1. Overview & Privacy Principles
Privacy is not a feature we add on at the end. It is the design substrate of every product we publish and every service we operate. This Privacy Policy reflects those commitments in writing, with the goal of making our practices legible to you — whether you are a casual visitor, a paying user, a regulator, or a future engineer on our team.
Our Three Operating Principles
- Local-first by default. Wherever it is technically and commercially feasible, your data is processed on the device you hold. We do not upload what we do not need.
- Minimal collection. We collect what is strictly necessary to provide the feature you are using, and we delete or anonymize it when no longer needed.
- No dark patterns. We do not use manipulative consent flows, hidden tracking, or deceptive notifications. You will know what you opt into.
This Policy applies to all individuals whose information we process, regardless of the country, state, or territory in which they reside, and it incorporates the protections required by major data protection frameworks including but not limited to the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Children's Online Privacy Protection Act (COPPA), Brazil's LGPD, Canada's PIPEDA, Australia's Privacy Act, Japan's APPI, Singapore's and Thailand's PDPA, and other applicable local laws. If any provision of this Policy conflicts with a mandatory local law, the local law prevails.
2. Data Controller & Contact Information
For purposes of the GDPR and other applicable data protection laws, the data controller responsible for your personal information is:
You may contact us by email at contact@dingfengtrad.com for any matter relating to your personal information, including requests to exercise your rights described in Section 16. We endeavor to respond to all verifiable requests within 30 days, or sooner where required by local law (e.g., 45 days under CCPA/CPRA).
Because we are based in the United States, we have appointed no separate EU/UK representative at this time, although we are prepared to do so if our processing of EU/UK personal data materially expands. EU and UK users may direct requests to contact@dingfengtrad.com using the subject line "EU Request" or "UK Request" respectively.
3. Scope of This Policy
This Policy applies to the following processing activities:
- Website. Visiting and interacting with dingfengtrad.com, including any subdomains we operate.
- Apps. Downloading, installing, registering for, or using any application published by us on the Apple App Store, Mac App Store, or any other distribution channel we may adopt.
- Communications. Sending us an email, completing our web-based contact form, or otherwise contacting us.
- Marketing. Subscribing to our quarterly updates or product release notifications.
This Policy does not apply to third-party services we do not control, including but not limited to Apple's App Store, Mac App Store, and TestFlight; payment processors that process transactions on your device; or any third-party application or website you may reach via a link from our Services. We encourage you to read the privacy notices of those third parties.
4. Information We Collect
The categories of personal information we collect are limited to what is necessary and are described in detail below.
4.1 Information You Provide Directly
- Account-like data: where registration is required (currently only for our newsletter and pilot programs) — your name, email address, and any preferences you set.
- Communication data: when you contact us — the contents of your email, your contact form submission, the email address you used, and any attachments you voluntarily provide.
- Newsletter data: when you subscribe — your email address and the implicit consent record (timestamp, opt-in method).
4.2 Information Collected Automatically
- Device and log data: IP address (truncated), device type, OS version, locale, browser/engine version, referring URL, and timestamps. Used for security and aggregate analytics. We retain logs for a maximum of 90 days in identifiable form.
- Aggregate usage telemetry: for our website only, we use a privacy-respecting analytics tool (Plausible Analytics, self-hosted equivalent, or similar) that does not set cross-site cookies and does not collect personal data. We may switch providers without notice; our privacy posture will not regress.
- App-store inferred signals: Apple may share with us, on an aggregated and non-identifying basis, basic app-store impressions, downloads, and crash report counts.
4.3 Information We Do Not Collect
- We do not collect biometric data, government identifiers, financial account numbers, or health data.
- We do not collect precise geolocation (we may receive coarse country-level from IP for routing only).
- We do not collect advertising identifiers (IDFA/IDFA-A) for our own use.
- We do not access your photo library, microphone, contacts, calendar, or SMS without an explicit in-app permission grant, and any such access is local-only and never transmitted.
4.4 Children's Data
Our Services are not directed to children under the age of 13 (or higher where required by local law). See Section 17 below.
5. How We Use Information
We use the information we collect for the following purposes:
- To provide and operate the Services you request, including delivering app features, responding to support requests, and processing transactions.
