Version: 1.2 Last updated on July. 29, 2022

CNB Global Technology Inc. (referred to as CNB Global Technology, CNB, we, or us hereafter) is

a global provider of AIoT products, solutions and full-stack capabilities, a leader with the Internet

of Things (IoT), artificial intelligence (AI), big data, and cloud computing technologies as the core,

providing global users with network camera products, display control products, smart equipment

products, storage and computing products, smart lock products, and management platform

products for application to smart cities, transportation, Internet of Things and other fields. CNB

is committed to building a better world by providing professional, reliable and cutting-edge

products and services.

CNB is committed to protecting your personal information and privacy and maintaining your trust

with us. We abide by the following principles to protect your personal information: integrity,

consent, clear purpose, restricted collection, minimum necessary, transparency, balanced

rights with responsibility, security, and privacy compliance.

This privacy policy is intended to help you understand: 1) your personal information that we

collect; 2) how we collect your personal information; 3) how we use your personal information; 4)

how we protect your personal information and your rights; 5) answers to your questions and how

to contact us. Understanding these contents is essential for you to exercise your personal

rights and protect your personal information. Please read through this policy carefully before

you use or accept our products or services. Please be aware, this policy is not applicable to

situations where your personal information is collected by other third parties.

This policy contains the following sections:

(1) Definition of personal information

(2) How we collect and use your personal information

(3) Sharing, transfer and disclosure of personal information

(4) Information storage and protection

(5) Your rights

(6) Third-party services

(7) Privacy of minors

(8) Contact us

(9) Revisions to the privacy policy

1) Definitions of personal information and non-personal information

The definition of personal information shall be defined by your local laws.

Non-personal information refers to data other than personal information that cannot be directly

linked to any specific individual, such as occupation, language, zip code, area code, serial number,

URL, and automatically recorded browse data, product and unique product identifier of your

mobile device, video contents without personal information, country/region and time zone of the

connected product, geographical location, identifier of mobile network operator, device software

platform, and hardware information, etc.

2) How we collect and use your personal information

1. When you create an account to use our product or service, or when you sign up for an account

to access or view video online, we need you to provide your username, password, mobile phone

number, email address, verification code, product name, product verification code, and product

serial number through the client. The purposes of information collection: 1) The username,

password, mobile phone number, email address, and verification code are collected for real-name

registration required by relevant laws and regulations in various regions; 2) When you install and

activate a product that is connected to our service and is bound with your account, we may

request you to provide certain unique basic information of your product, such as product name,

verification code and serial number. If you refuse to provide such information, you may not be

able to use our product and/or service normally.

2. When you log in to an app provided by CNB for the first time, we will collect the following

information and take appropriate control measures:

Information

collected

Control method

Purpose

Model of your mobile

phone

For first-time use, a pop-up

window will appear to notify

you. When the collection

method, collection contents or

collection purpose are changed,

we will notify you of the changes

and request for your permission.

Supplemental information for

troubleshooting

Used to determine the push

service

Operating system and

version of your mobile

phone

Information about the

network to which your

mobile phone is

connected, including

information about 2G,

3G, 4G, 5G, Wi-Fi

networks and the

corresponding

network carriers.

3. When you use our service to save video related contents, such as video clips, live video

streams, images (user content), message notifications, etc., we will collect video images captured

by your camera and push the video images to you so you can save the contents that you need.

4. When you use the message notification function, we need to collect the unique feature value

of your client (such as the unique value generated based on your device's IMEI or UDID) and the

language of your mobile phone. If you refuse to provide such information, you will not be able

to use the alarm subscription function, but it will not affect the normal use of other functions.

In addition, you can choose to turn off the function and clear information about the unique feature

value of your client.

5. When you use device adding functions, we may need to collect the serial number,

perform network configuration and bind your device. If you refuse to provide such

information, you will not be able to add your device.

6. When you use our device connection service, to ensure the normal use of the service, we

will collect information including the model, UDID, IP address, MAC address, and software

version of your device, the network connection method and type, the latitude and longitude

of the device (if applicable), and operation records. Such information is the basic information

that is essential for us to provide services. If you refuse to provide such information, you may

not be able to use our device connection service normally.

7. When you use the live view function, we may need to collect the serial number, IP address,

port number, and video stream information of your device in order to provide you with live

streams of your device. If you refuse to provide such information, you will not be able to use the

live view function, but it will not affect your normal use of other functions.

