Updated: August 24, 2022
Effective: August 24, 2022

We, Jia Finance Inc. (hereinafter “we” or “Jia Finance”), understand the importance of your privacy. We strive to ensure the safety of your Personal Information. We are committed to maintaining your trust in us and protecting your Personal Information by adhering to the following principles: the principle of consistent rights and responsibilities, the principle of clear purpose for our actions and practices, the principle of choice by consent, the principle of efficiency, the principle of ensuring security, the principle of participation by data subjects, and the principle of openness and transparency. At the same time, we dedicated to take appropriate security measures to safeguard your Personal Information in accordance with the industry’s proven safety standards. This Privacy Policy explains how we collect, use and share Personal Information on our own website and mobile applications (including applications/applets hosted by third party providers), through our provision of relevant services (collectively, the “services”), or through your use of our services.

Please carefully read this Privacy Policy and gain an understanding before using our products or services. In particular, please pay extra attention to the emboldened and highlighted terms, and make sure that you fully understand and agree to them before you begin using our products or services. By continuing to use the services, you agree to the terms of this Privacy Policy and to the collection, use, disclosure, and storage of your Personal Information as described herein. If you have any questions, comments, or suggestions regarding the content of this Policy, you may contact us via the contact methods provided by Jia Finance.

Particularly, we would like to bring to your attention that this Privacy Policy is common to all our products and/or services. When you use any of our products and/or services, this Privacy Policy applies regardless of whether the products and/or services contains separate privacy provisions, or whether you are a browsing user (guest) or a registered login user. However, please note that this Privacy Policy does not apply in the following situations:

• (1) Information collection/processing practices by third parties who provide advertising services for our products and/or services.
  
  
• (2) Our products and/or services may contain or link to information and/or services provided by third parties (including any third-party applications, websites, products, services, etc.). These components of information and/or services are operated by third parties, and your use of such information and/or services is not related to our products and/or services. We hereby kindly remind you that when you use such third-party information and/or services, you should pay attention and carefully read the relevant user agreements and privacy policies displayed to you by such third parties, and store and provide your Personal Information with caution. This Privacy Policy applies only to your Personal Information collected by us and does not apply to the collection of your Personal Information by any third party, nor the services provided by any third party, nor the rules for the use of information by third parties. We will not be liable for any collection, storage and use of your Personal Information by third parties to the extent permitted by law.
  
  
• (3) Other products and/or services not provided to you by Jia Finance.

Please click on the links below to obtain more information on relevant parts of this Privacy Policy.

The types of Personal Information we need/may need to collect and use about you in connection with your use of our products and/or services include:

• 1. To achieve the basic functions of our products and/or services provided to you, you must authorize us to collect and use certain necessary information. If you refuse to provide relevant information, you will not be able to properly use our products and/or services, as well as our basic business functions, including user registration services, real name authentication, mortgage rate inquiries, and security operations.
  
  
• 2. To provide you with additional features of our products and/or services, you may choose to authorize other forms of information that we collect and use. If you refuse to provide authorization, you will not be able to use certain additional features properly or to achieve the functions we intend to achieve, but this will not affect your normal use of the basic features of our products and/or services.

You understand and agree that:

• 1. We are committed to creating a wide range of products and services to meet your needs. Due to the variety of products and services we provide to you and the differences in the scope of specific products/services that different users choose to use, accordingly, the basic/additional features and the type and scope of Personal Information collected and used may differ, so please refer to the specific product/service features.
  
  
• 2. Please understand that, as our business develops, there may be adjustments and changes to the functions and services provided by Jia Finance. In principle, when a new function or service is related to the function or service we currently provide, the Personal Information collected and used will be directly or reasonably related to the original purpose of processing. In scenarios where there is no direct or reasonable connection to the original purpose of processing, we will again inform you and obtain your consent for the collection and use of your Personal Information. When doing so, we will explain to you the purpose and scope of collection of relevant information as well as ways of use by updating this Privacy Policy, providing you with pop-up windows, page prompts, and/or notification through other means. We will also provide you with the means to choose the way you give consent, and then collect and use information with your express consent.
  
  In this process, if you have any questions, comments, or suggestions, you can contact us via the contact information in Section XI. We will answer as soon as possible.