- To improve our products by analyzing aggregate trends and bug reports. We never trace these back to individuals.
- To communicate with you when you have contacted us, subscribed to updates, or are entitled to important notices (security, policy, or product changes).
- To comply with law and respond to lawful requests from competent authorities.
- To protect our rights and the safety of our users, including fraud prevention and security incident response.
We do not sell personal information, and we do not share personal information with third parties for their independent use ("sharing" under CPRA §1798.140). Where we use service providers, they process personal data only on our documented instructions under a Data Processing Agreement (DPA) that meets the requirements of GDPR Art. 28 and equivalent standards.
6. Legal Bases for Processing (GDPR / UK GDPR)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under GDPR Art. 6:
| Purpose | Legal Basis |
|---|---|
| Providing the Services you request | Performance of a contract (Art. 6(1)(b)) |
| Responding to support & contact requests | Legitimate interests (Art. 6(1)(f)) — to assist you |
| Newsletter and product communications | Consent (Art. 6(1)(a)) — withdrawable at any time |
| Security, fraud detection, log retention | Legitimate interests (Art. 6(1)(f)) |
| Compliance with law | Legal obligation (Art. 6(1)(c)) |
Where we rely on legitimate interests, we have conducted and documented a balancing test showing that our interests are not overridden by your fundamental rights and freedoms.
7. App Store & Mobile Platform Compliance
All applications we distribute through Apple platforms are required to comply with the following app-store and operating-system policies, in addition to this Policy.
7.1 App Store Review Guidelines (Apple)
Our apps comply with Apple's App Store Review Guidelines, including but not limited to the User Privacy choices (Guideline 5.1), Data Minimization (Guideline 5.1.1), and the requirement to use any data only with the user's consent and only to provide functionality directly relevant to the app (Guideline 5.1.2).
7.2 Privacy Manifest (PrivacyInfo.xcprivacy)
Every Apple-platform app we publish declares its data practices in a PrivacyInfo.xcprivacy manifest, as required by Apple since 1 May 2024. The manifest declares: (a) all data collected; (b) whether each data category is linked to user identity; (c) whether it is used for tracking; (d) the reasons (APIs) used for each purpose. The manifest is version-controlled and updated with every release.
7.3 Required Reason API Declarations
Where any of the so-called "Required Reason API" calls are made (UserDefaults, file timestamp, system boot time, active keyboard, disk space, etc.), the manifest declares the precise reason, and we limit the calls to the actual reason. We periodically audit and remove reasons that are no longer necessary.
7.4 Account Deletion
Where any app provides account-like persistence (e.g., for newsletter subscriptions or pilot programs), we provide an in-app and email-supported account deletion flow that meets Apple's Guideline 5.1.1(v) requirement. Deletion is honored within 30 days.
7.5 Sign in with Apple
Where third-party or proprietary sign-in is offered, we offer "Sign in with Apple" as an equal-or-higher-ranked option, in accordance with Guideline 4.8. We do not currently offer any proprietary sign-in; all account-less apps require none.
7.6 Data minimization in App Store labels
Our App Store privacy labels accurately reflect actual data practices. Where we use a third-party SDK that would otherwise cause us to declare an additional category, we replace it with a privacy-respecting alternative or remove the SDK.
7.7 Google Play Store Policy
Although we primarily distribute via Apple, should we publish on Google Play in the future, our apps will: (a) declare User Data in the Play Console accurately; (b) comply with Google Play's Families Policy where the app is accessible to minors (or be rated accordingly); (c) comply with Google Play's Data Safety section; (d) honor Data deletion requests under Play's policies; and (e) avoid deceptive data practices.
7.8 Other Distribution Channels
If we distribute an app outside the Apple App Store (e.g., direct download via our website for macOS), we continue to honor this Policy and to comply with the laws of the user's jurisdiction.
8. App Tracking Transparency (ATT) Compliance
For Apple-platform apps that use any code which would constitute "tracking" under Apple's ATT rules, we request the user's permission through Apple's AppTrackingTransparency framework before any tracking activity begins.
8.1 What Is "Tracking" Under ATT?
Per Apple's guidelines, "tracking" means linking user or device data with third-party data for advertising purposes, or sharing with a data broker. The following activities are examples of tracking:
- Displaying targeted ads based on user data shared with a third-party SDK or network.