8. When you use analysis, comparison functions and alarm service based on user benchmark

information (including face/human body recognition, license plate/vehicle recognition,

attendance management, fingerprint unlocking, if applicable to your device), you need to enter

the benchmark information such as face images, license plate information, attendance

personnel information, fingerprints into the system in advance. If you refuse to provide such

information, you will not be able to use the relevant analysis, comparison functions and alarm

service, but it will not affect your normal use of other functions.

9. When you use the device sharing function, we need to collect certain information in order to

implement the sharing function, including the device serial number, your nickname, and the

usernames with which you want to share the device. If you refuse to provide such information,

you will not be able to use the device sharing function, but it will not affect your normal use of

other functions. The sharing function is active only when you use it; it is not permanently active.

10. When you need our support and contact us through email, telephone or our customer

support tools, we need to collect information including your name, phone number or email

address, enterprise or organization, device usage, device serial number, device account, in

order to verify your product and identity and provide precise service support. If you refuse to

provide such information, we will not be able to provide support services to you.

11. In other possible scenarios, we will also collect your personal information, including but not

limited to:

1) When you communicate with us with telephone, we need to record the conversation as

evidence of service and to improve our service ability and quality, so as to continue to

provide you with high-quality after-sales service.

2) In situations where you need to sign a certificate to authorize remote access, we will collect

your manual signature or company seal.

3) If you report a device failure and need to return the device to us for inspection and

repair, you need to provide your receiving address. If the returned device contains your

private data, you need to back up the data and format the storage before returning

the device.

4) When you enter the test/exhibition area of our products, we may collect your images

and/or videos, depending on the products being tested/exhibited. The images and videos

will be deleted at the end of the test/exhibition; you can avoid collection of your

images/videos by leaving the test/exhibition area.

12. In order to offer better user experience and prevent misoperation, we will collect

industry-standard non-personal information (see the definition in Chapter 1). Such

information does not infringe on user privacy and user rights. If you have any concerns about

the security and privacy settings of your mobile device, please adjust the settings by referring to

the documentation of your mobile service provider or mobile device manufacturer. These actions

include but are not limited to:

1) We may record adjustments that you make to your product through the services that we

provide, and we will store the collected non-personal information with the information

directly collected by the product.

2) When you use audio recording or media streaming functions of our product, we may record

and transmit videos and/or audios from the product, with your permission. This may

include taking snapshot images and attaching part of snapshot images and analysis data

to email notifications.

3) Sharing, transfer and disclosure of personal information

1. Sharing of information

When we provide you with certain services, we need to share your personal information with

authorized partners, carefully selected service providers, or national regulatory agencies, only for

legal, justified, necessary, specific, and definitive purposes, and only share the information

necessary for us to provide services. The organization that shares your personal information has

no right to use the shared personal information for any other purposes irrelevant to our products

or services. For companies, organizations, and individuals with whom we share personal

information, we will sign strict data protection agreements with them, demanding them to

process personal information as per our instructions, this privacy policy, and any other relevant

confidentiality and security measures.

1) We need to share your mobile phone number with our SMS service providers to

complete account registration for you.

2) We need to share your mobile phone information, alarm information, etc. with mobile

phone manufacturers in order to provide you with the alarm push service.

3) We need to share your device information and account information with our cloud

service provider in order to provide you with the core video surveillance functions.

4) You can share your videos, identity information, etc. with specific people, and share

your videos, location information, identity information, etc. with unspecified people

based on our products and/or services. We bear no legal liability for serious situations

such as leakage of your information due to your sharing behavior.

2. Transfer of information

We will not transfer your personal information to any other companies, organizations or

individuals, except in the following situations:

1) After obtaining your explicit consent.

2) When it involves merger, acquisition or bankruptcy liquidation, and if it involves the

transfer of your personal information, we will demand the new company or organization

that holds your personal information to continue to be bound by this personal information

protection policy; otherwise, we will demand the company or organization to re-seek

authorization and consent from you.

3. Disclosure of information

We will disclose your personal information only under the following circumstances:

1) After obtaining your explicit consent.

2) Please understand, in accordance with applicable laws, we can disclose your personal

information without your consent under the following circumstances:

 When it is directly related to criminal investigation, prosecution, trial, and verdict.

 When it is necessary to safeguard significant legitimate rights such as life, property

of the personal information subject or other individuals but it is difficult to obtain

your consent.

 When the personal information collected is disclosed to the public by yourself.

 When the personal information is collected from information that has been

disclosed lawfully, such as from lawful news reports, government-disclosed

information, etc.

 When it is necessary for signing a contract according to your requirements.

 When it is necessary for maintaining the safe and stable operation of the provided

products or services, such as detecting and handling product or service failures.