For the purposes of this Privacy Policy, we will only collect and use your Personal Information for the following core business functions. If you do not provide the relevant information, you will not be able to enjoy the products and/ or services we offer.

• We provide you with basic user services through your Jia Finance account. To register as a user and use our basic services, you will need to provide your cell phone number, proposed username and password to create a Jia Finance account. If you only need to use the browsing and search services, you do not need to register as a user and provide the above information.
  
  
• For services that require a Jia Finance account to access, we may verify your user identity based on the information you provide above to ensure that we are providing the service to you personally.
  
  
• If you choose to use SMS verification codes to log in, you authorize and agree to our invoking your SMS receiving and processing functions to send you SMS messages to verify your identity.
  
  
• When you use a third party platform account (e.g. WeChat) to log in to Jia Finance, you need to authorize Jia Finance to read and share the public information that you have published and recorded on that third party platform (including one or more types of information such as your nickname, avatar, region, gender, and contact email), within the permission of relevant laws and regulations, in order to bind your third party account to your Jia Finance account and to remember your Jia Finance user login identity.

• When you use the function of identity authentication or related services, in accordance with relevant laws and regulations, you may need to provide your real identity information (real name, ID card number, telephone number, e-mail address) to complete the real name verification. Such information may involve Sensitive Personal Information, for which we will separately explain to you the purpose, scope and use of the corresponding information by means of pop-up windows, page prompts, etc., and provide you with the means to independently choosing to give consent. We collect and use such information after obtaining your express consent. You may refuse to provide information. If you refuse, you may not be able to access the relevant services, but it will not affect the normal use of other functions and services.

• When you use the mortgage interest rate search, we will collect information provided by you, including property information, location information, asset information, etc. This information may involve Sensitive Personal Information, for which we will separately explain to you the purpose, scope and use of the corresponding information by means of pop-up windows, page prompts, etc., and provide you with the means to independently choosing to give consent. We collect and use such information after obtaining your express consent. You may refuse to provide information. If you refuse, you may not be able to access the relevant services, but it will not affect the normal use of other functions and services.
  
  
• When you use the human service function, we will request identification and ask you to authorize camera and photo permissions. If you refuse to provide authorization, you will not be able to use this feature, but it will not affect your normal use of other features of Jia Finance.
  
  
• With your authorization, we may obtain your phone status including Unique Device Identifier (unique ID or UUID) and identity, memory card contents, external storage space, system settings to provide real-time push message and notification functions, and information related to the location of the Equipment. Most cell phone terminal manufacturers currently support the change of Equipment identifier to ensure your independent control of Personal Information. The specific withdrawal or change methods can be found in the description of the Equipment you are using.

• We are committed to providing a safe and reliable product and use environment for you. Providing quality and reliable service and information is our core objective. The information collected to achieve these safety functions is necessary information.
  
  
• To ensure the safe operation of our software and services, we collect your hardware model, operating system version number, IMDI, Unique Device Identifier, network device hardware address, IP Address, WLAN access point information, and phone status, including obtaining IMEI, Bluetooth, base station, software version number, network access method, type, status, network quality data, operation, usage, and Server Logs.
  
  
• To prevent malicious programs and ensure security operations, we may use third-party SDKs, including Umeng and Tencent Bugly, to collect information on installed applications or running processes, overall application operation, usage and frequency, application crashes, overall installation and usage, performance data, and application sources. For the identity of the relevant third party and the purpose of information collection practices, etc., please refer to the description of the third party SDK in Annex I.
  
  
• We may use your account information, Equipment information, Server Logs, and information that our affiliates and partners have been authorized or are legally allowed to share for the purpose of determining account security, authenticating, detecting, and preventing security incidents.

We may send marketing communications and information about products and services that we think may be of interest to you directly to the email address you have used to register. You may contact us through the contact information in Section XI, and it is up to you to opt out of any future marketing communications from us.

To provide you with Jia Finance products and/or services, we may need to use the system permissions in your Equipment to collect relevant Personal Information. This part of the Privacy Policy summarizes all the system permissions that we cover in Section I(I) to facilitate a more systematic, complete and transparent presentation to you. We will prompt you in a pop-up window when you use a relevant service in order to ask whether you want to enable the corresponding permission. You can check the status of each of these permissions in your Equipment settings and decide for yourself whether to turn them on or off at any time. Please note that by turning on any permission, you authorize us to collect and use the relevant Personal Information to provide you with the corresponding services, and by turning off any permission, you cancel your authorization, and we will no longer collect and use the relevant Personal Information based on the corresponding permission and will not be able to provide you with the services corresponding to that permission. For more information about the permissions, please refer to the “Jia Finance Permissions List” in Annex I.