- Sharing a list of user actions with a data broker or analytics provider for ad attribution.
- Linking device identifiers with a user identity for cross-property tracking.
8.2 Our Default Posture
Because we are a privacy-first studio, the default posture for our apps is: we never engage in tracking as defined above, even within first-party. We do not share IDFA with third parties, we do not perform cross-property ad targeting, and we do not use data brokers.
Should we introduce a feature that requires the ATT prompt in the future, we will:
- Present the ATT prompt at the first relevant moment, with a clear contextual screen explaining in plain language what is being asked and why.
- Provide an in-app setting (in the Privacy or About screen) to manage or re-trigger the ATT prompt.
- Honor the user's denial — the app's full functionality (or a documented subset) remains available without tracking.
- Audit the SDKs and code paths on a quarterly basis to confirm no tracking is occurring without consent.
8.3 Children and ATT
Apps likely to be accessed by children under 13 do not display any ATT prompt and use only contextual (non-personalized) advertising or — preferably — no advertising at all.
9. Advertising & Ad Networks — Detailed Disclosure
This section is provided in exceptional detail to satisfy the disclosure requirements of (a) Apple's App Store Guidelines, (b) Google Play's Data Safety section, (c) GDPR Art. 13 & 14, (d) CCPA/CPRA §1798.100(b), (e) Brazil's LGPD Art. 9, and (f) similar laws in other jurisdictions we serve.
9.1 General Posture
The vast majority of our published apps are premium-only (paid once, no advertising, no in-app purchases, no subscriptions). Where we publish an ad-supported or hybrid (free + ad-removed-tier) title, the disclosures in Sections 9 through 11 of this Policy apply to that specific app. The App Store privacy label for each title accurately reflects which model it follows.
9.2 Ad Mediation Platform Architecture
Where ads are displayed, we use a mediation stack composed of the platforms and partners listed in Sections 9.3 and 9.4. Mediation selects the highest-paying eligible demand source for each impression, in real-time, through a unified auction. We pass to each mediation partner only the user-consent-derived signals required for their compliance.
9.3 Ad Networks & Supply-Side Platforms (Where Used)
The complete set of advertising partners we may integrate into a given title — with appropriate in-app disclosures — is listed below. Each is configured to comply with applicable user-consent signals (GDPR, CPRA, etc.). Inclusion of a partner in this list does not mean it is used in every title; partner selection is documented per app in its privacy label.
- Google AdMob — Google's primary mobile ad network. Privacy: https://policies.google.com/privacy · SDK:
Google-Mobile-Ads-SDK. - Google Ad Manager (DFP) — Google's hosted ad server for direct and indirect demand.
- Google AdSense — Google's contextual ad network (commonly used in web-views inside apps where applicable).
- Google Authorized Buyers (formerly DoubleClick Ad Exchange) — programmatic exchange.
- Meta Audience Network (formerly Facebook Audience Network) — Meta's mobile ad network. Privacy: https://www.facebook.com/policy.php · SDK:
FBAudienceNetwork. Subject to Meta's "Limited Data Use" flag where required by state law. - Unity Ads — Unity's in-app monetization network. Privacy: https://unity.com/legal/privacy-policy · SDK:
com.unity3d.ads. - AppLovin — AppLovin MAX mediation and exchange. Privacy: https://www.applovin.com/privacy/ · SDK:
applovin-sdk. - ironSource (now part of Unity) — programmatic mediation and exchange. Privacy: https://www.is.com/privacypolicy/ · SDK:
supersonic-sdk. - Vungle — Vungle (Liftoff) creative ad network. Privacy: https://vungle.com/privacy/ · SDK:
vungle-sdk. - Chartboost — programmatic in-app exchange. Privacy: https://www.chartboost.com/legal/privacy-policy/ · SDK:
chartboost-sdk. - InMobi — InMobi mobile ad network. Privacy: https://www.inmobi.com/privacy-policy · SDK:
inmobi-sdk. - Pangle — ByteDance's global ad network (formerly TikTok Audience Network). Privacy: https://www.pangle.io/privacy · SDK:
com.bytedance.pangle. - Mintegral — programmatic ad network focused on APAC and emerging markets. Privacy: https://www.mintegral.com/en-privacy-policy · SDK:
com.mbridge.msdk. - Tapjoy — Tapjoy offerwall and rewarded engagement. Privacy: https://www.tapjoy.com/legal/privacy-policy/ · SDK:
tapjoy-ios-sdk. - Start.io (Startapp) — mobile ad network. Privacy: https://www.start.io/privacy-policy/ · SDK:
startapp-sdk. - Digital Turbine (formerly Fyber) — programmatic monetization. Privacy: https://www.digitalturbine.com/privacy-policy/ · SDK:
fyber-sdk. - Smaato — mobile ad exchange. Privacy: https://www.smaato.com/privacy/ · SDK:
smaato-sdk. - Verizon Media / Yahoo Native — selective native demand (legacy).
