RC Privacy Policy
Effective date: 12(th) March, 2025
RC (“RC Service” or “This Service”) is an “Internet Communication Cloud Service” provided by RONG CLOUD H.K. LIMITED, its subsidiaries, and affiliated companies (collectively referred to as “RC” or “we”). This Privacy Policy explains how RC collects, uses, and stores your personal information in the process of providing related services, as well as the rights you have. Before using any of our services, please read this Privacy Policy carefully and ensure you fully understand its contents. By using our products or services, you acknowledge that you have read, understood, and agreed to this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please discontinue your use of RC’s products or services.
This Privacy Policy will help you understand the following:
1. How we collect and use your personal information;
2. How we use cookies and other technologies;
3. How we share, transfer, and disclose your personal information;
4. How we protect and store your personal information;
5. Your rights;
6. How we handle minors' personal information;
7. How this privacy policy is updated;
8. How to contact us.
We understand the importance of personal information to you and are committed to protecting your personal information securely and reliably. We strive to maintain your trust and adhere to the following principles in protecting your personal information: accountability, purpose limitation, consent, data minimization, security, individual participation, and transparency.
I. Scope of Application
1. This policy applies to all services provided on the RC official website (https://www.rongcloud.io/), including browsing, logging in, purchasing services, and other technical services provided through the RC website.
2. Our products or services may integrate third-party SDKs (for a list of third-party SDK information, please refer to the “RC Developer Documentation - Privacy Compliance” https://docs.rongcloud.io/guides/privacy) or contain links to third-party websites, applications, or services. You may choose whether to access these. This Privacy Policy does not apply to any products, services, websites, or content provided by third parties. Please refer to the third party’s privacy policy.
3. If your product or service integrates our products or services, you must explain to your end-users and agree on a separate privacy policy with them in accordance with applicable laws and regulations. You must ensure that your end-users accept the privacy policy and that you have obtained their authorization to collect personal information through our products or services.
II. How We Collect and Use Your Personal Information
To achieve the basic business functions of our products and/or services, we may need to collect and use your personal information in the following ways. Since the basic functions of different products and/or services vary, the types, scope, and methods of collecting and using information may differ. The specific information collected will depend on the products and/or services you choose.
(1) Account Registration
1. When you register on the RC website, we need to collect your phone number and verification code to verify your identity. If you are a corporate user, you will also need to provide your company or organization name and email address. The phone number and email address you provide will serve as our designated contact methods for password recovery, receiving business notifications (e.g., new product launches, event reminders, service changes, service-related notices, etc.), and providing targeted services. You can unsubscribe from email reminders for creating/replying/closing tickets, version releases, or events by following our instructions.
If you refuse to provide the above information, you will not be able to purchase and use our related products and/or services, and you may only browse t RC website.
2. After registration, you can choose to complete your profile on the account settings page, including but not limited to:
(1) If you are an individual developer, you can complete real-name verification in the following ways:
A. If you use Alipay for real-name verification, you will need to enter your ID number and then scan the Alipay QR code to authorize Alipay to verify your identity through facial recognition;
B. If you use your ID card or passport for real-name verification, you will need to provide your real name, ID /passport number, and upload photos of the front and back of your ID /passport, as well as a photo of yourself holding your ID /passport.
(2) If you are a corporate developer, you will need to provide the company name, address, business license number, legal representative, company phone number, company website, and upload a photo of your business license to complete verification.
(3) Please note that ID information, Alipay account information, or facial recognition biometric information is necessary for verifying your real identity as required by law. This information contains your sensitive personal information, and its leakage or illegal use may harm your personal dignity, safety, or property. Please carefully consider whether and how to proceed with identity verification.
(2) Payment and Invoice Issuance
1. If you use our paid services, you will need to provide your bank information to complete the payment. We will keep this information strictly confidential and use it only for querying payment status, issuing invoices, and other purposes necessary to complete the transaction and as specified in this policy.
2. After payment, you may request us to issue and send you an invoice. If you choose a paper invoice, you will need to provide your invoice delivery address, including the recipient's name, detailed address, and phone number. If you choose an electronic invoice, you will need to provide your email address. If you refuse to provide this information, we will not be able to assist you in issuing or delivering the invoice.
3. To complete the payment, we may provide your account information, order information, payment account information, and other necessary information for payment to third-party payment partners. We will only share this information for legal, legitimate, necessary, specific, and explicit purposes. Our partners will only have access to the information necessary to perform their duties, and we will require them through agreements not to use this information for any purposes beyond the scope of the agreement.
(3) SDK Operation Logs
To continuously optimize our products and troubleshoot issues during customer use, the RC SDK needs to upload necessary SDK operation logs. The data involved mainly includes personal devices information and may involve the account information of the data subject (for data types, platforms, and related descriptions, please refer to the “RC Developer Documentation - Privacy Compliance” https://docs.rongcloud.io/guides/privacy). Device information and log information are sent at regular intervals when the application starts.
