生效日期：2025.10.20

概述 此隐私政策（“政策”）由广州疆海科技有限公司及其附属公司（统称为“疆海”，“我们”）发布，并针对我们与之互动的组织之外的个人，包括我们的合作伙伴的人员，如安装服务提供商和经销商（“您”）。本政策中使用的定义术语在下文第（10）节中有解释。

我们可能会更新此政策以反映我们的信息实践的变化。如果我们做出任何重大变化，我们将通过电子邮件（发送到您帐户中指定的电子邮件地址）或在我们的应用程序上发布通知，以在变更生效之前通知您。我们鼓励您定期查看此页面，以获取我们隐私实践的最新信息。

您可能还对我们收集的有关您的信息有某些权利。具体来说，GDPR下数据主体的权利在下文第（6）节中有解释。

目标受众：我们的网站或应用程序（包括professional-eu.zen-iot.com和ZenPro App，统称为“我们的网站和应用程序”）不针对18岁以下的儿童。因此，我们的网站和应用程序不会请求或收集18岁以下个人的个人数据。如果您未满18岁，您不应访问或使用我们的网站和应用程序。

目录

• 我们如何收集您的个人数据
• 我们如何使用您的个人数据
• 我们如何分享您的数据
• 个人数据的国际转移
• 数据保留
• 您的隐私权利
• 儿童数据保护
• 链接到其他网站
• 联系我们
• 定义

1. 我们如何收集您的个人数据

1.1 我们处理的个人数据类别

当您使用我们的网站和应用程序时，我们可能会从您那里获取关于您收集以下数据：

• 账户注册信息：例如姓名，电话号码，电子邮件地址和密码，以及用户所在的公司名称；
• 自定义设置：用户名，语言偏好和其他偏好设置，例如个人资料图片；
• 网络信息：例如，当您将应用程序链接到您安装的设备时的Wi-Fi名称和密码；
• 设备信息：例如，您安装的设备的固件版本，型号和序列号；
• 使用数据：例如设备和应用程序日志文件，设置（包括设置历史记录），使用历史记录，设备和服务设置以及设备状态；
• 设备所有者的信息：当您在应用程序中记录设备所有者的信息时，我们将收集您提供的详细信息，例如所有者的姓名，电子邮件地址，电话号码，设备安装的地址以及安装位置的图片。因此，在进行所有者信息记录之前，至关重要的是要清楚地告知所有者关于收集和处理他们的个人数据的目的，方法和范围，以及这些信息将与Zendure共享。获取设备所有者对此的同意是必要的。

1.2 权限

我们的应用程序可能会请求您的许可，以访问您的移动设备的连接信息，存储能力，传感器或其他功能。我们只在为提供我们的应用程序时需要或有用时才要求访问：

• Wi-Fi和蓝牙--应用程序需要Wi-Fi和蓝牙权限才能将应用程序链接到设备，并将您的系统连接到我们的服务器。阻止这些权限会损害我们设备的功能。
• 位置--应用程序需要位置权限才能收集设备安装的经度和纬度。
• 相机--当您上传安装现场的图片或使用扫描功能时，应用程序将请求访问您的相机，从而启用照片捕捉和扫描功能。
• 您可以随时在操作系统的设置下更改权限设置，但请注意，撤销权限可能会影响我们的应用程序的性能。

1.3 处理个人数据的法律依据

2. 我们如何使用您的个人数据

我们根据需要处理您的个人数据，以提供我们网站和应用的功能，并履行我们与您或您的雇主的合同。例如，我们需要处理您的个人数据以实现以下目标：

• 为终端用户提供产品售后服务，例如设备安装，设备维护等；
• 运营，评估和改进我们的业务，包括开发软件更新，开发新功能，分析当前功能，汇总和匿名化数据，进行数据分析，审计和其他内部功能；
• 网络安全，特别是预防，检测和保护免受欺诈，滥用，犯罪活动和其他异常活动；
• 遵守法规要求，执行和遵守法律要求，包括执行索赔，包括相关行业标准和我们的政策。

