Nantong Xinyun Nantong Xinyun
Privacy and compliance visual
Legal

Privacy Policy

Effective Date: May 18, 2026 | Controller: Nantong Xinyun Medical Equipment Technology Co., Ltd

This policy is structured to provide transparent notice for website and mobile app operations, including app store distribution, multi-country privacy obligations, age-related protections, and advertising technology integrations.

CoverageWebsite, Android apps, iOS apps, and service-related processing.
RegionsEEA, UK, US states, Canada, LATAM, APAC, and additional markets.
Ad TechSplash, rewarded video, interstitial, and banner ad scenarios.

This Privacy Policy applies to the website and mobile applications operated by Nantong Xinyun Medical Equipment Technology Co., Ltd ("Company", "we", "us", "our"). It explains how we collect, use, disclose, store, transfer, and protect personal data in connection with our healthcare-related business services, product sales support, technical consulting, technical promotion, market planning, and app operations in the Apple App Store and Google Play ecosystem.

1. Identity and Contact Information

Company: Nantong Xinyun Medical Equipment Technology Co., Ltd

Website: https://ntxinyun.com

Office Address: Room 214, Building 7, Gold Coast, No. 18 Gongnong North Road, Qinzao Street, Chongchuan District, Nantong, 226300, CN

Business Support: support@ntxinyun.com

Key Accounts: xiahongyan1@ntxinyun.com

2. Scope of Services Covered

  • Medical equipment technology research and development
  • Technical consulting and technical promotion
  • Sales support for daily-use masks and medical consumables accessories
  • Health consultation services
  • Rehabilitation assistance equipment sales
  • Sales support for electronics, disinfectant products, labor protection supplies, and office supplies
  • Marketing planning and campaign operations
  • Mobile management applications published to Google Play and App Store

3. Categories of Personal Data

3.1 Data You Provide

  • Name, email address, organization name, and message content from forms and support contacts
  • Business communication records and contract-related information
  • Account profile data where account functions are provided

3.2 Data Collected Automatically

  • Device identifiers, app instance IDs, IP address, coarse location derived from IP, OS version, app version
  • Usage events, feature interactions, crash logs, diagnostics, and performance telemetry
  • Ad interaction events, attribution signals, and anti-fraud indicators

3.3 Data From Third Parties

  • App stores, analytics providers, identity and attribution partners, and ad monetization platforms
  • Business partners and channel operators supporting contracted services

4. Purposes and Legal Bases

  • Service delivery and contract performance
  • Customer support and issue resolution
  • Security, fraud prevention, and abuse monitoring
  • Analytics and product improvement
  • Ad monetization and campaign measurement where permitted
  • Compliance with legal obligations and lawful requests
  • Legitimate interests for business continuity and service optimization
  • Consent-dependent processing where required by local law

5. App Stores and Platform Compliance

5.1 Apple App Store

  • We align with Apple App Review Guidelines, privacy nutrition labels, tracking transparency requirements, and child safety obligations.
  • When tracking is used on iOS, consent requests are managed through Apple transparency frameworks as required.

5.2 Google Play

  • We align with Google Play User Data policies, Families policies where applicable, ads policy requirements, and data safety disclosures.
  • Data collection and sharing details are reflected in Google Play Data safety declarations.

6. Advertising, Monetization, and Ad SDK Transparency

Our applications may include splash ads, rewarded video ads, interstitial ads, and banner ads. Depending on product and region, ad services may be provided by one or more of the following:

  • Google AdMob and Google Ad Manager
  • Meta Audience Network
  • AppLovin MAX
  • Unity Ads
  • ironSource
  • Mintegral
  • Pangle (TikTok for Business Ads ecosystem where available)
  • InMobi
  • Chartboost
  • Vungle / Liftoff Monetize
  • Smaato
  • Fyber / DT Exchange where integrated through mediation

Ad partners may process identifiers, approximate location signals, app usage, and ad response events for ad delivery, frequency capping, anti-fraud, attribution, and performance reporting. Where required, consent or opt-out controls are presented before or during relevant processing.

7. Cookies, SDKs, and Similar Technologies

We and our partners may use cookies, local storage, software development kits (SDKs), and API-based instrumentation for authentication, analytics, reliability, and ad operations. Non-essential processing is controlled through consent management where legally required.

