Privacy Policy
Summary: Beijing Fengxunda Technology Co., Ltd. ("Fengxunda," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our websites, mobile applications, and services. It is designed to comply with global privacy regulations including GDPR, CCPA, COPPA, LGPD, APPI, and platform-specific policies for Google Play and the Apple App Store.
1. Who We Are
Beijing Fengxunda Technology Co., Ltd. is a technology company headquartered at No.205-098, No.7, Juyuan W. Road, Mapo Town, Shunyi District, Beijing, 100000, China. We develop, publish, and operate mobile applications and games globally. Where applicable under the GDPR, Fengxunda acts as a data controller for personal data collected through our own services, and as a data processor when processing data on behalf of business clients.
Contact for privacy matters: support@fengxundatech.com
2. Scope of This Policy
This Privacy Policy applies to:
- Our corporate website at fengxundatech.com
- All mobile applications and games published by Fengxunda on the Apple App Store and Google Play Store
- Services provided to business clients under project operations and R&D agreements
- Any interaction with our support, contact forms, or marketing materials
Each individual app or game may include a supplemental privacy notice with product-specific details.
3. Information We Collect
3.1 Information You Provide Directly
- Contact information: Name, email address, company name, message content submitted via contact forms.
- Account information: Username, password (hashed), profile details when you register within our apps.
- Payment information: All payments are processed by Apple (App Store) or Google (Google Play). We do not directly collect or store credit card or banking information.
- Support communications: Messages, attachments, and correspondence sent to our support email.
3.2 Information Collected Automatically
- Device identifiers: Advertising ID (IDFA on iOS, GAID on Android), device model, OS version.
- Usage data: App sessions, events, feature interactions, crash reports, performance metrics.
- Location data: Coarse location (country/region) derived from IP address unless you grant precise location permission.
- Network information: IP address, connection type (Wi-Fi/cellular), browser type (for website).
- Cookies and similar technologies: On our website we use first-party cookies for session management and, with consent, analytics and marketing cookies.
- In-app purchase history: Records of transactions processed through App Store or Google Play (receipt data only, not payment details).
3.3 Information from Third Parties
- Analytics providers (e.g., Firebase, Adjust, AppsFlyer) — aggregated usage statistics.
- Advertising networks — ad performance signals in compliance with their policies (see Section 9).
- App Store and Google Play — download counts, ratings, and review data.
4. How We Use Your Information
| Purpose | Legal Basis (GDPR) |
|---|---|
| Providing and maintaining our services | Performance of contract (Art. 6.1.b) |
| Responding to inquiries and providing support | Legitimate interests (Art. 6.1.f) |
| Processing in-app purchases and subscriptions | Performance of contract (Art. 6.1.b) |
| Analytics to improve products | Legitimate interests (Art. 6.1.f) |
| Personalized or interest-based advertising | Consent (Art. 6.1.a) / ATT on iOS |
| Sending service updates and notifications | Legitimate interests / Consent |
| Legal compliance and fraud prevention | Legal obligation (Art. 6.1.c) |
| Age verification and child safety | Legal obligation / Vital interests |
5. Apple App Store & iOS Compliance
For apps distributed via the Apple App Store, we comply with:
- App Store Review Guidelines: All data collection practices are disclosed in the App Store "App Privacy" section (Data Safety labels).
- App Tracking Transparency (ATT): On iOS 14.5+, we request permission before accessing your IDFA for advertising. If you decline, we serve contextual ads only and do not track you across apps and websites.
- StoreKit & In-App Purchases: Subscription and IAP billing is handled entirely by Apple. We receive only anonymized receipt data to validate purchases.
- Apple's Human Interface Guidelines & Privacy Labels: We accurately declare all data types collected, linked to identity, and used for tracking.
- Sign in with Apple: Where offered, we support Sign in with Apple and comply with Apple's requirements for data minimization.
- HealthKit / SensorKit: We only access these frameworks where explicitly disclosed and consent is obtained; data is never sold or used for advertising.
