Privacy Policy

YOYI Media (Beijing) Interactive Advertising Co., Ltd.

Last Updated: February 2025

We deeply understand the critical importance of data security and personal information protection. When providing products and services, we always respect and prioritize the protection of data security and the legitimate rights and interests of personal information subjects. We process data in accordance with laws, regulations, and national standards. Adhering to the principles of honesty, credibility, and transparency, we aim to explain through this policy how we collect, store, and use data, as well as the avenues we provide for personal information subjects to exercise their rights, such as accessing, copying, correcting, supplementing, and deleting personal information.

Before using YOYI TECH’s products or services, please read and fully understand this policy. We have made every effort to explain the technical terms involved in this policy in a clear and concise manner to facilitate your understanding. Key content has been highlighted in bold for your special attention. If you do not agree with the content of this policy, please do not proceed with any further actions or provide any personal information.

I. Scope of Application of This Policy

  • This Privacy Policy (“this Policy”) applies to all products and services provided by YOYI Media (Beijing) Interactive Advertising Co., Ltd. (“YOYI TECH” or “we”), including but not limited to websites, SDKs, APIs, plugins, components, code, tools, and continuously innovated products and services.
  • Before using our products or services, please read and thoroughly understand this policy. By using our products or services, you confirm that you have fully understood and agreed to this policy. If our products or services have separate terms and conditions, those terms form part of this policy, and this policy still applies to those products or services. In case of any inconsistency between this policy and the product or service terms, or if there are more specific agreements, the latter shall prevail. In the event of differing interpretations, we will interpret the terms in a manner that is most consistent with their intended meaning.
  • Please note that third-party websites, such as media platforms, may embed our SDKs, code, or other products and disclose our privacy policy. You must also comply with the privacy policies or statements of these third-party websites. You should refer to both the third-party website’s privacy policy and our privacy policy to fully understand our data processing practices.

II. Effectiveness and Amendments of This Policy

By using or continuing to use our services, you indicate that you have fully understood and agreed to our collection, storage, use, and processing of data related to the products and services you use, in accordance with this policy.

We may amend certain terms of this policy at any time, and such amendments will form part of this policy. If the amendments materially reduce your rights under this policy, we will notify you through a prominent notice on our homepage, by email, or through other means before the amendments take effect. In such cases, if you continue to use our services, you will be deemed to have agreed to the revised policy.

If you have any questions, comments, or suggestions regarding this policy or related matters, please contact us through the contact information provided on our website.

III. Definitions

  • You: Refers to users who access YOYI TECH’s products or services through various terminals.
  • Products or Services: Refers to the products or services provided by YOYI TECH through its own or third-party websites, apps, mini-programs, and other clients, including assisting advertisers and publishers in providing ad delivery services, introducing ad delivery business content, etc. The specific functions of YOYI TECH’s products or services are subject to the actual features displayed on each client.
  • Data: Refers to the data we collect when providing you with products and services. Depending on the context, this may include data you actively provide, data generated during our service provision, data provided to us by third parties with your legal authorization, and data legally obtained from public channels.
  • Personal Information: Refers to any information recorded electronically or otherwise that can identify a specific natural person or reflect the activities of a specific natural person, either alone or in combination with other information. Typically, the personal information involved in our products and services mainly includes commonly used device information and does not include sensitive personal information such as ID numbers or biometric data.
  • Sensitive Personal Information: Refers to personal information that, if leaked or illegally used, may easily harm the dignity of a natural person or endanger their personal or property safety. This includes biometric data, religious beliefs, specific identity information, medical health information, financial accounts, location tracking, and personal information of minors under the age of sixteen.
  • De-identification: Refers to the technical processing of personal information so that it cannot identify or associate with a personal information subject without additional information.
  • Anonymization: Refers to the technical processing of personal information so that the personal information subject cannot be identified or associated, and the processed information cannot be restored. Information obtained after anonymization is no longer considered personal information.
  • Cookie: Refers to a text file containing a string of characters generated by the server and sent to the user’s browser when visiting a website or viewing other online content. You can configure your browser to decide whether to save these text files.

