This Policy explains how we collect, use, share, store, and protect your personal information, and how you can exercise your rights. For sensitive personal information (such as precise location, biometric data, camera/microphone content, and smart lock/security device data), we will provide prominent notice and obtain separate consent where required by law.

1. Controller Information

Personal Information Controller/Processor: Shenzhen Ruimeng Zhichuang Technology Co., Ltd.

Address: Room 316, 3rd Floor, Block B, Getailong Building, No. 227 Bulong Road, Bantian, Longgang District, Shenzhen, Guangdong

Contact Email: developer@redmountain.ai

Data Protection Contact (if any): /developer@redmountain.ai

2. Categories of Information We Collect

We collect information on lawful, legitimate, and necessary bases, including:

2.1 Account information: phone number, email, nickname, avatar, country/region for registration, authentication, account management, and notifications.

2.2 Device and network information: device model, OS, identifiers, app version, language, time zone, IP, network type, and crash logs for compatibility, security, and troubleshooting.

2.3 IoT device information: model, serial number/IMEI/MAC, firmware version, room/home association, online status, operation logs, error codes, and sensor data for device control, alerts, and automation.

2.4 AI interaction data: your prompts, voice/image inputs, context, model outputs, feedback, and annotation data for providing AI functionality, safety moderation, quality evaluation, and service improvement.

2.5 Transaction and support data (if applicable): order details, payment status, after-sales records, and customer support communications for contract performance and dispute handling.

3. How We Use Information

To provide core functions such as login, device management, automation, and service notifications.

To secure the Service, including identity verification, fraud prevention, audit logging, and incident response.

To improve product quality and AI performance through analytics, testing, and reliability improvements.

To comply with legal obligations and lawful requests from regulators, courts, or law enforcement authorities.

4. AI Data Processing and Model Improvement

4.1 Your AI inputs and outputs may be processed under encryption and access controls to deliver features, detect abuse, and maintain service quality.

4.2 Where permitted by law and with appropriate safeguards (such as de-identification, aggregation, or access restrictions), we may use certain interaction data to improve models and services.

4.3 For processing activities that require separate consent, we will obtain your authorization through in-app prompts, settings, or equivalent mechanisms.

4.4 You may withdraw certain consents in app settings or by contacting us. Withdrawal does not affect processing already carried out before withdrawal.

5. Third Parties, Processors, and Sharing

5.1 We may use third-party SDKs or service providers (e.g., cloud hosting, push notifications, payments, speech recognition, or model providers) and share data on a need-to-know basis.

5.2 We require processors to handle personal information in accordance with our instructions and applicable laws through contractual and technical controls.

5.3 Unless otherwise required by law, we do not sell your personal information.

5.4 If personal information is transferred in the event of merger, acquisition, reorganization, or bankruptcy, we will require the recipient to continue protecting your information under this Policy or applicable law.

6. Cross-Border Transfers

If cross-border transfer is necessary, we will implement required legal mechanisms (such as assessments, filing, contracts, or certification) and obtain separate consent where required.

For cross-border processing, we apply safeguards including encryption, least-privilege access, and security reviews.

7. Retention and Storage

Account information: deleted or anonymized within 30 days after account deletion, unless longer retention is required by law.

Device/log data: generally retained for 30 months.

Order/invoice data: retained for at least 5 years where required by law.

Scenes and automation data: deleted when removed/disabled, or after 6 months of inactivity.

Data is primarily stored on servers in China; if storage location changes materially, we will notify you as required.

8. Your Rights

You may request access, correction, supplementation, copy, deletion, restriction, or objection to processing of your personal information, subject to applicable law.

You may withdraw consent at any time and request account deletion (path: RedMountain - Settings - Account & Security - Delete Account).

For significant decisions made solely by automated means, you may request an explanation and, where applicable, human review.

We will respond within 15 business days after identity verification; complex cases may require up to 30 additional business days with notice.

9. Children's Privacy

The Service is not primarily directed to minors.

If we become aware that we collected a minor's personal information without required guardian authorization, we will delete or anonymize it promptly as required by law.

10. Security and Incident Response

We implement safeguards including access controls, encryption in transit and at rest, key management, logging and monitoring, vulnerability management, and staff training.

If a personal information security incident occurs or may occur, we will take remedial actions promptly and notify you as required by applicable law.

11. Policy Updates

We may update this Policy due to legal requirements, regulatory guidance, product changes, or AI feature updates.

For material changes, we will provide notice through in-app alerts, announcements, or other reasonable means and obtain consent where required.

12. Contact Us

Email: developer@redmountain.ai

Address: Room 316, 3rd Floor, Block B, Getailong Building, No. 227 Bulong Road, Bantian, Longgang District, Shenzhen, Guangdong

Phone: +86 13928276705

We will respond to requests within 30 business days after receipt.