Please understand that, in accordance with laws and regulations and relevant national standards, we do not require your authorized consent to collect and use your Personal Information in the following circumstances:

• 1. Information directly related to national security or national defense security.
• 2. Information directly related to public safety, public health, or significant public interests.
• 3. Information directly related to crime investigations, prosecution, trial, and sentence enforcement.
• 4. For safeguarding the life, property, and other significant legitimate rights and interests of the subject of Personal Information or other individuals, but where it is difficult to obtain the consent of the individual.
• 5. Personal Information collected about you that is disclosed to the public by you at your own discretion.
• 6. Personal Information is collected from legitimate public disclosures, such as legitimate news reports, government disclosures, and other sources.
• 7. Information necessary to enter or perform a contract upon your request.
• 8. Information necessary for maintaining the safe and stable operation of the software and related services, such as detecting and disposing of malfunctions of the software and related services.
• 9. Information necessary for legitimate journalism.
  
  
• 10. When an academic research institution conducts statistical or academic research for the purpose of the public interest and provides the results of academic research or descriptions to the public, in a manner that de-identifies the Personal Information contained in the results.
  
  
• 11. Other circumstances as stipulated by laws and regulations. In particular, we remind you that if information cannot be used to identify to your personal identity, alone or in combination with other information, it is not your Personal Information in a legal sense; when your information can be used to identify to your personal identity, alone or in combination with other information, or when we use data that cannot be linked to any specific Personal Information in combination with your Personal Information, such information will be treated as your Personal Information, and is treated and protected in accordance with this Privacy Policy.

• To ensure that Jia Finance’s app and applets work properly, to make the access experience easier for you, and to suggest content that may be of interest to you, we may store cookies, Flash cookies, or other local storage provided by your browser (or associated application) on your Equipment that typically contains an identifier, site name, and some numbers and characters (collectively "cookies"). With the help of cookies, apps and applets can store data such as your preferences and the items in your shopping cart.
  
  
• You may modify your acceptance of cookies or reject our cookies if your browser or browser add-on service allows you to do so, but if you do so, it may in some cases affect your secure access to our app and applets and may require you to change your user settings each time you visit our app and applets.

• In addition to cookies, we may also use Tokens and other similar technologies. Tokens allow us to track the buttons or links you click on our products and help us understand your product or service preferences so that we can proactively improve the customer service experience.

To provide and optimize our products or services, we have third-party SDKs embedded in our apps and applets. These third-party SDKs, when assisting our efforts to provide you with more comprehensive services, may collect your Personal Information and provide such Personal Information to third parties in a limited manner under our control. We will take the necessary steps to control the collection and use of your Personal Information by these third-party SDKs and to ensure, including through contracts, that your Personal Information is protected to a degree no less than that set forth in this policy. For details on the identity of the third parties and the purpose of collection, etc., please see the description of the third-party SDKs in Annex I of this policy.

We limit the information we send to our service providers and require our service providers to use any shared Personal Information only to provide the requested services in accordance with this Privacy Policy, and require such service providers to have adequate security measures in place to protect any Personal Information you share. We will not share, sell, or disclose your Personal Information except as set forth in this Privacy Policy.

We do not share your Personal Information with companies, organizations, and individuals outside of Jia Finance, except for under the following situations:

• 1. Sharing under legal circumstances: We may share your Personal Information to the public in accordance with laws and regulations, litigation, dispute resolution needs, or as requested by administrative or judicial authorities in accordance with the law.
  
  
• 2. Sharing with explicit consent: We may share your Personal Information with other parties after obtaining your explicit consent.
  
  
• 3. Sharing with affiliates: Your Personal Information may be shared with our affiliates. We will only share Personal Information that is necessary and subject to the purposes stated in this Privacy Policy. We will seek your consent again if we share your Sensitive Personal Information or if our affiliates change the purposes for which the Personal Information is used and processed.
  
