Last modified: Aug 22, 2024
We value the protection of user privacy. When you use BonChat App, we may need to collect and use your relevant information. We hope to explain to you through this Privacy Policy how we collect, use, store and share this information when you use our services, as well as how we provide access, updates, control and protection for this information. This Privacy Policy is closely related to the services you use. We hope that you will read it carefully and make appropriate choices according to the guidance of this Privacy Policy when necessary. The technical terms involved in this Privacy Policy are described as concisely as possible with links provided for further explanation so that you can understand them better.
If you have any questions about this "Privacy Policy" or related matters, please contact us via admin@ciphchat.com and we will reply within 15 working days.
Before using this application, we need to explain the division of responsibilities and rights between the service operator and technology provider. Firstly, BonChat's encrypted instant messaging service is provided by the server operator. Hong Kong CipherChat Tech Company Limited is the software technology provider. After purchasing BonChat software from Hong Kong CipherChat Tech Company Limited, the server operator on-premise deploys, launches and operates the software on its own server. The server operator has management system permissions for servers and can manage accounts such as registration, banning and deactivation, as well as group creation and dissolution operations. Hong Kong CipherChat Tech Company Limited as a developer of BonChat software, is not responsible for server operation nor does it have data management rights on servers.
We will collect information that you provide voluntarily when using the service and through automated means to collect information you generated during the use of features or receipt of the service in the following ways.
In order to help you register an BonChat account so that you can use BonChat's software features, we need to collect the following information from you.
(1) Register user's mobile phone number; (2) Account information: account, list of instant messaging contact accounts.
When you register BonChat, you can create an account by phone number, you need to provide your phone number, and we will send you a verification code through your phone number in order to verify if your identity is valid. After the registration is completed, you can change your nickname; you can also improve your personal information, such as gender, etc. according to your own needs. We can obtain the personal information you fill in to fulfill the account management responsibility, the third party SMS verification code service provider can only obtain the phone number, and cannot obtain any associated account information other than the phone number.
Our instant messaging feature provides you with the ability to chat with your friends, including single chat and group chat, you can send your text, voice, video and other messages in the chat interface. We will use this feature to meet your instant communication need with your friends. To send or save pictures and files, the feature need to get permission to access your album and file storage, otherwise it will not work properly. The photo-taking feature requires permission to access to your camera.
We do not collect your instant messaging history (i.e., chat history, including text, voice, video, pictures, and documents of all kinds). However, we may prohibit you from using some or all of the features of BonChat when we have reasonable suspicion that you are engaging in illegal and criminal activities or violating the legal rights of others through BonChat (such as receiving reports or complaints from others and having a case filed by public prosecutors and law enforcement agencies).
When you send "voice messages" or use the "voice call" function, we will call your microphone authority, if you refuse to provide, we will not be able to provide you with voice message recording and sending and voice call function.
(1) For the following reasons, we need to collect your device information.
Device information will be used for fault analysis, identity verification, customer service, security prevention, fraud monitoring, archiving and backup purposes. This ensures the security and stability of the products and services we provide to you and helps us continuously improve and optimize application experience and service quality.
(2) Device information includes: device brand, device model, system version, this application version, IP address, Device ID. The specific usage is as follows:
Using device brand, device model, system version, and this application version information for fault analysis to solve compatibility issues with various mobile phone models. This type of information is not associated with user accounts and there is no risk of leaking personal user information;
Using Device ID to identify the uniqueness of a device prevents others from stealing a user's account using another device which enhances user safety while protecting their privacy;
When the app connects to the server,the server will automatically obtain IP address for distinguishing users' approximate login location source. It can prevent criminals from logging in through risky addresses,enhance software security,and protect users' personal data at risk by encrypting IP addresses on servers without any leakage risks.
When you play "voice messages" or make "voice calls" in the chat, this application will access mobile phone sensors such as distance and acceleration and read relevant data to achieve functions such as automatic switching of screen on/off and automatic switching between earpiece and speaker according to the holding position of the phone.
As an instant messaging application, when a user receives a file message, they need to be able to select an application on their device that can open the file, so it is necessary to obtain the device's list of installed applications.