8. Age, Children, and Young User Safeguards

  • Our services are not directed to children under 13 unless a product explicitly states otherwise.
  • For the EEA and UK, higher local digital consent ages may apply according to member state rules.
  • For California and certain US states, additional protections may apply to minors under 16.
  • Where child-directed content exists, personalized advertising is restricted or disabled as required.
  • If we learn that child data was processed unlawfully, we take remediation including deletion or restriction.

9. International and Regional Privacy Compliance

Our controls are designed to support multi-jurisdiction compliance, including but not limited to:

  • European Union / EEA: GDPR and ePrivacy-related obligations
  • United Kingdom: UK GDPR and Data Protection Act framework
  • Switzerland: Revised Swiss FADP
  • United States: CCPA/CPRA, VCDPA, CPA, CTDPA, UCPA and applicable state privacy statutes
  • Canada: PIPEDA and applicable provincial privacy legislation
  • Brazil: LGPD
  • Australia: Privacy Act and related guidance
  • New Zealand: Privacy Act requirements
  • Singapore: PDPA
  • Japan: APPI
  • South Korea: PIPA
  • Other local laws where our services are offered or users are located

10. Data Sharing and Recipients

  • Cloud and infrastructure providers
  • Analytics and monitoring providers
  • Customer support and CRM systems
  • Advertising and attribution partners
  • Business partners supporting contracted service delivery
  • Authorities where required by law, court order, or legal process

11. Cross-Border Transfers

Personal data may be processed in jurisdictions other than the country of collection. Where legally required, we implement transfer mechanisms such as contractual clauses, data processing agreements, and supplementary safeguards.

12. Retention

We retain personal data only for as long as necessary for service delivery, legal compliance, dispute resolution, and legitimate business needs. Retention periods vary by data category, legal requirement, and operational necessity.

13. Data Security

  • Access control, least privilege, and account protection controls
  • Transport encryption and integrity safeguards where applicable
  • Monitoring and incident response processes
  • Vendor due diligence and contractual obligations

14. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • Access, correction, deletion, and portability
  • Restriction or objection to certain processing
  • Withdraw consent where processing relies on consent
  • Opt out of targeted advertising, sale, or sharing of personal data where applicable
  • Appeal decisions where local law requires appeal pathways

To exercise rights, contact support@ntxinyun.com. We may request verification before fulfilling requests.

15. Sensitive Data and Healthcare Context

Unless explicitly stated for a specific service, we do not seek to collect protected medical records as a healthcare provider. Where sensitive data is processed for a defined business scenario, additional restrictions and safeguards apply.

16. Third-Party Sites and Services

Our services may link to third-party websites, stores, or SDK documentation. Their privacy practices are governed by their own policies and terms.

17. Automated Decision-Making and Profiling

We may use aggregated analytics and rule-based systems for risk scoring, service quality monitoring, ad performance evaluation, and abuse detection. We do not intentionally use solely automated decisions that produce legal or similarly significant effects without appropriate safeguards where law requires.

18. Breach Response and Notification

We maintain incident response procedures for detection, containment, assessment, and remediation of security events. Where notification obligations apply, we inform competent authorities and affected users within required legal timelines.

19. Jurisdiction-Specific Notices

  • EEA/UK: Rights include access, rectification, erasure, portability, objection, and complaint rights with supervisory authorities.
  • US States: Rights may include access, deletion, correction, opt-out of targeted advertising, sale, or sharing where applicable.
  • Canada: Users may request access and challenge data processing practices under applicable privacy law.
  • Brazil: Rights may include confirmation of processing, access, correction, anonymization, and portability subject to LGPD conditions.

20. Do Not Track and Global Privacy Signals

Browser "Do Not Track" signals may not be uniformly supported across all technologies. Where required by applicable law, recognized opt-out preference signals may be honored for targeted advertising controls.

21. Policy Updates

We may update this Privacy Policy to reflect legal, technical, or business changes. Material updates will be communicated through appropriate channels.

22. Contact and Complaints

For privacy questions or complaints, contact support@ntxinyun.com. You may also lodge complaints with competent supervisory authorities where local law permits.