  
• 4. Sharing with Partners: We may delegate some functions to our partners to provide certain services to you or for them to perform functions on our behalf, such as providing credit history services, identity verification, and employment verification. We will only share your information for purposes that are legal, legitimate, necessary, specific, and explicit as stated in this Privacy Policy. Authorized partners will only have access to the information they need to perform their duties and will not use this information for any other purpose. We will carefully evaluate the purposes for which third parties use shared information, make a comprehensive assessment of the security and safety capabilities of those partners, and require that they follow the legal agreements for cooperation. We will conduct strict security monitoring of the software tool development kits (SDKs) and application program interfaces (APIs) used by our partners to obtain information to protect data security. Please see Annex II for an itemized list of situations in which we share your Personal Information with our authorized partners.

We will not transfer your Personal Information to any company, organization or individual, except for under the following situations:

• 1. Transfers with explicit consent: we will transfer your Personal Information to other parties after obtaining your explicit consent.
  
  
• 2. In the event of a merger, acquisition, or bankruptcy liquidation, or in other situations involving a merger, acquisition, or bankruptcy liquidation, if the transfer of Personal Information is involved, we will require the new company or organization holding your Personal Information to continue to be bound by this policy, or we will require the company, organization and individual to seek your authorized consent again.

We will only publicly disclose your Personal Information when:

• 1. We have obtained your express consent or are doing so based on your voluntary choice.
  
  
• 2. We may disclose your Personal Information publicly if compelled to do so by law, legal procedures, litigation, or orders from a competent governmental authority.

Please understand that, in accordance with laws, regulations and national standards, we do not need your prior authorized consent to share, transfer or publicly disclose your Personal Information under the following circumstances:

• 1. Information that is directly related to national security or national defense security.
• 2. Information that is directly related to public safety, public health, or significant public interests.
• 3. Information that is directly related to crime investigations, prosecution, trial, and sentence enforcement.
• 4. For the purpose of safeguarding your or other individuals’ vital legal rights and interests such as life and property, but where it is difficult to obtain consent.
• 5. Personal Information that you disclose to the public at your own discretion.
• 6. Personal Information that has been collected from legitimate publicly disclosed information, such as legitimate news reports, government information disclosure, and other sources.

Please be aware that, in accordance with applicable laws, if we take technical measures and other necessary measures to process Personal Information in such a way that the recipient of the data cannot re-identify a specific individual and cannot recover it, the sharing, transfer, or public disclosure of such processed data does not require separate notification to you and your consent.

• (I) We have implemented reasonable and practicable security measures that meet industry standards to protect your information from unauthorized access, public disclosure, use, modification, damage, or loss. For example, we use encryption technology to enhance the security of Personal Information; we use trusted protection mechanisms to prevent malicious attacks on Personal Information; we deploy access control mechanisms to ensure that only authorized personnel have access to Personal Information; and we enhance employee awareness of the importance of protecting Personal Information.
  
  
• (II) We will improve the security of the whole system in multiple dimensions, such as organization construction, system design, personnel management, and product technology.
  
  
• (III) We will take all reasonable and practical steps to ensure that no unrelated Personal Information is collected. We will only retain your Personal Information for as long as is necessary to achieve the purposes described in this Privacy Policy unless an extended retention period is needed or permitted by law.
  
  
• (IV) The Internet is not an absolutely secure environment, and since it is impossible to determine whether email, instant messaging, social networking software and other methods of communication with other users are fully encrypted, we recommend that you use complex passwords when using such tools and take care to protect the security of your Personal Information. We will make every effort to safeguard the security of any information you send us. If our physical, technical, or administrative safeguards are breached, resulting in unauthorized access, public disclosure, tampering or destruction of information, which lead to damage to your legal rights and interests, we will be liable in accordance with relevant laws.
  
  
• (V) After an unfortunate occurrence of any Personal Information safety breach incident, we will inform you in accordance with the requirements of laws and regulations, including: the basic situation of the incident and the possible impact, measures we have taken or will take, suggestions for you to independently prevent and reduce relevant risks, remedial measures for you, etc. We will inform you by email, letter, telephone, push notification, etc. When it is difficult to inform the subjects of Personal Information one by one, we will choose a reasonable and effective way to publish an announcement.
  
