Privacy Agreement Effective Date: 2026-05-15
DiduoTech logo DIDUOTECH Luoyang Diduo Agricultural Technology Co., Ltd
Legal and Compliance

Privacy Agreement

This Privacy Agreement describes how Luoyang Diduo Agricultural Technology Co., Ltd ("DiduoTech", "we", "our", or "us") collects, uses, stores, discloses, and protects personal data through our website and mobile applications distributed via Google Play, App Store, and other app marketplaces. This Agreement is designed for multi-jurisdiction operations and includes app advertising and monetization disclosures, including AdMob and additional ad mediation or ad network partners.

Company Name: Luoyang Diduo Agricultural Technology Co., Ltd

Office Address: No. 2203, Building 15, Mingmen Shijia, No. 222 Jiudu West Road, Luoyang Area (High tech) of China (Henan) Pilot Free Trade Zone, Luoyang, 471000, CN

Website: diduotech.com

Business Support: support@diduotech.com | Key Accounts: wangyaochao1@diduotech.com

1. Scope of This Privacy Agreement

This Agreement applies to:

  • The website operated under diduotech.com.
  • Mobile applications published by or on behalf of DiduoTech on Google Play, App Store, and other app stores.
  • Business support interactions through email, contact forms, app support pages, and customer onboarding processes.
  • Services involving agricultural technology R&D, technical consulting, technical promotion, crop cultivation, breeding and sales, fruit and vegetable operations, nursery and flower operations, traditional Chinese medicinal material planting and sales, primary agricultural processing, agri-input sales, organic fertilizer sales, agricultural machinery and tool sales, land trusteeship, field management services, landscaping, agricultural leisure sightseeing, and agricultural or sideline product trading.

2. Data We Collect

2.1 Information you provide directly

  • Name, company name, title, email address, phone number, country or region, and inquiry details.
  • Customer support records, feedback, bug reports, and project documentation.
  • Account credentials and profile information where account-based app features are available.

2.2 Information collected automatically

  • Device information: model, operating system, app version, locale, language, and network type.
  • Identifiers: IP address, app instance identifier, advertising identifier (where permitted), and cookie or SDK identifiers.
  • Usage data: feature interactions, session duration, crash diagnostics, referral source, and in-app event logs.
  • Approximate location derived from IP or region settings where required for service delivery, localization, or legal compliance.

2.3 Information from third parties

  • App store transaction metadata (non-payment-card details) from Google Play and App Store.
  • Advertising and measurement signals from ad mediation and ad network providers.
  • Identity or compliance verification outcomes where legally required for enterprise onboarding.

3. How We Use Personal Data

  • Provide and maintain website functions, customer support, and app features.
  • Deliver agricultural services and mobile management workflows requested by customers.
  • Operate, improve, and secure our products, including debugging, fraud prevention, and abuse detection.
  • Analyze service performance and product usage to improve quality and reliability.
  • Personalize language, region settings, and operational recommendations.
  • Enable app monetization and ad serving in legally permitted ways.
  • Comply with legal obligations, regulatory requests, and lawful enforcement actions.

4. Legal Bases for Processing (Where Applicable)

Depending on jurisdiction, we process personal data based on one or more legal bases:

  • Consent (for certain analytics, ad personalization, optional cookies, or sensitive processing).
  • Contract performance (to provide requested services, business support, or app functionality).
  • Legitimate interests (service security, product improvement, operational analytics, and fraud prevention).
  • Compliance with legal obligations.
  • Vital interests or public interest where required by applicable law.

5. Cookies, SDKs, and Similar Technologies

We use cookies, local storage, SDKs, and similar technologies for:

  • Authentication and session continuity.
  • Performance monitoring and diagnostics.
  • Attribution, analytics, and conversion measurement.
  • Ad serving and ad frequency management.
  • Fraud and invalid-traffic prevention.

Where required, users can choose consent preferences and update them in app settings or browser controls.

6. Advertising, AdMob, and Monetization Compliance

Our apps may integrate advertising SDKs directly or through mediation platforms. Ads may include splash ads, rewarded video ads, interstitial ads, and banner ads.

Ad and monetization partners may include, subject to integration in specific app versions:

  • Google AdMob and Google Ad Manager
  • AppLovin MAX / AppLovin Exchange
  • Meta Audience Network
  • Unity Ads
  • ironSource
  • Mintegral
  • Pangle (TikTok for Business ads ecosystem where available)
  • Chartboost
  • Liftoff Monetize (including legacy Vungle infrastructure)
  • InMobi
  • Digital Turbine / Fyber
  • Smaato
  • Start.io
  • Tapjoy (where integrated in rewarded pathways)
  • Moloco Ads (where integrated through partners)
  • Amazon Publisher Services (where available)
  • Any additional ad network listed in app-level privacy labels or store disclosures.

