Privacy Policy

Effective Date: January 1, 2026

This Policy applies only to the product "GearHead" and its related services operated by Shanghai Wuyi Technology Co., Ltd. (collectively, "we," "our," or "us"). This Policy explains how we collect, store, use, process, transmit, provide, disclose, and delete your personal information when you use GearHead, so that you can fully understand how your personal information is handled and what rights you have under this Policy.

Thank you for using the GearHead app

"GearHead" refers to the mobile applications and related services lawfully owned and operated by Shanghai Wuyi Technology Co., Ltd. ("Wuyi Technology", "we", or "us"), including but not limited to software on mobile devices. The GearHead service and all functions included in it are collectively referred to as "our products and/or services."

We understand that your personal information is important to you. We are committed to protecting the personal information and privacy of users who use our products and services (collectively, the "GearHead Services"). We take all reasonable precautions and comply with applicable laws, regulations, and requirements related to personal information protection to safeguard your personal information from misuse.

We aim to collect as little information as possible while still providing convenience and a good service experience, and we make every effort to protect your privacy.

Therefore, this Policy explains how we collect and use your personal information, and how we provide ways for you to access, correct, delete, and protect that information.

This Privacy Policy will help you understand the following:

1. What information we collect and how we collect and use your personal information;
2. How we use cookies or similar technologies;
3. How we may share, transfer, or disclose personal information;
4. How we retain, store, and protect your personal information;
5. How to manage your personal information;
6. Third-party SDK services;
7. Permissions requested within the application;
8. Notice of and revisions to this Privacy Policy;
9. How to contact us.

1. What information we collect and how we collect and use your personal information

We collect your personal information primarily to make it easier and more satisfactory for you to use the GearHead Services.

We collect and obtain your personal information through the following channels

Personal information provided by you. For example:

• personal information that you provide when registering a GearHead account or using GearHead Services;
• shared personal information that you provide to other parties through GearHead Services, as well as personal information stored by you while using GearHead Services.

We collect and use the following types of personal information for the purposes below

Helping you register for and log in to GearHead

To provide you with complete services, you need to provide basic registration or login information, including your mobile phone number, and create your account and password.

At the same time, in accordance with applicable laws and regulations or the needs of specific functions and services, you may also need to provide other personal information before using certain functions and services, such as your name, ID number, facial features, or other identity verification information. If you do not provide such personal information, we may be unable to provide the relevant functions and services.

If you no longer use the GearHead Services, you may contact us to cancel your account, subject to the conditions set forth in the service agreement and applicable laws and regulations. Once your account is cancelled or deleted, all service materials and data associated with that account under GearHead Services will be deleted or anonymized, unless otherwise required by law.

Providing services to you

The personal information we collect and use is necessary to provide GearHead Services to you. Without such personal information, we may be unable to provide the core functions of GearHead Services, including:

1. Publishing personal information: when you upload and/or publish personal information or engage in related activities through GearHead Services, we will collect the personal information you upload, publish, or generate, and may display your nickname, avatar, and posted content with your authorization.
2. Payment and settlement: if you make payments while using our services, you may choose the payment services provided by GearHead affiliates or third-party payment institutions cooperating with GearHead (collectively, the "Payment Institutions"). You may provide payment account information, such as a bank card number. During payment or after-sales service, we may need to share your order number and transaction amount information with the relevant Payment Institutions so they can confirm your payment instructions and complete payment.
3. Customer support and after-sales service: when you contact us, we may retain your communications or call records and content, or the contact information you leave with us, so that we can contact you, help resolve issues, or record the handling process and result of the issue. To confirm transaction status and provide after-sales support and dispute resolution services, we may collect your transaction, payment, or logistics information related to the transaction progress from the trading party, payment institution, logistics company, or other entities you choose in the transaction process, or share your transaction information with such service providers.