 When required by applicable laws and regulations and government orders of the

country where the business is operated, as well as legal procedures of law

enforcement agencies, regulatory agencies, and court of law, or other applicable

legal procedures and subpoenas.

4) Storage and protection of personal information

1. Storage of personal information

Unless otherwise explicitly permitted by law or by you, we will retain your personal information

only for the length of time required for the purposes bound by this privacy policy. During the

period that you use our products or receive our services, we will continuously keep your personal

information for you. If you cancel your account or proactively delete your personal information,

we will delete or anonymize your personal information within 48 hours after receiving your

request, unless otherwise stated in law or agreement.

As per applicable local laws, the personal information collected and generated by CNB during

business operation shall be stored locally at the business location.

2. Security protection of personal information

We are committed to safeguarding your information security and have a dedicated team

responsible for the research, development and application of a variety of security technologies

and programs. We use data encryption and access control mechanisms to establish internal

control systems to ensure only the authorized personnel can access your personal information, to

publicize security and privacy protection requirements to the related personnel, and to publicize

protection measures such as the information security protection system to all the staff. At the

same time, we have been granted information security management system certification

(ISO27001 international standard), and will regularly hire independent third-party organizations

to evaluate our information security management system. Through these rigorous measures, we

try our best to protect your information from unauthorized access, use and disclosure. However,

please understand that in the Internet industry, due to the limits of current technologies and all

kinds of possible malicious attack methods, even if we do everything that we can to strengthen

our security measures, it is impossible to guarantee 100% security of information. Please be aware,

the systems and communication networks that you use while using our products and/or services

may encounter security issues due to factors that are beyond our control.

The security of your personal information also depends on your cooperation with us in security

measures. We provide you with a username and password so you can access our products,

websites or services, and you are responsible for the confidentiality of such information. We

request that you do not share such information with anyone, and we will also regularly review the

technologies that we use and the strategies used to implement information collection.

We have established dedicated management systems, procedures and organizations to

safeguard information security. We strictly limit the scope of people who have access to the

information, demand their compliance with confidentiality obligations, and conduct audits

regularly.

In the event of a security incident such as personal information leakage, we will initiate an

emergency plan to prevent the expansion of the security incident and promptly inform you in the

form of push notifications, announcements, etc.

5) Your rights

Storing your personal information enables us to provide the services that you need. You can

access and update your personal information through your account, or contact us to obtain your

information by sending an email to cnbgtech@cnbtec.com or by visiting our website

(www.cnbtec.com) if you cannot find your personal information, or ask us to modify, withdraw

or delete the data that you provided. When you sign up for an account, cancel your account, or

delete your files and data, we may not be able to delete the previous communication records. And

after you delete certain information, as per applicable laws and regulations, we may need to

temporarily keep a backup of this information until it is eventually deleted permanently.

As per applicable laws, we guarantee your rights with respect to your personal information: access,

correct or delete your personal information, change the scope of authorization or revoke

authorization, cancel your account, and obtain a copy of your personal information. Please be

advised that you are entitled to demand us to delete your personal information under the

following circumstances: 1) We collect and use your personal information against laws and

regulations; 2) We collect and use your personal information against the user agreement.

In order to exercise your rights, please contact us using the contact information provided in this

repeated requests that exceed the reasonable limit, we have the right to charge for the cost as

appropriate. For unreasonably repeated requests that require excessive technical means and that

will bring risks to the legitimate rights or interests of other people, we have the right to deny such

requests. If you are concerned about how we handle your personal information, you have the right

to file a complaint with the data protection authority of your country of residence.

To provide you with the services you need, on the condition that you continue to use our products

and/or services, we will store your personal information on our server. The purpose of saving your

latest personal information is to provide you with relevant services. You can access, update, and

delete your personal information through your personal portal. We can also help you manage your

subscriptions, deactivate your account, and delete your activity summary and data.

6) Third-party services

Our products and/or services may be connected to or linked to websites or other services provided

by the third party, for example, when you use the share function to share some of your

information to third-party services. These functions may collect your information (including your

log information) in order to operate properly. We will only share your information for legitimate,

necessary, and specific purposes. For third-party service providers with whom we share

information, we demand them to fulfill confidentiality obligations and take corresponding

security measures.

In order to achieve the purposes stated in this policy, we may connect SDK or other similar

applications provided by third-party service providers, and share with them certain information

about you that we collect in accordance with this policy, so as to provide better customer service

and user experience. At present, the third-party service providers we connect include the

following types:

1) Used for notification push function, including the push function provided by mobile phone

manufacturers.

2) Used for obtaining your device location, collecting device information and log information

with your consent.