我们可能会将我们获得的关于您的数据进行组合，用于上述描述的目的。我们也可能会使用我们获得的数据用于我们在收集时提供特定通知的其他目的，或者在您同意的情况下的其他目的。

3. 我们如何分享您的数据

我们可能会将您的个人数据分享、传输、披露、授予访问权限、提供给第三方，如下所述。

• 关联公司：由于我们是一家全球活跃的公司集团，因此在某些情况下，我们可能会将个人数据披露给Zendure拥有或控制的品牌的其他实体，以及Zendure拥有或共同拥有的其他公司。我们将出于合法的商业目的和我们的网站和应用的运营，并根据适用法律这样做。
• 法律义务和权利：如果我们合理地认为这样做是必要的，我们可能会将个人数据披露给第三方，例如法律顾问和执法机构，监管机构，其他权力机构和其他第三方，出于法律原因：与建立，行使或防御法律索赔有关；遵守法律或回应合法请求和法律程序；保护我们的权利和财产以及他人的权利，人身安全和财产，包括执行我们的协议和政策；检测，压制或防止欺诈或其他犯罪活动；其他适用法律要求。
• 独立顾问：我们可能会将个人数据披露给我们的独立顾问，如会计师，审计师，顾问，和Zendure的其他外部专业顾问，受到约束性的保密义务；
• 公司交易：如果我们出售或转让我们的全部或部分业务或资产（包括公司的任何股份）或我们的产品，服务，业务或资产的任何部分或组合，我们可能会转让我们收集的任何信息。如果发生此类交易（无论是剥离，合并，收购，破产，解散，重组，清算，控制权变更或类似的交易或程序），我们将尽一切合理努力确保任何转让的信息按照本隐私政策的方式进行处理。

4. 个人数据的国际转移

由于我们业务的国际性质，我们根据本政策中规定的目的，在安克集团内部以及上文第（3）节所述的第三方转移个人数据。因此，我们将个人数据转移到其他国家，这些国家可能具有与您所在国家/地区适用的法律和数据保护合规要求不同的法律和数据保护合规要求，包括中国、EEA、UK和USA。

在转移的情况下，我们确保根据适当的保障措施进行您的个人数据的国际转移，例如：

1. (1) 确保个人数据仅转移到被认为是适当司法管辖区的国家。当前的适当决定可以在此处找到。目前没有针对美国和中国的适当决定；或
2. (2) 转移是根据适当的保障措施进行的，例如欧盟委员会或UK国务卿（如适用）在适当的补充措施方面采用的标准合同条款。决定和这些标准合同条款的模板文本可在此处找到。

如果您希望进一步了解这些保障措施，包括签订、使用的具体合同，请使用本政策第（9）节中规定的详细信息与我们联系。请注意，当您将任何个人数据直接传输给在UK、瑞士或EEA（如适用）以外设立的任何安克实体时，这被视为直接收集，本节（4）中提到的保障措施可能不适用。尽管如此，我们将根据本隐私政策的规定，从收到这些数据的那一刻起处理您的个人数据。

5. 数据保留

我们将保留您的个人数据一段必要的时间，以实现其收集目的，直到您删除您的数据，或适用法规要求的一段时间。当我们不再需要您的个人数据时，我们将删除或匿名化它，或者，如果这不可能（例如，因为您的个人数据已存储在备份档案中），那么我们将安全地存储您的个人数据，并将其与任何进一步的处理隔离开来，直到可以删除为止。如果我们匿名化您的个人数据（使其不再与您相关联），我们可能会无限期地使用这些数据，而无需进一步通知您。