In order to implement the function of opening files with other applications, SDKs that involve using the application installation list include: ShortcutBadger, RxJavaFX, ak.im.sdk, ak.application.AKApplication, ak.application,io.reactivex.
(1) Google Firebase Cloud Messaging
BonChat App utilizes Google Firebase Cloud Messaging (FCM) to provide reliable and efficient message delivery. FCM is a cross-platform messaging solution that allows us to send notifications and data messages to your device.
To facilitate this functionality, FCM may collect certain system permissions and device information, including but not limited to:
Device Registration Token: A unique identifier that allows FCM to deliver messages to your specific device.
Device Operating System and Version: Helps ensure compatibility and optimize message delivery.
We encourage you to review Google's Privacy Policy to understand how they collect, use, and protect your information. For detailed privacy policy regarding Google FCM, please refer to Privacy and Security in Firebase.
(2) Huawei PushKit
In order to achieve message push notification function on Huawei series phones, this application integrates the "Huawei PushKit SDK" and requires the use of device AAID or OAID.
- Third-party SDK name: Huawei Push SDK
- Third-party name: Huawei Software Technologies Co., Ltd.
- Types of personal information collected: basic application information, device identifiers within the application (Android ID, OAID/AAID), hardware information of the device, system basic information and system settings information.
- Purpose of use: 1. To provide message push services; 2. To track the success rate of calls to the Huawei Push SDK interface.
Privacy Policy Link: "SDK Privacy and Security Statement"
BonChat is built-in with Bugly SDK (com.tencent.bugly), which are used for capturing application crash issues and sharing content from the application to external sources. The SDK will obtain the device's Android ID to identify its uniqueness (the latest version of Bugly SDK has replaced Android ID with GUID) to ensure user data security. The SDK requires an internet connection and will obtain Wi-Fi information including MAC addresses.
The Bugly SDK introduced for the purpose of analyzing bugs and crash logs will obtain information about running processes (process name and PID). The collected information is not saved locally or uploaded to the server, does not involve users' personal information, and will not be subjected to commercial analysis.
For detailed privacy policy regarding Bugly SDK, please refer to "Bugly SDK Personal Information Protection Rules".
BonChat is built-in with the Alibaba Cloud Simple Log Service SDK (SLS), which is used to upload client function statistics logs. The SDK will obtain:
(1) Device basic information: device manufacturer, device brand, device model, device name, device operating system information, device configuration information and device environment information;
(2) Device network information: network operator information, network type and network status;
(3) Device application information: SDK host app information (including app name and app version).
For detailed privacy policy please refer to the Alibaba Cloud International Website Privacy Policy.
All information acquisition will take place after the user launches the application, browses through the user agreement and privacy policy prompts, and clicks on the "Agree" button. The information will only be acquired once each time the application is launched.
The collected device information will not be saved in plain text but encrypted before being sent to servers for storage, eliminating any risk of personal data leakage. The frequency of sending this information is once per launch.
We reiterate that we strive to minimize our reliance on device information and permissions during service provision as much as possible. For example, in the latest version of our client software, we have removed dependencies on hardware device information such as IMEI and MEID in newer Android operating systems.
Please understand that collecting device information is a prerequisite and foundation for us to provide services; therefore, installing or opening this application automatically results in us collecting your device's information.
Individual device information cannot identify specific individuals' identities; furthermore, we de-identify, anonymize and encrypt all such collected data.1. The main program of this application will not collect users' personal information without their permission in silent and background states. The instant messaging function of this application itself does not require additional user information.
2. When this application enters the silent or background state, if it encounters network connection restrictions caused by power-saving or sleep mode of the mobile system, the application will not repeatedly attempt to access the network to maximize power saving and improve user experience.
When you use the voice call function in this application and want to receive timely voice call reminders when running in the background or when your phone is locked, you can go to "Settings" - "Notification Settings", follow the page guide to open the application auto-start and associated start permissions, turn off power-saving optimization, and keep notifications on. The application will maintain a network connection in the background, periodically check and start service processes to keep running. When you are not using the voice call function, there is no need to turn on the above switches.
You can access the "Me" page within this application, click on the top personal information card, and inquire about your account number, mobile phone number, avatar, nickname, gender and personal signature; in the group chat session interface, click on the "..."" icon in the upper right corner to enter the group information page and view "My Group Nickname".
