Hisavana SDK Privacy Policy

Updated on April 9, 2025

Version: 20250409V5.0

Hisavana SDK (hereinafter referred to as "SDK Product") is developed and provided by SHANGHAI XIAOCHUAN TECHNOLOGY LIMITED (hereinafter referred to as "we" or "Hisavana") for app publishers to integrate and use to display curated content recommendations and/or ads to their end users (hereinafter referred to as "end users").

The Hisavana SDK Privacy Policy (hereinafter referred to as "the Privacy Policy") seeks primarily to explain to end users (also referred to as "you") how the SDK Product will handle the personal information of end users to ensure the functionality of the SDK Product. "Handling" includes collecting, storing, using, processing, transmitting, providing, and publicly disclosing personal information. The "Hisavana SDK Product and/or Services" mentioned in this Privacy Policy include Hisavana SSP SDK and Hisavana Mediation SDK.

If you have any questions, suggestions or concerns about our Privacy Policy, contact us at privacy@transsion.com:

The Privacy Policy will help you understand the following:

  1. 1.How we collect your personal information

    By integrating the Hisavana SDK, app publishers can use the Hisavana platform to provide you with content recommendation and/or advertising services, and optimize their business and product performance, thus providing you with better service. For our SDK Product to function properly and app publishers to be able to deliver content recommendation and/or advertising services, and optimize product performance, we will use information from app publishers as described below. The following personal information can be collected only after the app publisher has confirmed that they have obtained your consent and you have not expressed a desire to withdraw from the services or requested a change to authorization/deletion of your personal information/cancellation of your account:

    1. For basic business operations and the products and/or services mentioned below to continue to function properly, we may call relevant system interfaces to collect personal information necessary to this end. A refusal on your part to provide this information will render the app publisher unable to use the relevant products and/or services on this platform. The following is a list of the information we will obtain and why:

    To ensure the compatibility of the products and/or services we offer on different devices, we may collect: system operating information (system settings);

    To select and optimize network links and ensure the stable provision of products and/or services, we may collect: network status information (network connection status, network operator information, Wi-Fi status, Wi-Fi parameters, and Wi-Fi lists);

    To generate a de-identified unique identifier for the device of an end user, we will, according to the specific requirements of the operating system where the SDK code is executed, in accordance with the Minimum Necessary rule, collect one or more of the following device identifiers: Google Advertising ID (GAID). With authorization, we may receive the service account ID provided by the app publisher. In this case, the data we collect requires your authorization and that of the app publisher, so please read the app publisher's privacy policy carefully. You can disable personalized advertising services based on GAID or reset the GAID by going to Settings > Google > Ads.

    To match you with the appropriate services, we collect device information (device brand, operating system version, screen width, height, and density, OS version, build software version, device model, language, and device usage information) and application information (a list of applications installed, package name information, version information, installation channels), as well as fuzzy location information (MCC, client IP address, MNC).

    To detect and provide services related to specific regions, we may collect: fuzzy location information.

  2. 2. Apart from the information mentioned in item 1 above, to realize the differentiated functionalities of various products and/or services provided in our publisher services, we will also collect the following information in specific scenarios for each product and/or service:

    1. (1) Hisavana SDK provides advertising and content recommendation services. When you use an app (publisher) that delivers ads and/or curated content from us, that app becomes a source for our ad or content personalization data. When the publisher's application initiates a request, we collect data related to how you interact with the ads or recommended content (behavioral data such as ad clicks, downloads, views, and playbacks). We collect this data for the following purposes:

      • • To better understand user preferences and deliver personalized ads and/or recommended content more aligned with their interests based on the data we collected from basic services. You can disable this feature by clicking the "Hisavana Ad Identifier - Disable Personalized Ads" option at any time.
      • • To analyze statistics on your interaction with advertising, such as the number of times you open, download, or play different ad content in the app. We use this data to assess our business collaboration with advertising partners and measure the effectiveness of their ads. In so much as we bill advertising partners in accordance with the placement of performance of ads, we share aggregated data reports with these partners.
      • • To analyze statistics and improve products: To better understand your needs and improve the quality and user experience of current and future products and services.
      • • To detect fraud (e.g., bad actors using automated programs to interact with ads or recommend content) to protect our partners from unreasonable charges. For instance, we analyze user interaction with touch screens (e.g., touch patterns) and device movement based on sensor data to identify and prevent fraudulent clicks.
      • • To ensure the security of data and provide you with secure and reliable services.

