Personal Information Protection Policy for BotsNote APP
Effective Date: [August] [14], [2025]
Preamble
【 BotsNote 】 (hereinafter referred to as "this Product") is provided by [Botslab Company] (hereinafter referred to as "we" or "us") and is a software APP that binds, operates, uses, and controls voice recorder hardware. We fully recognize the importance of personal information to users (hereinafter referred to as "you") and understand that providing effective protection for your personal information is the cornerstone of the healthy and sustainable development of our business. Thank you for using and trusting our products or services! We are aware that this trust is hard-won. We adhere to the principles of openness and transparency to clearly inform you of our rules for processing your personal information, and we process your personal information in a legal, legitimate manner and for clear, reasonable purposes. We will take corresponding security protection measures in accordance with the requirements of laws and regulations and mature industry security standards to protect your personal information, thereby strengthening this trust.
We aim to use this Privacy Policy to explain to you how we collect, use, store, share, transfer, and publicly disclose your personal information when you use our products or services, as well as the methods we provide for you to access, update, delete, and protect such information.
[Important Notice] Before using our products or services, please carefully read and understand this Privacy Policy, especially the clauses marked in bold and underlined. You should pay special attention to these clauses and use our products or services only after confirming that you have fully understood and agreed to the Policy. Once you start using our products or services, it means you have fully understood and agreed to this Policy, and consented to our collection, use, storage, and sharing of your relevant information in accordance with this Privacy Policy. If you have any questions, comments, or suggestions regarding the content of this Policy, you may contact us through the various contact methods provided in this Privacy Policy.
This Privacy Policy will help you understand the following:
-
1、How We Collect and Use Your Personal Information
-
2、How We Use Cookies and Similar Technologies
-
3、How We Store Your Personal Information
-
4、How We Share, Transfer, and Publicly Disclose Your Personal Information
-
5、How We Protect Your Personal Information
-
6、Your Rights to Manage Personal Information
-
7、Protection of Minors' Personal Information
-
8、Changes and Revisions to the Privacy Policy
-
9、How to Contact Us
1、 How We Collect and Use Your Personal Information
We will follow the principles of legality, legitimacy, and necessity to collect and use your personal information for the purposes stated in this Policy. If we intend to use your personal information for purposes other than those specified in this Policy, we will inform you in a reasonable manner and obtain your consent.When you use this Product, we need to collect and use your personal information in the following two scenarios:
To support and enable you to use the basic business functions of this Product (which are part of all business functions), we require your authorization to collect and use your necessary personal information.
To enrich our products and enhance your user experience, in addition to providing basic business functions, we also offer extended business functions of the product or service. Such extended functions require the collection and use of your corresponding personal information. If you refuse to provide such information, you will not be able to use the extended business functions or achieve the optimal experience we aim to provide, but this will not affect your use of the basic business functions of this Product.
If you refuse to allow us to collect any of your personal information, we will not be able to provide you with any functions or services of this Product, including the basic business functions.
(1) Basic Business Functions That Require Your Authorization for Collecting and Using Your Personal Information
1. Account Registration and Login Information
When you register a Botslab AI account, in accordance with the requirements of relevant laws and regulations, you need to provide us with your [mobile phone number or email address] for account creation, login verification, and account security assurance. We will also collect your username and password. This information is collected to help you complete the registration of your Botslab AI account and protect the security of your account. If you refuse to provide this information, you will not be able to successfully register a Botslab AI account, but this will not affect your use of basic services such as browsing and searching that do not require an account.When you cancel your Botslab AI account, we will stop using and delete the above information or anonymize your personal information, unless otherwise specified by laws and regulations.
2. Device Binding and Management
To ensure your experience in using the APP, we will collect the device's OAID (Open Anonymous Device Identifier) to identify the unique device. Meanwhile, you can connect to the intelligent voice recorder through the BotsNote APP by following these steps: open the APP → click the voice recorder icon in the upper right corner of the homepage → start adding a device → select the device → connect and bind. After successful binding, you can control and manage the voice recorder. This function will access the Bluetooth permission and location permission of the mobile phone system. During the connection process, we will collect the voice recorder's MAC address (for binding with the APP), recording mode, storage space, serial number, and firmware version information. You can unbind the device by going to the upper right corner of the APP homepage → Device Information page → Unbind Device. After unbinding, the relevant device information will be deleted within a reasonable period.The device can be attached to the back of a mobile phone, tablet, or other devices via magnetic attraction, or placed elsewhere. Regardless of the placement method, the normal use of other functions will not be affected when the device is in a normally connected state.