These partners may process device identifiers, IP address, ad events, and limited technical signals to:

  • Serve and measure ads.
  • Detect fraud and invalid traffic.
  • Cap ad frequency and optimize ad relevance where consent and law allow.
  • Provide aggregate monetization analytics.

We require ad integrations to follow platform and legal requirements, including Google Play User Data policies, Google EU User Consent Policy, Apple App Tracking Transparency (ATT), and app store privacy disclosure rules.

7. Data Sharing and Disclosure

We may share personal data with:

  • Service providers (hosting, analytics, support, messaging, security, and cloud infrastructure providers).
  • Ad and measurement partners as described in Section 6.
  • App store operators and payment facilitators for transaction and compliance support.
  • Affiliates or business partners strictly for contract fulfillment and project execution.
  • Regulatory authorities, courts, or law enforcement where legally required.
  • Acquirers or successors in a merger, restructuring, or asset transfer, subject to legal safeguards.

8. International Data Transfers

We may process and transfer data across borders where our providers or customers operate. Where legally required, we use recognized safeguards such as standard contractual clauses, data transfer impact assessments, and equivalent protective measures.

9. Data Retention

  • We retain personal data only as long as necessary for stated purposes, legal obligations, or dispute resolution.
  • Retention periods depend on data type, account lifecycle, legal requirements, and operational necessity.
  • When data is no longer needed, it is deleted, anonymized, or securely de-identified.

10. Data Security

  • Access controls, least-privilege mechanisms, and role-based permissions.
  • Encryption in transit and security controls appropriate to data sensitivity.
  • Monitoring, logging, and incident-response procedures.
  • Vendor security evaluation and contractual privacy obligations where practicable.

11. Children and Age-Appropriate Processing

  • Our business and applications are not directed to children under the digital age threshold defined by applicable law.
  • Where required by law (such as COPPA or local child-data frameworks), child-directed processing is limited and parental consent mechanisms are used as needed.
  • If we learn personal data was collected from a child without valid legal basis, we will delete it promptly.
  • In age-gated experiences, ad personalization may be disabled and only contextual or restricted ads may be shown.

12. Region-Specific Privacy Rights and Policy Adaptation

Region / Law User Rights and Adaptation
European Economic Area (GDPR) Rights to access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and complaint to supervisory authority. Consent mode and lawful-basis mapping are applied where required.
United Kingdom (UK GDPR and DPA) Equivalent rights to GDPR with UK transfer safeguards and ICO complaint rights where applicable.
Switzerland (nFADP) Transparency, correction, deletion, and transfer safeguards aligned with Swiss standards.
United States (CCPA/CPRA and applicable state laws) Rights to know, delete, correct, opt out of sale or sharing where applicable, limit use of sensitive information, and non-discrimination protections. Regional notice and opt-out links are provided where required.
United States (COPPA) Child-directed service controls, parental notice and consent where applicable, and restricted data handling for children under 13.
Brazil (LGPD) Rights to confirmation, access, correction, anonymization, blocking, deletion, portability, and information about sharing.
Canada (PIPEDA and provincial frameworks) Purpose limitation, meaningful consent where needed, access and correction rights, and complaint channels.
Japan (APPI) Disclosure, correction, suspension of use, and cross-border transfer controls where required.
South Korea (PIPA) Collection-use transparency, rights requests, retention controls, and local transfer requirements.
Singapore / Thailand / Other PDPA-style laws Consent management, purpose notifications, correction and access rights, and breach reporting obligations where applicable.
Australia (Privacy Act) Reasonable data handling, APP-aligned disclosures, and complaint mechanisms.

13. Your Choices and Controls

  • Email marketing opt-out through unsubscribe links or direct request.
  • Cookie preference controls where implemented.
  • In-app privacy controls for notifications, analytics choices, or ad settings where available.
  • Device-level controls: reset advertising identifiers, limit ad tracking, and restrict app permissions.

14. Data Subject Request Process

To submit a privacy request, contact support@diduotech.com and include:

  • Your name and contact email.
  • The app or service involved.
  • The type of request (access, deletion, correction, objection, portability, consent withdrawal, or complaint).
  • Any necessary proof to verify identity and protect against unauthorized access.

