Privacy Policy

We collect information that you voluntarily provide when using our services, as well as information generated in the course of using our services, in order to provide services to you, improve our service quality, and optimize your user experience. 1.1 Personal Information Collection - Purpose, Method, and Scope To help you understand how we collect and use your personal information, and in accordance with Huawei AppGallery review requirements, we provide the following details about the purpose, method, and scope of personal information collection:

Type of Personal Information	Collection Method	Purpose of Use	Scope
Mobile phone number	User actively provides	Account registration, login, and identity verification	Mainland China mobile numbers only
Verification code	Automatically generated by system	Verify authenticity of mobile number	Single-use
Email address	User actively provides	Account registration and login	Valid email address
Password	User actively sets	Account security verification	Encrypted storage, not transmitted
Device model	Automatically obtained	Compatibility troubleshooting and device adaptation	Device hardware information
Operating system version	Automatically obtained	System compatibility processing	iOS/Android version
Unique device identifier	Automatically obtained	Account identification and data association	Device ID/UUID
IP address	Automatically obtained	Network diagnostics and server routing	Network IP address
WiFi information (SSID, BSSID)	Automatically obtained	Improve network connection experience and device identification	Connected WiFi network name and MAC address
Application crash logs	Automatically obtained	Troubleshooting and service improvement	Crash time, error logs
App usage data	Automatically obtained	Feature optimization and user experience improvement	Feature usage frequency and duration statistics
Nickname	User actively sets	Personalized display	User-defined
Avatar	User actively uploads	Personalized display	Image file
Gender	User actively sets	Personalized display	User-defined
Birthday	User actively sets	Personalized display	User-defined
Focus duration	Automatically recorded	Provide focus timing service	Time length
Focus task name	User actively inputs	Record focus content	User-defined text
Fish collection information	Automatically recorded	Gamification incentive mechanism	Fish species, rarity
Goal list content	User actively creates	Goal management service	List name, description, time

When you register or log in to your AirFish account, we will collect: [Mobile number + verification code login] • Mobile phone number: used for account registration and login • Verification code: used to verify the authenticity of the mobile number • Device information: device model, operating system version, device ID [Email + password login] • Email address: used for account registration and login • Password: used for account security verification (stored in encrypted form) • Device information: device model, operating system version, device ID [Guest mode] • Device information: used for local data storage • We do not collect any personally identifiable information in guest mode 1.2 Use of Core Features [Focus timing feature] • Focus duration and focus task name • Time of use (year, month, day, hour, minute, second) • Focus mode (count-up / countdown) [Fish collection feature] • Information about collected fish (species, rarity) • Collection time • Fishpond status [Data statistics feature] • Statistical data of focus records • Achievement completion status [Focus goals list feature] • Goal list name and description • Goal creation time and completion time • Goal status (in progress / completed / cancelled) • Focus records associated with the goal • Goal category and tags 1.3 Personal Profile Settings When you set your personal profile, we will collect: • Nickname • Avatar • Gender • Birthday • Age 1.4 Device Information and Log Information In order to provide better services, we will collect: • Device model and operating system version • Unique device identifiers • IP address • App crash logs • App usage information (for feature optimization) • WiFi information (SSID, BSSID): used to improve network connection experience and device identification 1.5 Storage Permission When you use the sharing feature, we need to access your: • Photo album / storage space: used to save shareable images You can disable this permission at any time in your system settings. After disabling it, you will no longer be able to use the image sharing feature. 1.6 Personalized Recommendations We do not provide personalized recommendations based on your personal information. All in-app features are generic and do not involve personalized content recommendation services. 1.7 How We Use the Collected Information • To provide you with core services such as focus timing, focus goals list, and data statistics • To ensure service security, and to prevent, detect, and investigate fraud, security incidents, illegal activities, or behaviors that violate our agreements and policies • To improve and optimize our products and services • To send you notifications (such as focus reminders, goal completion reminders, achievement unlock notifications, etc.) • To comply with applicable laws, regulations, and regulatory requirements