      If you do not agree to our collection of this information, we will be unable to provide corresponding services for the app publisher (the app you use). However, this will not affect your use of other services.

    2. (2) Hisavana SDK provides quantitative analytical services for the app business aimed at enhancing the user experience and traffic conversion. When the publisher/application developer uses the Services, we collect behavioral data about your usage of their app (such as the number of times you open and exit the app, and the number of times you access pages within the app) and provide reports to the publisher/application developer with a statistical analysis of app activity and retention data that do not contain any personal information. If you do not agree to our collection of this information, we will be unable to provide the Services to the publisher/application developer (the app you use). However, this will not affect your use of other services.
    3. (3) Hisavana SDK provides application performance analysis services to help publishers/application developers address performance issues such as crashes and unexpected exits. When the publisher/application developer uses the Services, we collect data about abnormal exits and crashes that occur when you use their app and provide reports to the publisher/application with a statistical analysis of app performance that do not contain any personal information. If you do not agree to our collection of this information, we will be unable to provide the Services to the publisher/application developer (the app you use). However, this will not affect your use of other services.

  3. 3.Other Cases

    Where permitted by laws, we may collect your personal information from other individuals, business entities, public channels, or other third parties indicated by you, other partners who help us provide our products or services or assist us in ensuring information security and preventing frauds, and other legitimate avenues. We will inform you and collect your information with your consent.

    We may also collect other information about you, your device, or your use of the Services in other ways that will be described to you at the time of collection for your consent.

    To improve our product layout and offer you better services, we may carry out researches, statistical analyses, and predictions on the collected information in an anonymized manner (including machine learning or model algorithm training based on anonymized data). We will take technical measures and other necessary actions to process the collected personal information so that such information cannot identify any individual person and cannot be recovered. As permitted by applicable laws and regulations, we do not need to inform you separately for your consent for the use of such anonymized data.

  1. 1.How we store your personal information

    We will store your personal information that we collected from publisher apps upon your consent in accordance with the relevant national laws and regulations concerning personal privacy and data protection. Currently, we may store your personal information in India, Ireland, Frankfurt or Singapore. Specifically:

    The personal information we collect and generate in the course of our operations in India will be stored on servers located in India.

    The personal information we collect and generate in the course of our operations outside India will be stored on servers located in Ireland, Frankfurt or Singapore.

    We may use the servers in other areas or countries depending on our business development, and in such cases, we will update the Policy accordingly.

    Whether personal information is stored in the country where we do business or in another country or region without violating the law, we will store it in accordance with the relevant laws and regulations regarding data storage. We will take necessary security measures considering the characteristics, scope, purposes of personal information processing, the possible risks in processing personal information, and the serious consequences in case of any damages. For example, we will encrypt and de-identify the collected personal information before storage. We will store the information only necessary for our business development within the minimum retention period unless otherwise permitted by laws or you agree to extend the retention period. We will delete or take other appropriate measures to delete data that exceeds the retention period or that you request us to delete, provided that this does not violate the relevant laws and regulations.

  2. 2.How we protect your personal information

    We will also take other necessary measures to protect your personal information from misuse, unauthorized access, modification, disclosure, or destruction.

    We implement security measures designed to protect your personal information and regularly monitor our systems for possible vulnerabilities and attacks, and we use administrative, technical and physical safeguards to protect your personal information by considering the nature, processing methods, and security of the personal information. We will continuously strive to improve these measures to keep your personal data secure.

    It should be noted that no measures can absolutely guarantee the avoidance of data storage security incidents. In the event of a security breach, we will report to the appropriate regulator in accordance with the requirements of relevant laws and regulations, and provide the type of personal data involved in the data breach, the number of data subjects, the possible consequences of the data breach, and the remedial measures we intend to take in accordance with the requirements of the supervisory authorities. We will take all possible measures to remedy or mitigate the damages and consequences caused by a data breach. If permitted or required by laws, we will promptly inform you of the consequences or significant damage that may be caused to you as a result of a data breach, so that you can take appropriate measures to protect your rights to the greatest extent.

    Since no website, Internet transmission, computer system, or wireless connection is absolutely secure, in addition to the necessary security measures we take, users need to be more aware of privacy and security risks.