3. Recording Control and File Transfer Function
After the device is successfully bound, open the BotsNote APP → Recording. This allows you to control the voice recorder to record and realize the synchronous transfer of audio files. During use, you record audio through the voice recorder, and the files are synchronized to the APP. Thus, we will obtain the audio files generated by the recording (including the voice information of you and relevant personnel). This function requires access to Bluetooth permission and storage permission (for storing the audio files transferred to the APP). Data is stored on the data storage server and the user's terminal device. You can end or pause the recording by going to the APP homepage → click Recording → End Recording/Pause, or disable the corresponding system permissions in "Settings → Permission Management". After disabling, you will not be able to control the recording or transfer files, but the files that have already been transferred need to be deleted manually.4. AI Flash Note Function
During the recording process, we will obtain your voice commands (such as "Note this down"), the speaker's voice information, emotional information, topic evolution information, and speaker role information by analyzing the recording files. This function is designed to help you quickly mark and extract key meeting information, assisting you in efficiently obtaining the key points of the meeting. This function will access the storage permission (to read audio files) and the microphone permission (to receive voice commands in real time, if real-time flash notes during recording are supported).5. Intelligent Summary and Multi-Template Output
After the meeting ends, click "End Recording". The recording file will be collected and automatically transferred to the APP, and the audio file will be analyzed and processed to generate a structured meeting minutes for your direct use. You can also click the upper right corner → Re-Summarize → select different templates to generate different types of meeting minutes. During use, when you upload files locally or use the recording files from the voice recorder, we will obtain the audio files (including voice information, conversation, and chat content) and generate the text information of the meeting minutes.6. Knowledge Base Synchronization and Management Function
This function is used for the centralized storage and management of meeting-related materials by users, facilitating users to view and reuse them. During use, when you select the content to be synchronized, we will obtain the text information such as meeting minutes and summary analysis results synchronized to the knowledge base and store them locally on the mobile phone and on the server.
7. Sharing Function
After binding the intelligent voice recorder device, on the APP homepage, click the audio file/meeting minutes → Share in the upper right corner → Share Link. You can share content such as audio files and meeting minutes to other applications, facilitating information transmission and collaboration. During use, when you select the content to be shared and initiate the sharing operation, we will obtain the specific content information to be shared (such as audio files, text minutes). This function requires access to the storage permission (to read the content to be shared) and the software list (we will access the list of installed applications on your device after obtaining your consent). During the sharing process, the relevant information is only used to complete the sharing operation, and no unnecessary information will be additionally stored.
8. Security Assurance
We provide security assurance, resolve technical failures, and handle your inquiries regarding devices and services. To ensure the security of your account and device, handle your inquiries regarding devices and services, continuously improve our products, eliminate and reduce product crashes, and provide you with better product function services, we will obtain the following information about your mobile phone and the bound intelligent hardware device through the public interfaces of the mobile phone system:IDFA-Informationen, IDFV-Informationen,operator, IP address, mobile phone model, mobile phone system version number, system serial number, system ID number, screen resolution, network type, version number of the Mobile Cloud Intelligent Connection APP, package name, APP usage time and frequency, and APP crash log information. This information is used to troubleshoot the causes of crashes and optimize product functions, and does not involve information related to your personal identity.
To ensure the security of the service: To enhance the security of the services provided by us, our affiliated companies, and partners, protect the personal and property safety of you, other individuals, or the public from infringement, better prevent security risks such as phishing websites, fraud, network vulnerabilities, computer viruses, network attacks, and network intrusions, and more accurately identify situations that violate laws and regulations or relevant agreement rules. We may use or integrate your account information, intelligent hardware information, APP usage information, and information obtained by our affiliated companies and partners with your authorization or in accordance with the law. This is for identity verification, detection and prevention of security incidents, and taking necessary recording, auditing, analysis, and disposal measures in accordance with the law.
