Updated: May 23, 2024
Effective Date: May 30, 2024
Welcome to the Insulin Pump Controller APP!
The Insulin Pump Controller App (hereinafter referred to as “we”, “us” or “the Software”) is used in conjunction with insulin pumps, reservoirs, and subcutaneous infusion sets to provide continuous subcutaneous insulin infusion for diabetes patients. It is intended for diabetes patients who require insulin pump therapy. While using our website, mobile application, or other products and services, we may collect and use your personal information. Personal information refers to various types of information recorded electronically or otherwise that can identify an individual's personal identity either alone or in combination with other information.
We will explain through the Personal Information Protection Policy the purposes, methods, and scope of this software's collection and use of your personal information, your rights regarding your personal information, and the security measures we take to protect information security. Please carefully read the Personal Information Protection Policy before using this software to understand our practices regarding the protection of user personal information. If you do not agree to the terms of the Personal Information Protection Policy, we will not be able to provide you with related services. If you enable this software, it means that you fully and clearly understand the following information collection and use behaviors as well as your rights and other matters.
The Personal Information Protection Policy will help you understand the following:
I.How we collect and use your personal information;
II.How we retain your personal information;
III.How we publicly disclose your personal information;
IV.How we protect your personal information;
V.How the Personal Information Protection Policy is updated;
VI.How to delete your account;
VII.Contact information.
I. How We Collect and Use Your Personal Information
We collect personal information to operate more efficiently and provide you with the best possible user experience. The channels through which we collect personal information include:
(1) Information you provide directly to us;
(2) Information we obtain during your use of this software.
Email Account Login:
(1) You need to enter your email address during software sign-up to receive a verification code for login and to use the product. The account will require your email address and the verification code to facilitate your login and access to related services.
(2) When you first pair or manage a paired device (insulin pump) on the software, we need to collect information such as the device's Serial Number and Bluetooth MAC address. We also require information from the mobile terminal device on which the software is installed. This information helps in pairing the device with the software, binding account and device information, and other related purposes.
(3) If you bind the device and synchronize the corresponding data to the software for viewing, we will obtain related insulin pump infusion data, such as infusion history, daily total infusion, and insulin pump parameter settings.
(4) When providing after-sales service and customer support, we may ask for and collect your personal information, including device information, your name, phone number, email address, communication address, and log records. We may also record your calls with our customer service. This data helps diagnose product issues, repair user devices, and provide other customer care and support services.
(5) To fulfill network security obligations, ensure the normal operation of the software, and protect your account security, as well as to improve and optimize your service experience, we will collect your device terminal information during your use of the software. This includes terminal name, software list, device MAC address, terminal model, terminal Mac address, serial number, and operating system version, as well as your actions within the software after logging in. This information is used to verify your identity and analyze your device usage.
(6) We will strictly use your personal information for the purposes described in this Personal Information Protection Policy. Your personal information will only be used for the purposes determined, explained, and authorized at the time of collection. If we need to use the information for purposes not specified in this policy, we will seek your consent in advance. If we need to use information collected for specific purposes for other purposes, we will seek your consent in advance. Without user consent, we will not provide user personal information and behavior data to third parties for use.
Terminal Device Permission Access:
(1) When using the Software, we may need to request certain device permissions to provide you with corresponding business functions or services. Specifically, we may need to request the following device permissions:
|
Device Permission |
Corresponding Business Functions/Services |
Purpose of Permission Request |
Ask Before Enabling |
Optional for User? |
Impact of Denying Permission |
|
Albums/Media |
Photo Upload |
To upload photos from the album |
Yes |
Yes |
May result in inability to select and upload photos from the album. |
|
Location Access |
Bluetooth activation on Android requires access to device location |
To enable Bluetooth functionality |
Yes |
Yes |
May result in the inability to enable Bluetooth, though you can still enable it manually. |
|
Storage |
Export History Records |
To store files like pump injection history |
Yes |
Yes |
May result in inability to export history records. |
(2) Once permissions are enabled, you can disable the respective permissions at any time by going into the system [Settings]. However, after permissions are disabled, the corresponding product features may not function properly.
We promise not to request device permissions or use personal information collected through device permissions in any scenario without your explicit authorized consent.
Exceptions to Authorized Consent:
You are fully aware that, according to applicable laws, we may collect and use your personal information without obtaining your consent in the following circumstances:
(1) When it is related to our compliance with legal and regulatory obligations;
(2) When it is directly related to national security or defense security;
(3) When it is directly related to public safety, public health, or significant public interests;
(4) When it is directly related to criminal investigations, prosecutions, trials, and enforcement of judgments;
(5) When it is necessary to protect your or others’ significant legitimate rights and interests such as life and property, and it is difficult to obtain your consent;
(6) When the personal information involved is disclosed by yourself to the public;
(7) When it is necessary for signing and performing a contract to which you are a party;
(8) When personal information is collected from legally disclosed information, such as legitimate news reports and government information disclosure;
(9) When it is necessary to maintain the safe and stable operation of the products or services, such as discovering and handling faults in the products or services;
(10) When it is necessary for legitimate news reporting by news organizations;
(11) When it is necessary for academic research institutions to conduct statistical or academic research in the public interest, and when providing academic research or descriptive results, personal information contained in the results is de-identified.