(4) Technical Support
When you request technical support from us, you will need to create a ticket. We will collect your ticket records and troubleshooting processes (e.g., communication or call records) to help resolve your issues promptly and improve our services. If you refuse to provide this information, we may not be able to provide you with the necessary support or assistance.
(5) Situations Where We Collect and Use Personal Information Without Your Consent
1. When it is necessary to fulfill our legal obligations under applicable laws and regulations;
2. When it is directly related to national security or national defense;
3. When it is directly related to public safety, public health, or significant public interests;
4. When it is directly related to criminal investigations, prosecutions, trial, or execution of judgments;
5. When it is necessary to protect the life, property, or other significant legitimate rights and interests of the data subject or other individuals, and it is difficult to obtain consent;
6. When the personal information is disclosed to the public by the data subject;
7. When it is necessary for the conclusion or performance of a contract at your request;
8. When the personal information is collected from legally publicly disclosed information, such as legitimate news reports or government information disclosures;
9. When it is necessary to maintain the safe and stable operation of the provided products or services, such as detecting or handling product or service failures.
III. How We Use Cookies and Other Technologies
(1) Cookies
To ensure the proper functioning of our website, we store small data files called cookies on your computer or mobile device. Cookies typically contain an identifier, site name, and some numbers and characters.
We use our own cookies or similar technologies for the following purposes:
1.To remember your identity. For example, cookies or similar technologies help us recognize you as a registered user or save preferences or other information you provide;
2.To Analyze your use of our services. We may use cookies or similar technologies to understand how you use RC services or which services are most popular;
3. For advertising optimization. Cookies or similar technologies help us provide you with relevant ads based on your information rather than general ads.
We will not use cookies for any purposes other than those described in this Privacy Policy. You can manage or delete cookies based on your preferences. You can clear all cookies saved on your computer, and most web browsers allow you to block cookies. However, if you do so, you may need to manually adjust your settings each time you visit our website. For more information on how to change your browser settings, please visit the following links: Internet Explorer, Microsoft Edge, Google Chrome, Mozilla Firefox, Safari, and Opera.
(2) Web Beacons and Pixel Tags
In addition to cookies, we may use other similar technologies such as web beacons and pixel tags and on our website. For example, emails we send you may contain click URLs linked to our website content. If you click that link, we will track the click to help us understand your product or service preferences and improve customer service. Web beacons are typically transparent images embedded in websites or emails. With pixel tags in emails, we can determine whether an email has been opened. If you do not wish to be tracked in this way, you can unsubscribe from our mailing list at any time.
(3) Do Not Track
Many web browsers have a Do Not Track feature that sends Do Not Track requests to websites. Currently, major internet standard organizations have not established relevant policies to define how websites should respond to such requests. However, if your browser has Do Not Track enabled, all our websites will respect your choice.
IV. How We Share, Transfer, and Publicly Disclose Your Personal Information
(1) Sharing and/or Entrusting Processing
We will not share and/or entrust the processing of your personal information with any company, organization, or individual outside of RC, except in the following cases:
1. With your explicit consent or to achieve the purposes stated in this Privacy Policy, we may share and/or entrust the processing of your personal information with other parties;
2. We may share your personal information as required by laws and regulations or mandatory government requirements;
3. Sharing and/or entrusting the processing of your personal information with our affiliates: we will only share and/or entrust affiliates with the necessary personal information, and it will be bound by the purposes stated in this Privacy Policy. If we share and/or entrust the processing of your personal information with these affiliates, we will use encryption, anonymization, and other necessary security measures to protect your information. If affiliates change the purpose of processing personal information, they will seek your consent again;
4. Sharing and/or entrusting the processing of your personal information with suppliers, service providers, and other partners: if the services you purchase (e.g., online customer service, content review, storage, content distribution, SMS, anti-fraud, etc.) are provided by suppliers, service providers, and other partners, we may share and/or entrust the processing of certain personal information with them to provide better customer service and user experience. We will only share and/or entrust the processing of your personal information for legal, legitimate, necessary, specific, and clear purposes, and only the personal information necessary to provide the services. We will sign strict confidentiality agreements with suppliers, service providers, and other partners, requiring them to process personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures.
(2) Transfer
We will not transfer your personal information to any company, organization, or individual, except in the following cases:
1. With your explicit consent: After obtaining your explicit consent, we may transfer your personal information to other parties;
2. In the event of merger, acquisition, or bankruptcy liquidation: If personal information is involved in a transfer, we will require the new holder of your personal information to continue to be bound by this Privacy Policy, or we will require the company or organization to seek your consent again.