We will share, transfer, and disclose your personal information to the minimum extent and only when it is necessary for operations or required by laws. We will not share, transfer, or disclose your personal information unless otherwise required or permitted by applicable laws and regulations in the following circumstances:

  1. 1.How we share your personal information

    We do not sell any personal information to third parties. We will not share your personal information with any company, organization, or individual other than Hisavana without:

    (1) your express consent;

    (2) a need to share your personal information to comply with laws and regulations, or in accordance with mandatory requirements of government departments;

    (3) a need to share with Hisavana's affiliates in order to provide you with timely service, in which case, we may share your personal information with our affiliates. We will use your personal information with our affiliates solely for purposes of a clear and legal nature, will provide only that information necessary for the provision of the services, and will be bound by the purposes stated in the Privacy Policy. For any purposes not covered herein, we will make explicit statements in the privacy policy or notice for the specific product or service.

    (4) a need on the part of authorized third-party partners in order to ensure business operations and SDK products function properly and for advertising and content recommendation services, in which case we work with third-party partners to provide you with the services, and in accordance with the mandatory provisions of laws and regulations and/or requirements of partners.

     Specifically:

      (1) our cloud service providers will provide us with cloud storage services for proper functioning of the Services;

      (2) During the process of ad placement and content recommendation, we may provide our partners with device information, device identifiers, and app information to acquire and display content or ads according to your preference.

    We will embed SDKs or other similar applications of our authorized partners below in the service:

    S/N Third-party SDK sources Purpose of collecting personal information Types of personal information collected Privacy Policy link
    1 Admob SDK Providing advertising services Device information, information on interaction with advertising, etc. https://policies.google.com/privacy
    2 Adcolony SDK Providing advertising services Device information, information on interaction with advertising, etc. https://www.adcolony.com/privacy-policy
    3 Applovin SDK Providing advertising services Device information, information on interaction with advertising, etc. https://www.applovin.com/privacy/
    4 Facebook SDK Providing advertising services Device information, information on interaction with advertising, etc. https://www.facebook.com/privacy/policy
    5 inmobi SDK Providing advertising services Device information, information on interaction with advertising, etc. https://www.inmobi.com/privacy-policy
    6 ironsuource SDK Providing advertising services Device information, information on interaction with advertising, etc. https://appodeal.com/privacy-policy/
    7 mintegral SDK Providing advertising services Device information, information on interaction with advertising, etc. https://www.mintegral.com/en/privacy
    8 pangle SDK Providing advertising services Device information, information on interaction with advertising, etc. https://www.pangleglobal.com/privacy
    9 unity SDK Providing advertising services Device information, information on interaction with advertising, etc. https://unity.com/legal/privacy-policy
    10 vungle SDK Providing advertising services Device information, information on interaction with advertising, etc. https://vungle.com/privacy/

    We are committed to sharing your personal information with our partners solely for those purposes that are specific and explicitly defined, with your consent or to the extent reasonably necessary to fulfill a contract to provide services to you, and in accordance with the principles of minimization, necessity, and as permitted by law. Before sharing, we will sign stringent data processing agreements and confidentiality agreements with our authorized partners, requiring them to take relevant confidentiality and security measures to process personal information in accordance with this Policy and the applicable laws of your jurisdiction. Moreover, we will require them to provide data security functions and information security qualifications (such as classified protection assessment, information security management system, etc.). When embedding SDKs or any other similar applications of our authorized partners in the products and services of our platform, we will do our due diligence to request the SDKs that obtain the information to protect the security of your data.

  2. 2. How we transfer your personal information

     Hisavana will not transfer your personal information to any other party unless:

      (1) your express consent is obtained.

      (2) providing notice via email and/or our website or by means of another appropriate method to inform you of any changes in your ownership of, rights to, and choices regarding your personal information when Hisavana is involved in a merger, acquisition, or sale of all or part of its assets that may affect your personal information;

      (3) as provided for in this Privacy Policy or otherwise notified to you.

  3. 3. How we disclose your personal information

     Hisavana may disclose your personal information as required by law, due process, litigation, and/or government departments and authorities. We may also disclose your personal information if the disclosure is necessary or appropriate for national security, law enforcement, or other matters of public importance.

     In addition, we may share your personal information with the following people:

      (1) our lawyers, accountants, auditors, or similar consultants, when we request them to provide professional advice.

      (2) investors and other related third parties, if actual or potential sales or other transactions with another company occur and are related to entities within the TECNO group.

      (3) other third parties, for example, when specific information is disclosed to them under your authorization.