9. Service Call
In the AI analysis process, to implement the speech transcription function, we need to collect your audio data and transmit it encrypted to Microsoft’s large-model transcription service for processing. According to Microsoft’s commitment, this data is typically processed within the server and will not be used to improve its general-purpose models. After transcription is completed, the generated text will be stored on your device, and you can manage or delete this data at any time.
(2) Device Permission Access
During the provision of services, the APP bound to this Product will access some device permissions of your mobile phone. The following table shows the business functions corresponding to the APP's permission access, the purpose of accessing the permissions, and whether you will be asked for consent before accessing the permissions.You can choose to disable some or all permissions in the device's settings function, thereby refusing the APP to collect the corresponding personal information. The way permissions are displayed and disabled may vary across different devices. For details, please refer to the instructions or guidelines provided by the device and system developer.
Please note that when you enable any permission, it means you authorize us to collect and use the relevant personal information to provide you with the corresponding service. When you disable any permission, it means you revoke the authorization. We will no longer collect and use the relevant personal information based on the corresponding permission, and will also stop providing the corresponding service to you. However, disabling a permission will not affect the collection and use of information that has been carried out based on your authorization prior to the disabling.
| Device Permission | Corresponding Business Function | Purpose of Accessing the Permission | Ask for consent | Permission disabling allowed |
| Bluetooth Permission | Pairing with Bluetooth devices | To pair with Bluetooth devices, search for devices, transfer network configuration information, and achieve device binding | Yes | Yes |
| Access to Precise Location Information | Adding a device | 1. To access nearby devices when adding a device; | Yes | Yes |
| Access to Approximate Location Information | Adding a location tag | 2. To automatically add a rough location tag to the recording file when using the recording function; | Yes | Yes |
| Microphone Permission | Voice input/recording | 1. In real-time recording scenarios, the APP needs to receive your voice commands through the microphone permission; 2. When recording audio directly using the APP, the microphone permission is used to collect on-site sounds and generate audio files; |
Yes | Yes |
| Camera Permission | Avatar modification function | To take photos for changing the account avatar | Yes | Yes |
| Access to External Storage Space | Avatar modification function | To take photos for changing the account avatar | Yes | Yes |
| Writing to External Storage Space | Adding, deleting, and modifying external files | To add, delete, and modify imported recording files | Yes | Yes |
| SMS Permission | Account security verification | For account registration or modifying security information (mobile phone number, password) | Yes | Yes |
| Sending Notifications | Important notification reminders | To send notifications when the device status changes | Yes | Yes |
| Access to Call Status and Mobile Network Information | Access to unique device identification | To bind the software to the device | Yes | Yes |
| Software List | Sharing links | To share links, export audio, full text, summaries, and mind maps to other applications | Yes | Yes |
| Access to Clipboard | Text input | To copy text or links for quick sharing | Yes | Yes |
(3) Exceptions to Obtaining Your Authorization and Consent for Collecting and Using Your Personal Information
1.It is necessary for concluding or performing a contract where the individual is a party, or for implementing human resource management in accordance with legally formulated labor rules and regulations and a legally concluded collective contract;2.It is necessary for performing statutory duties or obligations;
3.It is necessary for responding to public health emergencies or protecting the life, health, and property safety of natural persons in emergency situations;
4.It is necessary for conducting news reporting, public opinion supervision, and other activities for the public interest, within a reasonable scope;
5.Processing personal information that has been voluntarily made public by the individual or otherwise legally made public, within a reasonable scope in accordance with the provisions of the Personal Information Protection Law;
6.Other circumstances as stipulated by laws and administrative regulations.
Please be aware that in accordance with legal provisions, information that has been technically processed and cannot be restored or used to identify a specific individual is not considered personal information. The use of such information does not require notifying you or obtaining your consent. To provide you with better services, we will access aggregated statistical data based on your personal information from our affiliated parties and partners. Such statistical data is non-personal information, including data on the number of product downloads, installations, and uninstallations (reflecting product usage), as well as data on the number of requests and error feedback (reflecting network performance). We collect such information for the purpose of improving existing products or services or developing new products or services.
2、 How We Use Cookies and Similar Technologies
- Cookie Usage
Cookies are small text files sent by the websites you visit to your browser. They usually contain an identifier, the website name, and some numbers and characters. Each Cookie sent to you by a website is unique and can only be read by the web server that sent it to you. Cookies are often used to simplify your repeated login process, help us remember your device and service usage preferences, and analyze how you use our website, thereby helping you have a more convenient browsing experience.