We respond within legally required timelines and may extend where complexity is high, as allowed by law.

15. Breach Notification

If a security incident involving personal data occurs, we follow incident response procedures and notify affected users, partners, and authorities where required by applicable law.

16. Third-Party Links and Services

Our websites and apps may contain links to external services. We are not responsible for the privacy practices of third-party sites or services. Users should review third-party privacy documentation before use.

17. Changes to This Agreement

We may update this Privacy Agreement periodically due to legal, operational, or product changes. Material changes will be communicated through website updates, in-app notices, or other reasonable channels.

18. Contact for Privacy Matters

Privacy and data-protection requests: support@diduotech.com
Strategic and enterprise inquiries: wangyaochao1@diduotech.com
Website: diduotech.com
Office Address: No. 2203, Building 15, Mingmen Shijia, No. 222 Jiudu West Road, Luoyang Area (High tech) of China (Henan) Pilot Free Trade Zone, Luoyang, 471000, CN

Appendix A. Privacy Implementation Matrix

Scenario Typical Data Elements Control Measures
Website Contact and Business Inquiry Name, email, company, request details Access controls, request logging, response retention policy, deletion on lawful request.
App Account and Session Management Account identifiers, app instance, device metadata Session controls, abuse detection, minimum-data processing by function.
Ad Monetization and Measurement Ad identifiers, IP-derived region, ad event telemetry Consent handling where required, policy mapping by region, anti-fraud filtering.
Customer Support and Troubleshooting Support emails, error context, optional logs Need-to-know access, secure transfer channels, retention review cycles.

Appendix B. Privacy FAQ and Data Examples

How can users request deletion of account-related personal data?

Send a verified request to support@diduotech.com with your account reference and app context. We process requests according to legal timelines. Example: "I request deletion of my account associated with email [user@example.com] and app instance ID [xyz123] for the DiduoFarm app." Processing time: 30 days (EU GDPR standard) or 45 days (CCPA standard).

What personal data is collected in a typical business inquiry?

Standard collection includes: full name, business email, company name, country, phone number (optional), inquiry content. Example captured: {"name": "John Smith", "email": "john@agricompany.com", "company": "GreenField Farms Ltd", "country": "IE", "inquiry": "Interest in land trusteeship services"}. Retention: 24 months unless opted-out sooner.

Does DiduoTech sell personal data?

We do not sell personal data. We handle data according to applicable law and contractual commitments. Where laws define "sale" or "sharing" (e.g., CCPA/CPRA, GDPR Article 6) and provide opt-out rights, we support those rights as required. Ad partners may receive device identifiers and app event data for measurement only.

How are ad platforms governed in child-sensitive contexts?

Age-gating and child-protection requirements are applied where required, and personalized advertising may be restricted or disabled. Example: For users detected under age 13 via COPPA compliance, AdMob and all ad partners are configured to serve only contextual (non-personalized) ads and zero interest-based targeting.

How do users know which ad networks are active in a given app version?

Active integrations are reflected in app-level disclosures, store privacy labels, and internal release governance records. Example for version 2.3.1 (released May 2026): Google AdMob, AppLovin MAX, Meta Audience Network, Unity Ads. Each is listed in the app's privacy label on Google Play and App Store, updated with each release.

Appendix C. Common Operational Data Scenarios

Scenario 1: Farm Team Field Operation Logging

Data captured: Team member ID, timestamp, GPS location (approximate), task type, hours logged, field identifier. Example log: {"member_id": "AGR_TM_001", "timestamp": "2026-05-15T08:30Z", "location_region": "Luoyang_East", "task": "Irrigation", "hours": 3}. Purpose: Operational scheduling and payroll support. Retention: 12 months post-project.

Scenario 2: App Analytics and Ad Performance

Data captured: App instance ID, session start/end, feature touches, ad impression events, crash logs. Example: {"app_session": "xyz789", "session_duration": 1847, "features_used": ["field_schedule", "supply_log"], "ads_shown": 4, "ads_clicked": 1, "crash": false}. Purpose: Service improvement and monetization measurement. Retention: 6 months aggregated.

Scenario 3: Business Support Communication

Data captured: Support ticket ID, user inquiry text, response notes, resolution time. Example: {"ticket_id": "SUP_2026_5847", "inquiry": "App not loading on Android 14", "support_notes": "Cleared cache, updated app version", "resolved": true, "days_to_close": 2}. Purpose: Service quality tracking and issue resolution. Retention: 24 months for compliance audit.