6. 您的隐私权

根据欧盟数据保护法或适用法律，您可能在处理您的相关个人数据方面拥有以下权利：

• 不向我们提供您的个人数据的权利（但是，请注意，如果您不向我们提供您的个人数据，我们可能无法为您提供我们网站和应用程序的全部功能）；
• 有权要求访问或复制您的相关个人数据，以及其他信息，例如有关这些相关个人数据的性质、处理和披露的信息；
• 有权要求更正您相关个人数据中的任何不准确或不完整之处；
• 有权以合法理由要求：立即删除您的相关个人数据；或限制处理您的相关个人数据（限制我们处理您的个人数据的目的）；
• 在适用的范围内，将某些相关个人数据以结构化、常用和机器可读的格式转移给另一个控制器的权利；
• 如果我们根据您的同意处理您的相关个人数据，则有权随时撤回该同意（注意，此类撤回不影响我们收到此类撤回通知之前进行的任何处理的合法性）；
• 在没有令人信服的理由继续使用您的相关个人数据的情况下，有权要求删除您的相关个人数据。请注意，由于适用的法律法规或技术限制，我们可能无法立即从备份系统中删除信息。如果是这种情况，我们将隔离您的相关个人数据，直到备份可以删除或匿名化；
• 有权就您的相关个人数据的处理向主管数据保护机构（特别是UK信息专员办公室或您居住、工作或涉嫌侵权发生的欧盟成员国的数据保护机构提出投诉。如果您居住在德国，相关数据保护机构是"Bayerisches Landesamt für Datenschutzaufsicht", Promenade 18, 91522 Ansbach）。但是，我们鼓励您首先与我们联系，以便我们共同解决您可能遇到的任何问题。

根据欧盟数据保护法，您还享有以下额外权利：

• 基于欧盟数据保护法第6（1）（e）条（公共利益）或第6（1）（f）条（合法利益），有权基于与您的特定情况相关的理由反对我们或代表我们处理您的相关个人数据；
• 有权反对我们或代表我们处理您的相关个人数据以进行直接营销。

这不会影响您的法定权利。要行使这些权利中的一项或多项，或询问有关这些权利或本政策的任何其他规定，或有关我们处理您的个人数据的问题，请使用下面第（9）节中提供的联系方式。请注意：

• 在某些情况下，在我们实施这些权利之前，需要提供您的身份证明；
• 如果您的请求需要建立额外的事实（例如，确定任何处理是否不符合适用法律），我们将合理迅速地调查您的请求，然后再决定采取什么行动。

7. 儿童数据保护

我们的网站和应用程序不打算由儿童操作。鉴于我们的网站和应用程序不允许用户注册，只允许Zendure合作伙伴的人员注册，因此无法从儿童那里收集任何个人数据。

8. 其他网站的链接

本政策仅适用于实践、技术和服务。我们的在线属性可能包括由不受控制或指导的其他公司运营的网站和在线服务的链接。如果您向这些网站或在线服务提供或提交个人数据，则这些网站或线上服务上的隐私政策适用于您的个人数据。我们鼓励您仔细阅读您访问的任何网站的隐私政策。

9. 联系我们

如果您对我们的隐私政策或做法有任何疑问或担忧，您可以通过support@zendure.com联系我们。

我们在30天内回答所有询问和关注。

10. 定义

• “适当管辖权”是指欧盟委员会正式指定的对个人数据提供适当保护的管辖权。
• “控制人”是指决定个人数据处理方式和原因的实体。在许多司法管辖区，主计长对遵守适用的数据保护法律负有主要责任。
• “数据保护机构”是指一个独立的公共机构，在法律上负责监督适用数据保护法律的合规性。
• “欧洲经济区”是指欧洲经济区。
• “欧盟”是指欧洲联盟。
• “GDPR”是指《通用数据保护条例》（EU）2016/679，或（如适用）“英国GDPR”，因为它根据《2018年英国-欧盟（退出）法》第3条构成英格兰和威尔士、苏格兰和北爱尔兰法律的一部分。
• “受GDPR约束”是指位于欧洲经济区、瑞士或英国的所有人，或其数据由位于欧洲经济区域、瑞士或美国的Zendure实体处理的所有人。
• “个人数据”是指关于任何个人的信息，或任何个人可以直接或间接识别的信息，特别是通过参考标识符，如姓名、身份号码、位置数据、在线标识符，或物理、生理、遗传、心理、经济，个人的文化或社会身份。
• “处理”、“正在处理”或“已处理”是指对任何个人数据进行的任何处理，无论是否通过自动方式进行，如收集、记录、组织、结构化、存储、改编或更改、检索、咨询、使用、通过传输、传播或以其他方式提供、调整或组合、限制、删除或销毁。
• “处理方”是指代表控制方处理个人数据的任何个人或实体（控制方的员工除外）。
• “相关个人数据”是指我方作为控制人的个人数据。
• “标准合同条款”是指由欧盟委员会采用或由数据保护机构采用并经欧盟委员会批准的模板转移条款，其各自的有效、现行形式（目前为2021年6月4日的版本）。

