Privacy Policy

Last updated: September 13, 2021

Effective on: September 13, 2021

We, Beijing Qihoo Technology Co., Ltd. (hereinafter as “We” or “360 Cleaner”), have always taken very seriously the protection of personal data and privacy. Fully aware of the importance of personal data to you (or “users”), we will do our best to ensure the security and reliability of your personal data. To sustain your trust in us, we are committed to protecting your personal data by adhering to the following principles: lawfulness, fairness and transparency; purpose limitation; data minimization; accuracy; storage limitation; integrity and confidentiality; and accountability. We also undertake to put in place due safeguards to protect your personal data according to pioneering industry standard on data security when you are using our products, applications, technology, software or services (collectively as “products” or “services”) we offer.

Special notes:

This Privacy Policy (“Policy”) only applies to the use of products or services 360 Cleaner offers in form of Software Development Kit (“SDK”) for Android phones, PADs, TVs and other devices, not to products or services offered by a third party through 360 Cleaner, or products or services toward which any third-party link on the 360 Cleaner directs. Further, subject to statutory provisions, if you are under the age of 16, you are not allowed to use our services unless you have got consent from your guardian.

Please read the following text of this Privacy Policy carefully to understand how we collect and use data and information from or of you.

This Policy will help you understand the following:

1. 1. How we collect and use your personal data
2. 2. How we store your personal data
3. 3. Third party Data Processor
4. 4. How we disclose your personal data
5. 5. How we protect your personal data
6. 6. Your rights
7. 7. How we process the personal data of children
8. 8. How your personal data moves across borders
9. 9. How this Policy is updated
10. 10. How to contact us

Please read carefully and understand this Policy before you use our products (or services).

1. 1. How we collect and use your personal data

   • 1.1 Our service is designed to help you clean up the 'junk files' on your device and manage the 'data files' on your device. To avoid ambiguity, the 'junk files' mentioned in this policy refers to temporary files, cache files, residual files, advertising files, log files, empty folders and other categories of files generated by the app. the 'data files' mentioned in this policy refer to files such as photos, videos, audios, documents, etc. that are taken, downloaded, received by users. We will collect and use data in connection with you for the following purposes herein only:

     • 1.1.1 To help you clean up junk files and manage data files, we need to collect the following data

       1. a) Universally Unique Identifier (UUID): we obtain your UUID information from the equipment system provider to ensure that we have sent you the appropriate junk cleaning rules suitable for your equipment. We also use UUID to count the user number of 360 Cleaner service;
       2. b) App name and package name: We read the app name and package name in your device to ensure that we get the junk cleaning rules that match the apps in your device.
       3. c) Suspected junk file path：We read the suspected junk file path in your device to ensure that we get the junk cleaning rules that match the path.
       4. d) Information about your device, network, such as your MANUFACTURER, MODEL, Brand, Android/SDK/RELEASE, Network type, WIFI connection status, Lang Locale, etc.

     • 1.1.2 To help us improve cleaning service, we need to collect the following data

       1. a) Exception information, such as the junk path suspected of missing the package name, suspected residual path, wrong junk path, scan time-consuming junk path, etc.
       2. b) Usage data, such as usage times, execution time, consumed traffic, cleaned up junk items, results of scanning and cleaning up, junk size, amount of junk files, cancelled cleanup path, etc.
       3. c) Information related to your device and apps, such as app junk size, amount of junk files, data size, apk size, type, version, installation time and device RAM size, storage size, etc.
     • 1.1.3 If you use Popular Video Cleaner, we need to collect Video fingerprint information, such as MD5 of the file, file name, file extension, file size, file create time, etc. We do not collect data concerning video content.

We will seek your prior consent if we intend to use such information for other purposes not covered herein or use information for purposes other than the particular purposes for which it is collected.

• 1.2 Personal data means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Therefore, the UUID and APP name list data are treated as personal data and protected. The foregoing data may contain device information including device itself and its usage information, but you should be aware that a single device information is data that cannot identify a particular natural person. If we combine such non-personal data with other information to identify a particular natural person or use it in conjunction with personal data, such non-personal data will be treated as personal data and given equal protection when it is used in the combination and identifiable way. In addition, if you believe that your personal data is included in the foregoing data in accordance with the applicable laws of your location, please notify us promptly.
• 1.3 Please note that such data collection by 360 Cleaner will not be carried out until 360 Cleaner is connected to the internet. However, the internet connection may be switched off by device provider or user himself depending on device settings.

