Retevis APP Privacy Agreement

This Agreement explains how Shenzhen YSAIR Technology Co., Ltd. (hereinafter referred to as "we", "us", or "our") collects, uses, stores, protects and processes users' personal information. All actions strictly comply with the EU General Data Protection Regulation (GDPR), the US California Consumer Privacy Act (CCPA), relevant provisions of the US Federal Communications Commission (FCC), and applicable local data protection laws and regulations. This Agreement has the same legal effect as the Retevis APP User Agreement and is an important basis for users to use this APP's services. By downloading, registering, logging into or using any function of this APP, the user is deemed to have carefully read, fully understood and voluntarily accepted all terms of this Agreement. If you do not agree to any term of this Agreement, you shall immediately stop using this APP, and we will no longer collect or process any of your personal information.

1. Scope of Information Collection

We strictly follow the "minimum necessary" principle and only collect user personal information necessary for the provision of this APP's services. We do not collect any information unrelated to the services. The specific scope is as follows:

1.1 Registration and Login Information: When users register or log in to this APP, they need to provide or authorize us to obtain information, including a valid email address (used to receive verification codes, service notifications, password retrieval, etc.), basic identification information of Google account or Apple account (only for login verification, no other irrelevant information associated with the account is collected). The email password set by the user will be stored using encryption technology that meets European and American data security standards. We do not store or view the original password, ensuring password security.

1.2 Usage-Related Information: In order to provide core technical services, optimize service experience and ensure service security, we collect information generated during the user's use of this APP, including walkie-talkie operation records (such as programming parameters, channel settings, etc.), APP usage behavior data (such as login time, usage duration, frequently used functions, operation paths, etc.), anonymized basic device information (such as device model, system version, etc.). Such information is anonymized and cannot identify individual users, and is only used for device adaptation, function optimization and troubleshooting.

1.3 Voluntarily Provided Information: When users voluntarily submit feedback, inquiries, complaints, suggestions and related contact information (such as supplementary email addresses) to us during the use of this APP, such information is only used to handle user feedback and solve problems encountered by users, and is not used for any other purposes. After the problem is resolved, it will be properly retained or deleted as required.

2. Purpose of Information Use

The personal information we collect from users is only used for the following explicit purposes, and is not used for any purposes not explicitly informed to users. All uses comply with GDPR and CCPA provisions: first, to provide core technical services, including walkie-talkie programming, parameter configuration, device debugging, etc., ensuring normal service operation; second, to optimize service experience, based on collected usage behavior data, troubleshoot APP functional faults, optimize interface design, improve service response speed, providing users with more convenient and efficient services; third, to ensure account security, preventing risks such as account theft, malicious attacks, improper use, protecting user account and personal information security; fourth, to send necessary service notifications, such as APP function updates, agreement changes, fault prompts and other important information, ensuring users' right to know; fifth, to handle user feedback, inquiries and complaints, promptly respond to user needs and solve problems encountered during use; sixth, to comply with relevant laws and regulations of the EU and North America and FCC regulatory requirements, fulfilling statutory data processing obligations. Users may withdraw authorization for the use of their personal information at any time. After withdrawal, we will immediately stop using the relevant information, without affecting the normal use of core services.

3. Data Storage and Protection

We attach great importance to the security of users' personal information and have established a comprehensive data security protection system, taking various security measures to protect user information. Users' personal information will be stored using AES encryption technology on secure servers that meet European and American security standards. We implement strict permission management, access auditing and security monitoring measures, allowing only authorized personnel to access relevant information, preventing information leakage, tampering or loss. User information will be stored for the shortest period necessary to achieve the service purpose. After a user applies for account cancellation, their personal information will be deleted or anonymized within 30 working days, ensuring it cannot be recovered. If cross-border data transmission is involved, we will strictly comply with the relevant provisions of GDPR and CCPA on cross-border data transmission, taking necessary security protection measures such as standard contractual clauses and encrypted transmission to ensure the security of data during transmission, and will not transmit user information to third parties without lawful authorization.

4. Information Sharing and Disclosure

We strictly protect users' personal information and promise not to sell, rent or lend any user personal information, nor to use user information for unrelated purposes such as commercial promotion. We will only share or disclose user personal information in the following specific circumstances, all in compliance with GDPR and CCPA provisions: first, to achieve APP functions, share necessary anonymized data or basic verification information with third-party service providers such as Google Analytics (GA), Google account login, Apple account login; such third-party service providers will process data strictly in accordance with our requirements and their own privacy policies, and we will strictly supervise their data processing activities; second, disclose user personal information in accordance with relevant laws and regulations of the EU and North America, or mandatory requirements of judicial authorities or regulatory agencies (such as the FCC), cooperating with investigations and law enforcement; third, after obtaining the user's explicit written or electronic consent, share user personal information with third parties to provide services required by the user; before sharing, we will clearly inform the user of the third party's name, scope and purpose of information sharing, and the user has the right to refuse sharing; fourth, entrust third-party service providers (such as server hosting, data backup, etc.) to process user information; before entrustment, we will strictly audit the third party's qualifications, sign a formal data processing agreement, clarify the rights and obligations of both parties, require the third party to process information strictly in accordance with this Agreement and relevant regulations, and regularly supervise their processing activities.

5. User Data Rights

In accordance with GDPR, CCPA and relevant data protection laws, users have full autonomy over their personal information. We will provide convenient channels to ensure users can exercise these rights, including: right of access, users have the right to view their personal information and usage records; right of rectification, if personal information is incorrect or incomplete, users have the right to request correction; right of deletion, users have the right to request deletion of personal information or account cancellation; right to withdraw consent, users have the right to withdraw consent for the collection, use and sharing of personal information at any time; right to data portability, users have the right to request export of their personal information in a machine-readable format for transfer to another data processor; right to complain, if users believe our data processing violates this Agreement or relevant regulations, they have the right to complain to us or report to the local data protection supervisory authority. Users may exercise the above rights by contacting info@retevis.com, and we will respond and process within the statutory time limit.

6. Other Terms

This APP is mainly intended for adult users and does not specifically provide services to minors (under 16 years old in the EU, under 13 years old in the US). We strictly comply with the relevant provisions of GDPR and CCPA regarding the protection of minors' personal information. If a guardian discovers that a minor has used this APP without permission, they may notify us via info@retevis.com, and we will immediately delete the relevant personal information of the minor and terminate the service. If minors use this APP, they must do so under the guidance of a guardian. The guardian shall fulfill their guardianship responsibilities, supervise the minor's use, and protect the minor's personal information security. We do not actively collect any personal information of minors; if we discover accidental collection, we will delete it immediately. We have the right to revise the terms of this Agreement according to changes in laws and regulations in the EU and North America, technology upgrades, and business development needs. Revisions will be notified to users in advance through channels such as APP pop-ups, in-app announcements, or registered email addresses. If users continue to use this APP, they are deemed to accept the revised terms.

Contact email: info@retevis.com

Effective date: May 16, 2026

Shenzhen YSAIR Technology Co., Ltd.