  
• (VI) At the same time, we will also report the disposition of Personal Information security breach incidents as required by the regulatory authorities. However, no website, app or transmission can fully guarantee the security of Personal Information. Therefore, while we have established and are maintaining procedures that we believe are reasonable to protect the confidentiality, security and integrity of Personal Information obtained through our services, we cannot guarantee the security of any Personal Information that you transmit to us.

We may retain Personal Information about you for the purposes expressed in this Privacy Policy. When Personal Information is no longer necessary to achieve such purposes, we will retain the Personal Information in a form that does not identify you, unless we are required by law to retain the Personal Information for a longer period.

The Personal Information associated with your account is usually retained as long as your user account is active. After cancellation of your account, your Personal Information will be deleted or anonymized within one month.

You can access and manage your Personal Information in the following ways:

You may request access to any Personal Information we hold about you at any time. If you believe that the Personal Information we hold about you is incorrect, incomplete or inaccurate, you may request that we correct that information. We will consider whether such information needs to be amended. If we do not both agree that there is a reason to amend the relevant Personal Information, then we will add a note to the Personal Information to indicate that you do not consent to the amendment of such information. In response to the foregoing request, you may contact us by using the contact information in Section XI.

You may delete some of your information in the manner specified in Section XI. You may also make a request to us to delete your Personal Information in the following cases:

• 1. If our handling of Personal Information violates laws and regulations.
• 2. If we collect and use your Personal Information without your explicit consent.
• 3. If our processing of Personal Information is in material breach of our agreements with you.
• 4. If you no longer use our products or services, or if you voluntarily cancel your account.
• 5. If we permanently cease to provide products or services to you.
  
  If we decide to respond to your request for deletion, we will also notify the subjects who received your Personal Information from us, if possible, and request that they delete it promptly (unless otherwise required by applicable laws or regulations, or unless these subjects have independently obtained your authorization).

After you have deleted, or we have assisted you in deleting the relevant information, we may not be able to immediately remove the corresponding information from the backup system because of applicable laws and security technology. We will securely store your Personal Information and isolate it from any further processing until the backup can be made anonymous.

Each business function requires some basic Personal Information in order to be completed (see Section I of this Privacy Policy). You may give or withdraw your authorized consent for the collection and use of additional Personal Information collected at any time. You may give or withdraw your consent by, for example, changing the settings of your Equipment.

When you withdraw your consent, we will no longer process the corresponding Personal Information. However, your decision to withdraw your consent will not affect the processing of personal data previously carried out on the basis of your authorization.

You can apply for cancellation of your account in the ways listed in Section XI.

After you voluntarily cancel your account, we will stop providing you with products or services, delete your Personal Information or anonymize it as required by applicable law.

For security purposes, you may be required to provide a written request or otherwise prove your identity. We may ask you to verify your identity before processing your request.

We will respond within 15 days. If you are not satisfied, you can also initiate a complaint through the methods listed in Section XI.

In principle, we do not charge a fee for your reasonable requests, but we will charge a fee for repeated requests that exceed reasonable limits, at our discretion. We may deny requests for information that is not directly related to your identity, that is unwarrantedly repetitive, or that requires excessive technical means (for example, requiring the development of new systems or fundamental changes to current practices), that poses a risk to the legal rights of others, or that is impractical.

We will not be able to respond to your request if we are required by law or regulation to do so under the following circumstances:

• 1. Circumstances related to national security or national defense security.
• 2. Circumstances related to public safety, public health, or significant public interests.
• 3. Circumstances related to crime investigations, prosecution, trial, and execution of sentences, etc.
• 4. Where there is sufficient evidence of subjective malice or abuse of rights by the subject of relevant Personal Information.
• 5. Where responding to your request will result in serious damage to the legitimate rights and interests of you or other individuals or organizations.
• 6. When trade secrets are involved.

You have the right to request that we explain this Privacy Policy to you at any time by contacting us through the contact information in Section XI.

Our products, websites and services are intended primarily for adults. If you are a Minor, please do not use or discontinue using our products and/ or services.

If you are the guardian of a minor, when you have any questions about whether a Minor in your custody is using our services or whether he or she has provided information to us, please contact us promptly through the contact information in Section XI. If we discover that we have unknowingly collected Personal Information from a Minor, we will attempt to delete the relevant data as soon as possible.