II. How We Retain Your Personal Information
In accordance with applicable laws and regulations, we will store your personal information on Amazon servers.
The retention period for the personal information we collect is the shortest time necessary to achieve the purposes stated in the Personal Information Protection Policy, except as otherwise required by laws and regulations. Upon the expiration of any storage period or when the information meets the conditions for deletion, we will fully delete or anonymize the personal information.
If, due to special reasons, we cease to operate part or all of our products or services, we will promptly inform you and stop collecting and processing personal information related to such products or services. At the same time, we will delete or anonymize the personal information we hold related to these products or services, unless otherwise stipulated by laws and regulations.
III. How We Publicly Disclose Your Personal Information
We will only publicly disclose your personal information under the following circumstances:
1. **With Your Explicit Consent or Legal Disclosure**: We may disclose your personal information if we have obtained your explicit consent or if we are required to comply with a subpoena or other legal processes, litigation, or mandatory requests from government authorities. We may disclose your personal information if we believe in good faith that the disclosure is necessary to protect our rights, ensure your safety or the safety of others, investigate fraud, or respond to a government request.
2. **Exceptions to Authorized Consent for Sharing, Transferring, or Publicly Disclosing Personal Information**: You fully understand that, according to applicable laws, we may share, transfer, or publicly disclose your personal information without obtaining your prior consent in the following circumstances:
(1) When it is related to our compliance with legal obligations;
(2) When it is directly related to national security or defense security;
(3) When it is directly related to public safety, public health, or major public interests;
(4) When it is directly related to criminal investigation, prosecution, trial, and execution of judgments;
(5) When it is necessary to protect your or others' life, property, and other significant legitimate rights and interests, and it is difficult to obtain your consent;
(6) When the personal information involved is disclosed by yourself to the public;
(7) When your personal information is collected from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels.
IV. How We Protect Your Personal Information
We implement reasonable and feasible technical security and organizational measures to protect the information collected in relation to our services. We employ industry-standard security measures to safeguard your personal information against unauthorized access, disclosure, use, modification, damage, or loss. Our efforts to protect your personal information include:
1. **Encryption and Secure Transmission**: We use mainstream security technologies such as SSL to encrypt many services. We regularly review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access or tampering.
2. **Access Control**: We enforce strict access controls to personal information. Only employees and personnel from authorized service companies who need to know the information to process it on our behalf have access to personal information. These individuals are bound by strict contractual confidentiality obligations, and failure to comply with these obligations may result in legal liability or termination of their relationship with us.
3. **Data Security**: We prioritize the security of your information and continuously strive to protect it. We implement end-to-end encryption during storage and transmission to prevent unauthorized access, use, or disclosure of your information. Certain encrypted data content is only accessible to the user.
4. **Special Data Security Measures**: When transmitting and storing certain types of sensitive personal information, we employ encryption and other security measures. For biometric information, we use technical measures to process and store the data securely.
5. **Partner and Provider Compliance**: We carefully select business partners and service providers, ensuring that our personal information protection requirements are included in our business contracts, audits, and assessments.
6. **Training and Awareness**: We conduct security and privacy protection training, testing, and awareness activities to enhance our employees' understanding of the importance of personal information protection.
7. **Handling Security Incidents**: Although the internet environment is not 100% secure, we strive to ensure the security of any information you send to us. Despite our best efforts and all reasonable and necessary measures, it is possible that your information may be accessed, stolen, tampered with, or destroyed illegally, potentially compromising your rights. Please understand and voluntarily assume these risks.
8. **Notification of Security Incidents**: In the event of a security incident involving user information, we will notify you promptly as required by law. This notification will include details about the incident, potential impact, measures we have taken or will take, recommendations for self-protection, and any remedial actions. We will inform you through email, letter, phone call, push notification, or other methods. If individual notifications are impractical, we will take reasonable and effective measures to issue a public notice. Additionally, we will proactively report the handling of user information security incidents to regulatory authorities as required.
V. How the Personal Information Protection Policy is Updated
We reserve the right to update or modify this privacy policy from time to time. We will send change notifications to you through various channels. For significant changes to the personal information protection policy, we will display the updated content through the software.
VI. How to Delete Your Account
We provide a way to delete your account: operate through the relevant interface of this software (More Functions → Settings → General Settings → Account center → Account → Delete Account). Clicking the delete account button will trigger a pop-up reminder to confirm the deletion. Once the account is deleted, the data associated with that account will be unlinked and deleted. If you wish to continue using the account, you will need to contact us to re-register. Once the registration is successful, you can continue to use the account, but the previously associated data will not be recoverable.
VII. Contact Information
If you have any questions or concerns regarding the Personal Information Protection Policy or practices, please contact us through the following means:
Company: AARUY Medical Electronics Co., Ltd.
Address: 20/F, West Block, Skyworth Semiconductor Design Building, No. 18 Gaoxin South 4th Road, Nanshan District, Shenzhen,China
Phone (1):+86-755-86543048
Phone (2): +86-755-86543049
Email: zrc@aaruy.com
Website: https://www.aaruy.com
Should you have any questions or concerns about our privacy policy or the processing of your personal data, you may contact us to exercise your data privacy rights.