IV. Data Collection and Use

4.1 Sources of Data

We adhere to the principles of legality, legitimacy, and necessity and only collect personal information that you actively provide or that is generated through your use of YOYI TECH’s products or services for the purposes, scope, and methods described in this policy. When you use various products or functions, we only collect the information necessary for the normal operation of the business function and obtain your prior consent.

4.1.1 Through the Website

We may collect your data, including Personal Data, when you use our Website. For example, if you fill out a form on our Website, we may collect the following information:

  • Contact information: Such as your name, address, phone number, and email address.
  • Demographic information: Such as your country, company, and job title.
  • Comments: Any comments you make on or through the Website.

When you visit our Website, we may automatically collect the following information:

  • Internet domain: The domain through which you access the internet.
  • IP address: The IP address of the computer you are using.
  • Browser and operating system: The type of browser software and operating system you are using.
  • Date and time: The date and time you access our Website.
  • Referral URL: The internet address of the website from which you linked directly to our Website.

We use this information to maintain and improve our Website, ensure it functions properly, and make it more accessible and useful.

4.1.2 Through Our Products and Services

Please note that in the process of providing related products or services, YOYI TECH may collaborate with its affiliated companies, advertisers, and publishers for the above-mentioned ad delivery purposes. In such cases, we will indirectly obtain the personal information you provide in various business scenarios from the affiliated companies for the purpose of providing ad delivery technical support. This enables us to provide comprehensive ad delivery technical support to affiliated companies in various business scenarios, thereby assisting affiliated companies, advertisers, and publishers in achieving the goals of ad delivery, user profiling, or ad delivery optimization.

  • Ad Delivery: When you use YOYI TECH’s ad delivery services provided in collaboration with advertisers and publishers, we will obtain encrypted device ID information (such as OAID, IDFA), IP address, browser type/model/language, and operating system from the publisher with your authorization. This allows YOYI TECH to assist advertisers in predicting your preferences through its ad delivery prediction strategy and provide you with high-quality ad content tailored to your interests.
  • User Profiling: When you use YOYI TECH’s ad delivery services provided in collaboration with advertisers and publishers, we will obtain encrypted device ID information (such as OAID, IDFA) and user profiles calculated based on your authorized data from the publisher and third parties designated by the advertiser. Based on the profiling results, we will provide you with high-quality ad content tailored to your interests.
  • Ad Delivery Optimization: When you use YOYI TECH’s ad delivery services provided in collaboration with advertisers and publishers, we will collect encrypted device ID information (such as OAID, IDFA) and ad exposure/browse/play/conversion information from the publisher with your authorization. This is done to measure the effectiveness of ad delivery strategies, conduct statistical analysis, and continuously optimize ad delivery.

In order to provide our services, we may collect data through cookies placed by our business partners on their websites or from third-party partners authorized to collect such data. The data collected may include:

  • Identifiers: IP address, contact information (e.g., email address), device identifiers (e.g., IDFA, GAID).
  • Geolocation data: Precise geolocation data.
  • Ad-related data: Ad ID, Ad URL, and events such as ad clicks or impressions.
  • Financial information: Purchase history.
  • Technical information: Browser type, operating system, and device model.

If we intend to use your personal information for purposes not stated in this policy or use the information collected for a specific purpose for other purposes, we will inform you in a reasonable manner and obtain your consent again. After you close or stop using the business function, we will stop collecting your personal information. Please note that if you provide us with personal information of other individuals during your use of YOYI TECH’s products or services, you must ensure that we have obtained the consent of the relevant personal information subjects before processing such information.

4.2 Use of Data

We strictly comply with legal regulations and our agreements with you, using the collected information for the following purposes. If we use your information for purposes beyond those listed below, we will explain this to you and obtain your consent again.

  • To provide you with services and achieve the purposes for which the personal information was collected;
  • To provide, maintain, protect, and improve our services, including optimizing strategies and models for assisting advertisers and publishers in providing ad services, and developing new services;
  • To send you marketing communications and other information related to our business.
  • To protect the rights or property of YOYI TECH or you;
  • To report to relevant authorities in accordance with legal or regulatory requirements;
  • Other purposes that comply with legal regulations and have your consent.
  • To prevent and address fraud, breaches of policies, and threats to security.

After de-identifying data through technical means, the de-identified information will no longer be able to identify the personal information subject. You acknowledge and agree that we may use de-identified information; without disclosing your personal information, we reserve the right to analyze user databases and utilize them commercially.