We will not use Cookies for any purposes other than those stated in this Privacy Policy. You can manage or delete all Cookies stored on this website according to your preferences. If you delete these Cookies, all the corresponding information you previously recorded will also be deleted, which may affect the security and convenience of the services you use.
3、 How We Store Your Personal Information
(1) Storage Location
The personal information we collect and generate within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China.(2) Storage Period
We will only store your personal information for the shortest period necessary for the purposes stated in this Policy and the period required by laws and regulations. After this period, we will delete your personal information or anonymize it.If we cease to operate this Product, we will promptly stop activities involving the continued collection of your personal information, notify you of the cessation of operations through individual delivery or public announcement, and delete or anonymize the personal information we store within a reasonable period.
4、 How We Share, Transfer, and Publicly Disclose Your Personal Information
(1) Sharing
We will not share your personal information with any company, organization, or individual except in the following cases:We will share your personal information with other parties after obtaining your explicit consent.
Within the scope permitted by laws and regulations, it is necessary to share your personal information to protect the interests, property, or safety of you, other users, or the public from harm.
Unless we obtain your explicit authorization and consent, we will not share your personal information with third-party advertisers, application developers, open platforms, or other partners. We will provide these partners with aggregated information, anonymized information, or other information that cannot identify your personal identity.
To ensure the stable operation of our products or services, we will access third-party software development kits (SDKs) and share your personal information with them. The above sharing is only for achieving the purposes stated in this Privacy Policy. The providers of the third-party software development kits (SDKs) we access include our suppliers, service providers, consultants, or agents, who provide us with technical infrastructure services, analyze the usage of our services, measure the effectiveness of advertisements and services, provide customer service and payment services, conduct academic research and surveys, or provide legal, financial, and technical consulting services.
For details of the personal information we share with third parties and the personal information that third parties need to collect and process based on services, please refer to the List of Personal Information Shared with Third Parties.
(2) Transfer
We will not transfer your personal information to any other company, organization, or individual except in the following cases:With the development of our business, we may conduct mergers, acquisitions, asset transfers, or other similar transactions. If such transactions involve the transfer of your personal information, we will require the company, organization, or individual that newly holds your personal information to continue to be bound by this Policy; otherwise, we will require the company, organization, or individual to re-obtain your authorization and consent.
To comply with the requirements of laws and regulations, legal procedures, mandatory government requirements, or judicial rulings.
To transfer your personal information to other parties after obtaining your explicit consent; that is, after obtaining your explicit consent, we will transfer the personal information of yours that we have obtained to other parties.
To respond to your request for transfer: If you request to transfer your personal information to a designated personal information processor and the transfer meets the conditions stipulated by national laws, we will provide a transfer channel in accordance with the law.
(3) Public Disclosure
We will only publicly disclose your personal information under the following circumstances:We have obtained your explicit consent.
We will publicly disclose your personal information in accordance with the requirements of laws, legal procedures, litigation, or mandatory government requests.
Within the scope permitted by laws and regulations, it is necessary to publicly disclose your personal information to protect the interests, property, or safety of affiliated parties, partners, you, other users, or the public from harm.
Other circumstances stipulated by laws and regulations.
(4)Exceptions to Obtaining Consent Prior to Sharing, Transferring, or Publicly Disclosing Personal Information
- Matters related to the personal information controller's performance of obligations stipulated by laws and regulations;
Matters directly related to national security and national defense security;
Matters directly related to public security, public health, and major public interests;
Matters directly related to criminal investigation, prosecution, trial, and execution of judgments;
Matters necessary to protect the life, property, and other major legitimate rights and interests of the personal information subject or other individuals but it is difficult to obtain the subject's authorization and consent;
Personal information that the personal information subject has voluntarily made public to the public;
Personal information collected from legally publicly disclosed information, such as legal news reports, government information disclosure, and other channels.
According to legal provisions, sharing, transferring, and publicly disclosing de-identified personal information, and ensuring that the data recipient cannot restore or re-identify the personal information subject, does not constitute external sharing, transfer, or public disclosure of personal information. The storage and processing of such data do not require additional notification to you or obtaining your consent.
