ROX Connected Vehicle & Services Privacy Policy

The update and effective date of this version: 30 September 2025

ROX (the current operating entities include: Shanghai Xuanwuyan Intelligent Technology Co., Ltd. [registered address: Room 03, Floor 07, Building 9, No. 99, Jiangwancheng Road, Yangpu District, Shanghai (Room 03, Floor 08, nominal floor), Qingdao ROX Automobile Sales Co., Ltd. [registered address: ZC412, No. 12, Laiwu Second Road, Shinan District, Qingdao, Shandong Province] Shanghai Xuelawan Automobile Sales and Service Co., Ltd. [registered address: Room 4625, 4th Floor, No. 8, Lane 458, Yichang Road, Putuo District, Shanghai], Overseas Company (United Arab Emirates): ROX MOTOR - FZCO [Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates]] understands the importance of your personal data to you and is always committed to protecting your personal data and privacy rights according to law.

In accordance with applicable laws and regulations, regulatory requirements and industry best practices in the country and region where your vehicle is located, we have formulated this ROX Connected Vehicle & Services Privacy Policy (hereinafter referred to as the "Privacy Policy") to explain how we collect, use, store, share and protect your personal data when you use ROX Intelligent Automobile, on-board application platform and related products and services, And tell you how to exercise your rights.

You understand and agree that this privacy policy covers how we collect and process your personal data when you drive and ride a ROX Intelligent Vehicle, browse and use ROX's in-vehicle application platform, in-vehicle application services, etc. Our collection and process of personal data will vary depending on the specific product/service scenario. Please refer to the specific scenario in which you use the product/service. In addition, some in-vehicle products/services may have separate privacy policies. Please read these separate privacy policies before you use such in-vehicle products/services to learn more about how your personal data is collected and processed.

Please note that this privacy policy does not apply to products/services provided to you by other independent third parties. When other third parties rely on our in-vehicle application platform to provide you with products/services, please read the privacy policy provided by the third party to clarify the details of the collection and process of your personal data by the third party. We will also carefully review the qualifications of third parties and require them to comply with applicable laws and regulations to protect your personal data.

Please carefully read and confirm that you have fully understood the contents of this Privacy Policy before using our products/services. If you have any questions about this Privacy Policy or related matters, you may contact us at the contact information listed in Section 7 "How to Contact Us." Thank you for your understanding and support.

This privacy policy will help you understand:

I. How we collect and use your personal data

II. How we delegate process, share, transfer and publicly disclose your personal data

III. How we protect and store your personal data

IV. How you manage your personal data

V. How we process information about minors

VI. Updates and amendments to this Privacy Policy

VII. How to contact us

I. How we collect and use your personal data

We will follow the principles of legality, legitimacy and necessity, collect and use your personal data actively provided by you or generated by using ROX Intelligent Automobile and related services in the process of using ROX Intelligent Automobile and related services, and obtained from a third party with your authorization, based on the following purposes described in this privacy policy, to provide you with and optimize our services and protect your account security.

Please pay special attention to our bold or underlined content. For sensitive personal data specified in laws and regulations, we will bold and underline such information; For personal data specified in laws and regulations, we will bold the information.

Please understand that with the continuous iteration and update of products/services, the type of personal data we need to collect, the purpose of process, etc. may change. If we use your personal data for any other purpose not set forth in this Privacy Policy, or collect information for a specific purpose for any other purpose, we will notify you in a reasonable manner and obtain your consent again before using it, except for lawful reasons expressly provided by law.

Please be advised that, given the vehicle model we offer are sold in different parts of the world, our collection and process of personal data may vary depending on the specific product or service you use. It is hereby noted that the collection of your personal data is limited to the specific networking or intelligent function configured for your vehicle, and occurs if you have enabled (enabled) the function through the vehicle interface or other explicit means. We do not collect personal data about features that you do not actively enable.

(i). Collection and use of information

The functional scope of our connected vehicle services encompasses:

1. Onboard system activation and account service

To activate the on-board system, you need to use the QR code on the ROX App to scan the vehicle machine to authorize login. When you activate the ROX on-board system, we will collect your ROX App account ID, nickname, profile photo, bound vehicle information (VIN, license plate number), which is used to bind the on-board system for you, so as to achieve the interconnection between ROX App and the vehicle. For personal information processing rules of ROX App, please refer to ROX Privacy Policy.

You can choose to use an inactive vehicle, but multimedia services and driver assistance features and other features that require activation of the system will not be available.

In some regions, service personnel or sales channel representatives may assist in manually entering account information to identify and bind the vehicle owner during vehicle delivery. If the process involves mobile phone number, email address and other information that can identify you, we will only process to the extent necessary to achieve this function, and ensure the security of information transmission and storage.

In order to ensure the security of the system operation and the use of functions, when you enter the vehicle machine for the first time or log in to the vehicle account for the first time, the system may prompt you to read and confirm our Privacy Policy and User Agreement, and guide you to authorize voice, positioning and other sensitive permissions according to the functional needs. You can choose whether to enable relevant permissions. Unauthorized functions will remain closed. You can also adjust them at any time in subsequent use.

When you log in to the onboard system using the ROX account, we will collect and collect the device ID and VIN. If the onboard system supports it, you can choose to associate certain vehicle settings or onboard third-party application accounts with the ROX account, so that you can easily adjust to the status you are accustomed to when using the vehicle.