6. Google Play & Android Compliance
For apps distributed via the Google Play Store, we comply with:
- Google Play Developer Policy: All personal and sensitive data collection is disclosed in the Play Store "Data Safety" section.
- Play Billing Library: All in-app purchases and subscriptions are processed through Google Play Billing. We do not collect payment card details.
- Google Play Families Policy: Apps targeting children or mixed audiences comply with the Families Policy, including restrictions on data collection and advertising.
- Android Advertising ID: We follow Google's requirements regarding use of the Advertising ID, and reset/opt-out requests are honored immediately.
- Permissions: We request only the permissions necessary for app functionality, as described at runtime when permission is requested.
- Google Play Data Safety: Our Data Safety form accurately reflects all data collected, its purpose, whether it is shared, and security practices.
7. Global Privacy Regulations
7.1 European Union — GDPR
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):
- Right of access — Request a copy of your personal data.
- Right to rectification — Correct inaccurate or incomplete data.
- Right to erasure ("right to be forgotten") — Request deletion of your data where no legal basis exists for retention.
- Right to restriction of processing — Limit how we use your data in certain circumstances.
- Right to data portability — Receive your data in a structured, machine-readable format.
- Right to object — Object to processing based on legitimate interests or for direct marketing.
- Rights related to automated decision-making — Request human review of automated decisions that significantly affect you.
- Right to withdraw consent — Withdraw consent at any time without affecting the lawfulness of prior processing.
To exercise your rights, contact us at support@fengxundatech.com. We will respond within 30 days. You may also lodge a complaint with your local supervisory authority.
Where we transfer personal data outside the EEA, we rely on Standard Contractual Clauses (SCCs) or other approved mechanisms to ensure adequate protection.
7.2 United States — California (CCPA / CPRA)
If you are a California resident, under the California Consumer Privacy Act (CCPA) as amended by the CPRA, you have the right to:
- Know what personal information is collected, used, shared, or sold.
- Delete personal information held by us (subject to exceptions).
- Opt out of the sale or sharing of personal information (we do not sell personal information).
- Correct inaccurate personal information.
- Limit the use of sensitive personal information.
- Non-discrimination for exercising your rights.
To submit a CCPA request, email support@fengxundatech.com with subject "CCPA Data Request." We will verify your identity before processing requests.
7.3 Brazil — LGPD
For users in Brazil, our data practices comply with the Lei Geral de Proteção de Dados (LGPD). You have rights equivalent to those under GDPR, including access, correction, deletion, portability, and the right to revoke consent. Contact support@fengxundatech.com to exercise your rights.
7.4 Japan — APPI
For users in Japan, we comply with the Act on the Protection of Personal Information (APPI). Personal information is used only for the purposes described herein, and third-party provision is made only with consent or as permitted by law.
7.5 Canada — PIPEDA
For users in Canada, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). You may request access to or correction of personal information by contacting us.
7.6 Other Jurisdictions
We strive to comply with applicable privacy laws in all jurisdictions where our products are available, including Australia (Privacy Act 1988), South Korea (PIPA), Singapore (PDPA), and others. Contact us for jurisdiction-specific inquiries.
8. Children's Privacy & Age Management
8.1 COPPA (United States)
We comply with the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect personal information from children under 13 years of age without verifiable parental consent. If an app is directed at or likely to attract children under 13, we:
- Do not collect persistent identifiers for advertising without parental consent.
- Do not engage in behavioral advertising to children.
- Provide a mechanism for parents to review, access, and delete their child's data.
- Limit third-party SDK usage to those with COPPA-compliant configurations.
8.2 UK Children's Code (Age Appropriate Design Code)
For products available in the United Kingdom, we adhere to the ICO's Age Appropriate Design Code. We apply the highest privacy settings by default for users who may be under 18, minimize data collection, and do not use nudge techniques that encourage children to share more data than necessary.
8.3 Google Play Families Policy
Apps in the Google Play Families program restrict data collection to the minimum necessary for functionality, use only Families-certified advertising SDKs, and comply with all applicable children's laws globally.
8.4 Apple Age Rating
Our apps carry appropriate age ratings on the App Store. Apps rated 4+ or containing child-directed content limit data collection and disable interest-based advertising.
