I. Introduction Thank you for choosing to use the eMenu software (hereinafter referred to as "this software"). This software is carefully developed and operated by [Newboll Network Technology CO., LTD] (hereinafter referred to as "we"). In today's digital business environment, protecting your privacy and data security is our top priority. This privacy policy will explain in detail how we handle all kinds of personal information involved in your use of this software, aiming to create a secure and reliable user experience for you. II. Scope of Application This privacy policy applies to the data processing behavior generated when you use the eMenu software through any terminal device (including but not limited to smartphones, tablets, desktop computers, intelligent terminals, etc.). III. Information Collection 1. Merchant Account Creation Information When you register as a merchant user of the eMenu software, we collect your basic business information, such as store name, detailed store address, business license registration number (used to verify business legality and subsequent service docking), legal representative's name, contact phone number, email address, and the username and password you set for logging into the software. This information forms your identity on the software platform, ensuring that you can smoothly access and manage the store operation system. 2. Daily Operation Data Collection - Transaction Details: Each sales transaction completed on this software will be recorded, covering the name, specification, quantity, unit price, transaction time, payment method (cash, various bank card payments, mobile payments, etc., and the necessary transaction serial number or order number of the corresponding payment channel will also be recorded to ensure payment traceability), actual payment amount, customer consumption points (if applicable), and other information. Such data not only helps you accurately control the financial situation of the store and generate sales reports but also provides customers with a reliable basis for after-sales inquiries. - Inventory Changes: With the operations of commodity sales, purchase warehousing, inventory adjustment, etc., the software automatically tracks the real-time changes in inventory quantity, records the warehousing time of commodities, supplier information (name, contact information, used for supply chain management and traceability), outbound quantity, remaining inventory warning value, etc., ensuring that you have a clear view of inventory circulation and optimizing inventory management decisions. - Employee Operation Records: If your store employs multiple employees to use this software for collaborative work, we will collect the employee's login account, operation time, executed function module (order taking, checkout, sending print instructions in the operation room, member management, etc.), and operation results (success or failure and related error messages, used for troubleshooting and training optimization), helping you effectively supervise employee work efficiency and trace the source of operation problems. 3. Associated Customer Information Collection When customers visit the store and use the membership system, reservation system, or participate in interactive marketing activities, we may collect customers' names, genders, contact information (mobile phone numbers, email addresses, in order to send personalized offers and activity notifications to customers, but always following the principle of customer consent), birthdays (used for birthday exclusive benefits push), consumption preferences (frequently purchased products, consumption frequency, consumption amount range, assisting merchants in precise marketing and service improvement), historical consumption records (integrating consumption details across time periods, mining potential consumption needs), etc., and at the same time ensure the accurate association between customer information and corresponding transaction records, which not only protects the rights and interests of customers but also empowers merchants. 4. Device and Environment Information In order to ensure the stability and compatibility of the software operation, we may collect the device information of the software you use, including device model, brand, operating system version (such as iOS, Android and its细分版本号, convenient for software update adaptation), device identification code (such as IMEI, MEID, Serial Number, etc., under the legal and compliant framework, part of which is used for device fault diagnosis and software installation uniqueness verification), network connection status (Wi-Fi name, IP address, network signal strength, judging the impact of the network environment on software performance and optimizing data transmission strategy), screen resolution (adapting the interface display effect and enhancing the user visual experience), etc. In addition, if your store uses specific environmental monitoring equipment (such as temperature sensors, humidity sensors, used for monitoring storage conditions in the food preservation industry) and links with this software, the relevant environmental data may also be appropriately collected to assist you in fine operation. 5. Location and Regional Information Based on the location needs of the store and some location-based marketing functions (such as pushing advertisements to surrounding potential customers, recommending featured products according to regional consumption trends), if you authorize to enable the device location permission, we will collect the precise geographical location coordinates of the store (longitude and latitude, accurate enough to identify the specific location of the store), the administrative region where the store is located (district, county, street name, combined with local commercial big data to provide regional comparative analysis), and the surrounding business district information (distribution of shopping centers, office buildings, residential areas, mining potential customers and business opportunities), helping you expand your business according to local conditions. IV. Information Use 1. Core Business Function Support Relying on merchant account information, the personalized configuration of your exclusive store space is realized, such as custom menu layout, price system setting, and opening of characteristic service modules; the deep integration of transaction and inventory data drives the generation of intelligent replenishment suggestions and sales data analysis reports, assisting you in formulating procurement plans and optimizing commodity combinations; employee operation records feed back to the training system to improve employees' business skills and ensure the efficient operation of the store. 2. Customer Service and Technical Support When you encounter software usage failures, data anomalies, or have functional consultation needs, the customer service team will respond quickly based on the contact information you left, accurately locate the root of the problem, and provide you with practical solutions with the help of the collected software operation logs (recording key operation nodes and error messages) and device information. At the same time, the common problems will be fed back to the R & D department to promote the continuous optimization of the software. 3. Marketing and Business Expansion Based on customer information and consumption data, we will customize marketing plans for you, such as festival special offers push, member exclusive activity planning, and cross-selling recommendations according to consumption preferences; with the help of location information, we will jointly plan joint promotion activities with surrounding cross-industry merchants to expand brand influence and attract more potential customers, achieving a win-win situation. 