If the on-board system supports the "Data Upload Switch" function, you can decide whether to allow vehicle data upload. When the networking function is turned off, necessary safety functions (e.g. emergency rescue) and local functions can still be used normally.

If you cancel the account, the system will clear the vehicle settings and authorization records related to the account to the extent permitted by law.

2. Physical key adaptation function

If your vehicle supports this function, when you use the physical key adaptation function of the vehicle to bind the physical key with your account, we may process the following information: account ID, physical key security credentials.

The above information is used to establish an association relationship between the physical key and your ROX account to achieve personalized management of vehicle control permissions.

If your vehicle supports the "Data Upload Switch", you will not be able to perform new account and key binding operations after closing, but the physical key unlocking function can still be used normally.

Relevant binding information will be stored in the vehicle and cloud for verifying access. If you cancel the account or restore the factory settings, the system will automatically clear the binding relationship.

3. App Remote Vehicle Management

You can remotely view your vehicle (such as vehicle model, license plate number, VIN, cumulative mileage, battery power, vehicle position, etc.) by logging into the owner account of ROX App, and remotely unlock/lock the vehicle, open/close the window, tailgate, air conditioner, remotely park, switch modes, search for vehicles, etc., which shall be subject to the relevant function interfaces in the App. In order to achieve these functions, we need to collect your relevant data and synchronize it with your account and App operation related data. For personal information processing rules of ROX App, please refer to ROX Privacy Policy.

4. Vehicle use safety and after-sales service

We will collect vehicle data related to the use, operation and condition of the vehicle, which may include: VIN, vehicle running status data, basic body data, electrical equipment runtime status data, driver assistance system runtime status, entertainment system runtime status, etc., to fulfill legal obligations, ensure the continuous operation of the vehicle, conduct safety analysis, identify and solve potential problems, and trace accidents.

5. Emergency rescue function

When a vehicle collision triggers the E-call emergency rescue service, we will collect your name, VIN, vehicle location, license plate number, trigger reason, mobile phone number, emergency contact name and contact information, and provide the above information to the local police, hospitals, rescue agencies, your emergency contact for providing emergency rescue services for you. You understand and agree that your vehicle will automatically connect to our service provider to assist you when your vehicle triggers the emergency function.

6. Roadside rescue function

When you manually press the button to trigger the B-call roadside assistance function, we will collect your name, VIN, vehicle location, license plate number, mobile phone number, fault information to provide roadside assistance services for you. The above information will be provided to the call center and our service provider if necessary.

When you contact the call center, with your consent, the call center will contact and use the emergency contact name and contact information you set.

7. Advanced Driver Assistance Systems (ADAS)

If your vehicle supports this function, to enable Advanced Driver Assistance Systems (ADAS) features (such as LCC, ACC, NOA, AVM, intelligent parking assistance, memory parking, shadow mode), the vehicle end may call the look around, side view, front view and rear view cameras to collect the image data around the road during driving or after parking, and the image data around the vehicle (such as street view, lane line, traffic signs, parking space signs, traffic light conditions, etc.), and vehicle position data to for the purpose of providing driver assistance features.

In addition to the above data, the memory park function will collect your driving trajectory, which will be used to generate a parking route for you, and when you drive into the same starting position again, the system will recommend an existing parking route for you. Memory Park can be turned off at your option.

These data processing are generally completed on the vehicle side and will not be uploaded to the cloud. If uploaded to the cloud, we will anonymize the external license plates and faces in accordance with the requirements of laws and regulations.

8. Energy management

You can view your vehicle driving statistics (such as mileage and time), energy consumption data (such as fuel consumption and power consumption) and charge and discharge information in energy management. In order to display the above data, we need to collect your VIN for correlation.

9. Onboard system remote upgrade (OTA)

In order to enhance driving safety and continuously optimize our vehicle functions, we need to identify your vehicle's basic information (VIN, VID and vehicle model), system version, system time, upgrade record, vehicle status information, upgrade failure information, battery information, etc., and push you the vehicle's OTA notification, Such information is used to identify the current version and corresponding upgraded version of the onboard system and to provide the system to judge whether the current network state can support the onboard system upgrade. You can choose whether to update the vehicle software.

10. Bluetooth

When you have Bluetooth enabled, we may process call-related information when you connect your Bluetooth device, including: phonebook information, audio information, Device ID, device information, call logs.

The above information is used to help you make calls, view contacts or play audio content through the car machine. Most of the data will be process and stored locally on the vehicle and will be automatically cleared after Bluetooth is disconnected. However, if you also enable the voice recognition function, in order to achieve voice wake-up and command matching of the contact name, the address book information will be synchronously uploaded to the cloud for voice process and optimization.

We only upload data when you authorize the relevant voice service to be enabled, and we will adopt encryption and other technical means to ensure the security of transmission and storage process.

11. Voice assistance function

When you enable the voice function to interact with the vehicle, we may process the following information: Device ID, voice audio information, speech-to-text content generated based on audio, provided that you authorize the microphone permission.

The above information will be used to identify your voice commands for navigation, telephone, car control and other voice operations.

To support voice recognition, voice audio may be uploaded via an encrypted channel to a compliance reviewed service provider for process. We do not save the original audio content, nor do we use this information for user portraits or personalized recommendations. Speech transcribed text is only used in the current semantic recognition process and is not retained for a long time.

If your vehicle supports the 'Data Upload Switch', turning it off will stop the upload of voice data and only retain local voice control capabilities.