8.5 Age Verification
Where required, we implement age-gate mechanisms to prevent users below the required age threshold from accessing age-restricted features or consenting to data practices on their own behalf.
9. Advertising Networks & Monetization Partners
Our self-published and operated apps may display ads from the following networks. Each network operates under its own privacy policy and data practices:
| Network | Type | Privacy Policy |
|---|---|---|
| Google AdMob | Display, Video, Rewarded | policies.google.com/privacy |
| Meta Audience Network | Display, Native, Interstitial | www.facebook.com/privacy/policy |
| Unity Ads | Rewarded Video, Interstitial | unity.com/legal/privacy-policy |
| IronSource (Miley) | Mediation, Rewarded | developers.is.com/privacy-policy |
| AppLovin MAX | Mediation, Display | www.applovin.com/privacy |
| Pangle (TikTok for Business) | Display, Video | www.pangleglobal.com/privacy |
| Vungle (Liftoff) | Rewarded Video | vungle.com/privacy |
We use a Consent Management Platform (CMP) on applicable apps to collect user consent before enabling personalized advertising. Users may opt out of personalized ads at any time through in-app settings or device-level controls (Limit Ad Tracking on iOS / Opt out of Ads Personalization on Android).
10. Data Sharing & Disclosure
We do not sell your personal information. We may share data with:
- Service providers: Cloud hosting (AWS, GCP, Azure), analytics tools (Firebase, Adjust), customer support platforms, operating under strict data processing agreements.
- Advertising partners: As described in Section 9, only with appropriate consent.
- Business clients: Under contract, for apps we operate on their behalf; data shared only as necessary and governed by a Data Processing Agreement (DPA).
- Legal obligations: When required by law, court order, or to protect rights and safety.
- Business transfers: In the event of a merger or acquisition, with notice to affected users.
11. Data Retention
We retain personal data for as long as necessary to fulfil the purposes described, or as required by law:
- Account data: until account deletion + 30 days.
- Transaction records: 7 years (legal/tax obligation).
- Analytics data: 26 months (aggregated; purged or anonymized thereafter).
- Support correspondence: 3 years.
- Contact form submissions: 12 months or until resolved.
You may request deletion at any time (subject to legal retention obligations) by contacting support@fengxundatech.com.
12. Data Security
We implement industry-standard technical and organizational security measures including:
- TLS/HTTPS encryption for all data in transit.
- AES-256 encryption for sensitive data at rest.
- Access controls with principle of least privilege.
- Regular penetration testing and security audits.
- No storage of plaintext passwords (bcrypt hashing).
- Incident response procedures with breach notification within 72 hours (GDPR) where required.
13. Cookies & Tracking Technologies
Our website uses the following types of cookies:
| Category | Purpose | Consent Required |
|---|---|---|
| Strictly Necessary | Session management, security, form submission | No |
| Analytics | Page views, user journeys, performance metrics | Yes (EEA/UK) |
| Marketing | Ad targeting, conversion tracking | Yes |
You can manage cookie preferences through our cookie consent banner or your browser settings. Note that disabling cookies may affect website functionality.
14. International Data Transfers
As a global company headquartered in China with services worldwide, personal data may be processed in multiple countries. For EEA residents, cross-border transfers rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Adequacy decisions where applicable.
- Binding Corporate Rules where implemented.
15. Third-Party Links
Our website and apps may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies before providing personal information.
16. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by updating the "Last Updated" date above and, where appropriate, by in-app notification or email. Continued use of our services after changes constitutes acceptance of the revised policy.
17. Contact & Data Subject Requests
To exercise any privacy rights, request data deletion, or raise concerns about our data practices:
- Email: support@fengxundatech.com
- Subject line: "Privacy Request — [Your Request Type]"
- Postal: Beijing Fengxunda Technology Co., Ltd., No.205-098, No.7, Juyuan W. Road, Mapo Town, Shunyi District, Beijing, 100000, China
We will respond to verified requests within 30 days (or as required by applicable law). We may need to verify your identity before processing requests.