. Transfer with explicit consent: With your explicit consent, we will transfer your personal information to other parties.
  2. Compliance with legal regulations, legal procedures, mandatory government requests, or judicial rulings.
  3. In the event of mergers, divisions, sales, acquisitions, or bankruptcies involving us or our affiliated companies, where your personal information is transferred as part of such situations, we will require the new holder of your personal information to continue to be bound by this privacy policy. Otherwise, we will require the company or organization to re-solicit your authorization.

(3) Public Disclosure

We will only publicly disclose your personal information in the following cases:

  1. With your explicit consent.
  2. Based on legal disclosures: In cases where legal, legal procedures, litigation, or mandatory requirements of government supervisory departments require us to disclose your personal information.

(4) Exceptional Circumstances

In the following circumstances, sharing, transfer, or public disclosure of your personal information does not require your prior authorization:

  1. Directly related to national security and national defense;
  2. Directly related to public safety, public health, and major public interests;
  3. Directly related to criminal investigation, prosecution, trial, and judgment enforcement;
  4. Necessary for the protection of significant legitimate rights such as life and property of you or other individuals, but difficult to obtain your consent;
  5. Personal information that you voluntarily disclose to the public;
  6. Collection of personal information from legally publicized information sources, such as lawful news reports, government information disclosure channels.
  7. Necessary for signing and performing contracts as required by the data subject of personal information;
  8. Necessary to ensure the secure and stable operation of the products or services provided, such as discovering and handling faults in products or services;
  9. Other circumstances as required by laws and regulations.

According to legal provisions, sharing or transferring de-identified personal information, ensuring that the data recipient cannot reconstruct and re-identify the individual, does not constitute sharing, transferring, or publicly disclosing personal information. Therefore, there is no requirement to notify you separately or obtain your consent for the storage and processing of such data.

3. How we protect your personal information

(1) We have used security measures that meet industry standards to protect the personal information you provide and prevent data from being unauthorized access, public disclosure, use, modification, damage or loss. We will take all reasonable and feasible measures to protect your personal information. For example, ensure that vulnerabilities that may cause information leakage are patched in a timely manner; take necessary measures to prevent computer viruses, network attacks, and network intrusions; SSL encryption is used to protect data exchanged between your browser and the "Service"; we also provide HTTPS secure browsing for account opening websites; we will use encryption technology to ensure data confidentiality; we will use trusted protection mechanisms to prevent data from being maliciously attacked; we will deploy access control mechanisms to ensure that only authorized personnel can access personal information; and we will hold security and privacy protection training courses to enhance employees' awareness of the importance of protecting personal information.

(2) We will take all reasonable and feasible measures to ensure that irrelevant personal information is not collected. We will only retain your personal information for the period required to achieve the purposes stated in this Privacy Policy, unless the retention period needs to be extended or is permitted by law.

(3) The Internet is not an absolutely secure environment, and emails, instant messaging and communication with other users are not encrypted. We strongly recommend that you do not send personal information through such methods. Please use a complex password to help us ensure the security of your account.

(4) After an unfortunate personal information security incident occurs, we will promptly inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, your suggestions for self-prevention and risk reduction, and your remedial measures. We will promptly inform you of the relevant circumstances of the incident by email, letter, phone, push notification, etc. When it is difficult to inform the subject of personal information one by one, we will take reasonable and effective ways to issue an announcement. At the same time, we will also proactively report the disposal of personal information security incidents in accordance with the requirements of the regulatory authorities.

4. Your management of personal information

  1. According to the laws and regulations of the country or region to which you are subject, you can request to access, correct, or delete the personal information we hold about you.

  2. You can change the scope of your authorization or withdraw your authorization. When the scope of authorization is changed or the authorization is withdrawn, we will no longer be able to provide you with the services corresponding to the change or withdrawal of authorization, and will no longer process your corresponding information. Generally speaking, if you need to access, correct, delete or terminate authorization of part or all of the information, you should first contact the controller of the software (App) that uses and integrates the Keynote Listening Cloud SDK service and make a request to exercise the data subject's rights. When the App controller verifies your identity and agrees to your request, the App controller will send us a request to access, correct, delete or withdraw authorization. We will complete the corresponding operation within one week after receiving such request and give feedback.

5. Protection of personal information of minors

  1. We attach great importance to the protection of personal information of minors. If you are a minor under the age of 18, you should obtain the consent of your guardian before using our products or services. We protect the personal information of minors in accordance with the provisions of relevant national laws and regulations.

  2. We will not actively collect personal information from minors directly. For the collection of personal information of minors with the consent of their guardians, we will only use, share, transfer or disclose this information when permitted by law, with the consent of the guardian or necessary to protect minors.

6. How your personal information is transferred globally

In principle, personal information collected and generated by us within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China.

7. How to update this privacy policy

Our privacy policy may be updated or modified from time to time to adapt to legal, technological or commercial developments. If such changes result in a substantial reduction of your rights under this privacy policy, we will prompt and publish any changes to this privacy policy on the page before the changes take effect. For major changes, we will also provide more prominent notices (including for certain services, we will send notices by email to explain the specific changes to the privacy policy). Major changes referred to in this privacy policy include but are not limited to:

  1. Major changes in our service model. Such as the purpose of processing personal information and the type of personal information processed;

  2. Major changes in our ownership structure, organizational structure, etc. Such as changes in owners caused by business adjustments, bankruptcy mergers and acquisitions, etc.;

  3. Changes in the main objects of personal information sharing, transfer or public disclosure;

  4. Major changes in your rights to participate in personal information processing and how to exercise them;

  5. When our responsible department, contact information and complaint channels for handling personal information security change;

  6. When the personal information security impact assessment report indicates a high risk.

If you do not agree to such changes, you can stop using our products and services; if you continue to use our products or services, you agree to be bound by the revised Privacy Policy.

8. How to Contact us

If you have any questions, comments, suggestions or complaints about this Privacy Policy, please contact our customer service hotline 400-898-9580. Please read this Privacy Policy carefully to ensure that you are fully aware of and fully understand its content and corresponding legal consequences.

In order to ensure that we handle your issues efficiently and provide you with timely feedback, you need to submit proof of identity, valid contact information, written request and relevant evidence. We will process your request after verifying your identity and will maintain your personal information in accordance with relevant laws and regulations and this Privacy Policy.