- MoPub (now part of X / Twitter) — MoPub SDK has been deprecated by X; we may use legacy mediation paths while a replacement is finalized.
- Ogury — Ogury personified advertising. Privacy: https://ogury.com/privacy-policy/ · SDK:
ogury-sdk. - BidMachine — BidMachine programmatic SDK. Privacy: https://bidmachine.net/privacy-policy/ · SDK:
bidmachine-sdk. - Amazon Publisher Services (APS) — Amazon programmatic for apps. Privacy: https://aps.amazon.com/privacy.
- Criteo — retargeting / commerce media. Privacy: https://www.criteo.com/privacy/ · SDK:
criteo-sdk(only when the user has granted ATT consent; otherwise static-only). - Sharethrough — native programmatic exchange. Privacy: https://www.sharethrough.com/privacy-center/.
- Taboola — Taboola content-discovery. Privacy: https://www.taboola.com/privacy-policy.
- Outbrain — Outbrain Amplify. Privacy: https://www.outbrain.com/legal/privacy-8324/.
- TripleLift — TripleLift native exchange. Privacy: https://www.triplelift.com/platform-privacy-policy/.
- OpenX — OpenX exchange. Privacy: https://www.openx.com/privacy-center/cookie-policy/.
- PubMatic — PubMatic SSP. Privacy: https://pubmatic.com/legal/privacy-policy/.
- Index Exchange — Index Exchange header-bidding. Privacy: https://www.indexexchange.com/privacypolicy/.
- Magnite (Rubicon Project / Telaria) — Magnite SSP. Privacy: https://www.magnite.com/legal/user-privacy-policy/.
- AdColony — AdColony (Digital Turbine). Privacy: https://www.adcolony.com/privacy-policy/.
- Liftoff — Liftoff (Vungle parent) growth and monetization.
- HyprMX — HyprMarketplace. Privacy: https://www.hyprmx.com/privacy-policy/.
- AdTiming / Mezu — APAC-oriented monetization SDKs where required.
- SmartHub / SmartRTB+ — additional mediation paths where added.
- Facebook Ads (Meta) — install and engagement campaigns (advertiser-side, not user-side).
- Instagram / TikTok / Snap / X / Pinterest / Reddit / LinkedIn marketing pixels — used only on our marketing web pages, not inside apps.
9.4 Per-App Selection
The exact list of ad partners enabled in any given title is documented in that title's PrivacyInfo.xcprivacy manifest and matched in its App Store privacy label. We do not include a partner in an app unless (a) the partner is in this Policy's Section 9.3 list and (b) the partner passes our internal data-respecting review.
10. Ad Mediation, Bidding & Real-Time Auctions
10.1 What Mediation Is
Ad mediation is the layer that decides, in real-time, which demand source wins each ad impression. We use first-class mediation platforms (AppLovin MAX, Google AdMob Mediation, ironSource LevelPlay, or equivalent) that abstract the real-time auction across multiple networks while honoring the consent signals passed in.
