Privacy Policy of KeyLife Technologies

Version: 1.02

Last updated on 23th Oct, 2024


KeyLife International Technologies Co., Ltd. (referred to as KeyLife Technologies, KeyLife, we, or us hereafter) is a global provider of AIoT products, solutions and, a pioneer with the Internet of Things (IoT), big data, and cloud computing technologies as the core, providing global users with wireless camera products, sensors products, smart equipment products, storage and computing products, cloud services, Internet of Things and other fields. KeyLife is committed to building a smart home by providing professional, reliable and cutting-edge products and services.

KeyLife is committed to protecting your personal information and privacy and maintaining your trust with us. We abide by the following principles to protect your personal information: integrity, consent, clear purpose, restricted collection, minimum necessary, transparency, balanced rights with responsibility, security, and privacy compliance.

This privacy policy is intended to help you understand: 1) your personal information that we collect; 2) how we collect your personal information; 3) how we use your personal information; 4) how we protect your personal information and your rights; 5) answers to your questions and how to contact us. Understanding these contents is essential for you to exercise your personal rights and protect your personal information. Please read through this policy carefully before you use or accept our products or services. Please be aware, this policy is not applicable to situations where your personal information is collected by other third parties.

This policy contains the following sections:

(1) Definitions of personal information and non-personal information
(2) How we collect and use your personal information
(3) Sharing, transfer and disclosure of personal information
(4) Storage and protection of personal information
(5) Your rights
(6) Third-party services
(7) Privacy of minors
(8) Contact us
(9) Revisions to the privacy policy

(1) Definitions of personal information and non-personal information

The definition of personal information shall be defined by your local laws.

Non-personal information refers to data other than personal information that cannot be directly linked to any specific individual, such as occupation, language, zip code, area code, serial number, URL, and automatically recorded browse data, product and unique product identifier of your mobile device, video contents without personal information, country/region and time zone of the connected product, geographical location, identifier of mobile network operator, device software platform, and hardware information, etc.

(2) How we collect and use your personal information

According to the Provisions on the Scope of Necessary Personal Information Required for Common Types of Mobile Internet Applications, the Youkey Life app falls into the Practical tools category, the basic functional services are smart home assistant, and the necessary personal information required are account information, device information (such as device serial number, device IP, device port information, etc.).

