Privacy & Data Protection

1. Company Information

This Privacy Policy applies to all products and services operated by Beijing Xinrui International Culture Media Co., Ltd. ("XRINTER", "we", "our", "us"), including the website at xrinter.com and our mobile applications distributed via Google Play and Apple App Store.

Registered Office: No. 2, Block G, No. 01-18, No. 1 Road, Liqiao Town, Shunyi District, Beijing, China

2. Data We Collect

We collect information to provide better services to all our users. The data we collect is divided into the following categories:

• Identity and Contact Data: Includes name, email address, telephone number, and any communication content you provide when contacting us.
• Account and Service Data: Includes account identifiers, service preferences, project requirements, subscription metadata, and VIP status.
• Technical and Device Data: Includes device model, OS version, language settings, screen size, carrier, hardware identifiers (IDFA/GAID), IP address, app version, and SDK metadata.
• Usage and Analytics Data: Includes page views, in-app events, feature usage, session duration, crash reports, diagnostic logs, and user behavior paths.
• Approximate Location Data: General location data (e.g., country/city) derived from your IP address or device settings, used for compliance, anti-fraud, and localization.
• Advertising and Attribution Data: Data related to ad impressions, clicks, conversion events, anti-fraud signals, and advertising platform identifiers.

3. How We Use Data

We process your data for the following specific purposes:

• Provide, maintain, and improve mobile applications, games, and digital services.
• Respond to customer inquiries, business proposals, and technical support requests.
• Operate and optimize website and mobile app performance across multiple platforms.
• Measure campaign effectiveness, product usability, and user retention metrics.
• Serve advertisements in supported mobile products and evaluate ad quality.
• Detect abuse, enforce terms of service, and prevent fraud or security incidents.
• Comply with legal obligations, app store policies, and industry regulatory requirements.

Where required by law, we rely on lawful bases such as consent, contractual necessity, legitimate interests, and legal compliance obligations.

4. Advertising & Ad Platform Disclosure

4.1 Advertising Platforms and Mediation Partners

We work with industry-leading partners to deliver high-quality content. Our partners include:

• Google AdMob (Google LLC)
• Meta Audience Network (Meta Platforms, Inc.)
• Unity Ads (Unity Technologies)
• ironSource / LevelPlay (ironSource Ltd.)
• AppLovin MAX (AppLovin Corporation)
• InMobi (InMobi Pte. Ltd.)
• Chartboost (Chartboost, Inc.)
• Digital Turbine / AdColony
• Tapjoy (under ironSource ecosystem)
• Fyber (part of Digital Turbine)
• Ogury
• Criteo
• PubMatic
• Mintegral (Mobvista)
• Pangle (ByteDance)
• Vungle (part of Liftoff)

4.2 Ad Formats Used

• Splash / App Open / Interstitial Ads: full-screen ad units shown at natural transition points.
• Rewarded Video Ads: optional video units where users may receive in-app rewards.
• Banner Ads: persistent rectangular ad placements in app views.
• Native Ads: ads styled to match app interfaces while clearly labeled as advertisements.

4.3 Ad Personalization and Consent

Where required, we request consent before enabling personalized advertising. You may change choices using in-app privacy settings, device privacy controls, or platform-level controls (for example, Android advertising settings and Apple AppTrackingTransparency prompts). For app inventory disclosures, app-ads.txt declarations may be published by us and updated periodically.

5. App Store Specific Policies

5.1 Google Play Store Compliance

We strictly adhere to the Google Play Developer Program Policies, including the Data Safety section and Permissions policy, ensuring all apps use the latest secure SDKs.

5.2 Apple App Store Compliance

We comply with the App Store Review Guidelines, specifically regarding Guideline 5.1 (Privacy), implementing App Tracking Transparency (ATT) and providing Privacy Nutrition Labels.

6. Country-Specific Privacy Rights

We acknowledge regional data protection frameworks including:

• European Union / EEA: General Data Protection Regulation (GDPR)
• United Kingdom: UK GDPR and Data Protection Act 2018
• California, USA: CCPA and CPRA frameworks
• United States (children): COPPA compliance
• Canada: PIPEDA compliance
• Australia: Privacy Act 1988 and APPs
• Brazil: Lei Geral de Proteção de Dados (LGPD)
• South Africa: Protection of Personal Information Act (POPIA)
• Thailand and Singapore: PDPA frameworks
• China: Personal Information Protection Law (PIPL)

Where transfer mechanisms are required for cross-border data movement, we implement legally recognized safeguards such as Standard Contractual Clauses (SCCs).