To provide better services, understand product compatibility, and identify abnormal account status, we may collect and associate personal information related to how you use our services, including:

1. Log information: when you use GearHead Services, we may automatically collect detailed information about your use of our services as network logs. Examples include your login account, search queries, IP address, browser type, carrier, network environment, language used, date and time of access, page browsing records, push notification open records, dwell time, refresh records, posting records, and sharing records.
2. Device information: depending on the permissions you authorize during software installation and use, we may receive and record information related to the device you use, such as IMEI, MAC, OAID, serial number, SIM IMSI identifier, device model, operating system and version, client version, device resolution, package name, device settings, process and software list, unique device identifiers, and software and hardware features, as well as location-related device information such as IP address, GPS location, WLAN access points, Bluetooth, and base station sensor information.

Please note that device information and log information alone generally cannot identify a specific natural person. If we combine this non-personal information with other personal information to identify a specific natural person, or use it together with personal information, we will treat such non-personal information as personal information during the period of combination, and unless otherwise authorized by you or required by law, we will anonymize or de-identify such information.

Personal information collected indirectly:

We may obtain personal information shared with authorization from administrators or third-party partners. For example, we may obtain account information authorized by you from third parties, such as your avatar, nickname, and login time, and bind that third-party account to your GearHead account after you agree to this Privacy Policy, so that you can log in and use our products and/or services directly through the third-party account. We will collect and use such personal information only in compliance with applicable laws and regulations and our agreements with affiliated parties or third-party partners, and only when we are satisfied that the source of the information is lawful.

1. Sending you notifications or messages

   We may send you service-related notifications when necessary, for example when a single service is suspended, changed, or terminated due to system maintenance.

2. Displaying and recommending products or services to you

   Based on information you provide, information we may collect, and information we obtain indirectly, such as browsing and search information, device information, location information, order information, and mobile phone number, we may send advertisements limited to GearHead-related products so that we can provide services that better match your needs. We may also send marketing information or user surveys via text message or other means to help improve our services and promote products and services offered by us or our business partners.

3. If you do not wish to continue receiving our messages, you may ask us to stop sending them

   For example, you may follow unsubscribe instructions in text messages or change settings on your mobile device to stop receiving our messages, except where we are required by law or under the relevant service agreement to continue sending them.

Providing security for you

To improve the security of the services provided by us and our partners, protect you, other users, or the public from harm to personal or property safety, better prevent phishing websites, fraud, network vulnerabilities, computer viruses, cyberattacks, and intrusions, and more accurately identify violations of laws, regulations, or the GearHead service rules, we may collect, use, or integrate your account information, transaction information, device information, log information, and personal information shared by our affiliates or partners with your authorization or as permitted by law, so as to assess account and transaction risks, conduct identity verification, detect and prevent security incidents, and lawfully take necessary recording, auditing, analysis, and handling measures.

Improving our services

We may use personal information collected through one GearHead service in our other services. For example, personal information collected when you use one GearHead service may be used in another GearHead service to provide you with specific content or show you more relevant information rather than general recommendations. We may also invite you to participate in surveys related to GearHead Services to help us improve existing services or design new services. In addition, we may use your personal information for software updates.

You understand and agree that, after collecting your personal information, we may use technical measures to de-identify the data. Personal information that has been de-identified can no longer identify you, and in that case we may use such de-identified personal information to optimize product functions.

Other purposes

Please note that if we intend to use your personal information for purposes not stated in this Privacy Policy, or collect additional personal information not mentioned here, we will obtain your prior consent separately, for example through a checkbox, pop-up, in-site message, or text message. Once you consent, such additional purposes and personal information will also be subject to this Privacy Policy.

Exceptions to obtaining consent

Under applicable laws and regulations, we may collect your personal information without your consent in the following circumstances:

1. matters related to national security or national defense;
2. matters related to public safety, public health, or significant public interest;
3. matters related to criminal investigation, prosecution, trial, or enforcement of judgments;
4. where it is necessary to protect the life, property, or other major lawful rights and interests of the personal information subject or another individual, but it is difficult to obtain the individual's consent;
5. where the personal information is disclosed to the public by you on your own initiative;
6. where the personal information is collected from lawfully disclosed public information, such as lawful news reports or government disclosures;
7. where necessary for entering into or performing a contract at your request;
8. where necessary to maintain the safe and stable operation of GearHead Services, such as identifying or handling service failures;
9. where necessary for lawful news reporting;
10. other circumstances provided by laws and regulations;
11. You understand and agree that the GearHead Services may require you to enable specific permissions on your device, such as access to location information, camera, photo album, microphone, contacts, and/or calendar, in order to collect and use the personal information involved in those permissions. When you need to disable such functions, most mobile devices support doing so. Please refer to or contact your mobile device provider or manufacturer for details. Please note that enabling any permission means that you authorize us to collect and use the relevant personal information to provide the corresponding service, and disabling any permission means that you withdraw that authorization. We will then stop collecting and using the related personal information and will no longer be able to provide the corresponding service. However, your decision to disable permissions will not affect prior collection and use of personal information based on your authorization.
12. Notice regarding sensitive personal information.

The personal information provided by you or collected by us may include sensitive personal information, such as bank account information, transaction and spending records, virtual property information, system accounts and passwords, telephone numbers, browsing history, and location information. Please handle sensitive personal information carefully. You agree that we may process your sensitive personal information for the purposes and in the manner described in this Privacy Policy.

2. How we use cookies or similar technologies

We use our own cookies for purposes including:

1. remembering your identity, for example helping us recognize you as a registered user;
2. analyzing your use of our services, such as understanding what activities you perform with GearHead Services and which services are most popular.

You can refuse or manage cookies through your browser or user choice mechanisms. However, if you disable cookies, we may not be able to provide you with the best service experience and some services may not function properly.

3. How we may share, transfer, or disclose personal information

Sharing

Except for the circumstances below, we will not share your personal information with any third party outside us and our affiliates without your consent:

1. to provide our services to you, for example by sharing your personal information with partners and other third parties to implement core functions or provide services you need, such as providing your mobile phone number to SMS service providers;
2. to maintain and improve our services, for example by sharing your personal information with partners and other third parties to help us provide you with better targeted and more complete services, such as communication service providers that send emails or push notifications on our behalf;
3. to achieve the purposes described in Section 1 of this Privacy Policy;
4. to perform our obligations and exercise our rights under this Privacy Policy or other agreements with you;
5. within the scope permitted by laws and regulations, to comply with the law or protect the interests, property, or safety of us, our affiliates, our partners, you, other GearHead users, or the public, such as for preventing fraud and reducing credit risks. This does not include selling, renting, sharing, or otherwise disclosing personal information for profit in violation of the commitments made in this Privacy Policy;
6. to help resolve disputes or controversies between you and others at your lawful request;
7. to provide your personal information at the lawful request of your guardian;
8. to provide your personal information as agreed in an individual service agreement signed with you, including online agreements and corresponding platform rules, or other legal documents;
9. to provide your personal information where based on public interest in accordance with laws and regulations.

We will share your personal information only for lawful, proper, necessary, specific, and explicit purposes. We will enter into strict confidentiality agreements with the companies, organizations, and individuals with whom we share personal information, requiring them to process personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures.

Transfer

1. As our business continues to develop, we may engage in mergers, acquisitions, asset transfers, or similar transactions, and your personal information may be transferred as part of such transactions. We will require the new holder of your personal information to continue to be bound by this Privacy Policy, or otherwise require that company or organization to obtain your authorization and consent again.
2. We may transfer your personal information to other parties after obtaining your explicit consent.

Disclosure

We will disclose your personal information only in the following circumstances and only after taking security measures that comply with industry standards:

1. in accordance with your requirements and in the manner expressly agreed by you;
2. where it is necessary to provide your personal information according to laws, regulations, or compulsory administrative or judicial requirements. In compliance with the law, we will require the recipient to provide corresponding legal documents, such as subpoenas or investigation letters, before disclosing personal information. We believe that requests for personal information should be handled as transparently as possible within the scope permitted by law. We carefully review all such requests to ensure they are legally grounded and limited to data that law enforcement authorities have a lawful right to obtain for a specific investigation purpose.

