StoneMIND AI Privacy Policy
Last Updated Date: [March 21, 2025]
This StoneMIND AI Privacy Notice (the “Notice”) explains how we collect, use and more generally process your personal data in connection with your relationship with us when you use our website or SaaS software or enjoy other related services offered by us (collectively, the “Services”).
The Services are provided or controlled by HitChem Limited and its affiliates. (the “we”).
Definition
(1)Enterprise User: Refers to the legal entity or other organization that purchases this service and registers an account for this service through authorized users.
(2)Authorized User: Refers to a natural person authorized by the enterprise user to use this service (typically an employee of the enterprise user, hereinafter collectively referred to as “you”). Among them, a natural person designated by the enterprise user to configure this service on its behalf and exercise administrative privileges in the backend is referred to as an Administrator (for clarity, referred to as an “Administrator User”). The Administrator User may invite other Authorized Users to use this service.
1 What data do we collect about you?
2 How do we use your data?
3 How do we retain and protect your data?
4 How will we disclose your data?
5 How will we transfer your data around the world?
6 What are your data subject rights and choices?
7 How do we protect minors?
8 How to contact us?
9 How do we update this Notice?
1. What data do we collect about you?
During your use of the Software and/or Services, we may obtain your information through the following methods:
a) Information you or your authorized representatives voluntarily provide while using the Software, such as details submitted during Account registration, purchase of technical services, or other interactions;
b) Information we actively collect during your use of the Software, such as operational records or other log-type data generated by your use of the StoneMIND AI application; and
c) Information uploaded and submitted by our employees or partners on your behalf under special circumstances, such as when you authorize a customer service agent to assist in uploading or completing information submissions.
We may collect and process the following data:
• Contract Management Information: version number of this Notice you are aware of, your consent or rejection of specific services or functions, version number of the service contract you agree to or refuse; and the timing of your aforementioned actions.
• Account Information:account ID, email address, phone number, account creation time, last active time, account status.
• Device Information:hardware model, hardware serial number, software list, application installation list, software installation list, unique device identifier IMEI, device MAC address, SIM card, IMSI information Android ID、MEID、Open UDID、GUID、BSSID、SSID、OAID、 Bluetooth information, broadcast component communication information ICCID、 Operator information, sensors (gyroscopes, gravity sensors, acceleration sensors, environmental sensors, optical heart rate sensors), shear plates.
• Log information: such as your login frequency, login time, search queries, login location (IP address/geolocation), browser type, telecom operator, language used, access date and time, and records of the web pages you visit, usage of functional modules.
• Customer Service-Related Information: such as consultation records, fault reports, servicecreation and resolution status, and the troubleshooting process for user issues (such as communication or call records).
• Customer Information: We will assist authorized users in handling the personal information required for registering their accounts, as well as any personal information that may be involved in the data generated, processed, stored, uploaded, downloaded, distributed, or otherwise handled during the use of this software, in accordance with the instructions of enterprise users and our agreement with them. The personal information we process on behalf of enterprise users is entirely managed and controlled by the enterprise users, and we only process the data under the control of enterprise users based on the instructions of administrator users.
In principle, it is the responsibility of the enterprise user to inform you of the purposes, methods, and scope of the collection and use of the Account Information and the Customer Information. If you have any questions or wish to exercise your personal information rights, you acknowledge and understand that you may contact the enterprise user or administrator user for handling.
2. How do we use your data?
The purposes for which we process personal data, subject to applicable law, and the legal bases on which we perform such processing, are as follows:
• Contract Management: We process Contract Management Information to provide you with records related to contract management, such as records of your agreement/refusal actions, version numbers of contracts/privacy notice related to you, time, etc. For users from European Region, the processing is necessary for the performance of our contract with you. There is no legal or contractual obligation to provide the above personal data to us, but you may not be able to enjoy our Services without providing the data.
• User Account Management: We process your Account Information to provide you with functions related to user account management, such as account registration, account deletion, account login, and modification of account information. For users from the European Region, processing is necessary for the performance of our contract with you. There is no legal or contractual obligation for you to provide the above personal data, but you may not be able to enjoy our Services without providing the data.
• Ensure Security, Stable Operation, and Improvement of the Software: We process your Device Information, and Log information to identify the abnormal status of your account, ensure the stability and security of our Services, and plan improvements or upgradation of our Services. For users from the European Region, we have legitimate interests in carrying out the processing to ensure the security and ongoing stability of the Softwareand improving our services on the Software (to the extent that such legitimate interests are not overridden by your interests, fundamental rights, or freedoms). There is no legal or contractual obligation for you to provide the above personal data, but you may not be able to enjoy our Services without providing the data.
• Customer Service and Support: When you consult any issues via online customer service, we will process some of your Customer Services Related Information. Additionally, we may also collect other information provided by you to offer services such as troubleshooting and online customer support. For users from the European Region, the processing is necessary for the performance of our contract with you. There is no legal or contractual obligation for you to provide the above personal data, but it is technically not possible for us to offer customer service and support without you providing the data.
• Enhance the user experience of the product: We may conduct customer experience research or service communication from time to time, and we may contact you by providing us with contact information during the questionnaire filing process, business service process, and other processes. If you do not wish to participate in the survey or communication, you can express your unwillingness to participate in the survey after receiving a call, or send an unsubscribed email, or refuse to fill out the online questionnaire. If you do not wish to receive the commercial electronic messages we send you, you can unsubscribe by replying to the SMS prompt or by following the unsubscribing method provided in the message.
• If you believe there is illegal content in our services, you can report it to us. When you submit a report, we may collect and store your name, email address, and other relevant information related to your report in compliance with our legal obligations. There is no legal or contractual obligation for you to provide the above personal data, but you may not be able to enjoy our Services without providing the data.