As a global company, your personal data collected by us may be processed or accessed in the country/region where you use our products and services or in other countries/regions where us or our affiliates, subsidiaries, service providers or business partners have a presence. These jurisdictions may have different data protection laws. In such circumstances, we will take measures to ensure that data is processed as required by this Policy and applicable laws, which includes obtaining the consent to the cross-border transfer from you or implementing security measures like anonymizing personal data before conducting cross-border data transfers. If you need to know the details of the data recipient, you can contact us through the contact information in Section XI.

If you are a resident of the State of California in the United States, please see Addendum I: California Privacy Policy, for additional California-specific privacy disclosures.

Our privacy policies are subject to change. We will not limit your rights under this Privacy Policy without your express consent. We will post any changes to this Privacy Policy or wider privacy policies on a dedicated page.

We will also provide more prominent notice of material changes (including when we do so through public announcements or pop-up alerts). Material changes within the meaning of this Privacy Policy include but are not limited to:

• 1. Significant changes in our product or service model, such as the purpose of processing Personal Information, the type of Personal Information processed, and the way Personal Information is used.
• 2. We have significant changes in control, etc., such as changes in information controllers caused by mergers and acquisitions, reorganizations, etc.
• 3. Changes in the primary recipients of Personal Information sharing, transfer, or public disclosure.
• 4. Significant changes in your rights to participate in the processing of Personal Information and in how the rights are exercised.
• 5. Changes in the department responsible for handling the security of Personal Information, contact information and complaint channels.
• 6. Where Personal Information security assessment reports indicate a high risk.

Our websites or mobile applications may contain links to other websites or applications operated by third parties. We make no representations or warranties regarding the privacy practices of such third-party services, and we assume no responsibility for their privacy policy or their contents.

We recommend that you periodically review this Privacy Policy to be informed of the most current version. By continuing to use our products and services after this Privacy Policy has been updated, you acknowledge that you have fully read, understood and accepted the updated Privacy Policy and are willing to be bound by the updated Privacy Policy.

You can contact us via the following methods, and we will respond to your request within 15 days.

• 1. If you have any questions, comments, or suggestions regarding the content of this policy or the Personal Information of minors, you may contact us through the online contact/customer service system provided on the Jia Finance App.
• 2. We have a Personal Information protection officer who you can contact at support@jiafinance.com.

Jia Finance Inc.

Use scenario/purpose: Taking photos for real name authentication.
Types of Personal Information collected: Real identity information, including ID card information, personal photos.
Consequences of refusing authorization: Once turned off, you may not be able to use the functions such as scanning and taking photos, but it will not affect your access to basic services such as browsing.

Usage scenario/purpose: Real name authentication via an uploaded photo.
Types of Personal Information collected: Real identity information, including ID card information, personal photos.
Consequences of refusing authorization: Once turned off, you may not be able to use the functions such as scanning and taking photos, but it will not affect your access to basic services such as browsing.

Usage scenario/purpose: Push messages.
Types of Personal Information collected: Device model, hardware serial number, device MAC address, Unique Device Identifier (such as IMEI /androidID /IDFA / OPENUDID /GUID /OAID, SIM card IMSI, ICCID information and other device identifiers), mobile application list, telecom operators, sensor information, cell phone number, etc.
Consequences of refusing authorization: Once turned off, you may not be able to receive push messages from us, but it will not affect your use of basic services such as browsing.

Usage scenarios/purpose: Provide customized services.
Types of personal information collected: Obtain location information through IP addresses, GPS and sensor information such as WLAN (e.g. Wi-Fi) access points, Bluetooth and base stations that can provide location information.
Consequences of refusing authorization: You have the right to choose to provide us with precise location information, rough location information or background location information when you turn on location authorization. When you refuse the location authorization, you can still manually select or enter location information, but it will not affect your use of basic services such as browsing.

Updated: August 24, 2022
Effective: August 24, 2022

This California Privacy Policy (the “CA Policy”) supplements the information contained in our Privacy Policy for Jia Finance (the “Privacy Policy”) and applies solely to individual residents of the State of California (“consumers” or “you”). This CA Policy describes how we collect, use, disclose, and otherwise process personal information of individual residents of the State of California, either online or offline, within the scope of the California Consumer Privacy Act of 2018 (CCPA). Unless otherwise expressly stated, all terms in this CA Policy have the same meaning as defined in our Privacy Policy or as otherwise defined in the CCPA.