10.2 Bidding Partners
Where bidding is enabled in our apps, the following in-app bidders may participate, subject to per-app configuration and consent:
- Google Bidding (Authorized Buyers + AdX) via AdMob mediation
- Meta Audience Network in-app bidding
- AppLovin in-app bidding
- Unity in-app bidding
- ironSource (Unity) in-app bidding
- Vungle in-app bidding
- Chartboost in-app bidding
- Pangle in-app bidding
- Mintegral in-app bidding
- InMobi in-app bidding
- Digital Turbine / Fyber in-app bidding
- BidMachine in-app bidding
- OpenRTB 2.x / ORTB 3.0-compatible demand partners (configured via AppLovin MAX or equivalent mediation)
- AdColony (Digital Turbine) in-app bidding
10.3 Signals Passed Per Request
For each ad request, only the following classes of data may be sent to mediation partners:
- App bundle identifier, app version, placement ID (always).
- Device class, OS version, locale (in coarse form; not zip/postal code).
- User-agent (in web-views only).
- Conditional: IDFA — only when the user has granted ATT permission in this app.
- Conditional: The IAB TCF v2.2 / GPP consent string — only when the user has interacted with our consent layer and either granted or denied consent. We honor all of:
purposeConsents,vendorConsents,publisherRestrictions. - Conditional: The IAB GPP string for US-state signals (US Privacy String), again only when consent layer has been completed.
10.4 Consent & No-Ads Mode
For users in jurisdictions requiring prior consent (EEA, UK, Switzerland, Brazil, etc.), no personalized advertising or measurement is enabled until consent is granted via our CMP-compliant consent layer (compliant with IAB TCF v2.2 and IAB GPP). Users may withdraw consent at any time via the in-app "Privacy Choices" link. Where required, users may also enable a "no ads" mode by purchasing the app's premium tier; the in-app purchase then disables all ad SDKs.
11. Ad Formats We Use
Where advertising is enabled in an app, the following ad formats are used. Each format is described along with the user-consent expectations and our privacy choices for it.
11.1 Splash / Open-Screen Ads
Open-screen ads (sometimes called "splash ads") are displayed when the application is launched or returned to the foreground, typically for a few seconds before the user is taken into the app. Open-screen ads are highly visible — they sit at the center of the launch experience.
Implementation notes:
- Open-screen ads are loaded asynchronously without blocking the app's initialization path.
- A close button becomes available immediately (typically within 3 seconds) so the user is never captive.
- If the user has granted ATT permission, ad requests may include IDFA; otherwise only contextual signals are passed.
- Skipping the open-screen ad does not result in additional prompts or restrictions.
- Users with "no ads" enabled (premium tier) never see open-screen ads.
11.2 Rewarded Video Ads
Rewarded video ads are full-screen, opt-in video ads where the user chooses to watch in exchange for an in-app reward (e.g., a feature unlock, in-app currency, bonus content). Rewarded ads are never shown without the user's affirmative tap to begin.
Implementation notes:
- The reward is granted only after the ad plays to completion (or to a defined "completable" threshold published by the network).
- If the ad fails to load or fails to play, no reward is deducted and no penalizing UX is shown.
- We do not manipulate the "completable" threshold to suppress rewards.
- For users with no ATT consent, rewarded ads are still permitted — the reward system is intentionally decoupled from tracking consent.
- Children's apps (Section 17) do not integrate rewarded ads. Period.
11.3 Interstitial Ads
Interstitial ads are full-screen ads shown at natural transition points in the app — typically between levels, after completing an action, or at logical breaks in the user journey.
Implementation notes:
- Interstitials are never shown immediately after launch or on first-session screens.
- We enforce a minimum time between two interstitial displays (currently 90 seconds or one natural navigation, whichever is longer).
- If the user dismisses the app briefly and returns, we do not show a new interstitial as punishment.
- We do not "show another ad" because an in-app action was completed — frequency-capping is the responsibility of our mediation platform.
11.4 Banner Ads
Banner ads are rectangular ads displayed within a defined part of the UI (top, bottom, or sidebar). They are smaller, less intrusive, and refresh automatically.
Implementation notes:
- Banner impressions refresh at a fixed cadence, configurable per app, with a default of 30 seconds.
- Banners are sized to the native screen resolution and never overlap interactive controls.
- Click-through attribution respects the user's ATT consent state.
- For apps likely to be used by children, banner ads are replaced with non-personalized promotional modules that contain no third-party tracking.
11.5 Other Potential Formats
Where supported and where appropriate, we may integrate the following additional formats in specific titles, with appropriate disclosures:
- Native ads — customized to match the surrounding app UI.