3. How do we retain your data?
During the trial period of the software, your data will be processed on servers located in China. During the paid usage period, if you use the software from the United States, your data will be processed on servers located in the United States; if you use the software from the European Economic Area, your data will be processed on servers located in Germany.
We will only retain your personal data for the time necessary to achieve the purposes stated in this Notice.
We will process and store your data during the period that we maintain an ongoing relationship with you. Most of your personal data will be associated with your account. When you delete your account, the personal data associated with your account and related services will be deleted or anonymized, unless local applicable laws require our continued processing of such data.
We promise StoneMIND AI to implement strict data access permission management to ensure that only authorized personnel can access sensitive data. Standardize the permission control of internal employees for business data, protect the security and confidentiality of enterprise data, and ensure compliance, legal protection, and use of data.
StoneMIND AI attaches great importance to your information security. We strive to take various reasonable physical, electronic, and management security measures to protect your user information. Prevent unauthorized access, public disclosure, use, modification, damage or loss of user information. For example, we will use encryption technology to enhance the security of user information; We will use trusted protection mechanisms to prevent malicious attacks on user information; We will deploy access control mechanisms to ensure that only authorized personnel can access user information; And we will hold security and privacy protection training courses to enhance employees' awareness of the importance of protecting user information.
After an unfortunate user information security incident (leakage, loss, etc.) occurs, we will promptly inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, suggestions for you to independently prevent and reduce risks, and remedial measures for you in accordance with legal requirements. We will promptly inform you of the relevant situation of the event through email, letter, phone, push notifications, etc. When it is difficult to inform the user information subject one by one, we will adopt a reasonable and effective way to publish an announcement. At the same time, we will also report on the handling of user information security incidents in accordance with regulatory requirements.
4. How do we disclose your data?
Third-party service providers who provide us with IT services (including IT-related cloud services) may need to process your data. These third parties will process your personal data on our behalf under relevant contracts. In addition, we may only disclose your data under the following circumstances:
• In response to any legal procedures or requests from regulatory authorities, we may disclose your data in accordance with applicable laws or legal processes.
• During the provision of services by external auditing firms, legal advisors, or other professional consultants, we may disclose your data to them as necessary based on specific circumstances.
• Your data may also be disclosed to relevant third parties in the event of mergers, acquisitions, sale of assets, or transfer of services to other companies.
When transmitting or disclosing your data, we will adhere to relevant legal obligations to ensure adequate protection for the transfer of such data by providing the same level of protection equivalent to that required in your jurisdiction.
In addition, we will provide the data of enterprise users to third parties as instructed by the enterprise users. However, please note that such third parties are not selected by us, and we will not provide your personal information to third parties ourselves. In this situation, we will fulfill our reasonable and prudent obligation to test the security of third-party data interfaces and ensure the secure transmission of enterprise user data.
5. How will we transfer your data around the world?
During the trial period of the software, the data will be transmitted to the servers located in China for processing. During the paid usage period, we only store the user data from the United States, while the user data from the European Economic Area (EEA) will be stored in Frankfurt, Germany.
In the event of an international transfer of personal data, when required by applicable law, we will provide an adequate level of protection for your personal data using various means, including where appropriate, relying on a formal decision that a certain country ensures an adequate level of protection for personal data, or implementing the European Commission approved Standard Contractual Clauses and UK International Data Transfer Agreement between our affiliates and third parties (where applicable) or any other lawful approach that permits the lawful transfer of personal data from those countries.
6. What are your data subject rights and choices?
You may have the following rights and choices regarding your personal data:
6.1 Data Access
You may access your account-related personal data by contacting us.
6.2 Data Correction
If you have any other requests relating to the correction of your personal data, please contact us.
6.3 Data Portability
You may contact us to request the personal data you have provided to us in a structured, commonly used and machine-readable format and have it transferred to another controller, to the extent applicable.
6.4 Data Deletion and withdrawal of consent
You can contact your administrator user to apply for the revocation or deletion of your personal information.
6.5 Objection to the Processing
Subject to applicable law, you may object to the processing of your personal data based on our legitimate interests where there are grounds relating to your particular situation by contacting us. If we cannot take action on your request, we will inform you of the reasons.
6.6 Restriction to the Processing
If you would like to restrict our processing of your personal data, please contact us or the administrator user.
As mentioned earlier, we will also process the personal information submitted to us by authorized users according to their instructions. If you wish to exercise the rights provided by applicable laws regarding this portion of personal information, we recommend that you consult the administrator user directly. If you apply directly to us, you need to provide us with your specific information, and we will forward your application to the administrator user of the corresponding enterprise user for processing. The specific processing results shall be subject to the processing of the administrator user.
7. How do we protect minors?
Our services are exclusively for adults. If you do not meet the legal age requirement for adults in your jurisdiction, please do not use our services. If you are uncertain about meeting the age requirement, kindly consult your guardian for verification.
If you are a parent or guardian and become aware that a minor is using our services, please contact us to stop relevant provision of services by send email to support@stonewise.com.
8. How tocontact us?
For more information about your data subject rights, or how we process your personal data, or if you wish to contact our Data Protection Officer, please contact us by using the information below.
(i) send an email to: support@stonewise.com;
(ii) mail the letter to 10th Floor, Zhonggang Building, Haidian District, Beijing, China.
9. How do we update this Notice?
We will update this Notice in a timely manner, and we recommend that you regularly check the latest version of this Notice via the Service. If there are any substantial changes to this Notice, depending on the nature of such changes, we will notify you in advance through pop-ups, push notifications, emails, and other appropriate means.