Exceptions to prior consent for sharing, transfer, and disclosure

In the following circumstances, sharing, transferring, or disclosing your personal information does not require your prior consent:

1. matters related to national security or national defense;
2. matters related to public safety, public health, or significant public interest;
3. matters related to criminal investigation, prosecution, trial, or enforcement of judgments;
4. where it is necessary to protect the life, property, or other major lawful rights and interests of you or another individual, but it is difficult to obtain the individual's consent;
5. where the personal information is disclosed to the public by you on your own initiative;
6. where the personal information is collected from lawfully disclosed public information, such as lawful news reports or government disclosures.

According to the law, sharing or transferring de-identified personal information, where the recipient cannot recover and re-identify the personal information subject, does not constitute external sharing, transfer, or public disclosure of personal information. The storage and processing of such data therefore does not require separate notice to you or your consent.

4. How we retain, store, and protect your personal information

We retain your personal information only for the period necessary for the purposes described in this Policy and within the retention periods required by laws, regulations, and regulatory authorities. If we terminate our services or operations, we will promptly stop collecting your personal information, provide advance notice as required by applicable laws and regulations, and delete or anonymize your personal information after termination of services or operations, unless otherwise required by laws or regulations.

Personal information collected and generated during our operations within the territory of the People's Republic of China is stored within China, except in the following situations:

1. where laws or regulations expressly provide otherwise;
2. where we have obtained your authorization and consent;
3. where you use GearHead Services and it is necessary to transfer your personal information outside of China to complete a transaction.

In the above circumstances, we will ensure that your personal information is adequately protected in accordance with this Privacy Policy and applicable laws and regulations.

We attach great importance to personal information security and will take all reasonably practicable measures to protect your personal information.

Data security measures

We adopt security safeguards that meet industry standards, including establishing reasonable institutional rules and security technologies to prevent unauthorized access, use, or modification of your personal information and to avoid data damage or loss. Network services use various encryption technologies. For example, in some services, we use encryption technologies such as SSL to protect your personal information, store your personal information in encrypted form, and isolate it through isolation techniques. When personal information is used, such as display and association calculation, we use multiple data masking technologies to improve security during use. We also use strict data access controls and multi-factor identity verification technologies to protect personal information from misuse.

1. Other security measures we take to protect personal information:

   1. We manage and standardize the storage and use of personal information by establishing regular data backup systems, data classification and grading systems, data security management specifications, and secure development specifications.
   2. We exercise comprehensive security control over data through confidentiality agreements, monitoring, and auditing mechanisms for personnel who can access personal information. We also record all operations performed by those personnel to facilitate tracing in the event of a data leak.
   3. We allow access to your personal information only to employees of us, our affiliates, and our partners who need to know such information, and we have established strict access control and monitoring mechanisms for this purpose. We also require all persons who may have access to your personal information to fulfill corresponding confidentiality obligations. Failure to do so may result in legal liability or termination of cooperation.

2. The internet is not an absolutely secure environment, and we cannot guarantee that communications through email, instant messaging, social software, or other tools are fully encrypted. We recommend that you use complex passwords and pay close attention to protecting your personal information when using such tools.

3. We will make every effort to ensure the security of any personal information you send to us. If our physical, technical, or managerial safeguards are compromised and your lawful rights and interests are harmed due to unauthorized access, disclosure, tampering, or destruction of personal information, we will bear the legal responsibilities required by law.

Handling security incidents

In the unfortunate event of a personal information security incident, we will, in accordance with laws and regulations, promptly inform you of the basic situation and possible impact of the incident, the measures we have taken or will take, suggestions for you to prevent and reduce risks on your own, and remedial measures available to you. We will also promptly inform you of the relevant circumstances by email, letter, SMS, phone, push notification, or other means. Where it is difficult to notify individual personal information subjects one by one, we will issue announcements in a reasonable and effective manner. At the same time, we will report the handling of personal information security incidents to the regulatory authorities as required.

Please understand that, due to technological limitations and the limitations of risk prevention measures, even though we have done our best to strengthen security measures, we cannot always guarantee 100 percent security of personal information. You need to understand that the systems and communication networks you use to access GearHead Services may encounter problems outside our control.