- Native video ads — auto-playing or user-initiated within feed/list contexts.
- Playable ads — interactive ads (often in gaming contexts).
- Offerwall — an opt-in list of rewarded offers (Tapjoy-style, only on compatible apps).
- MREC (Medium Rectangle) ads — larger in-feed banner-like format.
- Sticky / Anchor ads — bottom-anchored banner that stays on screen.
Any new format introduced will be (a) listed in this Section 11, (b) reflected in the App Store privacy label, (c) covered in the consent UI, and (d) accompanied by an in-app notice at first deployment.
12. Data Retention
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
| Data Type | Maximum Retention |
|---|---|
| Server access logs (IP truncated) | 90 days |
| Contact form & support emails | 24 months from last interaction |
| Newsletter subscription | Until you unsubscribe |
| Aggregate / anonymized analytics | No expiration |
| App-store inferred aggregates | 36 months |
| Backup copies of our website (Cloudflare R2) | 30 days rolling |
For data held in user devices by our apps (encrypted vaults, audit logs, etc.), the user retains control and can erase all such data via the in-app "Reset / Erase" feature at any time. Erased data is cryptographically shredded and overwritten.
14. International Data Transfers
We are based in the United States, with an engineering center of gravity distributed globally. When personal information crosses borders, we ensure adequate protection via:
- EU Standard Contractual Clauses (SCCs, the 2021 version) with our service providers where required.
- The UK International Data Transfer Agreement (IDTA) where required for UK personal data.
- Reliance on adequacy decisions where they exist (e.g., for limited transfers to Canada, Japan, etc.).
- Transfer Impact Assessments (TIA) for any cross-border processing that is high-risk.
We do not route personal information through countries that lack adequate protections without these safeguards.
15. Security
We implement technical and organizational measures appropriate to the risk, including:
- HTTPS / TLS 1.3 for all web traffic.
- Encryption at rest (AES-256) and in transit (TLS, TLA+) for any user data we hold.
- Least-privilege access controls and audited production access.
- Hardware-backed biometric gating for app-locked features.
- Regular vulnerability scanning and dependency auditing.
- Employee and contractor training on data handling.
- Incident response plan with a 72-hour notification commitment where required.
No system is 100% secure. If we determine that a security incident has materially affected your personal information, we will notify you and the competent authorities as required by applicable law.
16. Your Rights & Choices
Depending on your jurisdiction, you may have some or all of the following rights:
- Right of access — request a copy of the personal information we hold about you.
- Right of rectification — correct inaccurate or incomplete information.
- Right of erasure (right to be forgotten) — request deletion of your personal information, subject to legal exceptions.
- Right to restrict or object to processing — including for direct marketing or legitimate-interest processing.
- Right to data portability — receive your data in a structured, commonly used, machine-readable format.
- Right to withdraw consent — where processing is based on consent, without retroactive effect.
- Right to opt out of sale or sharing — we do not sell or share personal information for cross-context behavioral advertising.
- Right to lodge a complaint — with your local data protection authority.
- Right not to be subject to automated decision-making — including profiling — where it produces legal effects.
To exercise any of these rights, email contact@dingfengtrad.com with the subject "Privacy Request." We may need to verify your identity before fulfilling the request. We respond within applicable statutory deadlines.
17. Country-Specific Disclosures
This section adds country-specific information to the baseline described above, in addition to and not in place of the rest of this Policy.
17.1 European Economic Area (GDPR) & United Kingdom (UK GDPR) & Switzerland
The supervisory authority for EEA residents varies by country. A list of EU supervisory authorities is available at https://edpb.europa.eu/about-edpb/about-edpb/members_en. The UK Information Commissioner's Office (ICO) is the supervisory authority for the UK: https://ico.org.uk/. The Swiss FDPIC is the supervisory authority for Switzerland: https://www.edoeb.admin.ch/.
17.2 Brazil (LGPD — Lei Geral de Proteção de Dados)
The data controller for Brazilian users is dingfengtrad.com as identified in Section 2. The Brazilian National Data Protection Authority (ANPD) is the supervisory authority: https://www.gov.br/anpd/. Brazilian users have the rights described in LGPD Art. 18, including confirmation of the existence of processing, access, correction, anonymization, portability, deletion, and information about sharing.