If you voluntarily join the Voice User Experience Improvement Program in the voice function interface, we may further process the following information to optimize recognition accuracy, improve semantic understanding, and support the function development of new voice scenarios: voice audio, device information, network status information and log information, voice command information.

We will desensitize or anonymize the above data for speech engine model training and function improvement after process. You can opt out of the improvement program at any time in the voice function interface. After the exit, we will no longer process new voice-related data, but will not affect the legality of the use of data previously generated based on authorization.

12. Dash cam (DVR)

When you use the dash cam, we will call up the camera outside the vehicle to record external images while driving.

The video data of the dash cam is only stored in the external storage device (USB flash drive) set by you. You can decide whether to install it or set the switch and recording duration by yourself. According to the requirements of laws and regulations, external license plates and pedestrian facial features belong to personal data. If you copy the video data in the dash cam and use it, please comply with the requirements of laws and regulations.

When this feature is enabled for the first time, a pop-up window will prompt you with relevant information and guide you to authorize camera permissions. Once authorized, the system will collect video data when the vehicle is started or manually triggered, and the recording status icon will be continuously displayed on the screen. You can revoke authorization at any time in Settings - Permission Management. After revocation, this function will not be available.

DVR recorded video will be recycled according to the capacity of the storage device, and the oldest data will be automatically deleted. You can also manually access and delete recordings from your storage device.

If you cancel the account, change the owner of the vehicle or restore the factory settings, the system will not retain the video data associated with the account. We recommend that you make sure you do not violate local laws and regulations before sharing or exporting recordings.

13. DMS fatigue monitoring

If your vehicle is equipped with this feature, to ensure your driving safety, the driver fatigue monitoring function needs to invoke the in-cabin camera to collect your cockpit video, analyze the characteristics of the driver's head position, eye position and line of sight state, whether or not to close your eyes, so as to judge the driver's fatigue and distraction and give a reminder. The process of cockpit video in this function is completed locally in the vehicle, and will not be uploaded to the server or saved in the vehicle. We only analyze the features included in the facial image for analyzing the degree of fatigue, and do not extract and recognize biometric features. You can choose whether to enable this function.

14. Charging service

When you charge your vehicle, we record your charging time, power and other charging information, which you can view through the ROX App.

15. Information display and synchronization function

(a) Weather

When you use the weather function to view the weather information of the current vehicle location, we may process the following information after obtaining your authorization: Device ID, area code.

By default, we minimize the collection and use of your personal data, and the weather app preferentially uses the administrative region (province city district) corresponding to your current location to query the latest weather. We collect latitude and longitude information about your vehicle's location and obtain weather information about your area anonymously from our third-party weather information service provider only if relying on district information alone does not provide you with accurate weather information.

If your vehicle supports the "Data Upload Switch", when you turn this switch off, the weather function will not be able to access the weather service and will not upload vehicle information or display weather data. You can turn off zone code authorization for weather services at any time via Settings – Permission Management.

(b) Calendar

If your vehicle is equipped with this feature, when you enable the calendar feature in your vehicle to synchronize your schedule, we may process the following information:

Account ID and schedule information.

This feature will automatically achieve two-way synchronization between the vehicle and mobile calendar after you authorize the synchronization switch through the vehicle or App. The information is only limited to the data of the current login account, and the system will manage it according to the account isolation principle. The schedule data of different accounts will not be shared with each other.

If you turn off the calendar synchronization function or turn off the " Data Upload Switch", the calendar information will stop updating; If you cancel your account or restore the factory settings, the relevant schedule data will be cleared.

If your vehicle is equipped with this feature, when you enable the energy management function to view the energy consumption information of the vehicle, we may process the following data related to driving performance on a regular basis to display your energy consumption status in the vehicle and App: account ID, fuel consumption, battery, energy consumption information.

Relevant data will be automatically collected by the vehicle machine and uploaded to the Internet of Vehicles platform every fixed cycle for synchronous display of your vehicle status (such as endurance, fuel consumption, power consumption curve, etc.). You can also view the energy analysis report in the App.

If your vehicle model supports the "Data Upload Switch", after turning off the switch, the energy data will only remain on the vehicle side, the App side can not display real-time energy consumption information, and the upload function will be suspended. Once restarted, the system will resume data synchronization.

The uploaded data will be stored locally on the vehicle and in the cloud for account synchronization. You can delete relevant records by canceling the account, restoring factory settings or turning off the function. Car control mobile APP

If you control your vehicle remotely via your mobile app, we may process the following information: VIN, vehicle control commands.

This information is used to execute remote operation commands such as unlocking and starting the air conditioner sent by you through the App. If your vehicle has network service enabled, instructions will be sent to the vehicle via the cloud. If the networking service is turned off, only some basic control functions under Bluetooth connection are supported.

Relevant control records will be retained for a period of time to ensure the operation of functions and troubleshooting. You can shut down the networking service or log off your account at any time, and the system will stop uploading and clear the control record.

16. OTA function

If your vehicle is equipped with this feature, when you use the OTA (Remote Upgrade) feature of your vehicle, we may process the following information related to version management and recording during the upgrade process: VIN, vehicle software and hardware version information, appointment upgrade settings, user consent records.

This information will be used to determine the current vehicle software version, push the upgrade content of the adaptation, and record your upgrade preferences (such as appointment or immediate installation) to ensure that the vehicle system remains in a safe and stable state.