We may conduct statistical analyses on the usage of YOYI TECH’s products or services and may share these statistics with the public or third parties to demonstrate overall usage trends. However, these statistics will not contain any of your personal information.

When we intend to use your personal information for purposes not stated in this policy or use information collected for a specific purpose for other purposes, we will seek your consent in advance. Please understand that the products and services we provide to you are constantly evolving. If you choose to use other products or services not listed in this policy, we will explain the purpose, method, and scope of information collection to you in detail through separate product or service agreements or page prompts before collecting your personal information and obtain your explicit consent. If you do not agree to provide the aforementioned information, you may not be able to use that product or service, but this will not affect your use of other products or services.

4.3 Exceptions to Authorization for Data Collection and Use

In accordance with relevant laws and regulations, we may collect your data without your authorization in the following circumstances:

  • When it is necessary for the conclusion or performance of a contract to which you are a party, or for the implementation of human resource management in accordance with legally established labor rules and regulations or collective contracts;
  • When it is necessary to fulfill legal obligations or statutory duties;
  • When it is necessary to respond to public health emergencies or to protect the life, health, and property safety of natural persons in emergencies;
  • When it is necessary to carry out news reporting, public opinion supervision, and other activities in the public interest, and the processing of personal information is within a reasonable scope;
  • When processing personal information that has been voluntarily disclosed by individuals or has been legally disclosed, within a reasonable scope;
  • Other circumstances stipulated by laws and administrative regulations.

V. How We Use Cookies and Similar Technologies

Cookies and similar technologies are commonly used on the internet. When you use our related services, we may use these technologies to send one or more cookies or anonymous identifiers to your device to collect and store information about your visit and use of our website or system. Cookies and similar technologies typically contain identifiers, site names, and some numbers and characters.

We use this information to determine whether registered users are logged in, to ensure the secure and efficient operation of our products and services, and to improve product services and user experience. If you do not want your personal information to be stored in cookies, you can configure your browser to disable cookies and similar technologies.

If your browser or browser add-ons allow, you can modify your acceptance level of cookies and similar technologies or reject our cookies and similar technologies. Most browsers provide users with the function to clear browser cache data, and you can perform the corresponding data clearing operations in the browser settings. However, please note that if you disable cookies, you may not be able to enjoy a better service experience.

VI. Data Sharing, Transfer, and Public Disclosure

6.1 Data Sharing

In compliance with laws and regulations, we may share data in the following circumstances:

  • Sharing under legal circumstances:  We may share data in accordance with legal requirements, litigation dispute resolution needs, or requests from administrative or judicial authorities.
  • Sharing with affiliated companies: To better provide you with products and services, we may share data with our group companies or affiliates. We and our group companies or affiliates will protect data related to your services in accordance with laws and regulations and standards no lower than those required by this policy.
  • Sharing with partners: We may share anonymized device ID information with our advertising clients and partners designated by advertisers, such as e-commerce platforms, to evaluate the effectiveness of ad delivery. We may also share anonymized device ID information with third parties, including telecom operators, within the necessary scope when assisting advertisers and publishers in providing ad services, to obtain preference information held by third parties and form user profiles for ad optimization. We will enter into strict data protection agreements with these partners, requiring them to process data in accordance with standards no lower than those set forth in this policy and other relevant confidentiality and security measures.

Please note that, in accordance with applicable laws, if we take technical measures and other necessary measures to de-identify or anonymize personal information so that the data recipient cannot re-identify specific individuals or restore the information, such sharing of processed data does not require additional notification or consent from you.

6.2 Data Transfer

We will not transfer your personal information to any third party, except in the following circumstances:

  • With your consent.
  • In the event of a merger, acquisition, bankruptcy liquidation, or sale of part or all of our assets in any form, personal information may be transferred. In such cases, we will ensure the confidentiality of all personal information involved in the transaction and notify you before the information is transferred and subject to another privacy policy. If the method of collecting or processing personal information as stipulated in this policy changes, the company or organization will re-seek your authorization and consent.

6.2.1 International Data Transfers

As a global company, we may transfer your data to servers or affiliates located outside your country of residence. When transferring data internationally, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or other legal mechanisms, to protect your data in accordance with applicable data protection laws.