2.1 Information Storage • Storage location: within the territory of the People’s Republic of China • Retention period: - Before account cancellation: stored continuously - After account cancellation: deleted within 30 days - Guest mode: stored locally only and deleted after the app is uninstalled 2.2 Security Measures We take the following measures to protect the security of your information: • Encrypted data transmission (HTTPS / TLS) • Encrypted data storage • Access control and permission management • Security audit and monitoring • Regular security training 2.3 Handling of Security Incidents In the event of personal information leakage or other security incidents, we will: • Immediately activate our emergency response plan • Take measures to prevent further loss • Inform you in accordance with legal requirements about: - The basic facts and impact of the security incident - The measures we have taken or will take - Suggestions on how you can independently prevent and reduce risks - Remedial measures we will provide for you • Report the incident to the relevant regulatory authorities 2.4 Data Backup • We regularly back up your data • You can export your data at any time • Multi-device data synchronization is supported

3.1 Sharing We will not share your personal information with any third parties, except in the following circumstances: • With your explicit consent • When necessary to achieve specific functions (such as cloud storage service providers) • As required by laws and regulations Currently used third-party services and SDKs: • Alibaba Cloud Number Authentication Service (SDK): used for one-click login with mobile number - SDK name: Alibaba Cloud Number Authentication SDK - Purpose: mobile number one-click login and authentication - Collected information: mobile phone number - Privacy policy: https://terms.aliyun.com/legal-agreement/terms/suit_bu1_ali_cloud/suit_bu1_ali_cloud202112211045_86198.html • WeChat Multi-terminal Application SDK: used to support multi-terminal application framework - SDK name: WeChat Multi-terminal Application SDK - Purpose: to provide multi-terminal application runtime environment - Collected information: device information, application operation logs - Privacy policy: https://developers.weixin.qq.com/miniprogram/dev/platform-capabilities/miniapp/pre-read/sdk/agreement/sdk.html • WeChat OpenSDK Android: used to support WeChat-related features - SDK name: WeChat OpenSDK Android - Developer: Tencent Technology (Shenzhen) Company Limited - Purpose: to provide WeChat sharing, login and related features - Collected information: device information, application operation logs - Privacy policy: https://support.weixin.qq.com/cgi-bin/mmsupportacctnodeweb-bin/pages/RYiYJkLOrQwu0nb8 • Tencent Location SDK (Android): used to provide location services - SDK name: Tencent Location SDK (Android) - Developer: Tencent Technology (Shenzhen) Company Limited - Purpose: to provide location service features - Collected information: location information, device information - Privacy policy: https://privacy.qq.com/document/preview/dbd484ce652c486cb6d7e43ef12cefb0 • Cloud storage services: used for data synchronization, with data processed in encrypted form 3.2 Transfer We will not transfer your personal information to any company, organization, or individual, except in the following cases: • With your explicit consent • In case of merger, acquisition, or bankruptcy liquidation, we will require the new entity to continue to be bound by this Policy 3.3 Public Disclosure We will not publicly disclose your personal information, unless: • With your explicit consent • As required by laws, regulations, legal procedures, lawsuits, or mandatory requirements of government authorities 3.4 Exceptions According to laws and regulations, in the following circumstances, we may share, transfer, or publicly disclose your personal information without your prior consent: • When directly related to national security or national defense security • When directly related to public safety, public health, or major public interests • When directly related to criminal investigation, prosecution, trial, and enforcement of judgments • When it is necessary for protecting your or other individuals’ life, property, or other major legitimate rights and interests but it is difficult to obtain your consent in a timely manner • When the personal information is information that you have voluntarily disclosed to the public • When the personal information is collected from legally and publicly disclosed information, such as lawful news reports or government information disclosure channels

4.1 Access and Correction You can access and modify your personal information at any time within the app: • Nickname and avatar: Settings → Profile • Gender and birthday: Settings → Profile • Focus records: view on the Data page • Focus goals list: view and edit on the Goals List page • Collected fish: view in the Fish Gallery and Fishpond 4.2 Deletion You can delete your personal information in the following ways: • Delete a single focus record: Data page → long press a record → delete • Delete a focus goal: Goals List page → select a goal → delete • Remove fish: Fishpond page → remove from pond • Clear all data: Settings → Clear data 4.3 Account Cancellation You can cancel your account at any time: • Path: User profile edit page → “Account Cancellation” button in the top-right corner • Cancellation process: 1. Go to the “Edit Profile” page 2. Tap the “Account Cancellation” button in the top-right corner 3. Confirm the cancellation operation • After cancellation: - We will delete all your personal information within 30 days - Your data cannot be recovered - Your account cannot be restored - The cancellation is irreversible, so please proceed with caution 4.4 Withdrawal of Authorization You can withdraw permissions we requested at any time in the system settings: • Storage permission: affects the image sharing feature • Network permission: affects data synchronization features 4.5 Response to Your Requests If you are unable to manage your personal information via the above methods, you can contact us through in-app feedback or by email. We will respond to your request within 15 working days.