If your vehicle supports the "Data Upload Switch", please note:

When the switch is turned off, the system may still download the upgrade installation package in advance, but the OTA installation cannot be performed because the necessary configuration items and status information cannot be uploaded. When you click the upgrade operation, the system will give priority to prompt you to open the networking service and ask you to explicitly agree to the upgrade operation before installation.

OTA agrees that records will be retained as required by applicable law for compliance audits of the upgrade process.

If the OTA upgrade involves the update of Privacy Policy or User Agreement, the system will prompt you to read and confirm through a pop-up window after the installation is completed. You can choose to continue using the relevant services after agreeing or exit the current account.

17. Map navigation function (Baidu Map/Amap/Heremap)

(a) Baidu Map, Amap

For vehicle models in certain market countries and regions, the map and navigation services of your on-board system are jointly provided by us and Baidu Map (Beijing Baidu Netcom Technology Co., Ltd.) and Amap (Beijing AutoNavi Tuqiang Technology Co., Ltd.). We provide user interface adaptation design, and Baidu Map and Amap provide technical support for map and navigation related services. In order to achieve map and navigation services, Baidu Map and Amap need to collect your location information and destination information.

When you use Baidu Map and Amap to team up and travel, Baidu Map and Amap need to collect your location information, and Baidu Map will share your location information with others to complete team formation with others. Please carefully read the privacy policies of Baidu Map and Amap before using the map navigation function to ensure that you have a detailed understanding of how Baidu Map and Amap collect and use your personal data.

When you log into Baidu account and Amap account, the collection information, home and company address and historical search information in your account will be synchronized to the car terminal according to your account information.

(b) HereMap

For vehicle model in some market countries and regions, the map navigation function is provided by Heremap. When you use the HereMap map service for navigation, location search or route planning in the vehicle, we may process the following information related to navigation after your authorization: Device ID, location information, historical destination.

The above information is used for map navigation, location query and route planning, and supports you to view historical search records.

The map service needs to access the external path service through the network. If you do not grant location permission or turn off the "Data Upload Switch", the map function will not work properly.

After you open the networking service and authorize the location permission, the system will upload the navigation request (including the current location and search keywords) to the third-party map service provider (Here Technologies) through the encrypted channel to calculate the navigation route. The search record may be stored locally in association with the current vehicle account for subsequent navigation reference.

We do not use your navigation data for personalized recommendations or advertising purposes. If you cancel your account or restore the factory settings, the map-related search records and location information will be deleted from the vehicle or anonymized for process.

18. Interior environment and equipment control functions

(a) Pet mode

If your vehicle is equipped with this feature, when you use the pet mode feature (e.g., maintaining in-vehicle temperature and ventilation while the vehicle is stationary), we may process the following information regarding the status of the feature: user account ID, pet mode switch status.

The above information is used to execute the pet mode command set by you through the vehicle end or App so that the system maintains the specified environment. If you enable the "Data Upload Switch", the relevant status information may be uploaded to the cloud for multi-terminal synchronization; If it is not enabled, the function will only run locally, and the App side will not be able to operate remotely.

(b) Climate seat control

If your vehicle is equipped with this feature, we may process: user account ID, seat position information when you set the air conditioning or seat control functions (such as air volume adjustment, seat heating or position memory) through the vehicle unit.

If your vehicle supports binding seat settings to your account, the above data may be uploaded to the cloud for subsequent use. You can choose to turn off such synchronization, or save it locally only when the "Data Upload Switch" is turned off.

We do not use this information for personalized recommendations or profiling.

If your vehicle is equipped with this feature, when you enable the power-on when leaving function (used to keep some on-board equipment powered on after getting off the vehicle), we will process the following data: VIN, function switch status, vehicle control command record.

This function supports you to remotely switch through the App or vehicle interface. In order to achieve synchronous control, the switch status may be uploaded to the cloud; If you turn off the "Data Upload Switch", the status data will not be uploaded, and the car control app will not be able to perform relevant operations, only retaining the local functions of the car machine.

When the account is cancelled or the main user of the vehicle is changed, the relevant data will be cleared.

19. Personalized interface and preference function

(a) Desktop Launcher

If your vehicle is equipped with this feature, when you use the vehicle's desktop Launcher feature (including desktop cards, shortcuts, dock bar, etc.), we may process the following information: user account ID, layout and setup information.

The above information will be used to memorize your personalized operating interface, enabling you to restore the original settings when you log in again or change the vehicle. If the "Data Upload Switch" is enabled, the system will synchronize these configuration information to the cloud. If the networking service is closed, all data will only be retained locally, and the cloud will not upload.

You can modify saved information by rearranging the desktop layout. All data related to desktop configuration will be cleared after account cancellation or factory reset.

(b) Set up

If your vehicle is equipped with this feature, when you modify the system parameters (such as voice switch, networking settings, access authorization, etc.) by using the setting function in the vehicle, we may process the following information: account information, VIN, setting items, access settings (microphone access, location access), and setting items.

The above information is used to save your vehicle system preferences, including privacy authorization records, preferences, networking service switches, etc. If the networking service is enabled, relevant settings will be uploaded to the cloud; After the network service is closed, it will only remain in the local area of the vehicle.

If you select "Restore factory settings" or cancel your account in "Settings", the system will clear all vehicle settings records related to your account, including access preferences, controls and privacy authorization status.

If your vehicle is equipped with this feature, when you use the in-vehicle browser to access web content, the system will store information related to your browsing behavior locally on the vehicle side, including browsing records and web cache data.