6.3 Public Disclosure of Data

We will comply with relevant laws and regulations and keep your personal information confidential. Unless we obtain your explicit consent or authorization, or unless required by law, we will not publicly disclose your personal information. However, in cases where it is necessary to comply with laws, legal procedures, litigation, or mandatory requirements from government authorities, we may disclose your personal information to the relevant authorities. We will ensure that the requesting party presents valid legal documents and will make reasonable efforts to take security measures in line with legal and industry standards for the disclosed information.

6.4 Exceptions to Authorization for Sharing, Transfer, and Public Disclosure of Personal Information

In accordance with relevant laws and regulations, we may share, transfer, or publicly disclose your personal information without your authorization in the following circumstances:

  • When it is necessary for the conclusion or performance of a contract to which you are a party, or for the implementation of human resource management in accordance with legally established labor rules and regulations or collective contracts;
  • When it is necessary to fulfill legal obligations or statutory duties;
  • When it is necessary to respond to public health emergencies or to protect the life, health, and property safety of natural persons in emergencies;
  • When it is necessary to carry out news reporting, public opinion supervision, and other activities in the public interest, and the processing of personal information is within a reasonable scope;
  • When processing personal information that has been voluntarily disclosed by individuals or has been legally disclosed, within a reasonable scope;
  • Other circumstances stipulated by laws and administrative regulations.
  • You fully understand and agree that sharing or transferring anonymized personal information, where the data recipient cannot restore or re-identify the personal information subject, does not constitute sharing, transfer, or public disclosure of personal information. The storage and processing of such data do not require additional notification or consent from you.

VII. Data Storage and Personal Information Protection System

7.1 Data Retention Period

We will store data using security measures, and the retention period will strictly comply with legal requirements, with a minimum period of no less than 6 months. Data will be deleted or anonymized within a reasonable period after the service purpose is fulfilled unless an extended retention period is required or permitted by law.

7.2 Technical Measures and Data Security Measures

Your personal information security is of utmost importance to us. We will strictly comply with relevant laws and regulations and adopt reasonable and feasible security measures recognized by the industry to protect data from unauthorized access, modification, disclosure, or destruction. These measures include internal reviews of our data collection, storage, and processing methods, as well as security measures (including appropriate encryption and physical security measures to prevent unauthorized access to systems storing personal data).

We strive to adopt various physical, electronic, and managerial security measures in line with industry standards to protect your personal information. We actively establish data classification and grading systems, data security management standards, and data security development standards to regulate the storage and use of personal information, ensuring that we do not collect personal information unrelated to the services we provide. Additionally, in cases of information interaction with relevant third parties, we use privacy computing technologies such as secure multi-party computation and federated learning to protect your privacy.

We only allow YOYI TECH’s employees, contractors, and agents who need to know the personal information to process it on our behalf to access your personal information. These personnel are bound by confidentiality obligations and will face penalties, including contract termination and criminal prosecution, if they violate these obligations.

7.3 Security Certifications

We have obtained the Level 3 certification of information security classification protection from the Ministry of Public Security and ISO 27001 certification. We have also established a good coordination and communication mechanism with regulatory authorities and third-party evaluation agencies to promptly resist and handle various information security threats, providing comprehensive protection for your information security.

7.4 Security Incident Handling

We will do our best to ensure the security of your information. However, please understand that due to technical limitations and various malicious methods in the internet industry, we cannot guarantee 100% security of information at all times. You should be aware that the systems and communication networks you use to access our services may encounter issues beyond our control.

To prevent security incidents, we have established a sound early warning mechanism and emergency response plan. In the unfortunate event of a personal information security incident, we will promptly inform you in accordance with legal requirements: the basic situation and impact of the security incident, the measures we have taken or will take, suggestions for you to prevent and reduce risks, and remedial measures for you. We will immediately activate the emergency response plan to minimize losses. We will notify you of the incident through phone calls, push notifications, or other means. If it is difficult to notify each user individually, we will issue a notice in a reasonable and effective manner. At the same time, we will report the handling of personal information security incidents to regulatory authorities as required and closely cooperate with government agencies.