  1. Sign up for a youkey account
    1. When you sign up for a youkey account, you need to provide your password, email address, and verification code. You can provide non-essential personal information such as username according to your own needs.
    2. If you forgot your account password and want to reset it, we will verify the email information you provided for registration to help you retrieve your account information.
    3. If you only need to use the browsing service, you do not need to sign up for an account and provide the above information.
  2. When you log in to our app for the first time, we will collect the following personal information of you and take appropriate control measures:
    Information collected Control method Purpose
    Model of your mobile phone For first-time use, a pop-up window will appear to notify you. When the collection method, collection contents or collection purpose are changed, we will notify you of the changes and ask for your permission. To determine the push service
    Operating system type and version of mobile phone
  3. Permission description
    When you use our app, we will need you to authorize us certain permissions in your mobile phone. If you refuse such permissions, you will be unable to use the relevant functions, but it will not affect your normal use of other functions of the app. For information about permissions that we ask for, refer to the table below. Please note that we ask for the permissions only when you use the relevant functions. You can turn off the permissions at any time in the system settings of your mobile phone. Once the permissions are turned off, we will stop using these permissions.
    1. Sensitive Permissions
      Permission Application scenario Function
      ACCESS_FINE_LOCATION access precise location Add Wi-Fi device Obtain Wi-Fi information to connect device to network
      CAMERA camera Read QR code to add device Use camera to read QR code to obtain device information to add device
      RECORD_AUDIO microphone Device intercom, doorbell intercom; set custom alarm sound Two-way audio between user and device; answer video call from doorbells; record custom alarm sound as an alarm-triggered action
      READ_EXTERNAL_STORAGE read external storage Read QR code to add device Used to scan QR code in album to add device
      WRITE_EXTERNAL_STORAGE write to external storage Import snapshots or videos into system album Download snapshots or videos to system album
    2. Common Permissions
      Permission Application scenario Function
      ACCESS_NETWORK_STATE obtain network status When app is running Used to obtain network status information to improve video communication efficiency
      ACCESS_WIFI_STATE obtain Wi-Fi information When app is running Used to obtain network status information to improve video communication efficiency
      INTERNET connect to network When app is running For Internet connection using SIM card
      CHANGE_NETWORK_STATE edit network status When app is running Update device status after network changes
      CHANGE_WIFI_STATE change Wi-Fi status When app is running Update device status after network changes
      RECEIVE_BOOT_COMPLETED automatic startup at system boot When app is running Used for Android persistnt connection
      SYSTEM_ALERT_WINDOW display on top of other apps When a dialog box opens Request for floating box permission to pop up a dialog box in the system
      READ_PHONE_STATE read mobile phone status and identity When using the push service User obtains mobile phone’s device feature code information
      VIBRATE control device vibration When using the push service; when selecting time Used to vibrate when the mobile phone receives a notification message from push service; used to give user feedback that the time has changed when selecting the time
      DISABLE_KEYGUARD allow app to disable keyboard guard when it is not safe When on-screen keyboard is opened Allow app to disable keyboard lock
      WAKE_LOCK prevent mobile phone from going into sleep status When video is playing Used for video playing to prevent mobile phone screen from going to sleep
      FLASHLIGHT control flashlight When scanning QR code Control flashlight to scan QR code to connect smart device in low-light environment
      MOUNT_UNMOUNT_FILESYSTEMS When saving or reading video tutorial or configuration file Permission to read files in SD card
      C2D_MESSAGE When initializing the push service Used to receive notification messages
      RECEIVE_USER_PRESENT When initializing the push service Used to wake up the screen or unblock radio when receiving alarm notifications
      DOWNLOAD_WITHOUT_NOTIFICATION Download upgrade file, configuration file or tutorial video Used for file download
      USE_FULL_SCREEN_INTENT When initializing push service Full screen notification, click doorbell notification in background
      BLUETOOTH connect to Bluetooth device When app is running; when adding device Used to connect to a paired Bluetooth device and achieve audio adaptation to the Bluetooth device; used to sync network connection information to device when adding device
      BLUETOOTH_ADMIN discover and pair Bluetooth device When app is running; when adding device Used to discover and pair Bluetooth devices and provide audio to the Bluetooth devices;
      used to sync network connection information to device when adding device
      SENSOR_SERVICE light sensor; accelerometer sensor When scanning QR code Used to prompt user to turn on flashlight when scanning QR code in low-light environment
      NOTIFICATION_SERVICE notification service When using notification service Used to display or clear notifications in the bar
      WINDOW_SERVICE window service When obtaining window size Used to fit the window size in the app screen
      INPUT_METHOD_SERVICE soft keyboard When using soft keyboard Used to display soft keyboard when entering mobile phone number, username, password, etc.
      CLIPBOARD_SERVICE clipboard service When viewing device information Used to copy device information such as serial number for easy feedback
  4. Video information
    Required personal information, non-essential personal information
    When you use our service to save video related contents, such as video clips, live video streams, images (user contents), message notifications, etc., we will collect video images captured by your camera and push video images to you so you can save the contents that you need. Such information is necessary for the function. If you refuse to provide such information, you will not be able to save the contents you need.
  5. Message push
    1. Required personal information, non-essential personal information
      When you use the message notification function, we need to collect the unique feature value of your client (such as the unique value generated based on your device's IMEI or UDID) and the language of your mobile phone. The purpose is to provide precise alarm message notification in the language you prefer.
      Such information is necessary for the function. If you refuse to provide such information, you will not be able to use the alarm subscription function, but it will not affect your normal use of other functions.
    2. Sensitive permissions invoked
      Off-site push requires the push permission of your device.
  6. Device adding
    1. Required personal information, non-essential personal information
      When you use device adding functions, we may need to collect the serial number, register code, password, model, MAC address of your device, and Wi-Fi information (to read Wi-Fi's BSSID) of your client. The purpose is to configure network on your device and bind your device. Such information is necessary for the function. If you refuse to provide such information, you will not be able to add your device.
    2. Sensitive permissions invoked
      When you scan the QR code to add a device, we need the permission to access your camera.
  7. Connecting device to cloud
    Required personal information, non-essential personal information
    When you use our device connection service, to ensure your normal use of our service, we will collect information including the model, UDID, IP address, MAC address, software version, network connection method and type, latitude and longitude (if applicable), and operation records of your device. Such information is necessary for the service. If you refuse to provide such information, you may not be able to connect your device to cloud.
  8. Live view
    Required personal information, non-essential personal information
    When you use the live view function, we will collect the serial number, IP address, port number, and video stream information of your device in order to provide you with live streams of your device. Such information is necessary for the function. If you refuse to provide such information, you will not be able to use the live view function, but it will not affect your normal use of other functions.
  9. Cloud storage
    Required personal information, non-essential personal information
    The cloud storage service is free or prepaid. It does not support return, exchange or account change after purchase. The service is only for lawful and legitimate purposes, and you should ensure that you do not use the service for any illegal or infringing activities, and assume full responsibility independently and completely for the purchase and use of the service.
    When you use the cloud storage function, we may need to collect the device serial number, cloud storage order information, and video stream information. The purpose is to save the video of your device to the cloud. Such information is necessary for the function. If you refuse to provide such information, you will not be able to use the cloud storage function, but it will not affect your normal use of other functions.
  10. Smart Detection
    When you use the device’s smart detection function, we may need to collect snapshots captured by your smart device, as well as the start and end times of events. This helps you quickly review historical events in the app.
  11. Device sharing
    Required personal information, non-essential personal information
    When you use the device sharing function, we need to collect certain information in order to implement the sharing, including the device serial number, your nickname, and the usernames with which you want to share the device. Such information is necessary for the function. If you refuse to provide such information, you will not be able to use the device sharing function, but it will not affect your normal use of other functions. The sharing function is active only when you use it; it is not permanently active.
  12. Customer service
    When you need our support and contact us through email, telephone or our customer support tools, we need to collect information including your email address, device usage, device serial number, device log file. The purpose is to verify your product and identity and provide precise service support,and resolve any issues you may encounter while using device. If you refuse to provide such information, we will not be able to provide support services to you.
  13. In other possible scenarios, we will also collect your personal information, including but not limited to:
    1. When you communicate with us with telephone, we need to record the conversation as evidence of service and to improve our service ability and quality, so as to continue to provide you with high-quality after-sales service.
    2. If you report a device failure and need to return the device to us for inspection and repair, you need to provide your receiving address. If the returned device contains your private data, you need to back up the data and format the storage before returning the device.
    3. When you enter the test/exhibition area of our products, we may collect your images and/or videos, depending on the products being tested/exhibited. The images and videos will be deleted at the end of the test/exhibition; you can avoid collection of your images/videos by leaving the test/exhibition area.
  14. In order to offer better user experience and prevent misoperation, we will collect industry-standard non-personal information (see the definition in Chapter 1). Such information does not infringe on user privacy and user rights. If you have any concerns about the security and privacy settings of your mobile device, please adjust the settings by referring to the documentation of your mobile service provider or mobile device manufacturer. These actions include but are not limited to:
    1. We may record adjustments that you make to your product through the services that we provide, and we will store the collected non-personal information with the information directly collected by the product.
    2. We may also use cookies, web beacons, pixel tags, and other technologies to record and store your settings, and collect some non-personal information such as log data and device data. In particular, the cookies we use allow us to associate your usage behavior with the account information we have stored or other information we have stored during your use of our services, which can help us to better diagnose and solve your problems, as well as to help us manage and improve our services and products, and thereby improving your experience with our services. You can refuse the collection of cookies by declining the use of cookies in your browser settings.
    3. When you use audio recording or media streaming functions of our product, we may record and transmit videos and/or audios from the product, with your permission. This may include taking snapshot images and attaching part of snapshot images and analysis data to email notifications.