5、 How We Protect Your Personal Information
We have adopted security protection measures that meet industry standards to protect the personal information you provide, preventing unauthorized access, public disclosure, use, modification, damage, or loss of data. We will take all reasonably feasible measures to protect your personal information.1.We attach great importance to the security of your personal information and will strive to take reasonable security measures to protect it.
2.We will encrypt the transmission and storage of identifiable personal identity information to ensure data confidentiality. For unique device identifiers, we will anonymize and encrypt them using the MD5 algorithm, and only collect and upload the anonymized and encrypted identifiers.
3.If our application adopts WebView technology, we will perform URL verification on all file protocols used in WebView and restrict access to sensitive data of this application and SDCard data. This prevents any private files and sensitive information of our product from being maliciously stolen without special permissions, thereby avoiding the leakage of your personal information.
4.We have deployed an access control mechanism on the server side, adopting the principle of "minimum necessity" for employees who have access to your personal information, and regularly check the list of personnel with access rights and access records.
5.The server systems where we store users' personal information all use security-hardened operating systems. We will conduct account auditing and monitoring of server operations. If a server operating system with security vulnerabilities is publicly reported, we will perform server security upgrades as soon as possible to ensure the security of all our server systems and applications.
6.We regularly conduct training on laws and regulations related to personal information protection for our employees to enhance their awareness of protecting users' personal information.
7.We implement classified and hierarchical management measures for the personal information we collect from you to ensure its security.
In the event that our physical, technical, or management protection measures are compromised, we will promptly activate an emergency response plan to prevent the expansion of the security incident, report it to the national competent authority in accordance with the requirements of laws and regulations, and promptly inform you of the basic situation of the security incident, possible impacts, and the measures that have been or will be taken through push notifications or announcements.
6、 Your Rights to Manage Personal Information
During your use of this Product, you can view, correct, and delete the registration information and other personal information you provided through the methods specified below, or contact us in accordance with the guidelines within the product or service. The scope and methods for you to view, correct, and delete personal information will depend on the specific services you use.(1) Viewing and Correcting Your Personal Information
Basic account information: You can modify your avatar and nickname through [Me - Personal Profile] on the mobile APP. If you fail to update the information in a timely manner and need to contact us in case of an emergency, you can reach us through the official contact number displayed in the APP or via the contact methods specified in Section 9 of this Agreement. We shall not be liable for any loss of account information or property caused by our inability to contact you due to your failure to update information in a timely manner.(2) Deleting Your Personal Information
You have the right to request the deletion of your personal information under the following circumstances:1.We collected your personal information without obtaining your explicit consent;
2.Our processing of your personal information violates the requirements of laws and regulations;
3.We violated the agreement with you in using and processing your personal information;
4.You have canceled your Botslab AI account;
5.We have stopped providing services to you;
6.Other circumstances where you have the right to delete personal information.
You can contact us to request the deletion of your personal information through the methods provided in Section 9 of this Policy. After we delete your personal information from the server, we will not immediately delete the corresponding data from the backup system, but will delete such information when the backup is updated.
(3) Obtaining a Copy of Your Personal Information
You have the right to obtain a copy of your personal information. You can contact us through the methods specified in Section 9 of this Policy to obtain it.(4) Canceling Your Personal Account
You can log in to the APP and cancel your BotsNote account at any time through [Me - Personal Profile - More - Delete Account]. Please note that if you choose to cancel your [BotsNote] account, the account will no longer be usable and the relevant account information will be deleted. You will no longer be able to use any services that require logging in to the [BotsNote] account (but this will not affect your use of services and functions that do not require account login). Therefore, please proceed with caution.After you cancel your account, we will stop providing the corresponding products or services to you, except in cases where laws and regulations require us to retain relevant information.