(3) Public Disclosure
We will only publicly disclose your personal information in the following cases:
1. With your explicit consent;
2. Based on legal requirements: We may publicly disclose your personal information if required by law, legal proceedings, litigation, or mandatory government requirements.
(4) Exceptions to Sharing, Transfer, and Public Disclosure
In the following cases, we may share, transfer, or publicly disclose personal without prior consent from the data subject:
1. When it is necessary to fulfill our legal obligations under applicable laws and regulations;
2. When it is directly related to national security or national defense;
3. When it is directly related to public safety, public health, or significant public interests;
4. When it is directly related to criminal investigation, prosecution, trial, or execution of judgments;
5. When it is necessary to protect the life, property, or other significant legitimate rights and interests of the data subject or other individuals, and it is difficult to obtain consent;
6. When the personal information is disclosed to the public by the data subject;
7. When the personal information is collected from legally publicly disclosed information, such as legitimate news reports, or government information disclosures.
V. How We Protect and Store Your Personal Information
(1) How We Protect Your Personal Information
1. We have implemented industry-standard security measures to protect the personal information you provide from unauthorized access, disclosure, use, modification, damage, or loss. We will take all reasonable and feasible measures to protect your personal information.
2. We have obtained the following certifications: Level 3 Certification for Information Security Protection from the Ministry of Public Security and ISO 27001.
3. We will regularly update and publicly disclose reports on security risks, personal information security impact assessments, and relevant reports. The internet environment is not 100% secure, and we will do our best to ensure the security of any information you send to us.
4. If our physical, technical, or administrative safeguards are breached, resulting in unauthorized access, disclosure, alteration, or destruction of information, we will promptly notify you of the basic, situation, potential impacts, measures we have taken or will take, recommendations for self-protection, and remedial measures via email, letter, phone, or push notification. If it is difficult to notify each individual, we will issue a public notice in a reasonable and effective manner. We will also report the handling of personal information security incidents to regulatory authorities as required.
(2) How We Store Your Personal Information
1. We will take all reasonable and feasible measures to ensure that we do not collect irrelevant personal information. We will only retain your personal information for the shortest period necessary to achieve the purposes stated in this Privacy Policy, unless otherwise provided by laws and regulations or with your separate consent. After the storage period expires, we will delete or anonymize the personal information. For EEA/UK users, data retention periods align with GDPR requirements (e.g., 2 years for transaction records unless longer retention is required by law).
2. In the following cases, and only for the purposes related to these cases, we may need to retain your information or part of it for a longer period:
(1) To comply with applicable laws and regulations;
(2) To comply with court judgments, rulings, or other legal procedures;
(3) To comply with the requirements from relevant government authorities or other authorized bodies.
(4) To execute relevant service agreements or this Privacy Policy, maintain public interests, handle complaints or disputes, and protect the personal and property safety or legitimate rights and interests of our customers, us, our affiliates, other users, or employees.
3. By default, for data we collect from you outside the People's Republic of China, it will be stored in either our data center in Beijing, China or the one in Singapore, as per your preference. In the event that you explicitly ask to utilize alternative data centers, we may meet your request by storing your data in the data center you’ve requested. If we need to transfer personal information overseas due to business needs and in compliance with applicable laws, we will separately obtain your consent and inform you of the purpose, recipient, security measures, and risks of the cross-border transfer. For users in the European Economic Area (EEA) or the United Kingdom (UK), we will ensure that any cross-border data transfers comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
VI. Your Rights
In accordance with relevant laws, regulations, and standards, we guarantee your rights regarding your personal information as follows:
(1) Access and Correct Your Personal Information
1. You should ensure that all personal information you provide is accurate. We will strive to maintain the accuracy and completeness of personal information. Except as otherwise provided by laws and regulations, you can access, manage (including modify, delete, or supplement), and copy specific personal information we hold about you (e.g., your phone number, email, profile picture) on the "Account Settings" page. For other personal information generated during your use of our products or services, we will provide it to you as long as it does not require excessive effort. For users in the European Economic Area (EEA) or the United Kingdom (UK), you have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to request the transfer of this data to another controller where technically feasible.
2. If you find any errors in the personal information we process about you, you have the right to request us to correct it. If you cannot correct this information through the above methods, you can submit a request to us by creating a ticket at any time, and we will respond to your correction request within 30 days.
(2) Delete Your Personal Information
You may request us to delete your personal information in the following cases:
1. If our processing of your personal information violates laws and regulations;
2. If we collect and use your personal information without your consent;
3. If our processing of your personal information violates our agreement with you;
4. If you no longer use our products or services or have canceled your account;
5. If we no longer provide you with products or services.
If we decide to respond to your deletion request, we will also notify the entities that obtained your personal information from us and request that they delete it, unless otherwise provided by laws and regulations or if these entities have obtained your separate authorization.