5.1 Cookies We do not use cookies. 5.2 Local Storage We use local storage technologies: • Purpose: to store login status and user preference settings • You can clear local storage: Settings → Clear cache 5.3 Log Files To ensure the normal operation and service quality of the app, we will collect log information: • App crash logs • Performance monitoring data • Usage statistics This information is used only for technical support and service improvement and will not be used for any other purposes.

6.1 We attach great importance to the protection of minors’ personal information. If you are a minor, we recommend that your parents or guardians read this Privacy Policy carefully, and that you use our services or provide information to us only after obtaining their consent. 6.2 For personal information of minors collected with the consent of parents or guardians, we will only use, share, transfer, or disclose such information when permitted by law, with the explicit consent of parents or guardians, or when necessary for protecting minors. 6.3 If we discover that we have collected personal information of minors without verifiable prior consent from their parents or guardians, we will attempt to delete the relevant data as soon as possible.

7.1 We may revise this Policy from time to time. If such changes result in a material reduction of your rights under this Policy, we will notify you before the changes take effect by means such as prominent prompts on pages or push notifications. 7.2 In such circumstances, if you continue to use our services, it will be deemed that you accept the revised Policy. 7.3 We will publish the update date and effective date of this Policy within the app.

If you have any questions, comments, or suggestions regarding this Privacy Policy or matters related to personal information protection, please contact us via: • Email: ikefu@qq.com We will reply to you within 15 working days after receiving your comments and suggestions. If you are not satisfied with our reply, especially if you believe that our handling of personal information has infringed your legitimate rights and interests, you may also lodge a complaint or report to relevant regulatory authorities such as the Cyberspace Administration, telecommunications, public security, or market supervision authorities.

To provide you with better services, we have integrated the following third-party SDKs: 9.1 Alibaba Cloud Number Authentication SDK • Service provider: Alibaba Cloud Computing Ltd. • Purpose: provide mobile phone number one-click login authentication service • Collected information: mobile phone number • Privacy policy: https://terms.aliyun.com/legal-agreement/terms/suit_bu1_ali_cloud/suit_bu1_ali_cloud202112211045_86198.html 9.2 WeChat Multi-terminal Application SDK • Service provider: Tencent Technology (Shenzhen) Company Limited • Purpose: provide multi-terminal application runtime environment and technical support • Collected information: device information, application operation logs • Privacy policy: https://developers.weixin.qq.com/miniprogram/dev/platform-capabilities/miniapp/pre-read/sdk/agreement/sdk.html 9.3 WeChat OpenSDK Android • SDK name: WeChat OpenSDK Android • Developer: Tencent Technology (Shenzhen) Company Limited • Purpose: provide WeChat sharing, login and related features • Collected information: device information, application operation logs • Privacy policy: https://support.weixin.qq.com/cgi-bin/mmsupportacctnodeweb-bin/pages/RYiYJkLOrQwu0nb8 9.4 Tencent Location SDK (Android) • SDK name: Tencent Location SDK (Android) • Developer: Tencent Technology (Shenzhen) Company Limited • Purpose: provide location service features • Collected information: location information, device information • Privacy policy: https://privacy.qq.com/document/preview/dbd484ce652c486cb6d7e43ef12cefb0 9.5 SDK Usage Statement • The above SDKs are provided by third-party service providers. We have signed relevant agreements with these providers and require them to take corresponding security protection measures in accordance with laws and regulations. • Due to version upgrades, feature adjustments, and other reasons, the type, version, or categories of personal information collected by third-party SDKs may change. We will update this Privacy Policy in a timely manner. • You can learn about the third-party SDKs we integrate through this Privacy Policy. If you object to the information collection behavior of any third-party SDK, you can contact us using the contact information provided in this Policy.

This Privacy Policy applies to all services provided by the AirFish application. Please note that this Privacy Policy does not apply to: • Services provided to you by third parties through our services (such as third-party SDKs) • Third-party websites or applications that you access through our services These third-party services have their own independent privacy policies, which we recommend you read carefully.