2. 2. How we store your personal data

   • 2.1 We will only keep your personal data for a period no longer than that necessary for the purpose for which we process your personal data or required by law.
   • 2.2 When we obtain your personal data from a third party, the time limit for us to retain your personal data shall be the shorter of the time required for the above service purposes and the time required by the third party to notify us to delete your personal data.

   • 2.3 However, we may keep retention of your personal data in the following circumstance:

     • 2.3.1 if it is within the scope permitted by applicable law；
     • 2.3.2 if we believe that the documents containing your personal data may be relevant to any ongoing or potential legal proceedings；
     • 2.3.3 if we are to obtain, exercise or protect our legal rights (including providing information to others to prevent fraud and reduce credit risk).

3. 3. Third-party data processor

We may, according to our own business demands, entrust your personal data to a third-party data processor in a form meeting GDPR requirements, so as to provide better service and improve user experience. As for now, we haven’t entrusted any third party to process your personal data or share such data with third party. If we do in the future, we will publish the list of data processors and their category, and the scope, purpose and method of shared information among others.

We entrust your personal data to data processor only for legal, proper, necessary, specific and clear purpose, and process personal data necessary to the rendering of service only. We will try our best to supervise data processor to fully perform the entrustment agreement for processing legally, so as to ensure that your rights can be guaranteed to the most extent.

4. 4. How we disclose your personal data

   • 4.1 We will publicly disclose your personal data only under the following situations:

     • 4.1.1 Obtaining your explicit consent;
     • 4.1.2 Disclosure based on laws: we may publicly disclose your personal data if mandatorily required by laws, legal procedures, lawsuits or competent authorities of government.

5. 5. How we protect your personal data

   • 5.1 We have used safety protection measures meeting industrial standards to protect the personal data provided by you, and prevent data from unauthorized access, public disclosure, utilization, modification, damage or loss. We will adopt every reasonable and feasible measure to protect your personal data. For example, we regulate the data storage and utilization by setting up the rules for data classification and grading, data security management standards and data security development standards; we will use encryption technique to ensure the confidentiality of data and store personal data and non-personal data separately; we will use reliable protection mechanism to prevent data from hostile attack; we will deploy access control mechanism to ensure that only authorized personnel have access to personal data; the server system that we store the user's personal data is the one with security reinforcement; and we will hold training courses for security and privacy protection, so as to strengthen our employees’ understanding about the importance of protecting personal data.
   • 5.2 We will adopt every reasonable and feasible measure to ensure that no irrelevant personal data is collected. We will reserve your personal data only within the period necessary to reaching the goals stated in this Policy, except for otherwise extension of reserving period or allowed by laws.
   • 5.3 We will try our best to ensure or guarantee the security of any information you send to us. We will assume the corresponding legal responsibilities if your legal rights and interests are compromised due to unauthorized access to, public disclosure, manipulation or damage of information as a result of our physical, technical or management safeguards damaged.
   • 5.4 After the personal data leakage, we will, according to the laws and regulations, inform you our contact information, basic situation of the security event and possible impacts, actions we adopted or to be adopted, suggestions relevant to self-leading prevention and risk reduction, remedies to you among others in a timely manner. We will inform you the situation relevant to the event via email, letter, call, notice push and other ways in a timely manner, or in the case of being difficult in informing the subjects of personal data one by one, we will release announcement in a reasonable and effective manner.
   • 5.5 In addition, we will initiatively report the disposal of the security event of personal data according to the requirements of supervision department.

6. 6. Your rights

   • 6.1 Your rights

In accordance with applicable laws, regulations, standards and their established practices, we guarantee that you can exercise over your personal data the rights of access, right to rectification, right to erasure, right to restriction of processing, right to data portability, Right to object and automated individual decision-making. You may send an email to [g-clean-sdk-privacy@360.cn] at any time and we will respond to your request within the reasonable time required by applicable law. It is well noted that:

• 6.1.1 you shall have the right to withdraw your consent, but such withdrawal shall not have retroactive effect;
• 6.1.2 you may at any time request us not to use your personal data for marketing purposes;
• 6.1.3 360 Cleaner does not involve automatic decision making.