Personal Information Disclosures When we use the term “personal information” in this CA Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. This CA Policy does not apply to personal information we collect when we are acting as a service provider to process information on behalf of our clients to whom we provide legal services.
For the purposes of this CA Policy, personal information does not include:

• Publicly available information from government records.
• Deidentified, aggregated or anonymized information that is maintained in a form that is not capable of being associated with or linked to a consumer.
• Information excluded from the CCPA’s scope, such as:
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
  • Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
• Information relating to our job applicants, employees, contractors and other Jia Finance Inc. personnel.

We will collect and use your Personal Information in the following business scenarios.

We provide you with basic user services through your Jia Finance account. To register as a user and use our basic services, you will need to provide your cell phone number, proposed username and password to create a Jia Finance account. If you only need to use the browsing and search services, you do not need to register as a user and provide the above information.

For services that require a Jia Finance account to access, we may verify your user identity based on the information you provide above to ensure that we are providing the service to you personally.

If you choose to use SMS verification codes to log in, you authorize and agree to our invoking your SMS receiving and processing functions to send you SMS messages to verify your identity.

When you use a third party platform account (e.g. WeChat) to log in to Jia Finance, you need to authorize Jia Finance to read and share the public information that you have published and recorded on that third party platform (including one or more types of information such as your nickname, avatar, region, gender, and contact email), within the permission of relevant laws and regulations, in order to bind your third party account to your Jia Finance account and to remember your Jia Finance user login identity.

When you use the function of identity authentication or related services, in accordance with relevant laws and regulations, you may need to provide your real identity information (real name, ID card number, telephone number, e-mail address) to complete the real name verification. Such information may involve Sensitive Personal Information, for which we will separately explain to you the purpose, scope and use of the corresponding information by means of pop-up windows, page prompts, etc., and provide you with the means to independently choosing to give consent. We collect and use such information after obtaining your express consent. You may refuse to provide information. If you refuse, you may not be able to access the relevant services, but it will not affect the normal use of other functions and services.

When you use the mortgage interest rate search, we will collect information provided by you, including property information, location information, asset information, etc. This information may involve Sensitive Personal Information, for which we will separately explain to you the purpose, scope and use of the corresponding information by means of pop-up windows, page prompts, etc., and provide you with the means to independently choosing to give consent. We collect and use such information after obtaining your express consent. You may refuse to provide information. If you refuse, you may not be able to access the relevant services, but it will not affect the normal use of other functions and services.

When you use the human service function, we will request identification and ask you to authorize camera and photo permissions. If you refuse to provide authorization, you will not be able to use this feature, but it will not affect your normal use of other features of Jia Finance.

With your authorization, we may obtain your phone status including Unique Device Identifier (unique ID or UUID) and identity, memory card contents, external storage space, system settings to provide real-time push message and notification functions, and information related to the location of the Equipment. Most cell phone terminal manufacturers currently support the change of Equipment identifier to ensure your independent control of Personal Information. The specific withdrawal or change methods can be found in the description of the Equipment you are using.

We are committed to providing a safe and reliable product and use environment for you. Providing quality and reliable service and information is our core objective. The information collected to achieve these safety functions is necessary information.

To ensure the safe operation of our software and services, we collect your hardware model, operating system version number, IMDI, Unique Device Identifier, network device hardware address, IP Address, WLAN access point information, and phone status, including obtaining IMEI, Bluetooth, base station, software version number, network access method, type, status, network quality data, operation, usage, and Server Logs.

To prevent malicious programs and ensure security operations, we may use third-party SDKs, including Umeng and Tencent Bugly, to collect information on installed applications or running processes, overall application operation, usage and frequency, application crashes, overall installation and usage, performance data, and application sources. For the identity of the relevant third party and the purpose of information collection practices, etc., please refer to the description of the third party SDK in Annex I in our Privacy Policy.

We may use your account information, Equipment information, Server Logs, and information that our affiliates and partners have been authorized or are legally allowed to share for the purpose of determining account security, authenticating, detecting, and preventing security incidents.