5. How to manage your personal information

We encourage you to update and modify your personal information so that it remains accurate and effective. Please also understand that your decision to correct, delete, withdraw authorization for, or stop using GearHead Services does not affect our prior processing of your personal information based on your authorization. Unless otherwise required by laws and regulations, when you correct or delete your personal information or apply to cancel your account, we may not immediately correct or delete the corresponding personal information in backup systems, but will do so when the backups are updated.

You may manage your personal information in the following ways:

Accessing, correcting, and deleting your personal information

You may access your personal information through GearHead Services and complete or request modification, supplementation, or deletion according to the corresponding management method for that personal information. We will take appropriate technical measures or provide contact channels for requests to ensure, as far as possible, that you can access, update, and correct your own personal information or other personal information you provide when using GearHead Services.

Before accessing, correcting, or deleting personal information, we may require identity verification to protect the security of personal information. For personal information collected through cookies or similar technologies, we have also described the choice mechanisms available to you in Section 2 of this Privacy Policy. If you are unable to access or correct such personal information through the above paths, you may contact us using the contact details provided in Section 9 of this Policy. For other personal information generated during your use of GearHead Services, we will respond to your requests according to the methods, time limits, and scope set out in this Policy. We may also require identity verification before deleting certain personal information in order to safeguard personal information security.

You may request that we delete personal information in the following circumstances:

1. if our processing of personal information violates laws or regulations;
2. if we collect or use your personal information without obtaining your consent;
3. if our processing of personal information seriously violates our agreement with you;
4. if we no longer provide GearHead Services to you.

If we decide to respond to your deletion request, we will also, to the extent possible, notify entities that obtained your personal information from us and require them to delete it in a timely manner, unless otherwise required by laws and regulations or unless those entities have independently obtained your authorization.

Public disclosure and sharing

Many of our services allow you to publicly share your relevant personal information not only with your social network but also with all users of that service. For example, personal information you upload or publish in GearHead Services, including location data and log information related to such personal information, may remain in the public domain as long as you do not delete the information you make public or share. Even if you delete shared personal information, such information may still be independently cached, copied, or stored by other users or third parties not under our control, or may remain in the public domain through those users or third parties. If you publicly disclose or share personal information through the above channels, we are not responsible for the resulting disclosure of that personal information. Therefore, we remind you to carefully consider whether to publicly disclose or share personal information through such channels.

When you use our services and want to share content you like to third-party apps, we need to determine whether those apps are installed so that we can provide the correct sharing function. We use merged channel technology for push delivery. After app initialization, we read the list of installed applications. When a device has multiple active push channels from different apps, we may randomly merge them into one channel to save power and data traffic, and therefore need access to the application list.

Changing the scope of your authorization and consent

You can always choose whether to disclose personal information. Some personal information is necessary for using GearHead Services, but most other personal information is provided at your discretion. You may change the scope of your authorization for us to continue collecting personal information or withdraw your authorization by deleting personal information, turning off device functions, or by other means.

When you withdraw authorization, we will no longer be able to provide the services corresponding to the withdrawn authorization and will no longer process the corresponding personal information. However, your decision to withdraw authorization does not affect prior processing of personal information based on your authorization.

Cancelling your account

If you need to cancel your account, please go to "Settings" -> "Account Details" -> "Delete Account" to complete the cancellation yourself.

To ensure data security, PRO accounts can only be cancelled after the subscription has expired. Twenty-four hours after account cancellation, we will stop providing products or services to you and delete your personal information upon your request, unless otherwise required by laws and regulations.