We do not upload browser records to the cloud or share them with other systems. All browsing records will be bound to the vehicle user for page loading and session retention only.

You can clear the browsing data in settings, or the system can automatically clear the corresponding browsing record when the primary user changes or the account is logged off.

(d) Scenario Center Function

If your vehicle is equipped with this feature, when you use the scene center function in the vehicle (such as setting the combination of operations that are automatically executed when certain conditions are met), we may process the following information associated with the account when you edit and enable the relevant scene settings: account ID, scene setting information.

The above information is used to help you set, save and automatically execute your preferred behavior combination (such as "Night mode", "Turn on the air conditioner and play music") in the car machine. The system will automatically record and update each time you modify the scenario settings. The data is bound to the current login account, and other accounts cannot be accessed or reused.

If the vehicle model in your region supports the "Data Upload Switch", after turning off the switch, all scene setting information will only be retained locally and will not be uploaded to the cloud; When enabled, the system will upload the updated scenario configuration to the cloud after the change to support inter-account synchronization.

When you log off the account or restore factory settings, the system will delete all scenario settings corresponding to the account. If the main user of the vehicle changes, the system will clear all historical scene configurations in the vehicle at the same time.

20. Application Market DTS

If your vehicle is equipped with this feature, some third-party applications may require you to log in to your account when you download the application using the application market DTS function in the vehicle. We do not collect or save your account information.

The third-party application account you log in to and the relevant usage data will be processed by the application market service provider and its third-party partners. The collection and use of relevant information will be governed by the third party's privacy policy.

If you do not want to use this feature, you can choose not to log in or clear the relevant records in the settings. After factory reset, all local download records and login information will be cleared.

21. Improve products and services

In order to improve and optimize our products/services, help you to investigate and analyze problems you may encounter in using our products/services, we will collect your account ID and VIN, and record various operation log information based on your operation on the vehicle. At the same time, we may use these data to form a statistical report after process by anonymous technical means to further develop our products and improve our services.

22. Collect information as required by laws and regulations

According to the relevant requirements for the access of new energy vehicles and the requirements of laws and regulations such as the operation safety state of new energy products, we need to upload the data generated during the use of your vehicle (hereinafter referred to as "driving data") to the government collection/detection platform for new energy vehicle data, Including but not limited to vehicle data (vehicle status, charging status, operation mode, vehicle speed, accumulated mileage, total voltage, total current, SOC, DC-DC status, gear, insulation resistance, reserved bit information), driving motor data, fuel cell data, engine data, vehicle position data, extreme value data, alarm data, terminal data reservation, remote upgrade data, etc. Please note that the trip data is generated on board the vehicle and the individual cannot be identified or linked if the vehicle does not have any contact with the user.

(ii). Third Party Software Services

When you access Tide, Himalaya, IQIYI, Thunderstone KTV, Amap, Heremap, TikTok, YouTube and other tripartite software (please refer to the specific application name displayed on the vehicle platform of ROX), the relevant functions and personal information processing behavior are independently operated and borne by the corresponding third party.

These third-party services may involve you logging into their accounts, browsing content, saving history and other operations, and the personal data process will follow their respective privacy policies. We recommend that you carefully read and understand the privacy policies and terms of service issued by third-party service providers before using them.

We will conduct qualification audit on third-party service providers of the access platform and require them to comply with applicable laws and regulations in the service process. If you become aware of any third party services that infringe on your rights and interests, you may immediately discontinue use and contact us by contacting us in the How to Contact Us section of this policy.

The specific types and quantities of third-party applications may vary depending on the vehicle model and regional configuration. Please refer to the actual display of the on-board system.

For details of third-party software services, please refer to Annex I List of Third-Party Software Services.

(iii). Exceptions to obtaining your authorized consent

Please understand that according to the provisions of laws and regulations, we do not need your consent to collect and use your personal data when the following legitimate reasons occur:

1. Where necessary for compliance with a legal obligation;

2. Where necessary for the conclusion or performance of a contract to which the data subject is party;

3. Where necessary for the performance of a task in the public interest or in the event of a major emergency;

4. Where necessary for compliance with judicial, law enforcement or other legally mandated procedures;

5. Where necessary to protect the vital interests (life, property, etc.) of the data subject or other individuals, and obtaining consent is impracticable in emergency circumstances;

6. Where the personal information has been manifestly made public by the data subject;

7. Information collected from legitimate public channels (such as news reports, government public data, etc.);

8. Where directly related to national security and national defense security;

9. Other circumstances permitted by local laws and regulations.

We only process your personal data in the above scenarios and strictly protect it in accordance with the law.

II. How we delegate process, share, transfer and publicly disclose your personal data

(i). Delegated process

Under certain service scenarios, we may entrust a third party to process your personal data. For the companies, organizations and individuals with whom we entrust process of personal data, we will sign strict confidentiality agreements or data process agreements, clarify the responsibilities of both parties, process matters and process purposes, require them to process Personal Information in accordance with our requirements, the requirements of this Privacy Policy and any other relevant confidentiality and security measures, and strictly supervise their personal data processing activities.

