<h3>Privacy Policy</h3> Last Updated:December 19, 2024 Introduction EgretSoft respects your privacy and is committed to protecting your personal information. This policy aims to explain how we process your personal information. It also sets out your rights in relation to your personal information and who you can contact for more information or queries. For the Enterprise Version which is available for use by enterprise customers, the data controller of all personal information is the enterprise customer. You may contact the relevant enterprise customer for further information. 1. BASIC INFORMATION ABOUT US 2. THE INFORMATION WE COLLECT ABOUT YOU 3. HOW IS YOUR PERSONAL INFORMATION COLLECTED? 4. HOW WE USE YOUR PERSONAL INFORMATION? 5. DISCLOSURES OF YOUR PERSONAL INFORMATION 6. INTERNATIONAL TRANSFERS 7. PERSONAL INFORMATION SECURITY 8. PERSONAL INFORMATION RETENTION 9. YOUR LEGAL RIGHTS 10. CHANGE TO THE POLICY Our services include but not limited to Egret Meeting, EgretCloud and services we provide through https://cdn-www.quickegret.com (“Services”). These services are not intended for children and we do not knowingly collect personal information relating to children. As a user, you must not be a child to access or use our services. If we become aware that we have inadvertently collected personal information of children under the age of 14 or as otherwise defined by applicable children protection laws (“Children”), we will delete such information as soon as possible. Our services may, from time to time, contain links to the websites of our partner networks, advertisers and affiliates. We provide those links for your convenience only, which does not mean that we are fully aware of and endorse their businesses or operational practice. Please note that those websites may have their own privacy policies, and that we do not undertake or assume any responsibility or liability under those policies. Please make sure you check and accept their policies before you provide or instruct us to provide any of your personal information to those websites.It is important that you read and accept this policy together with the Terms of Use before you allow us to process your personal information so that you are fully aware of how and why we are processing your personal information. 1. BASIC INFORMATION ABOUT US We are KUAILU SOFTWARE (SINGAPORE) PTE. LTD., a company duly registered in Singapore (hereinafter referred to as "EgretSoft"). Our contact address is Level 8, Solaris @ Kallang 164, 164 Kallang Way, Singapore 349248. EgretSoft is made up of different legal entities. This policy is issued on behalf of the EgretSoft Group so when we mention "EgretSoft", "we", "us" or "our" in this privacy policy, we are referring to the relevant company in the EgretSoft Group responsible for processing your personal information. We have appointed a privacy team who is responsible for overseeing questions in relation to this policy. If you have any questions about this policy, including any requests to exercise your legal rights, or if you have any complaint or report about personal information security issues, please contact our privacy team using the details set out below. We will properly handle your complaint or report in due course within the period required by applicable laws and regulations. Email address: legal@bwoil.com Telephone number: +65 65715942 2. THE INFORMATION WE COLLECT FROM YOU We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows: Identity information, including name, username or similar identifier. Contact information, including email address and telephone numbers. Technical information, including internet protocol (IP) address, your login data, browser type and version, browser language, operating system and platform, unique device identifier and other technology on the devices you use to access our services. We do not collect any other sensitive personal information about you (this includes details about your biometric information, religion, specific identities, medical and health information, financial accounts, personal tracks, as well as the personal information of minors under the age of 14 or as otherwise defined by applicable children protection laws ). Many of our services require some personal information to be collected. You may refer to the purposes of using your personal information set out in How we use your personal information below. If you choose not to provide us with the personal information necessary to enable us to provide certain business functions, you may not be able to use those business functions, but that will not affect your right to use other business functions. 3. HOW IS YOUR PERSONAL INFORMATION COLLECTED? We use different methods to collect personal information from and about you including through: Direct interactions. Yo u may give us your personal information by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal information you provide when you: register and log in to your account; use identity authentication functions (if applicable); create and join an organization, a department and/or a group; use our search function; use our meeting recording function; upload files; and contact our customer service. The information you give us may include your name, username, email address, phone number, personal description and photograph, voice and video data in the meeting audios and videos. Automated technologies or interactions. As you interact with our services, we will automatically collect technical information about your equipment, browsing actions and patterns. We collect this personal information by using cookies and other similar technologies. Indirect interactions. We may also collect and access your personal information that is provided by third parties who have lawful authorisation or that is lawfully and publicly disclosed. 4. HOW WE USE YOUR PERSONAL INFORMATION? We will only use your personal information when the law allows us to. We will use your personal information according to the specified purposes as set out in the table below: Purpose or Activity Type of Personal Information Legal Basis (where applicable) To register you as a new user Phone number Necessary to perform our contract with you to provide the Service. If you choose to sign in with Wechat UID Necessary to perform our Wechat contract with you to provide the Service. When you choose to set up your User name, picture Necessary to perform our profile, or upload a photo from contract with you to provide the your camera or device as your Service and allow you to use profile picture the feature. When you give us information Time zone Necessary to perform our about the time zone you are contract with you to provide the located in when you schedule a Service and allow you to use meeting the feature. To enable you to use the recording User ID, meeting participation Necessary to perform our feature (including to enable you to and exit time, nickname in the contract with you to provide the access and/or download the meeting, user profile picture, Service and allow you to use recorded meeting files) meeting ID, scheduled meeting the feature. time, meeting link, initiator, length of participation. Audio and video data, including screen sharing of your desktop or a specific window of your desktop. To allow you to connect to our IP address, device information, It is in our legitimate interests to server and provide our service software information, use this information to protect communication log, audio and the integrity of the Service and video quality data, network improve its operation. status data, service usage data, security-related information. To provide customer service to name, mobile phone number, Necessary to perform our you email address, photo (if you contract with you to provide choose to upload one to and support the Service. illustrate the error), and details of error We will only collect and use your personal information that is necessary to fulfil a particular business function at a reasonable minimum frequency. You understand and agree that the use of certain personal information requires your device permissions (for example, microphone, camera and so on) and that by turning on those permissions, you are authorising us to collect and use the relevant information corresponding to those device permissions to perform certain business functions. You can turn off the device permissions at any time by logging into your device and checking or unchecking relevant boxes to adjust your device permissions by contacting us. Once you turn off certain device permissions, we will no longer be able to collect or use such information about you or provide you with the business functions that correspond to those permissions, but that will not affect you to use other business functions offered by us. We will only use your personal information for the purposes for which we collected it as specified in this policy, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and seek your consent. Cookies You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our services may become inaccessible or not function properly. 