• 6.2 Responding to your above request

  • 6.2.1 In order to ensure security, you may need to provide a written request or otherwise prove your identity. We may ask you to verify your identity before processing your request.
  • 6.2.2 We will make a reply within 30 days. If you are not satisfied, you can also lodge a complaint in the way provided in the clause 10.2 of this Policy.
  • 6.2.3 For your reasonable request, we do not charge any fee in principle, but we will charge a certain cost for repeated requests beyond the reasonable limit, as the case may be. We may reject those repeated requests without a cause, requests requiring too much technical means (for example, development of a new system or fundamental change of the existing practice is necessary) or posing risks to legal rights and interests of others, or extremely unrealistic requests (for example, involving information stored on the backup tape).

• 6.3 We will not be able to respond to your request as required by laws and regulations, in the following situations:

  • 6.3.1 Directly related to national security and national defence security;
  • 6.3.2 Directly related to public safety, public health and major public interests;
  • 6.3.3 Directly related to criminal investigation, prosecution, trial, judgment execution, etc.;
  • 6.3.4 There is sufficient evidence proving your subjective malice or abuse of rights;
  • 6.3.5 Responding to your request will result in serious damage to your legitimate rights and interests or that of bother individuals or organizations.
  • 6.3.6 Involving business secrets;
  • 6.3.7 Other circumstances specified by applicable laws.

7. 7. How we process the personal data of children

   • 7.1 Our products and services are mainly provided for adults. Children shall obtain their guardian’s authorization to use our product or service.
   • 7.2 We regard anyone under 16 years old as a child, despite different definitions of children by local laws and customs.
   • 7.3 Subject to the existing technology and business model, it is difficult for us to actively identify a user to be children or not. Once we find ourselves or are informed of having collected personal data on children without their guardian’ prior and verifiable consent, we will try to delete the relevant data as soon as possible.

8. 8. How your personal data transfer across borders

   • 8.1 In principle, your personal data will be stored on the nearest server to avoid potential issues arising from data cross-border transfer. For example, the data of EU users are stored in server located in Ireland or German, the data of Asia users other than Mainland China are stored in server located in Singapore, and the data of North America users are stored in server located in USA.
   • 8.2 We are trying our best to comply with data transfer rules applied in each jurisdiction. We will not transfer your personal data from overseas servers to servers in mainland China without your explicit consent.

9. 9. How this Policy is updated

   • 9.1 We reserve the right to adjust this Policy at any time in accordance with changes in services, adjustments to applicable laws and policies, as well as other affected factors. We will not reduce your rights under this Privacy Policy without your express consent. Any updates to this Policy will be posted on the webpage of [http://shouji.360.com/privacy/clean_sdk_en.html] in the way of marking update time, so please feel free to view and understand the privacy policy you shall observe. If you do not agree to accept this Policy, please stop visiting and using our services.
   • 9.2 For major changes, we will also provide more noticeable notice (including a notification sent by e-mail explaining the specific changes in the privacy policy for certain services).

   • 9.3 Major changes referred to in this Policy include, but are not limited to:

     • 9.3.1 Major changes in our service model. For example, the purpose of processing personal data, the type of processed personal data, the use of personal data, etc.;
     • 9.3.2 Major changes in our ownership structure, organizational structure, among others. Such as, change of the owner caused by business adjustment, bankruptcy and mergers and acquisitions, and others;
     • 9.3.3 Changes in main objects of personal data delegated to be processed;
     • 9.3.4 Changes in main objects of personal data publicly disclosed;
     • 9.3.5 Major changes in your rights to participate in the processing of personal data and how it is exercised;
     • 9.3.6 Upon changes in our department responsible for dealing with the security of personal data, contact information, and complaints channels;
     • 9.3.7 Upon high risks indicated in the personal data security impact assessment report.

10. 10. How to contact us

    • 10.1 Please contact us through the following methods, if you have any questions, suggestions or complaints about our privacy policy:

g-clean-sdk-privacy@360.cn

• 10.2 For data subject located in EU under the jurisdiction of General Data Protection Rules, you may contact [g-clean-sdk-privacy@360.cn] which is designated as representative of Beijing Qihoo Technology Co., Ltd. (“data controller”).
• 10.3 Generally, we will reply within reasonable time applied in each jurisdiction (say 30 days in EU). If you are dissatisfied with our response, especially if you believe that our acts of processing personal data have caused damage to your legal rights and interests, you can also contact the competent data protection authority or committee for assistance.