(ii). Share

We do not share your personal data with other personal data processors except:

a. Fulfilling legal obligations

We may be required by applicable law to provide your personal data to a competent authority for the purpose of fulfilling a legal obligation or responding to a legitimate request.

b. Shared with affiliates

In order to provide you with joint services, we may share the necessary information among our centrally managed affiliates. Such sharing is governed by this Privacy Policy. If there is a material change in the purpose of sharing, we will obtain your consent before sharing.

c. Shared with business partners

Some functions (such as maps) are provided by third parties. In order to implement the service you choose to enable, we may, upon your authorization, share the data necessary to implement this functionality with relevant third parties. These third parties will process the relevant data in accordance with their own privacy policies.

(iii). Collection of third-party software services

Some of our services may incorporate software services provided by third parties to support navigation, voice interaction, content services, etc. Relevant third parties may independently collect and process your information through their API/APK. We recommend that you read the relevant third party privacy policy before using such services. Please refer to Appendix I List of Third Party Software Services for details of the third party services we access.

(iv). Transfer

We will not transfer your personal data to other companies, organizations or individuals unless we obtain your express consent.

However, in the event of merger, division, acquisition or asset transfer involving changes in personal data, we will inform you of the basic information of the recipient to the extent permitted by law, and ensure that it continues to comply with this privacy policy or provide an equivalent level of protection. If the purpose of process is materially changed, we will obtain your authorization separately.

(v). Public disclosure

We will not publicly disclose your personal data unless expressly authorized by you or required by applicable law, legal process or by a competent authority.

(vi). Circumstances where your consent is not required

We may legally share, transfer or disclose your personal data without obtaining your authorized consent in the following specific circumstances:

1. Where necessary for compliance with a legal obligation;

2. Where necessary for the conclusion or performance of a contract to which you are a party;

3. Where necessary to protect the vital interests (life, property, etc.) of you or others, and obtaining authorization is impracticable in emergency circumstances;

4. Where the personal information has been manifestly made public by the data subject;;

5. Information obtained from legitimate public sources (such as public reports, government releases);

6. Other circumstances expressly permitted by applicable law.

III. How we protect and store your personal data

(i). Our techniques and measures to protect your personal data

1. Technical and organizational measures:

We have used industry-standard security measures to protect the personal data you provide from unauthorized access, public disclosure, use, modification, damage, or loss. We will take all reasonable and feasible measures to protect your personal data. For example, we will use encryption technology stipulated by the state to ensure the confidentiality of data; We use trusted protection mechanisms to protect our data from malicious attacks; We encrypt the transmission and storage of your sensitive personal data.

We deploy access control mechanisms to ensure that only authorized personnel have access to personal data. We conduct security and privacy training courses to enhance employees' awareness of the importance of protecting personal data. We permit access to personal data only to employees and partners of us and our affiliates who have a need to know such information, and have established strict access control and monitoring mechanisms for this purpose. We also require all personnel who may have access to your personal data to fulfill the corresponding confidentiality obligations.

2. Security Incident Response

If an unfortunate personal data security incident occurs, we will inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, the suggestions you can independently prevent and reduce risks, and the remedial measures for you in a timely manner in accordance with the requirements of laws and regulations. We will inform you by mail, letter, telephone, push notice and other means. When it is difficult to inform personal data subjects one by one, we will take reasonable and effective ways to publish announcements. At the same time, we will also actively report the disposal of personal data security incidents in accordance with the requirements of regulatory authorities.

3. Special tips

We will do our best to ensure the security of your personal data and use technical means to restrict unauthorized access, use or disclosure of your personal data. Despite the above measures, please understand that due to the limitations of current technology development and various malicious means that may exist, even if we do our best to strengthen security measures, it is impossible to always guarantee 100% security of personal data. Please understand that the system and communication network accessed during the use of ROX Intelligent Automobile and related services may have problems due to factors beyond our control. If our physical, technical or administrative safeguards are breached, resulting in unauthorized access, public disclosure, tampering or destruction of information, resulting in damage to your legitimate rights and interests, we will assume corresponding responsibilities to the extent prescribed by law.

(ii). Storage of your personal data

For users in China, we store your personal data collected and generated in the course of domestic operation in the data center in Shanghai controlled by us and the server room in Suzhou controlled by our voice function provider in accordance with laws and regulations. We will not transmit your personal data abroad without your permission.

In general, we retain your personal data only for the period necessary for the purposes described in this Privacy Policy and for the period required by laws and regulations, unless otherwise stipulated by laws and regulations or otherwise authorized by the personal data subject. The storage period of different types of personal data may be different based on different process purposes. Factors that determine the storage period of different types of personal data include: statutory storage period or recommended storage period determined by laws, regulations or other normative guidelines; Necessary time to retain personal data for process purposes; You specify the retention period of the instructions.

If you cancel your account, actively delete personal data or the information exceeds the necessary retention period, we will delete or anonymize your personal data.

For personal data generated by users outside China in the process of using this App service, we will transfer your personal data collected and generated in the operation process of your country and region across the border to overseas servers under our control for process or storage in accordance with the laws and regulations of your country and region. For example:

• Cross-border operation and technical operation and maintenance of cloud platforms may require access to or storage of overseas data infrastructure to ensure data stability and service continuity;

• In after-sales maintenance service, some technical support or diagnosis processes may involve transnational data access;

We will conduct cross-border process on the basis of compliance with applicable laws, including signing standard contract terms, conducting cross-border data transmission impact assessment and obtaining regulatory approval (if applicable), and taking necessary technical and administrative measures to safeguard your personal data.