6. Third-party SDK services

GearHead Services may link to social media or other services provided by third parties, including websites or services in other forms, including:

1. you may use the "Share" button to share certain content to third-party platforms such as WeChat, or use third-party services to log in to GearHead Services. These functions may collect your personal information, including your log information, and may place cookies on your device so that those functions can operate properly;
2. our product integrates the TalkingData analytics SDK. To ensure the secure and stable operation of the software and services and improve operational quality and efficiency, we collect your device hardware model, operating system version, device identifiers, including Android IMEI, AndroidID, OAID, IMSI, ICCID, MEID, hardware serial number, network hardware address (MAC address), IP address, WLAN access points such as SSID and BSSID, Bluetooth, base station, software version, network access method, type, status, network quality data, operation and usage logs, service logs, and device sensor data. For more information, please visit the TalkingData Group Privacy Policy;
3. we may provide links through advertisements or other means in our services so that you can access third-party services or websites;
4. other circumstances in which third-party services are connected.

The above third-party social media or other services are operated by the relevant third parties. If you need to use such services, including any personal information you provide to such third parties, you are subject to the third party's own service terms and privacy policies rather than this Privacy Policy. Please read those terms carefully. This Privacy Policy applies only to personal information collected by GearHead and does not apply to services provided by any third party or to any rules under which third parties use your personal information, and we bear no responsibility for any third party's use of personal information you provide.

Details of SDK usage are as follows:

Analytics SDK

SDK Name: TalkingData Analytics SDK Company: Beijing Tendcloud Tianxia Technology Co., Ltd. Purpose: Analytics Types of personal information collected: IP address, device model information, operating system version information, network information (carrier/Wi-Fi), unique device identifiers (IMEI/MEID/ANDROID ID/IDFA/OPENUDID/GUID, SIM ISIM or ICCID information), MAC address, ADID, Android anonymous device identifiers (OAID/VAID/AAID, etc.), Android advertising identifiers, and installed app list Related policy: https://www.talkingdata.com/privacy.jsp

7. Permissions requested within the application

We need to request certain system permissions involving personal privacy to ensure that some features in the app can function properly. We will request your authorization when you use those features and will access your personal information only after obtaining your explicit authorization. If you do not need those functions, you may refuse authorization. If you have never used those functions, we will not request the relevant permissions or access your personal information.

The permissions we request and their corresponding functions include the following:

Permissions requested by the iOS app

• Access to the system camera: when you need to take photos or upload image attachments from your photo library while creating or editing content;
• Permission to write to the photo library: when you save generated images to your device while sharing content;
• Permission to read device identifiers: for product function analysis and improvement without associating the information with your identity.

Permissions requested by the Android app

• Permission to take photos or read from the photo library: when you need to take photos or add images while creating or editing content;
• Permission to write to external storage: when you save generated images to your device. After authorization, this permission also supports saving generated images locally and writing SD card information during mobile number authentication;
• Permission to read external storage: when you upload images while creating or editing content;
• Permission to read the clipboard: when you activate any input field, so you can quickly paste information for login or adding gear;
• Permission to read device identifiers: for product function analysis and improvement without associating the information with your identity.

Permissions requested by the HarmonyOS NEXT app

• Permission to take photos or read from the photo library: when you need to take photos or add images while creating or editing content;
• Permission to write to external storage: when you save generated images to your device. After authorization, this permission also supports saving generated images locally and writing SD card information during mobile number authentication;
• Permission to read external storage: when you upload images while creating or editing content;
• Permission to read the clipboard: when you activate any input field, so you can quickly paste information for login or adding gear;
• Permission to read device identifiers: for product function analysis and improvement without associating the information with your identity.

8. Notice of and revisions to this Privacy Policy

We may revise the terms of this Privacy Policy from time to time, and such revisions form part of this Privacy Policy. For material changes, we will provide more prominent notice. If you do not agree with the revised Policy, you may stop using GearHead Services. If you continue to use GearHead Services, you will be deemed to have accepted the revised Privacy Policy.

We encourage you to review our Privacy Policy each time you use GearHead Services.

We may send service-related announcements when necessary, for example when a particular service is suspended due to system maintenance. You may not be able to opt out of such announcements when they are not promotional in nature.

Finally, you must keep your account and password confidential and secure at all times.

9. Contact us

Company: Shanghai Wuyi Technology Co., Ltd.

If you have any questions, please send an email to hi@51ai51.com or contact us through the official feedback channel.