5. DISCLOSURE OF YOUR PERSONAL INFORMATION Enterprise Version Please contact the relevant Enterprise Customer, who is the data controller, for further information. Personal Version Our support, engineering and other teams are located in our offices around the world (including the People’s Republic of China, which for the purposes of this policy excludes Hong Kong SAR, Taiwan and Macau SAR (“PRC”)). For EEA/UK users, transfers between our affiliates and to third parties use applicable safeguards, such as incorporating standard contractual clauses or taking into account adequacy assessments. Only where necessary will we share your personal information with third parties. Situations where this occur are: a. Third parties that provide services in support of the Service, including providers of cloud services that process information identified in this policy on their servers for the purpose of providing the Service, for the purpose of account login and verification, for the purpose of processing support ticket ID and support communication. All companies providing services for us are prohibited from retaining, using, or disclosing your personal information for any purpose other than providing us with their services. b. Third-party partners that we collaborate with in providing the Service, including app stores that distribute the Service and facilitate in-app purchases (e.g. Apple and Google Pay). These companies will process your personal information and govern your use of their services and products in accordance with their terms and privacy policies. c. Companies within the EgretSoft group who process your personal information in order to operate the Service, such as provision of servers, facilitating log in, and provision of storage services. All related group companies may only use your personal information in accordance with this privacy policy. We also collaborate with companies within our group to process your transactions and they govern your use of their services and products in accordance with their terms and privacy policies. d. Regulators, judicial authorities, law enforcement agencies, and other third parties for safety, security, or compliance with law. There are circumstances in which we are legally required to disclose information, such as to law enforcement agencies, public authorities or other organisations, or if we have a good faith belief that such use is reasonably necessary to: comply with a legal obligation, process or request; enforce our terms and conditions and other agreements, including investigation of any potential violation thereof; detect, prevent or otherwise address security, fraud or technical issues; or protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction). e. A third party that acquires all or substantially all of us or our business. We may also disclose your information to third parties if we either: (a) sell, transfer, merge, consolidate or re-organise any part(s) of our business, or merge with, acquire or form a joint venture with, any other business, in which case we may disclose your data to any prospective buyer, new owner, or other third party involved in such change to our business; or (b) sell or transfer any of our assets, in which case the information we hold about you may be sold as part of those assets and may be transferred to any prospective buyer, new owner, or other third party involved in such sale or transfer. We require all third parties to ensure the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions. 6. PERSONAL INFORMATION SECURITY We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. If our physical, technical, or management protection facilities are damaged and we cannot prove that we are not at fault, resulting in unauthorised access, public disclosure, tampering, or destruction of your personal information, thus causing damage to your legitimate rights and interests, we will be held legally responsible. However, considering the characteristics of information technology and cyberspace itself, under certain special circumstances (such as hacker attacks, telecommunications failures and so on), there is still a risk of personal information leakage despite the necessary measures we have taken as stipulated by laws and regulations. Although we are continuously working to enhance and strengthen our security measures to protect your data and personal information from accidents or damage, we cannot always guarantee that your personal information is 100% safe, so please make sure you take offline backup measures. We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We strongly recommend that you do not send your personal information via unencrypted email, instant messages, or other unsecure forms of communication. Please use complex passwords to keep your account secure. Except as otherwise provided in this policy, to protect your personal and property security, we specifically remind you not to provide sensitive information, such as your account password, authentication code, communication content, property information, or physiological information to us or any third party providing services to you on our behalf, through public networks. 7. PERSONAL INFORMATION RETENTION We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. We will delete or anonymise your personal information where the processing purpose has been achieved, is impossible to achieve, or where it is no longer necessary to achieve the purpose. 8. YOUR LEGAL RIGHTS You can exercise the following rights in relation to your personal information: Access your personal information held by us and request a copy of the information. Request us to update or correct your personal information if it is inaccurate or incomplete. Request us to delete your personal information if you no longer use our products or services or under other statutory circumstances, unless we have a legal or regulatory obligation to retain the information. Object or withdraw your consent to our processing of your personal information.Request us to deregister your account. Request us to transfer your personal information to another personal information processor designated by you, provided that such request complies with the conditions prescribed by the competent government authorities. If you wish to exercise any of the rights set out above, please contact us. You will not have to pay a fee to access your personal information (or to exercise any of the other relevant rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. We try to respond to all legitimate requests within fifteen (15) business days (or other period required by applicable laws and regulations). Occasionally it could take us longer than fifteen (15) business days if your request is particularly complex or you have made a number of requests. In this case, we will notify you in time and keep you updated. 9. CHANGES TO THE POLICY We keep our policy under regular review. We may need to update the policy from time to time to comply with applicable laws and regulations or other legitimate purposes. We may separately advise you about the change according to laws. Please pay attention to the notices we post and review the contents of our policy periodically to keep abreast of relevant changes. Please understand that your continued use of our product or service after we post the notice of changes constitutes your acceptance of those changes.