IV. How You Manage Your personal data

We attach great importance to your attention to personal data, and do our best to protect your rights to query, correct, supplement, delete and withdraw your consent to your personal data, so that you have full ability to protect your privacy and security. In accordance with relevant Chinese laws, regulations and standards, we guarantee that you exercise the following rights on your personal data:

(i). Query and copy your personal account information

You have the right to check your personal data at any time on the ROX on-board platform, or you can contact us through the contact information listed in the "How to Contact Us" section to obtain your personal data. If full information cannot be provided for security or legal reasons, we will explain why.

(ii). Correct and supplement your personal data

When you find that the personal data we process about you is incorrect or incomplete, you have the right to correct and supplement it. You can correct and supplement your personal data on the vehicle platform of ROX, or contact us through the contact information specified in the "How to Contact Us" section to correct and supplement your personal data.

(iii). Delete your personal data

You can request us to delete personal data if:

1. If our process of personal data violates laws and regulations;

2. If we collect and use your personal data without your consent;

3. If our process of personal data violates our agreement with you;

4. If you no longer use our products/services, or you cancel your account;

5. If we no longer provide you with products or services.

You can make a request to delete personal data to us through the contact information listed in the "How to Contact Us" section, unless personal data has been anonymized process or otherwise stipulated by laws and regulations. You are required to verify your identity when deleting, and please clarify the specific type of personal data to be deleted. We will respond to your request in accordance with laws, regulations and regulatory requirements.

When you delete information from our service, the data may remain in the system for a period of time due to legal requirements or technical backups, and we will complete the deletion or anonymization process within a reasonable period of time.

(iv). Change the scope of your authorization consent or withdraw your authorization

You have the right to grant or revoke your authorization at any time, and if necessary, please ask us by contacting us at the contact information listed in the "How to Contact Us" section.

In addition, you can restrict our use of sensitive personal data by doing the following in the vehicle settings or features interface:

• Turn off the networking service switch: it will stop the data interaction between the vehicle and the cloud platform, including voice recognition, remote control, OTA and other network-dependent functions;

• Turn off location services: it will affect map navigation, location search and other functions;

• Turn off microphone access: speech recognition will be stopped;

• Turning off camera access: will affect some image-based driver assistance features (such as parking assistance);

• Exit Voice User Experience Improvement Program: We will no longer process new voice improvement data;

Please understand that each business function requires some basic personal data to be completed (see "I. What personal data we collect and how do we use it?" for details). When you withdraw your consent or authorization, we can no longer provide you with the services corresponding to the withdrawal of consent or authorization, and will no longer process your corresponding personal data. However, your decision to withdraw your consent or authorization will not affect the previous processing of personal information based on your authorization.

(v). Account Cancellation

You can cancel your account through the ROX App or submit an application to us through the contact information in "How to Contact Us", and we will respond to your request within 15 working days. Please note that after you cancel your account, we will stop providing you with our products/services, delete your personal data or anonymize your personal data, unless otherwise stipulated by laws and regulations or regulatory authorities on the storage time of user information.

(vi). Obtain a copy of your personal data

If you need to obtain a copy of the personal information we have collected from you, you can contact us by sending an email to privacy-protection@roxmotor.com. We will verify your identity asnecessary and submit a copy of personal data to you in compliance with applicable laws and where technically feasible. If you request to transfer your personal information to the personal information processor designated by you and meet the conditions prescribed by the state regulatory authorities, we will provide the means of transfer.

(vii). Respond to your request

For security, we need to verify your identity before process your request. Identity verification and response process will be completed within 15 working days of receiving your application. If your request is complex or requires too many technical means to complete the response process within the response time required by laws and regulations, we will explain the reason for the delay to you. We do not charge a fee for your reasonable request in principle, but we will charge a fee as appropriate for requests that are repeated multiple times, exceed reasonable limits, or require excessive technical means.

Please understand that we will not be able to respond to your request if:

1. Relevant to the performance of obligations stipulated by laws and regulations by the personal data controller;

2. Directly related to national security and national defense security;

3. Directly related to public safety, public health and major public interests;

4. Directly related to criminal investigation, prosecution, trial and execution of judgments;

5. We have sufficient evidence to show that users have subjective malice or abuse of rights;

6. To protect the essential interests (e.g., life, physical safety) of you or another individual when consent cannot be obtained in a timely manner;

7. Responding to your request will cause serious damage to the legitimate rights and interests of you or other individuals or organizations;

8. Involving trade secrets.

V. How we process information about minors

We attach great importance to the protection of minors' personal data. Our products and services are primarily for adults and do not knowingly collect personal data about minors. If we find that personal data of a minor has been collected without the prior consent of a verifiable guardian, we seek to delete the relevant information as soon as possible. If you find that we have inadvertently collected personal data from minors, please notify us immediately and we will try to delete the relevant information as soon as possible. For minors' personal data provided with the consent of guardians (for example, the information released by guardians includes minors' pictures, voices, etc.), we will only process when permitted by law or explicitly agreed by guardians or necessary to protect minors.

VI. Updates and amendments to this Privacy Policy

In order to provide you with better service, our products/services will be continuously updated iteratively, and this Privacy Policy will be updated accordingly. However, we will not reduce your rights under past privacy policies without your express consent. We will alert you of updates to relevant content through announcements or other appropriate means before the updated version takes effect.

If the update involves content related to an OTA upgrade, the collection of personal data or a substantial change in the purpose of use, we will prompt you in the form of a pop-up window through the in-vehicle screen and re-obtain your consent before continuing to provide services to ensure that you fully understand and expressly authorize the change.