3) Used for third-party authorization services to share relevant contents with third-party

products, etc.

4) Used for services related to account security, product reinforcement, including data

encryption, data decryption, etc.

Such third-party services are operated by the relevant third party; your using their services or

providing information to them are subject to the terms of service/or privacy protection

statements of the corresponding third party (not this policy).

The third-party services that we currently use are listed in this table.

1) Android version

Third-

party

SDK

Description

JPush

Function:

Push notifications.

Application scenario:

Provide notification push service.

Scope of personal information:

Device identification information, application version information, network

information.

https://www.jiguang.cn/license/privacy

Bugly

Function:

Collect program crash information.

Application scenario:

Collect application error information at runtime, and report to the backend

for analyzing and improving the application.

Personal information required:

Device identification information, crash information generated by the

software during use.

https://privacy.qq.com/document/priview/fbd2c3f898df4c1c869925dd49d5

7827

Mi Push

Function:

Push notifications.

Application scenario:

Push notifications via the MIUI system to Xiaomi phone users.

Personal information required:

Device identification information, network type, device storage, device

running processes, application version information, push SDK version,

screen lock information of mobile phone, notification permission.

https://dev.mi.com/console/doc/detail?pId=1698

HUAWEI

Push Kit

Function:

Push notifications.

Application scenario:

Push notifications via the EMUI system to Huawei phone users.

Personal information required:

Device identification information, application version information, network

information.

https://consumer.huawei.com/cn/privacy/privacy-policy/

OPPO

PUSH

Function:

Push notifications.

Application scenario:

Push notifications via the OPPO system to OPPO phone users.

Personal information required:

Device information, application version information, network information,

message sending results, notification bar status, lock status of mobile

phone.

https://open.oppomobile.com/wiki/doc#id=10288

Vpush

Function:

Push notifications.

Application scenario:

Push notifications via the vivo system to Vivo phone users.

Personal information required:

Device identification information, application version information, network

information.

https://www.vivo.com.cn/about-vivo/privacy-policy

Baidu

Speech

Synthesi

Function:

Text-to-speech.

Application scenario:

Custom alarm sound for device.

Personal information required:

Network status, Wi-Fi status, permission to read/write external storage.

https://ai.baidu.com/ai-doc/REFERENCE/Jkdyl0v3v

2) iOS

Third-party SDK

Description

JPush

Function:

Push notifications.

Application scenario:

Provide notification push service.

Personal information required:

Device identification information, application version

information, network information.

https://www.jiguang.cn/license/privacy

Baidu Speech

Synthesis

Function:

Text-to-speech.

Application scenario:

Custom alarm sound for device.

Personal information required:

Network status, Wi-Fi status, permission to read/write external

storage.

https://ai.baidu.com/ai-doc/REFERENCE/Jkdyl0v3v

7) Privacy of minors

We do not provide any of our services to minors under 14 years of age (or equivalent minimum

age set by the relevant jurisdiction). If we find any account associated with or registered by a

minor under 14 years of age (or equivalent minimum age set by the relevant jurisdiction), we will

immediately delete the relevant account information. If we find that we have collected personal

information of minors without prior verifiable parental consent, we will try to delete the relevant

data as soon as possible.

If you are the parent or guardian of a minor under the age of 14 (or equivalent minimum age set

by the relevant jurisdiction), and you believe that your minor has disclosed her/his personal

information to us, please contact us immediately through your local CNB service phone number

or e-mail address. Parents or guardians of minors who are under 14 years of age (or equivalent

minimum age set by the relevant jurisdiction) can check and ask us delete the minor's personal

information and prohibit us from using it. In cases where we collect personal information of

minors with the consent of the parents/guardians, we will only use or publicly disclose the

information when permitted by law, expressly allowed by the parents or guardians, or when

necessary to protect the minors.

8) Contact us

If you have any questions, comments or suggestions regarding this privacy policy or your personal

information, please contact us via the following methods:

 Email: cnbgtech@cnbtec.com

 Mailing address: #703 Digital Empire 1130 Beoman-ro, Geumchon-Ku, Seoul, Korea

 Phone number：+82-2-2624-2469

We will process your inquiry or request within fifteen working days after verifying your identity.

9) Revisions to privacy policy

This privacy policy is subject to revisions from time to time, and such revisions shall constitute a

part of this privacy policy. When the terms of this policy are changed, we will show you the

changed policy in the form of push notifications and pop-up windows when you log in and

upgrade the version. Please note that we will collect, use and store your personal information

according to the updated policy only after you click the Agree button in the pop-up window.