Published: 20 October 2023

Effective: 20 October 2023

Updated: 20 October 2023

Your privacy is important to us

Aqua Middle East FZC ("AQUA") respects and protects the privacy and security of personal information of all users of the Heat Pump mobile client (hereinafter referred to as "you"). In this regard, AQUA has established the Heat Pump Privacy Policy (hereinafter referred to as the "Policy") to confirm with you that AQUA collects, stores, uses, manages and protects your personal information during your use of the Heat Pump Mobile Client. Before using the Heat Pump Mobile Client, it is important that you read and thoroughly understand this Policy, in particular the terms highlighted in bold/bold underline, and that you read them carefully and confirm that you fully understand and agree to them before you begin to use them. In the process, if you have any questions, comments or suggestions, you can contact us through the various contact information provided by AQUA, and we will provide you with answers as soon as possible.

I. How AQUA collects your personal information

When you use our products or services, we need/may need to collect and use your personal information to provide you with our services, to optimise our services and to protect the security of your account.

(i) Information collected by Heat Pump App

1. Account Creation

When you create an account in our client, we collect some information that you voluntarily provide to us that alone or in combination identifies you, including: email address, username. We collect this information to complete the registration process, to provide you with products or services exclusively for registered users on a continuous and stable basis, and to protect the security of your account. You should be aware that the results of the matching of mailboxes and verification codes belong to your personal sensitive information, we collect such information to meet the requirements of relevant laws and regulations, such as your refusal to provide may result in you not being able to use this function, please consider carefully before providing.

(ii) Additional services based on system rights

We may collect and use your personal information and apply for device rights in the following additional services provided to you. If you do not provide this information, it will not affect your use of the basic services of browsing and searching in our client, but you may not be able to obtain the user experience brought to you by these additional services. This information requires you to enable the corresponding device permissions to obtain, so you can manage the corresponding permissions through the device settings page. These additional services include:

1. Functional services based on system privileges for Android version

(1) Additional services based on location privilege: When setting WIFI in remote module, you need to enable location privilege to effectively set up Wifi connection using the account and password set by the customer;

(2) Additional service based on camera privilege: when adding remote devices, you can directly use the scanning function to scan the QR code of the module and add it quickly.

2. iOS version of functional services based on system permissions

(1) Additional service based on positioning permission: when setting WIFI of remote module, you need to enable positioning permission to effectively set Wifi connection using the account and password set by the customer;

(2) Additional service based on camera privilege: when adding remote devices, you can directly use the scanning function to scan the QR code of the module and add it quickly.

You understand and agree that the above additional services may require you to turn on your webcam (camera), photo album (photo gallery) in your device. Please note that by turning on any of these permissions, you authorise us to collect and use the relevant personal information to provide you with the corresponding services, and by turning off any of these permissions, you cancel your authorisation and we will no longer continue to collect and use the relevant personal information on the basis of the corresponding permissions, and we will not be able to provide you with the services corresponding to such permissions. However, your decision to close the authority will not affect the collection and use of information based on your authorisation.

(C) Client Calling Privileges and Usage Description

In the process of using our client function service, when you need to call the client or SDK to experience the function, we will call the following equipment permissions to ensure the normal function implementation. In order for you to better understand and use our functional services, you can understand through the following list of permissions to use the instructions:

1. Getting phone status

This permission is used to get the IMSI for determining dual SIMs and switching SIMs.

2. Get wifi status

This permission is used for basic connecting network function.

3. Get network status

This permission is used to switch to mobile data during temporary number fetching; used for basic connecting network functions.

4. Access to network

his permission is used for basic connecting network function.

5. Write files

This permission is used to write to the operation log file.

6. read file

This permission is used to read the storage log file.

10. camera

This permission is used for QR code scanning.

11. camera

This permission is used for QR code scanning to turn on the flash.

13. Get Precise Position

This permission is used to set Wifi module.

14. Get Rough Location

This permission is used to set the Wifi module.

15. phone vibration

This permission is used for the feedback when scanning QR code successfully.

16. Install App

This permission is used to provide App version update function.

17. camera

This permission is used to sweep the code to add the device.

(D) Others

1. If the information you provide contains personal information of other users, you need to make sure that you have obtained legal authorisation before providing such personal information to us. If it involves children's personal information, you need to obtain the consent of the corresponding children's guardian before release, under the above circumstances, the guardian has the right to contact us through the channels in Article 9 of this policy, requesting the correction or deletion of the content of the children's personal information.

(2) If we use the information for purposes other than those stated in this policy, or use the information collected for a specific purpose for other purposes, or if we take the initiative to obtain your personal information from a third party, we will obtain your consent in advance.

(v) Transfer

We will not transfer your personal information to any company, organisation or individual, except in the following cases:

1. transfer with explicit consent: we will transfer your personal information to other parties after obtaining your explicit consent;

2. in the event of a merger, acquisition or bankruptcy and liquidation of our service provider, or other circumstances involving mergers, acquisitions or bankruptcy and liquidation, if the transfer of personal information is involved, we will require the new company or organisation holding your personal information to continue to be bound by this policy, or we will require the company, organisation and individual to seek authorised consent from you again.

II. How AQUA stores information

(i) Deletion and anonymisation of information

If we decide to cease operation of our services, we will cease to continue to collect your personal information after the relevant service ceases operation. We will serve you with a notice of cessation of operation in the form of an announcement. Personal information we already hold about you will be deleted or anonymised. If children's personal information is involved, we will notify the child's guardian of the cessation of operation in a timely manner.

How AQUA protects the security of your personal information

In order to ensure the security of your personal information collected by us, we promise to endeavour to achieve a reasonable level of security, and the specific security measures and security capabilities are stated below:

(i) Technical Security Protection

In order to protect the security of your information, we endeavour to protect your information from leakage, destruction or loss by adopting a variety of reasonable physical, electronic and managerial security measures that comply with industry standards, including, but not limited to, SSL, encrypted storage of information, and access control in data centres. We will use encryption technology to improve the security of personal information; we will use trusted protection mechanisms to prevent personal information from being maliciously attacked; and we will deploy access control mechanisms to make every effort to ensure that only authorised personnel have access to personal information.

(ii) Security System Assurance

We have an industry-advanced data security management system that focuses on data and revolves around the data life cycle, and we enhance the security of the entire system in multiple dimensions from organisational construction, system design, personnel management and product technology. At present, in order to improve the security of your use of the services provided by us and our affiliates and partners, to protect your personal and property safety or that of other users or the public from infringement, to better prevent phishing websites, fraud, network vulnerabilities, computer viruses, network attacks, network intrusion security risks, and to more accurately identify violations of laws and regulations or rules of the relevant agreements of our clients, our platform carries out a level of protection of the system. (iii) Personnel security management

(III) Personnel security management