(5) Withdrawing Your Consent or Authorization
You can withdraw your consent to the processing of your personal information at any time, unless the personal information is necessary for the corresponding business function (for the personal information necessary for each business function, please refer to the section "How We Collect and Use Your Personal Information" in this Privacy Policy). You can change or withdraw the scope of personal information we continue to collect by deleting information, disabling permissions, and other methods. If you encounter any problems while exercising the right to withdraw consent, you can contact us through the contact methods specified in Section 9 of this Policy. Please understand that some basic personal information is required to complete each business function. When you withdraw your consent or authorization, we will no longer be able to provide you with the service corresponding to the withdrawn consent or authorization, nor will we process the corresponding personal information. However, your decision to withdraw consent will not affect the personal information processing activities that have been carried out based on your prior authorization.(6) Responding to Your Above Requests
For security purposes, you need to submit a written request or verify your identity through other means. We will first require you to verify your identity before processing your request. However, please understand that due to legal and regulatory requirements, information security guarantees, and technical limitations, you may not be able to view, correct, or delete some of your information.7、 Protection of Minors' Personal Information
This Product is not specifically designed for minors. Minors under the age of 18 need to obtain consent and authorization from themselves or their guardians when using this Product. Children under the age of 14 must have their parents or other guardians read this Policy and should seek the consent and guidance of their parents or other guardians before submitting personal information. If you are a parent or guardian of a child and have questions about the personal information of the child under your guardianship, you can contact us through the contact methods specified in Section 9 of this Policy.8、 Changes and Revisions to the Privacy Policy
Our Privacy Policy may be changed. Without your explicit consent, we will not restrict the rights you are entitled to under this Privacy Policy.For major changes to this Privacy Policy, we will also provide prominent notifications (such as pop-up notifications to you in a timely manner when the APP is revised, upgraded, or when you log in again; if authorization is required, we will prompt you to authorize through a pop-up window before proceeding).
Major changes referred to in this Policy include but are not limited to:
Significant changes in our service model, such as changes in the purpose of processing personal information, the type of personal information processed, the method of using personal information, and the rules for collecting and using personal information;
Significant changes in our control rights, such as changes in ownership caused by mergers, acquisitions, or restructurings;
Significant changes in the main recipients of personal information sharing, transfer, or public disclosure;
Significant changes in your rights related to participating in personal information processing and the ways to exercise such rights;
Changes in the department responsible for personal information security, contact information, and complaint channels;
When the personal information security impact assessment report indicates high risks.
9、 How to Contact Us
If you have any questions, comments, suggestions, or complaints regarding our personal information protection policy and the processing of your personal information, please contact us through the following methods:Contact Phone: 400-6822-360
Contact Email: kefu@360.cn
You can also send your feedback to the following address:
Address: 360 Privacy Protection Department (Recipient), Electronic City International Electronics Headquarters, Courtyard 6, Jiuxianqiao Road, Chaoyang District, Beijing, China
Postal Code: 100015
Appendix I: Glossary
- 1.Personal Information: Personal information refers to various types of information recorded electronically or by other means that relate to an identified or identifiable natural person, excluding information that has been anonymized. Personal information includes: basic information (including personal name, date of birth, gender, address, personal phone number, and email address); personal identification information (including ID card, military ID, passport, and driver's license); personal biometric information (including voiceprint, fingerprint, and facial features); online identity identification information (including system account and IP address); personal property information (including bank account, transaction and consumption records, and virtual property information such as game redemption codes); personal communication information (including address book content); personal online browsing records (including website browsing records, software usage records, and click records); personal commonly used device information (including hardware model, device MAC address, software list, and unique device identifier (a string of characters programmed into the device by the device manufacturer, which can be used to uniquely identify the corresponding device)); and personal location information (including location trajectory, precise positioning information, accommodation information, and longitude and latitude).
2.Sensitive Personal Information: Sensitive personal information refers to personal information that, if leaked or illegally used, may easily cause harm to the personal dignity of a natural person or endanger the personal or property safety of the person. Sensitive personal information includes: personal property information (including bank account, transaction and consumption records, and virtual property information such as game redemption codes); personal biometric information (including voiceprint, fingerprint, and facial features); personal identification information (including ID card, military ID, passport, and driver's license); personal information of minors under the age of 14; and other information (including address book, location trajectory, web browsing records, accommodation information, and precise positioning information).
3.De-identification: De-identification refers to the process of technically processing personal information so that the personal information subject cannot be identified without the assistance of additional information.
4.Anonymization: Anonymization refers to the process of technically processing personal information so that the personal information subject cannot be identified and the processed information cannot be restored.
5.Personal Information Deletion: Personal information deletion refers to the act of removing personal information from the systems involved in the realization of daily business functions, keeping it in a state that cannot be retrieved or accessed.
6.Child: A child refers to a minor under the age of 14.