After you delete information from our services, we may not immediately delete the corresponding information from our backup system, but will delete this information when the backup is updated.
(3) Account Cancellation
1. You can cancel your account by creating a ticket. We will send an SMS to your registered phone number to verify your identity. After creating the ticket, you will no longer be able to use RC services through your account. We will complete the verification and processing within 15 working days (cancellation conditions include, but are not limited to, zero account balance and zero invoiceable amount).
2. Account cancellation is irreversible. Once you submit the application, the system will automatically verify the cancellation conditions. Once all conditions are met and you confirm, the account and information will be deleted. If the system finds that the account has unfulfilled contracts, unpaid fees, unpaid taxes, or other obligations required bylaws and regulations during automatic verification process, the account cancellation process will be automatically terminated and will not be restored. If you wish to continue with the cancellation, you should complete the necessary preparations and reapply.
3. During the account cancellation process, if we find that your account has been reported by others, is under investigation by state authorities, or is involved in litigation or arbitration, we have the right to terminate your account cancellation process without further consent.
4. After account cancellation, we will stop providing you with products or services and, upon your request, delete your personal information, unless otherwise required by laws and regulations. You will no longer be able to log in to the RC website, console, etc., using this account, and you will not be able to retrieve personal information, transaction records, business data, or historical information, under this account.
(4) Responding to Your Requests
1. To ensure security, you may need to provide a written request or otherwise prove your identity. We may first ask you to verify your identity before processing your request. We will respond within 30 days. If you are not satisfied, you can file a complaint by creating a ticket.
2.We generally do not charge fees for reasonable requests, but we may charge a reasonable fee for repeated requests that exceed reasonable limits. We may reject requests that are unfounded, require excessive technical means (e.g., developing new systems or fundamentally changing current practices), pose risks to the legitimate rights and interests of others, or are impractical (e.g., involving information stored on backup tapes).
In the following cases, we may not be able to respond to your requests:
(1) If it is related to our fulfillment of legal obligations under applicable laws and regulations;
(2) If it is directly related to national security or national defense;
(3) If it is directly related to public safety, public health, or major public interests;
(4) If it is directly related to criminal investigation, prosecution, trial, or execution of judgments;
(5) If we have sufficient evidence that data subject has acted in bad faith or abused their rights;
(6) If it is necessary to protect the life, property, or other significant legitimate rights and interests of the data subject or other individuals, and it is difficult to obtain consent;
(7) If responding to the data subject's request would seriously harm the legitimate rights and interests of the data subject or other individuals, or organizations;
(8) If it involves trade secrets.
(5) End Users of Applications Using RC Products or Services
Since your end users are not direct customers of RC, your end users should send their relevant requests directly to you in accordance with your privacy policy, and you should assist your end users in handling their requests.
VII. How We Handle Minors' Personal Information
1. Our products, websites, and services are primarily intended for adults. Minors should not create their own personal information accounts without the consent of their parents or guardians.
2. For the collection of minors' personal information with parental consent, we will only use or publicly disclose this information when permitted by law, with the explicit consent of parents or guardians, or when necessary to protect minors.
3.Minors are defined as individuals under the age of 16 (in compliance with GDPR) or the local legal age in their jurisdiction.
4. If we discover that we have collected minors' personal information without prior verifiable parental consent, we will delete the relevant data as soon as possible.
VIII. How This Privacy Policy is Updated
1. To provide you with better services, our services will be updated and changed from time to time, and we may revise this Privacy Policy accordingly. These revisions will form part of this Privacy Policy and have the same effect as this Privacy Policy. Without your explicit consent, we will not reduce your rights under this Privacy Policy. For users in the European Economic Area (EEA) or the United Kingdom (UK), we will notify you of any material changes to this Privacy Policy via email and banner on our website, requiring explicit consent if required by applicable laws.
2. For significant changes, we will provide more prominent notice (including, for certain services, sending an email to explain the specific changes to the privacy policy).
3. Significant changes referred to in this Privacy Policy include but are not limited to:
(1) Significant changes in our service model, such as the purpose of processing personal information, types of personal information processed, and the way personal information is used;
(2) Significant changes in our ownership structure or organizational structure, such as changes in ownership due to business adjustments, bankruptcy, or mergers;
(3) Changes in the main objects of personal information sharing, transfer, or public disclosure;
(4) Significant changes in your rights regarding personal information processing and how to exercise them;
(5) Changes in the department responsible for personal information security, contact methods, or complaint channels;
(6) When personal information security impact assessment reports indicate a high risk.
IX. How to Contact Us
If you have any questions or comments about this Privacy Policy, or our practices, you can contact us by creating a ticket or send an email to customercare@rongcloud.io. We will generally respond within 30 days.