(3) Sharing, transfer and disclosure of personal information

  1. Sharing of information
    When we provide you with certain services, we need to share your personal information with authorized partners, carefully selected service providers, or regulatory agencies, only for legal, justified, necessary, specific, and definitive purposes, and only share the information necessary for us to provide services. The organization that shares your personal information has no right to use the shared personal information for any other purposes irrelevant to our products or services. For companies, organizations, and individuals with whom we share personal information, we will sign strict data protection agreements with them, demanding them to process personal information as per our instructions, this privacy policy, and any other relevant confidentiality and security measures.
    1. We need to share your mobile phone information, alarm information, etc. with mobile phone manufacturers in order to provide you with the alarm push service.
    2. We need to share your device information and account information with our cloud service provider in order to provide you with the core video technology functions.
    3. You can share your videos, identity information, etc. with specific people, and share your videos, location information, identity information, etc. with unspecified people based on our products and/or services. We bear no legal liability for serious situations such as leakage of your information due to your sharing behavior.
  2. Transfer of information
    We will not transfer your personal information to any other companies, organizations or individuals, except in the following situations:
    1. After obtaining your explicit consent.
    2. When it involves merger, acquisition or bankruptcy liquidation, and if it involves the transfer of your personal information, we will demand the new company or organization that holds your personal information to continue to be bound by this personal information protection policy; otherwise, we will demand the company or organization to re-seek authorization and consent from you.
  3. Disclosure of information
    We will disclose your personal information only under the following circumstances:
    1. After obtaining your explicit consent.
    2. Please understand, in accordance with applicable laws, we can disclose your personal information without your consent under the following circumstances:
      • When it is directly related to criminal investigation, prosecution, trial, and verdict.
      • When it is necessary to safeguard significant legitimate rights such as life, property of the personal information subject or other individuals but it is difficult to obtain your consent.
      • When the personal information collected is disclosed to the public by yourself.
      • When the personal information is collected from information that has been disclosed lawfully, such as from lawful news reports, government-disclosed information, etc.
      • When it is necessary for signing a contract according to your requirements.
      • When it is necessary for maintaining the safe and stable operation of the provided products or services, such as detecting and handling product or service failures.
      • When required for academic research institutions conducting statistics or academic research based on public interest, and when providing academic research or descriptive results, the personal information included in the results is de-identified.
      • When required by applicable laws and regulations and government orders of the country where the business is operated, as well as legal procedures of law enforcement agencies, regulatory agencies, and court of law, or other applicable legal procedures and subpoenas.