Effective Date:the 20th day of October, 2025

Overview

This Privacy Policy ("Policy") is issued by Zendure USA.Inc. and its affiliates (together, "Zendure", "we" and "us") and is addressed to individuals outside our organization with whom we interact, including personnel from our partners such as installation service providers and dealers ("you"). Defined terms used in this Policy are explained in Section (10) below.

We may update this Policy to reflect changes to our information practices. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on our application prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

You may also have certain rights regarding the information we collect about you. Specifically, the rights of Data Subjects under the GDPR are explained in Section (6) below.

Intended Audience: Our websites or applications (including professional-eu.zen-iot.com and ZenPro App, collectively, "Our Site and App") is not directed to children under the age of 18. As a result, our Site and App do not request or knowingly collect personal data from individuals under the age of 18. If you are not 18 or older, you should not visit or use our Site and App.

List of Contents

• How We Collect Your Personal Data
• How We Use Your Personal Data
• How We Share Your Data
• International transfer of Personal Data
• Data retention
• Your privacy rights
• Children's Data Protection
• Links to other websites
• Contact Us
• Definitions

1. How We Collect Your Personal Data

1.1 Categories of Personal Data We Process

When you use our Site and App, we may collect the following data from and/or about you:

• Information for account registration: such as names, telephone number, email addresses and passwords, and company names users are employed with;
• Customized settings: usernames, language preferences and other preference settings, such as profile pictures;
• Network information: such as Wi-Fi names and passwords when you link the APP to the devices you install;
• Device information: such as firmware version, model and serial number of devices you install;
• Usage data: such as device and APP log files, settings (including settings history), usage history, device and service settings, and device status;
• Device owners' information: When you record the device owner's information in the APP, we will collect the details you provide, such as the owners' names, email addresses, phone numbers, the addresses where devices are installed, and installation position pictures. Therefore, before proceeding with the Owner Information Record, it's crucial to clearly inform the owners about the purpose, method, and scope of the collection and processing of their personal data, and that this information will be shared with Zendure. Obtaining device owners' consent for this is essential.

1.2 Permissions

Our App may request your permission to access your mobile device's connection information, storage capabilities, sensors or other features. We only require access when it is necessary or useful for the provision of our APP:

• Wi-Fi and Bluetooth -- The APP requires Wi-Fi and Bluetooth permissions to link the APP to the device, and to connect your system to our server. Blocking these permissions would impair the functions of our devices.
• Location -- The APP requires location permission to collect the longitude and latitude where the device is installed.
• Camera -- The APP will request access to your camera when you upload images of the installation site or use the scanning feature, enabling photo capture and scanning functions.
• You may change the permission settings at any time under the settings of your operating system, but please be informed that revoking permissions may affect the performance of our APP.

1.3 Legal Basis for Processing Personal Data

2. How We Use Your Personal Data

We process your Personal Data as necessary for the provision of features of our Site and App and the performance of our contract with you/your employer. For example, we need to process your personal data to enable the following:

• Provide product after-sales service to end users, such as device installation, device maintenance, etc.;
• Operate, evaluate and improve our business, including developing software updates, developing new features, analyzing the current features, aggregating and anonymizing data, performing data analytics, auditing and other internal functions;
• Network security, specifically for the prevention, detection, and protection against fraud, abuse, criminal activities, and other abnormal activities;
• Comply with regulation requirements, enforcement and compliance with legal requirements, for the execution of claims, including relevant industry standards, and our policies.