You can access the "Me" page within this application, click on the "Edit" button in the upper right corner of the personal information card at the top, and set or modify your account, mobile phone number, avatar, nickname, gender and personal signature. For group nicknames, you can enter the group chat session page, click on the "..." icon in the upper right corner to enter the group information page, and then click on "My Group Nickname" to set or modify it. When modifying your mobile phone number, you need to confirm its validity and user identity through SMS verification code to protect your account security.
You can delete some of your information or apply to cancel your account and delete all of your information through the path specified in "2. Correction of Personal Information".
In the following situations, you can request the operator to delete personal information by using the method described in "7. Complaints about Automatic Decision-making Results":
1. If our behavior in processing personal information violates laws and regulations;
2. If we collect and use your personal information without obtaining your explicit consent;
3. If our behavior in processing personal information seriously violates our agreement with you;
4. If our purpose for processing has been achieved, is no longer necessary, or cannot be achieved;
5. If we stop providing products or services, or if the retention period has expired.
If the server operator decides to respond to your deletion request, they will also notify as many subjects who have obtained your personal information from this service as possible and require them to promptly delete it (unless otherwise provided by laws and regulations or these subjects have independently obtained authorization from you).
After you delete your personal information, due to legal regulations or security technology restrictions, it may not be immediately deleted from backup systems; therefore, we will securely store it while limiting further processing until backups can be cleared or anonymized for safety reasons.
You can initiate an account cancellation by accessing "Settings" - "Security Settings" - "Cancel Account" within the application. During the cancellation process, you will need to verify your identity using the SMS verification code sent to the phone number used for registration. Once verified, your account will be immediately cancelled and permanently deactivated after a 30-day protection period. Within this period, users can log in again to cancel their account cancellation and restore their accounts. After the 30-day protection period ends, accounts cannot be restored and will be permanently cancelled.
You can withdraw your authorization to us by either the permission request prompt window that appears when you first run this application on your device, or by modifying the corresponding permission settings for this application in your device's settings. However, refusing to authorize may result in certain functions of the application being unavailable.
Regarding storage permissions (photos, media, content and files), they can be used to restore historical accounts and facilitate users in retrieving their previously logged-in Ren Xiaoliao servers and accounts for direct login. If you refuse to grant this permission, you can log in manually by entering the server ID and account information.
You can query and copy your personal information through the path specified in "1. Personal Information Inquiry".
This application does not involve any algorithm in the automatic decision-making mechanism of information systems. All operations involving user information are manually managed by the service operator in the background system. If you are unable to use this application due to reasons such as account suspension or cancellation by the service operator during your use, please click the "Contact Operator" button in the login failure pop-up prompt or click the "Server Operator" entrance on the application login page to send a message to the server operator for feedback or appeal.
If you encounter violations of rules and regulations by other users and groups while using this application, you can click on the "..." icon in the upper right corner of chat conversation interface to enter chat settings or group settings page, then click on "Complaints" button at bottom of page to make a complaint about such behavior. The complaint record will be submitted simultaneously to both server operators and technical providers.
When you provide feedback or file a complaint through the "Contact Operator" function, the server operator promises to process it within 5 working days and reply to you via the "Server Operator" chat session in the application. You can receive message notifications and unread prompts, and view response content by entering the "Server Operator" interface on the login page of the application.
When you file a complaint against violating users or groups using the "Complaints" function, the server operator promises to process it within 5 working days and reply on your submitted complaint record. You can receive message notifications and unread prompts, and view response content by entering the "Notifications"- "Complaints" interface in the application's chat session list.
Except for the following circumstances, we will not share your personal information with any third party without your consent:
1. We may share your personal information with third-party service providers, contractors, and agents (for example, providing your mobile phone number to SMS verification service providers to help you complete account registration and password retrieval services in this application) to provide you with our services and achieve the purposes described in the "How We Collect and Use Information" section; fulfill our obligations and exercise our rights under this Privacy Policy; understand, maintain, and improve our services.
If we share your personal information with any of the above-mentioned third parties, we will make every effort to ensure that such third parties comply with this Privacy Policy as well as other appropriate confidentiality and security measures that we require them to follow when using your personal information.