(4) Storage and protection of personal information

  1. Storage of personal information
    Unless otherwise explicitly permitted by law or by you, we will retain your personal information only for the length of time required for the purposes bound by this privacy policy. During the period that you use our products or receive our services, we will continuously keep your personal information for you. If you cancel your account or proactively delete your personal information, we will delete or anonymize your personal information within 48 hours after receiving your request, unless otherwise stated in law or agreement.
    As per applicable local laws, the personal information collected and generated by KeyLife during business operation shall be stored locally at the business location.
    Currently we have data centers in USA and Germany. The laws, regulations, and standards of the country in which your information is stored or processed may vary from those of your own country. You have understood that the risks under applicable data protection laws are different and we may transfer to and store your personal information at our overseas facilities. However, this does not change any of our commitments to safeguard your personal information in accordance with this Privacy Policy.
  2. Security protection of personal information
    We are committed to safeguarding your information security and have a dedicated team responsible for the research, development and application of a variety of security technologies and programs. We use data encryption and access control mechanisms to establish internal control systems to ensure only the authorized personnel can access your personal information, to publicize security and privacy protection requirements to the related personnel, and to publicize protection measures such as the information security protection system to all the staff. At the same time, we have been granted information security management system certification (ISO27001 international standard), and will regularly hire independent third-party organizations to evaluate our information security management system. Through these rigorous measures, we try our best to protect your information from unauthorized access, use and disclosure. However, please understand that in the Internet industry, due to the limits of current technologies and all kinds of possible malicious attack methods, even if we do everything that we can to strengthen our security measures, it is impossible to guarantee 100% security of information. Please be aware, the systems and communication networks that you use while using our products and/or services may encounter security issues due to factors that are beyond our ability. Therefore, we strongly recommend that you take proactive measures to protect the security of your personal information, such as using strong password, regularly changing your password, and not disclosing your account password and related personal information to others.
    The security of your personal information also depends on your cooperation with us in security measures. We provide you with a username and password so you can access our products, websites or services, and you are responsible for the confidentiality of such information. We request that you do not share such information with anyone, and we will also regularly review the technologies that we use and the strategies used to implement information collection.
    We have established dedicated management systems, procedures and organizations to safeguard information security. We strictly limit the scope of people who have access to the information, demand their compliance with confidentiality obligations, and conduct audits regularly.
    In the event of a security incident such as personal information leakage, we will initiate an emergency plan to prevent the expansion of the security incident and promptly inform you in the form of push notifications, announcements, etc.

(5) Your rights

  1. Access your personal information. You can tap Account > Profile photo to access the personal information you provided.
  2. Correct your personal information. You have the right to update your personal information at any time. You can also correct your personal information after finding the information collected and stored by us is incorrect. You can correct or change your username, password in Account > Profile photo.
  3. Delete your personal information. You can delete the personal information online by yourself or contact us (support@youkey.com or +852-53490006) to delete it for you. We will delete or anonymize your personal information after the minimum retention period required by the applicable laws and regulations.
  4. Revoke authorization. You can disable permissions on your mobile phone as needed (including access to your location, phone, album, camera, microphone, and notification).
    After you withdraw consent or authorization, we may not be able to provide the related services, but it does not affect us handling your personal information based on your previous consent or authorization.
  5. Cancel your account. You can tap Account > Profile photo > Email > Cancel Account to cancel your account.
    After you cancel your account, unless otherwise provided by laws and regulations, we will stop providing services to you, keep your personal information for the length of time stated in this agreement, and then anonymize your personal information.
  6. If you cannot access, correct, delete your personal information, withdraw consent or cancel your account using the above ways, you can contact us by sending an e-mail to support@youkey.com or by calling customer service at +852-53490006. We will respond within fifteen working days after verifying your identity. We reserve the right to decline requests that are unreasonably repetitive, require excessive technical efforts, pose risks to other’s legitimate rights, or are otherwise highly impractical.