For the purposes described in this Privacy Policy, we may transfer your personal information to the resources or servers mentioned in Article II of the Statment for storage or processing, and we may also transfer your personal information to third-party service providers and business partners, and therefore your data may be transferred to other countries or regions, subject to compliance with applicable laws and regulations in your region and with your authorized consent. The privacy laws in these countries or regions may differ, and the jurisdictions in which these servers are located may or may not protect personal information to the same extent as those in your jurisdiction. However, we will still strive to protect your personal information based on our Privacy Policy and carry out the cross-border transfer and other processing of corresponding information as required by the laws of the country or region where the personal information is located.

If we transfer personal information outside of your jurisdiction, whether to our affiliates or to a third-party service provider, we will comply with the relevant applicable laws. We will take appropriate security and protection measures to ensure that all such transfers are subject to the requirements of applicable local data protection laws.

We value the rights of end users to manage their personal information and make every effort to help them protect their rights by confirming and accessing personal information, lodging complaints, making corrections and deletions, withdrawing consent, restricting the handling of personal information, obtaining a copy of their personal information, canceling their accounts, and setting up privacy features. As we do not possess an interface for direct interaction with users, please use the contact information provided in the Privacy Policy to contact us for any requests that may arise.

If you have agreed to share your data with us for the purposes stated in the Privacy Policy in order to receive advertising and/or personalized content recommendation services from publisher apps, and if you no longer wish to share data from a particular app with us, you have the right to withdraw such consent. To do so, you can withdraw the consent for that specific app by disabling personalized services within the app. We have provided publishers with the ability to disable this SDK Product. As we do not possess an interface for direct interaction with users, please contact the publisher if you would like them to stop using this SDK Product, or use the contact information provided in the Privacy Policy to contact us. Please understand that your personal information is required for the implementation of specific functions and services. If you withdraw the authorization, we cannot continue to provide you with corresponding functions and services, nor will we be able to process your corresponding personal information anymore. However, the withdrawal will not affect the processing of personal information that has already been carried out based on your authorization prior to the withdrawal.

Hisavana understands the importance of protecting the personal information of children. This SDK Product is not intended for the provision of services to children (under 14 years of age or the age specified as the equivalent age under the laws of your jurisdiction. Different countries or regions may have different criteria for defining the age of a child. We define a child in accordance with the specific legal regulations of the country or region where a particular business is operating). We do not actively collect the personal data of children, nor do we deliver personalized ads to children or use the personal information of children for marketing purposes. When an end user is a child, we require publisher apps to inform the child's parents or legal guardians of the Privacy Policy and obtain their permission to process the child's personal information to the extent permitted by law and in accordance with the necessity to collect such information. Should we find that a publisher has provided us with a child's personal information without obtaining consent from the child's legal guardian, we will take measures to delete it as soon as possible. Should a legal guardian need to access, modify, or delete personal information related to a child at any time, please contact us in the manner described in the Privacy Policy, and we will respond promptly. If you find that the information about children have been transferred to us without the knowledge of the children's legal guardian, please email us at[privacy@transsion.com], and we will remove the information as soon as possible.

We reserve the right to update or modify the Policy from time to time as our business, technology, applicable laws, and operations change. We will publish any modifications to the Privacy Policy in the latest privacy policy on the official Hisavana website [https://cn.hisavana.com/]. Please check regularly to stay informed about updates to the Privacy Policy. This Privacy Policy is subject to change, but we will not diminish your rights under this Policy without your express consent.

We will seek your express consent as required by applicable laws before we collect other information from you or use or disclose your information for a new purpose.

The content of Hisavana SDK products or services stated in the Policy may change depending on the type of product and system version you are using, or the requirements of local laws and regulations.

If you have any suggestions, questions, or concerns about our Privacy Policy or practices regarding the protection of personal information, contact us at: Email: [privacy@transsion.com] (Note: The email is used for receiving emails related to our Privacy Policy or information protection only)

We will review your request regarding privacy or personal information as soon as possible and reply to you within 15–30 days after verifying your user identity. If your request involves complex or significant issues, we may ask you for further information.

If you are not satisfied with our response, especially if your legitimate interests have been violated by us, you can seek a solution from the relevant data protection supervisory authority in your jurisdiction. If you make the above inquiry to us, we will provide you with information on the relevant complaint channels that may apply to your case.

Thank you for your time to read our Privacy Policy!