7.5 Data Security and Limitations

We are committed to protecting the security of your information and have implemented robust technical and organizational measures to safeguard your data. However, please be aware that no method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security due to factors beyond our control, such as technical limitations and evolving cybersecurity risks. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities without undue delay, as required by applicable laws.

VIII. Your Rights Regarding Your Personal Data

You have the following rights regarding your personal data:

  • Access and Correction: You may request access to your personal data and request corrections if it is inaccurate.
  • Deletion: You may request the deletion of your personal data, subject to certain legal exceptions.
  • Objection: You may object to the processing of your personal data for certain purposes.
  • Data Portability: You may request a copy of your personal data in a structured, machine-readable format.

To exercise these rights, please contact us using the contact information provided at the end of this policy.

Ⅸ. Other Provisions

9.1 How We Handle Minors’ Personal Information

YOYI TECH’s products and services are primarily aimed at adults. If you are a minor under the age of 16, you should obtain the consent of your guardian before using YOYI TECH’s products or services. For the collection of minors’ personal information with parental consent, we will only use or publicly disclose this information when permitted by law, with the explicit consent of the guardian, or when necessary to protect the child. For personal information of children under the age of 14, in addition to complying with the provisions of this policy regarding user personal information, we will strictly follow the principles of legitimacy, necessity, informed consent, clear purpose, security assurance, and lawful use, and comply with the requirements of laws and regulations such as the “Regulations on the Protection of Children’s Personal Information Online” for the storage, use, and disclosure of children’s personal information, and safeguard the legal rights of children and their guardians regarding the relevant children’s personal information.

If we find that we have collected minors’ personal information without prior verifiable parental consent, we will take steps to delete the relevant data as soon as possible.

If you are the guardian of a minor and have questions about the processing of the minor’s information, or if you have evidence that the minor has used YOYI TECH’s products or services without the guardian’s consent, please contact us by email at marketing@yoyi.com.cn.

9.2 Cross-Border Data Transfers

The data collected and generated during our operations in the People’s Republic of China will be stored in China in accordance with legal requirements and will not be transferred overseas.

9.3 Notices and Information We Send to You

We may send you service-related notices when necessary (for example, when we suspend a service due to system maintenance). You may not be able to cancel these service-related notices, which are not promotional advertisements.

9.4 Changes  to This Privacy Policy

Our products and services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete such information promptly.

9.5 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at marketing@yoyi.com.cn. We will respond to you within 15 working days.

If you are not satisfied with our response, especially if you believe that our personal information processing practices have harmed your legitimate rights and interests, you may file a complaint or report with the relevant data protection authority in your country or region, or pursue legal action through a court of competent jurisdiction.

For users in specific regions, the following applies:

  • European Economic Area (EEA) and United Kingdom: You have the right to lodge a complaint with your local data protection supervisory authority. A list of EU data protection authorities can be found at Our Members | European Data Protection Board.
  • United States (California): You may contact the California Attorney General’s Office or other relevant regulatory bodies to exercise your rights under the California Consumer Privacy Act (CCPA).
  • Australia: You may lodge a complaint with the Office of the Australian Information Commissioner (OAIC). More information can be found OAIC.
  • Middle East and North Africa (MENA): Depending on your country, you may contact the relevant data protection authority. For example:
    • United Arab Emirates (UAE): The Dubai Data Establishment or the Abu Dhabi Digital Authority.
    • Saudi Arabia: The Saudi Data and Artificial Intelligence Authority (SDAIA).
    • Egypt: The Egyptian Data Protection Authority.
  • Southeast Asia (SEA): Depending on your country, you may contact the relevant data protection authority. For example:
    • Singapore: The Personal Data Protection Commission (PDPC). More information can be found Personal Data Protection Commission Singapore | PDPC.
    • Malaysia: The Department of Personal Data Protection (JPDP). More information can be found here.
    • Thailand: The Office of the Personal Data Protection Commission (PDPC). More information can be found here.
    • Indonesia: The Ministry of Communication and Informatics (Kominfo).
    • Philippines: The National Privacy Commission (NPC). More information can be found here.
  • Other Countries: Please refer to your local data protection laws and regulations to identify the appropriate authority or legal recourse available to you.

We are committed to addressing your concerns and will cooperate with relevant authorities to resolve any issues in accordance with applicable laws.