(6) Third-party services

Our products and/or services may be connected to or linked to websites or other services provided by the third party, for example, when you use the share function to share some of your information to third-party services. These functions may collect your information (including your log information) in order to operate properly. We will only share your information for legitimate, necessary, and specific purposes. For third-party service providers with whom we share information, we demand them to fulfill confidentiality obligations and take corresponding security measures.

In order to achieve the purposes stated in this policy, we may connect SDK or other similar applications provided by third-party service providers, and share with them certain information about you that we collect in accordance with this policy, so as to provide better customer service and user experience. At present, the third-party service providers we connect include the following types:

  1. Used for services related to account security, product reinforcement, including data encryption, data decryption, etc.
    Such third-party services are operated by the relevant third party; your using their services or providing information to them are subject to the terms of service/or privacy protection statements of the corresponding third party (not this policy).
    For information about third-party services that we are currently using, please refer to the table below.
    Third-party SDK Description
    Agora RTC SDK Operator: Shanghai Zhaoyan Network Technology Co., Ltd
    Function: Real-time audio and video service
    Application scenario: When playing audio and video
    Permission access: (Optional) Microphone permission, camera permission, Bluetooth permission
    Sharing method: SDK native collection
    Scope of collected personal information
    Device brand, model, operation system, CPU information, memory utilization, battery information, screen resolution, IP address, network access methods and types, use ID in channel, sensor information (orientation sensor)
    Purpose of collected personal information: Test access and connectivity of audio, video, network, etc., provide compatibility and troubleshooting for different devices, provide screen adaptation
    Privacy policy:https://www.agora.io/en/privacy-policy/
    Agora RTM SDK Operator: Shanghai Zhaoyan Network Technology Co., Ltd
    Function: Provide real-time messaging
    Application scenario: When signaling transmitting audio and video
    Sharing method: SDK native collection
    Scope of collected personal information
    Device brand, model, operation system, memory utilization, IP address, network access method and type, user ID in channel
    Purpose of collected personal information: Test access and connectivity of audio, video, network, etc., provide compatibility and troubleshooting for different devices
    Privacy policy: https://www.agora.io/en/privacy-policy/

(7) Privacy of minors

We do not provide any of our services to minors under 14 years of age (or equivalent minimum age set by the relevant jurisdiction). If we find any account associated with or registered by a minor under 14 years of age (or equivalent minimum age set by the relevant jurisdiction), we will immediately delete the relevant account information. If we find that we have collected personal information of minors without prior verifiable parental consent, we will try to delete the relevant data as soon as possible.

If you are the parent or guardian of a minor under the age of 14 (or equivalent minimum age set by the relevant jurisdiction), and you believe that your minor has disclosed her/his personal information to us, please contact us immediately through your local KeyLife service phone number or e-mail address. Parents or guardians of minors who are under 14 years of age (or equivalent minimum age set by the relevant jurisdiction) can check and ask us delete the minor's personal information and prohibit us from using it. In cases where we collect personal information of minors with the consent of the parents/guardians, we will only use or publicly disclose the information when permitted by law, expressly allowed by the parents or guardians, or when necessary to protect the minors.

(8) Contact us

The registered address of KeyLife International Technologies Co., Ltd. is 27th Floor, Alexandra House, 18 Chater Road, Central, HongKong.

We have set up a dedicated department to protect your personal information. If you have any questions, comments or suggestions regarding this privacy policy or your personal information, please contact us via the following methods:

  • Email: support@youkey.com
  • Tel: +852-53490006
  • Mailing address: 27th Floor, Alexandra House, 18 Chater Road, Central, HongKong

We will process your inquiry or request within fifteen working days after verifying your identity.

(9) Revisions to privacy policy

This privacy policy is subject to revisions from time to time, and such revisions shall constitute a part of this privacy policy. When the terms of this policy are changed, we will show you the changed policy in the form of push notifications and pop-up windows when you log in and upgrade the version. Please note that we will collect, use and store your personal information according to the updated policy only after you click the Agree button in the pop-up window.