We may send marketing communications and information about products and services that we think may be of interest to you directly to the email address you have used to register. You may contact us through the contact information below, and it is up to you to opt out of any future marketing communications from us.

Please refer to the How we share, transfer, and publicly disclose your information section in our Privacy Policy for more information on how we have shared personal information about you in the past 12 months.

As a California resident, you may be able to exercise the following rights in relation to the Personal Information about you that we have collected (subject to certain limitations at law):

You have the right to request any or all of the following information relating to your personal information we have collected and disclosed in the last 12 months, upon verification of your identity:

-The specific pieces of personal information we have collected about you;

-The categories of personal information we have collected about you;

-The categories of sources of the personal information;

-The categories of personal information that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed;

-The categories of personal information we have sold about you (if any), and the categories of third parties to whom the information was sold; and

-The business or commercial purposes for collecting or, if applicable, selling the personal information.

You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.

We do not sell your personal information for monetary consideration. However, California law may characterize our sharing of personal information with companies that provide services to us, such as companies that help us to market or advertise our products and services to you, as “sales”. We may “sell” or may have “sold” the following categories of personal information for valuable consideration to the third parties listed below:

Categories we may sell or may have sold this information to Advertising companies:

-Equipment/ Device information

-Online or network activity information

-System information

-Commercial information

-Inferences

You have the right not to receive discriminatory treatment for exercising these rights.
However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you our products and services or engage with you in the same manner.

California residents that have an established business relationship with us have rights to know how their information is disclosed to third parties for their direct marketing purposes under California’s “Shine the Light” law (Civ. Code §1798.83).

To exercise your Right to Know and/or your Right to Deletion, please submit a request by:

You can contact us via the following methods, and we will respond to your request within 15 days.

1. You may contact us through the online contact/customer service system provided on the Jia Finance App.

2. We have a Personal Information protection officer who you can contact at support@jiafinance.com.

Verifiable Consumer Requests. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access to your personal information twice within a 12-month period. The verifiable consumer request must: 1) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative of that person; and 2) Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it. We cannot respond to your request to exercise your access and/or deletion rights if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password-protected account sufficiently verified when the request relates to personal information associated with that specific account. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format. We will respond to your request within 15 days. For access requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. In principle, we do not charge a fee for your reasonable requests, but we will charge a fee for repeated requests that exceed reasonable limits, at our discretion. We may deny requests for information that is not directly related to your identity, that is unwarrantedly repetitive, or that requires excessive technical means (for example, requiring the development of new systems or fundamental changes to current practices), that poses a risk to the legal rights of others, or that is impractical.

You have the right to direct us to not sell your personal information. If you would like to exercise your right to request opt-out of sale, please email support@jiafinance.com with the subject: “CCPA – Do Not Sell”. Please note that we may still use aggregated and de-identified personal information that does not identify you or any individual; we may also retain information as needed in order to comply with legal obligations, enforce agreements, and resolve disputes.

Our products, websites and services are intended primarily for adults. If you are a Minor, please do not use or discontinue using our products and/or services.

If you are the guardian of a minor, when you have any questions about whether a Minor in your custody is using our services or whether he or she has provided information to us, please contact us promptly through the contact information below. If we discover that we have unknowingly collected Personal Information from a Minor, we will attempt to delete the relevant data as soon as possible.

In addition to the rights described above, California’s “Shine the Light” law (Civil Code Section §1798.83) permits California residents that have an established business relationship with us to request certain information regarding our disclosure of certain types of personal information to third parties for their direct marketing purposes during the immediately preceding calendar year. To make such a request, please send an email to support@jiafinance.com. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the email address specified in this section.

Complaints. In compliance with the CCPA, we commit to resolve complaints about your privacy and our collection or use of your personal information. California residents with inquiries or complaints regarding this CA Policy could initiate a complaint through the contact information below.

We will update this CA Policy from time to time. When we make changes to this CA Policy, we will change the “Last Updated” date at the beginning of this CA Policy. All changes shall be effective from the date of publication unless otherwise provided in the notification.

You can contact us via the following methods, and we will respond to your request within 15 days.

1. If you have any questions, comments, or suggestions regarding the content of this policy or the Personal Information of minors, you may contact us through the online contact/customer service system provided on the Jia Finance App.

2. We have a Personal Information protection officer who you can contact at support@jiafinance.com.