We may combine data we obtain about you for the purposes described above. We may also use the data we obtain for other purposes for which we provide specific notice at the time of collection or otherwise with your consent.

3. How We Share Your Data

We may also share, transmit, disclose, grant access to, make available, and provide Personal Data with and to third parties, as described below.

• Zendure Affiliates: As we are a globally active group of companies, in some cases we may disclose Personal Data to other entities with brands owned or controlled by Zendure, and other companies owned by or under common ownership as Zendure. We will do so for legitimate business purposes and the operation of our Site and App, and in accordance with applicable law.
• Legal Obligations and Rights: We may disclose Personal Data to third parties, such as legal advisors and law enforcement agencies, regulators, other authorities and other third parties for legal reasons if we reasonably believe that such action is necessary: in connection with the establishment, exercise, or defense of legal claims; to comply with laws or to respond to lawful requests and legal process; to protect our rights and property and the rights, personal safety and property of others, including to enforce our agreements and policies; to detect, suppress, or prevent fraud or other criminal activity; or as otherwise required by applicable law.
• Independent advisors: We may disclose Personal Data to our independent advisors such as accountants, auditors, consultants, and other outside professional advisors to Zendure, subject to binding contractual obligations of confidentiality;
• Corporate Transactions: We may transfer any information we collect in the event we sell or transfer all or a portion of our business or assets (including any shares in the company) or any portion or combination of our products, services, businesses and/or assets. Should such a transaction occur (whether a divestiture, merger, acquisition, bankruptcy, dissolution, reorganization, liquidation, change of control or similar transaction or proceeding), we will use reasonable efforts to ensure that any transferred information is treated in a manner consistent with this Privacy policy.

4. International transfer of Personal Data

Because of the international nature of our business, we transfer Personal Data within the Zendure group, and to third parties as noted in Section (3) above, in connection with the purposes set out in this Policy. For this reason, we transfer Personal Data to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located, including China, the EEA, the UK, and the USA.

In the event of a transfer by Zendure, we ensure that international transfers of your Personal Data are made pursuant to appropriate safeguards, such as:

1. (1) Ensuring that the Personal Data is only transferred to countries recognized as Adequate Jurisdictions. The current adequate decisions can be found here. There is currently no adequate decision for the United States and China; or
2. (2) The transfer is made pursuant to appropriate safeguards, such as Standard Contractual Clauses adopted by the European Commission or UK Secretary of State (as applicable) in connection with appropriate supplementary measures. The decision and the template text of these Standard Contractual Clauses can be found here.

If you wish to enquire further about these safeguards, including the specific contracts entered into, used, please contact us using the details set out under Section (9) of this Policy.

Please note that when you transfer any Personal Data directly to any Zendure entity established outside the UK, Switzerland, or the EEA (as applicable), this is considered a direct collection, to which the safeguards mentioned in this Section (4) may not apply. We will nevertheless process your Personal Data, from the point at which we receive those data, in accordance with the provisions of this Privacy Policy.

5. Data retention

We will retain your personal data for a period necessary to fulfil the purpose for which it was collected, until you remove your data, or for a period required by applicable regulations. When we no longer require your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your Personal data has been stored in backup archives), then we will securely store your Personal data and isolate it from any further processing until deletion is possible. If we anonymize your personal data (so that it can no longer be associated with you), we may use this data indefinitely without further notice to you.