7. Children's Privacy & Age Restrictions

Our services are intended for professional and general audiences and are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13 without verifiable parental consent.

For apps targeting families, we provide parental dashboards to manage children's data permissions. We implement age-gating mechanisms and use neutral age screens to prevent children from misrepresenting their age, in accordance with global best practices and Google Play Families Policy requirements.

If you believe a child has provided data to us without authorization, contact us at support@xrinter.com. We will investigate and delete such information within 48 hours where legally required.

8. Data Sharing & Third Parties

We do not sell personal information in exchange for monetary consideration. In some jurisdictions, sharing for targeted advertising may be treated as "sale" or "sharing" under local law, and users may have opt-out rights.

We disclose information to the following categories of recipients:

• Cloud infrastructure and hosting providers: Including AWS, Google Cloud Platform, and Microsoft Azure.
• Analytics and diagnostics providers: Including Firebase, Crashlytics, and Amplitude.
• Advertising, mediation, measurement, and anti-fraud partners: As listed in Section 4.
• Professional advisors: Legal counsel, auditors, and advisors where necessary.
• Authorities or regulators: When required by law or a valid lawful request.

9. Data Retention

We retain personal data only for as long as needed to fulfill the purposes described in this policy, including legal, accounting, security, and dispute-resolution requirements. Retention periods include:

• Account data: Retained while account is active + 2 years after deletion request.
• Usage logs: 12 months for analytics, then anonymized.
• Financial records: 7 years for tax and accounting compliance.
• Marketing consent: Until withdrawn or 3 years of inactivity.
• Crash reports and diagnostic logs: 6 months for debugging.

When retention is no longer required, we delete or anonymize data using secure deletion methods and technical controls.

10. User Rights

Subject to applicable law, you may have the following rights regarding your personal data:

• Access: Request access to personal information we hold about you.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of personal data (Right to be Forgotten).
• Restriction: Request restriction or object to certain processing activities.
• Data Portability: Request transfer of your data to another provider where feasible.
• Withdraw Consent: Withdraw consent where processing is consent-based.
• Opt-out: Opt out of targeted advertising and profiling.

To exercise these rights, contact us at support@xrinter.com or gaosijia@xrinter.com. We may need to verify your identity before processing requests. We will respond within 30 days.

11. Cookies & Tracking Technologies

Our website and applications use cookies, local storage, SDK event tokens, pixel tags, and similar technologies for:

• Core functionality and security (session management, authentication).
• Analytics and performance measurement.
• Content personalization and preference storage.
• Advertising measurement and frequency control.

You can control cookies through browser settings and adjust mobile tracking controls at the operating system level (e.g., iOS Settings > Privacy > Tracking).

12. Data Security

We implement commercially reasonable safeguards designed to protect personal data from unauthorized access, disclosure, alteration, and destruction:

• Role-based access controls (RBAC) limiting data access to authorized personnel only.
• SSL/TLS encryption for all data transmissions between client and server.
• Encrypted storage for sensitive data at rest using the AES-256 standard.
• Regular security audits, vulnerability assessments, and penetration testing.
• Ongoing operational monitoring and automated incident response procedures.
• Secure API authentication using OAuth 2.0 and JWT tokens.
• Employee training on data protection and security best practices.

No method of transmission over the Internet is completely secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

13. Contact Our Data Protection Team

If you have privacy requests, complaints, or questions about this policy, contact us:

• Email (General Privacy & Support): support@xrinter.com
• Email (Enterprise & Governance): gaosijia@xrinter.com
• Postal Address: No. 2, Block G, No. 01-18, No. 1 Road, Liqiao Town, Shunyi District, Beijing, China

We will respond to all privacy-related inquiries within 30 days. We may update this Privacy Policy from time to time. Material changes will be reflected by the "Last Updated" date at the top of this page.