17.3 Canada (PIPEDA & Quebec Law 25)
For Canadian users, this Policy satisfies the openness requirements of PIPEDA Principle 4.7 and the equivalent provisions of Quebec's Law 25 (Act respecting the protection of personal information in the private sector, as updated). The Office of the Privacy Commissioner of Canada is the federal supervisory authority: https://www.priv.gc.ca/. Quebec residents may also contact the Commission d'accès à l'information du Québec: https://www.cai.gouv.qc.ca/.
17.4 Australia (Privacy Act 1988 & Australian Privacy Principles)
We comply with the Australian Privacy Principles (APPs). The Office of the Australian Information Commissioner (OAIC) is the supervisory authority: https://www.oaic.gov.au/.
17.5 Japan (APPI — Act on the Protection of Personal Information)
We comply with Japan's Act on the Protection of Personal Information. The Personal Information Protection Commission (PPC) is the supervisory authority: https://www.ppc.go.jp/. For cross-border transfers of personal information originating in Japan, we satisfy the equivalent requirements (or rely on the equivalent framework) for each destination.
17.6 Singapore (PDPA — Personal Data Protection Act)
We comply with Singapore's PDPA. The Personal Data Protection Commission (PDPC) is the supervisory authority: https://www.pdpc.gov.sg/.
17.7 Thailand (PDPA — Personal Data Protection Act, B.E. 2562)
We comply with Thailand's PDPA. The Personal Data Protection Committee (PDPC) is the supervisory authority.
17.8 South Korea (PIPA — Personal Information Protection Act)
We comply with South Korea's PIPA. The Personal Information Protection Commission (PIPC) is the supervisory authority: https://www.pipc.go.kr/. Cross-border transfers are governed by the PIPA's consent and safeguard requirements.
17.9 India (DPDP — Digital Personal Data Protection Act, 2023)
For users in India, we comply with the Digital Personal Data Protection Act, 2023 and the rules notified thereunder. The Data Protection Board of India is the relevant authority.
17.10 New Zealand (Privacy Act 2020)
We comply with New Zealand's Privacy Act 2020. The Office of the Privacy Commissioner is the supervisory authority: https://www.privacy.org.nz/.
17.11 People's Republic of China (PIPL — Personal Information Protection Law)
For users in the PRC, we comply with PIPL where applicable. The Cyberspace Administration of China (CAC) is the supervisory authority. Cross-border transfers of personal information originating in the PRC are subject to CAC security assessments, standard contract filings, or certification as required.
17.12 Other Jurisdictions
We extend GDPR-equivalent protections to all users globally, regardless of formal jurisdiction, as a matter of baseline conduct. Where local law provides additional rights, we honor those rights as well.
18. United States — State Privacy Rights
Several US states have enacted comprehensive consumer privacy laws. The disclosures below supplement the rest of this Policy.
18.1 California (CCPA / CPRA)
Under the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"), California residents have the right to know what categories of personal information we collect, the right to delete, the right to correct, the right to opt out of sale or sharing for cross-context behavioral advertising, the right to limit the use of sensitive personal information, and the right not to be retaliated against for exercising these rights.
Categories of personal information collected (CA Civ. Code §1798.130): Identifiers (limited; mostly pseudonymized), commercial information (purchase history), internet activity (limited to aggregate), geolocation (coarse; non-precise), and inferences. No biometric, health, or sensitive personal information is collected.
Sold or shared: None in the CCPA sense.
Verifiable consumer requests: may be submitted to contact@dingfengtrad.com. We respond within 45 days as required.
Authorized agent requests: accepted subject to written authorization and identity verification.
Notice at Collection: this Policy serves as our Notice at Collection. We do not collect categories of personal information beyond what is stated.
Shine the Light (CA Civ. Code §1798.83): California residents may request information about categories of personal information disclosed to third parties for those third parties' direct marketing purposes. We do not make such disclosures.