6. Your privacy rights

Under the GDPR or applicable laws, you may have the following rights regarding the Processing of your Relevant Personal Data:

• the right not to provide your Personal Data to us (however, please note that we may be unable to provide you with the full features of our Site and App, if you do not provide us with your Personal Data);
• the right to request access to, or copies of, your Relevant Personal Data, together with additional information, such as information regarding the nature, Processing and disclosure of those Relevant Personal Data;
• the right to request rectification of any inaccuracies or incompleteness in your Relevant Personal Data;
• the right to request, on legitimate grounds: erasure of your Relevant Personal Data without undue delay; or restriction of Processing of your Relevant Personal Data (limiting the purposes for which we Process your Personal Data);
• the right to have certain Relevant Personal Data transferred to another Controller, in a structured, commonly used and machine-readable format, to the extent applicable;
• where we process your Relevant Personal Data on the basis of your consent, the right to withdraw that consent at any time (noting that such withdrawal does not affect the lawfulness of any processing performed prior to the date on which we receive notice of such withdrawal);
• the right to request the deletion or removal of your Relevant Personal Data where there is no compelling reason for us to keep using it. Please note that we may not be able to immediately remove the information from the backup system due to applicable laws and regulations or technological limitations. If this is the case, we will isolate your Relevant Personal Data from any further processing until the backup can be deleted or be made anonymous;
• the right to lodge complaints regarding the Processing of your Relevant Personal Data with a competent Data Protection Authority (in particular, the UK Information Commissioner's Office, or the Data Protection Authority of the EU Member State in which you live, or in which you work, or in which the alleged infringement occurred. If you live in Germany, the relevant Data Protection Authority is the "Bayerisches Landesamt für Datenschutzaufsicht", Promenade 18, 91522 Ansbach). However, we encourage you to first contact us so that we can together solve any concerns you may have.

Under the GDPR, you also have the following additional rights:

• the right to object, on grounds relating to your particular situation, to the Processing of your Relevant Personal Data by us or on our behalf, where such Processing is based on Articles 6(1)(e) (public interest) or 6(1)(f) (legitimate interests) of the GDPR;
• the right to object to the Processing of your Relevant Personal Data by us or on our behalf for direct marketing purposes.

This does not affect your statutory rights.

To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our Processing of your Personal Data, please use the contact details provided in Section (9) below. Please note that:

• in some cases it will be necessary to provide evidence of your identity before we can give effect to these rights;
• where your request requires the establishment of additional facts (e.g., a determination of whether any Processing is non-compliant with applicable law) we will investigate your request reasonably promptly, before deciding what action to take.

7. Children's Data Protection

Our Site and App are not intended to be operated by children. Given that our Site and App does not permit user registration and only allows personnel from Zendure's partners to register, it is thereby incapable of collecting any personal data from children.

8. Links to other websites

This Policy applies only to Zendure practices, technologies, and services. Our online properties may include links to websites and online services that are operated by other companies not under the control or direction of Zendure. If you provide or submit Personal Data to those websites or online services, the privacy policies on those websites or online services apply to your Personal Data. We encourage you to carefully read the privacy policies of any website you visit.

9. Contact Us

If you have questions or concerns with respect to our Privacy Policy or practices, you may contact us at support@zendure.com.

We answer all inquiries and concerns within 30 days.

10. Definitions

• "Adequate Jurisdiction" means a jurisdiction that has been formally designated by the European Commission as providing an adequate level of protection for Personal Data.
• "Controller" means the entity that decides how and why Personal Data are Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.
• "Data Protection Authority" means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.
• "EEA" means the European Economic Area.
• "EU" means the European Union.
• "GDPR" means the General Data Protection Regulation (EU) 2016/679, or, where applicable, the "UK GDPR" as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 GDPR.
• "Subject to the GDPR" refers to all persons located in the EEA, Switzerland, or the UK, or whose data is Processed by an Zendure entity that is located in the EEA, Switzerland or the UK.
• "Personal Data" means information that is about any individual, or from which any individual is directly or indirectly identifiable, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.
• "Process", "Processing" or "Processed" means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• "Processor" means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).
• "Relevant Personal Data" means Personal Data in respect of which we are the Controller.
• "Standard Contractual Clauses" means template transfer clauses adopted by the European Commission or adopted by a Data Protection Authority and approved by the European Commission, in their respective valid, current form (currently in the version of 4 June 2021).