2. As our business continues to develop, we may engage in mergers, acquisitions, asset transfers or similar transactions where your personal information may be transferred as part of such transactions. We will notify you before transferring it.
3. We may also retain, preserve or disclose your personal information for the following reasons:
(1) To comply with applicable laws and regulations;
(2) To comply with court orders or other legal procedures;
(3) To comply with requests from relevant government agencies;
(4) For reasonable purposes necessary to comply with applicable laws and regulations, maintain social public interests or protect the safety or legitimate rights of our customers/users/ourselves/others' personhoods or properties.
4. Complaints submitted by you voluntarily
If you encounter violations while using this product/service/applications/platforms/websites/etc., click on the "..." icon in the upper right corner of chat conversation interface/group settings page/chat settings page/etc., then click on "Complaint" button at bottom of page against these violations. In this case,we may disclose complaints submitted by you upon request from relevant government agencies while complying court orders/legal procedures/laws/regulations after receiving them under premise mentioned above.
We will only retain your personal information for the period necessary for the purposes stated in this Privacy Policy (for example, we will keep your phone number and personal information you provided during registration and use of this application), as well as within the time limits required by laws and regulations. When the storage period of your personal information expires or when our product services cease operation, we will delete your personal information or anonymize it, except as otherwise provided by law.
We use various security technologies and procedures to prevent loss, improper use, unauthorized access or disclosure of information. We will use encryption technology to protect the personal information you provide. However, please understand that due to technical limitations and possible malicious means, even if we make every effort to strengthen security measures in the Internet industry, it is not always possible to guarantee 100% security of information. You need to understand that systems and communication networks used by you when accessing our services may encounter problems beyond our control.
Our various services allow you to share your relevant information with your social network, such as the information you upload in this application (including your publicly available personal information, contacts and groups you create), your responses to other people's uploaded or posted information, and data and log information related to these pieces of information. Other users who use our services may also share information related to you (including data and log information).
Therefore, please carefully consider the content of the information that you upload, post and communicate through our services. In some cases, you can control the range of users who have the right to browse your shared information through privacy settings provided by some of our services. If you request to delete your relevant information from our service, please follow the instructions provided by those special terms of service.
1. Storage location: servers located within the territory of Hong Kong and Singapore.
2. Storage period: During your use of this application, we will continue to save your personal information, and the storage period will be based on not exceeding the necessary period for providing services. If we stop operating this service, you cancel your account, voluntarily delete personal information or exceed the necessary period, we will delete or anonymize your personal information held in accordance with applicable laws within a reasonable time limit. However, exceptions include:
(1) Compliance with legal requirements for retaining information.
(2) Reasonable extension of the deadline is required for financial, auditing, dispute resolution purposes.
(3) Customers have other processing needs regarding related information as personal data processors.
We encourage parents or guardians to direct minors under the age of eighteen to use our Services. We recommend that minors encourage their parents or guardians to read this Privacy Policy and that minors seek the consent and guidance of their parents or guardians before submitting personal information.
Except for certain specific services, our privacy policy applies to all of our services. Specific privacy policies will apply to these particular services. The specific privacy policy for a particular service will provide more detailed information on how we use your information in that service. The privacy policy for the specific service is part of this Privacy Policy. If there are any inconsistencies between the privacy policy for a specific service and this Privacy Policy, the privacy policy for the specific service shall apply.
Please note that this Privacy Policy does not apply to:
1. Information collected by third-party services (including any third-party websites) accessed through our services;
2. Information collected by other companies or organizations providing advertising services within our services.
We may revise the terms of this Privacy Policy in a timely manner, and such revisions shall constitute a part of this Privacy Policy. When the revision is applied, users will be promptly notified through pop-up windows and their consent will be obtained again. At the same time, users can check historical versions at any time at the bottom of this Privacy Policy page.
If you have any questions (including complaints, contacting the personal information protection officer, or questioning or commenting on this policy), you can contact us through the following methods. We promise to reply and handle the results within 15 working days.
Hong Kong CipherChat Tech Company Limited.
E-mail: admin@ciphchat.com
Update date: Aug 22, 2024
Effective date: Aug 22, 2024