Significant changes referred to in this Privacy Policy include, but are not limited to:

1. Significant changes in our product/service model, such as the purpose of process personal data, the type of personal data process, the way personal data is used, etc;

2. Significant changes in our ownership structure, organizational structure, etc., such as changes in owners caused by business adjustments, bankruptcy mergers and acquisitions, etc;

3. Changes in the main objects of personal data sharing, transfer or public disclosure;

4. Significant changes in your rights to participate in the processing of personal information and the way in which you exercise them;

5. When the responsible department, contact information and complaint channel for handling personal data security change;

6. When the personal data security impact assessment report indicates that there is a high risk.

We will also archive older versions of this Privacy Policy for your review. If necessary, please contact us via the contact information listed in "How to Contact Us".

VII. How to Contact Us

We have set up a dedicated department for personal data Protection. If you have any questions, opinions or suggestions about this privacy policy, or have any privacy complaints or rights requests, you can contact us at the following ways:

User Rights Contact Person: Data Compliance Team

Email of person in charge of personal data protection: privacy-protection@roxmotor.com

Customer service: 400 006 0707

China contact address: Room 03, Floor 07, Building 9, No. 99, Jiangwancheng Road, Yangpu District, Shanghai (Room 03, Floor 08, Nominal Floor)

UAE contact address: Building A1, Dubai Digital Park, Dubai Silicon Oasis, Dubai, United Arab Emirates

Generally, we reply within 15 working days after receiving your feedback and verifying your user identity. If your request involves complex data retrieval, authorization verification or third-party collaborative process, we will complete the process within the time limit required by law and explain the reason for the delay.

Appendix Ⅰ: List of Third-Party Software Services

Name: Baidu Map SDK

Scope of information collection: Location information

Purpose: Navigation and positioning of your vehicle

Name of the third party: Beijing Baidu Netcom Technology Co., Ltd

https://map.baidu.com/zt/client/privacy/index.html

Name: Amap

Scope of collection: GPS data

Purpose of use: provision of navigation services

Name of third party organization: AutoNavi Software Co., Ltd.

https://cache.amap.com/h5/h5/publish/238/index.html

Name: HereMap

Collection scope: Location information

Purpose: Support map navigation and route planning

Name of Third Party Entity: HERE Global B.V

https://legal.here.com/privacy

Name: Spitzer SDK

Scope of information collection: audio information

Purpose: To provide you with voice services

Name of the third party: Spitzer Technology Co., Ltd

https://www.aispeech.com/private

Name: Xiaodu In-Car Voice SDK

Collection scope: voice-to-text information

Purpose: Provide intelligent voice assistant service

Name of the third party: Shanghai Xiaodu Technology Co., Ltd

https://res-iot.baidu.com/svw/privacy-policy.html

Name: Microsoft Responsible AI Framework

Collection scope: voice-to-text information

Purpose: Provide intelligent voice assistant service

Third Party Organization Name: Microsoft Corporation

https://www.microsoft.com/en-us/privacy/privacystatement

Name: QQ Music SDK

Scope of information collected: log information

Purpose: Provide you with online music playback services

Name of the third party: Tencent Music Entertainment Group

https://y.qq.com/m/client/intro/privacy.html

Name: Himalayan API

Scope of information collected: equipment information

Purpose: Play Xima resources for you

Name of the third party: Shanghai Himalayan Technology Co., Ltd

https://passport.ximalaya.com/page/privacy_policy

Name: IQIYI

Information collection scope: MAC address acquisition device IMEI number

Purpose: Online video service for you

Name of the third party: Beijing IQIYI Technology Co., Ltd

https://www.iqiyi.com/common/privateh5.html

Name: TikTok

Collection scope: account identification and usage behavior data

Purpose: Play and interact with TikTok content

Name of third party organization: TikTok Pte. Ltd. (ByteDance Overseas Company)

https://www.tiktok.com/legal/privacy-policy

Name: YouTube

Collection scope: account information, viewing records

Purpose: Play YouTube videos

Name of Third Party Organization: Google LLC

https://policies.google.com/privacy

Name: Tide

Collection scope: playback behavior, device information

Purpose: Provide audio content services such as meditation and sleep aid

Name of the third party: Shenzhen Tide Technology Co., Ltd

https://page.tide.fm/privacy.html

Name: Thunderstone KTV

Scope of information collection: audio information; Device Information

Purpose: Provide you with in-vehicle karaoke service

Name of the third party: Beijing Leishi Tiandi Electronic Technology Co., Ltd

https://kg.ktvsky.com/vehicle/legalAgreement?from=byd

Name: Tencent Video

Scope of information collection: account information, viewing records

Purpose: Play videos from Tencent videos

Name of third-party organization: Tencent Technology (Beijing) Co., Ltd

Name: Fanshu

Scope of information collection: account information, reading records

Purpose: to provide you with book reading services

Name of the third party: Brand of Shanghai Soybean Network Technology Co., Ltd

https://hybrid.dushu365.com/app/eula/index.html?refer_page=web&tab=2

Name: Tripartite Application Market DTS

Scope of information collection: account information, download records

Purpose: To provide you with third-party application download services

Name of the third party organization:

https://xperi.com/privacy_policy/

Name: Spotify

Scope of information collection: account information, playback records

Purpose: To provide you with music playback services

Name of Third Party Organization: Spotify Technology S. A

https://www.spotify.com/us/legal/privacy-policy/