18.2 Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Virginia (VCDPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Iowa (ICDPA), Indiana (INCDPA), Tennessee (TIPA), New Hampshire (NHPA), Kentucky (KRS 367), Maryland (MOCDPA), Minnesota (MCDPA), Delaware (DPDPA), Nebraska (NDPA), New Jersey (NJCDPA), New Mexico (NMPA), Rhode Island (RIDLPA)
For residents of these US states, we extend the CCPA-equivalent rights of access, deletion, correction, portability, opt-out of sale or targeted advertising, opt-out of profiling with legal effect, and non-retaliation. Requests may be submitted to contact@dingfengtrad.com. We respond within the applicable statutory windows (45 days for most, 15 days for opt-out under some statutes).
18.3 Do Not Track & Universal Opt-Out Signals
We honor Global Privacy Control (GPC) and similar universal opt-out signals recognized by US state privacy laws. Where such a signal is present, it is treated as a valid opt-out of sale/sharing.
19. Children's Privacy (COPPA & Equivalents)
19.1 Our General Posture
Our Services are not directed to children under the age of 13 (or higher where required by local law, including under 16 in some EEA member states under GDPR, under 14 in Brazil under LGPD, under 14 in the UK under AADC, under 14 in California for purposes of the CCPA's "minor" provisions, etc.).
19.2 Children's Online Privacy Protection Act (COPPA)
The United States Children's Online Privacy Protection Act (COPPA, 16 CFR Part 312) requires verifiable parental consent before the online collection, use, or disclosure of personal information from children under 13. We do not knowingly collect personal information from children under 13. Where we operate an app in a category likely to be accessed by children (rated 4+ on the App Store and identified as such by the developer), we:
- Display no behavioral advertising.
- Integrate no third-party SDKs that constitute tracking.
- Collect only the information strictly required for the in-app feature.
- Include neutral age-screens in our kid-category apps to ensure appropriate delivery.
19.3 Age Screens & Verifiable Parental Consent
Where there is a reasonable likelihood that a child may access our Services, we present a neutral age gate. If the user states that they are under 13 (or the local minimum), we:
- Disable all optional data collection features.
- Disable all third-party advertising and analytics integrations.
- Provide a privacy-respecting subset of functionality, or block access entirely, depending on the app.
To the extent that any personal information has inadvertently been collected from a child under 13 in violation of COPPA, parents or guardians may contact us at contact@dingfengtrad.com and we will delete the information as soon as possible.
19.4 General Data Protection Regulation (GDPR-K)
For children in the EU, we follow the higher age of consent where local Member State law sets it above 13 (commonly 14, 15, or 16). We treat processing of children's data with the heightened care required under GDPR Art. 8 and the EDPB Guidelines on consent.
19.5 Other Jurisdictions
Under Brazil's LGPD, the age of consent for processing children's data is 18 (with exceptions for those between 13 and 18, who may consent with parental assistance). Under the UK AADC, the relevant age is 13. Under South Korea's PIPA, the age for valid consent to processing personal information about children is 14. Under China's PIPL, the age is 14. We comply with the strictest applicable age in each context.
21. AI, Machine Learning & Procedural Generation
Where our products use generative, procedural, or machine-learning technologies (for example, programmatic audio synthesis, on-device scene generation, or local model inference), the following applies:
- Local-first execution. All generative / ML inference runs on-device by default. We do not upload user prompts, audio, images, or sensor data to remote servers for the purpose of model inference.
- No training on your data. We do not train foundation or adaptation models on user-generated content. Where a feature explicitly offers improvement (e.g., "personalize the experience"), any adaptation weights are stored locally on your device and never leave it.
- No remote inference unless disclosed. If a future feature requires remote inference for performance or model size reasons, we will update this Policy, refresh the App Store privacy label, and obtain any consent required.
- No use of user content as training data. We never incorporate your creative fragments, screen captures, audio, or notes into any shared training corpus.
22. Changes to This Policy
We may update this Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. If changes are material, we will provide additional notice — for example by email (where we have your address and consent), by an in-app banner, or by a prominent notice on our homepage at least 30 days before the changes take effect, where required by applicable law.
Continued use of our Services after a material change constitutes acceptance of the updated Policy. Where consent was previously required for a specific processing activity, the change does not retroactively legitimize that processing.
23. How to Contact Us
For any privacy-related question, complaint, or request:
If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority. The relevant authority depends on your jurisdiction — see Section 17 for details.
Thank you for reading this Policy carefully. Privacy-by-construction is our central engineering commitment; we are glad you hold us to it.