4. Compliance and Security Guarantee The business license registration number and other information are used for regular compliance self-inspection to ensure that your business operation complies with the requirements of laws and regulations; the transaction data is encrypted and stored and regularly backed up, and retained for a certain period according to the regulatory requirements to prepare for the legal procedures such as audit and tax inspection, effectively maintaining the business order and data security. V. Information Sharing 1. Internal Collaborative Sharing Within the group structure of our company, we share anonymized aggregated data with related departments (such as R & D, finance, market research) to analyze industry trends, optimize product functions, and evaluate market share, promoting the innovative development of the overall business. The sharing process follows strict confidentiality agreements to ensure that the original personal information is not leaked. 2. Third-Party Service Cooperation - Payment Processing Partners: We cooperate with professional payment institutions (such as Visa, Master, UnionPay, Stripe and other third-party payment license holding companies). In order to ensure the safety and smoothness of transactions, only the minimum information required for payment completion is shared, such as transaction amount, payment bank card type, and order payment status. The payment institutions strictly handle confidentiality in accordance with the financial regulatory regulations. - Data Storage and Cloud Service Providers: Relying on reliable third-party data storage and cloud computing service providers, your data is stored in a highly secure cloud environment. The service providers promise to ensure data integrity and confidentiality according to the service contract and only execute data access and operation under our instructions. - Marketing Promotion Agencies: After you clearly agree to receive marketing promotion services, we will provide customer consumption preferences, regional consumption characteristics of the store and other information to professional marketing companies in a limited way for precise advertising placement and activity planning. The marketing companies are bound by the contract to ensure the compliance of information use, and you have the right to withdraw your consent at any time. 3. Disclosure Required by Law When facing legal situations such as subpoenas from judicial organs, administrative supervision investigations, and legal lawsuits, and the relevant requirements meet the legal procedures, we will disclose the necessary personal information to the authorized organs in accordance with the law and regulations and fully cooperate with the law enforcement actions to maintain social fairness, justice and the dignity of the law. VI. Information Storage 1. Storage Architecture Your personal information is mainly stored in the cloud server cluster operated by a professional data center, and distributed storage technology is used to ensure data redundant backup and prevent single point of failure; a small amount of data with extremely high real-time requirements (such as the current transaction flow, used for quick checkout response) is cached locally, but the local data is also encrypted and stored, following strict access control to ensure security. 2. Storage Duration The merchant account information will be continuously saved during the existence of your account. From the date of account cancellation, it will be retained for [X] years for future reference according to the commercial file management practice and legal requirements; the transaction data will be saved for [X] years according to the tax audit requirements; the customer information will be retained for [X] years starting from the date of collection, with the last consumption or interaction behavior of the customer as the starting point. After the expiration, the data will be cleared by an irreversible deletion algorithm to ensure the compliance and rigor of information life cycle management. VII. Information Protection 1. Technical Protection System Starting from network boundary protection, high-performance firewalls and intrusion detection/defense systems (IDS/IPS) are deployed to block external illegal network attacks; the SSL/TLS encryption protocol is adopted at the transport layer to ensure that data is not stolen or tampered with during network transmission; at the storage level, advanced encryption algorithms (such as the AES and RSA encryption algorithm families) are used to encrypt sensitive data, and a strict key management mechanism is配合, and only authorized personnel can access and decrypt data under specific procedures; at the same time, based on identity authentication and access control technology, hierarchical and minimum necessary permissions are set for internal employees and external partners to eliminate the risk of unauthorized access. 2. Emergency Response Plan A comprehensive data leakage and security incident emergency response plan is formulated. Once abnormal traffic, data leakage signs or security threat reports are detected, the emergency process will be immediately started: the security team will quickly isolate the affected system, trace the attack path, notify the affected merchants and customers, cooperate with the regulatory authorities to investigate and collect evidence, and at the same time take data recovery and system reinforcement measures according to the plan to ensure that the loss and impact are minimized. After the event, a review and summary will be carried out to continuously improve the security strategy. VIII. Your Rights 1. Right to Know and Access You have the right to log in to the eMenu software management background at any time and view the collection scope, use details and sharing objects of personal information in the exclusive modules such as "Data Management" and "Account Settings", and download personal information copies including transaction records and customer information (under the premise that you legally have the right to access this data), ensuring that the whole process of information processing is transparent and visible. 2. Right to Correct and Supplement When you find that there are errors, omissions or need to update and supplement personal information, such as store address change and customer contact information update, you can edit and modify it by yourself in the corresponding interface of the software or contact the customer service for assistance. We ensure that the review and correction operation will be completed within [1] working day to ensure the accuracy and effectiveness of the information. 3. Right to Delete If you decide to stop using the eMenu software, you have the right to request us to delete your personal information. After verifying your identity, we will start the deletion process and completely clear all personal information traces such as your account information, transaction data and customer-related information within [3] days, and at the same time notify the relevant third parties to stop data processing behavior and return or destroy the data copies. 4. Right to Withdraw Consent For the personal information of marketing promotion and location information sharing collected based on your consent, you can withdraw your consent at any time through the "Privacy Preferences" option in the software settings, sending an email to the designated mailbox or calling the customer service hotline. After receiving the request, we will immediately stop the collection and use of the corresponding information and adjust the subsequent service strategy to protect your right of self-determination. IX. Protection of Minors' Information This software focuses on serving the commercial field and is aimed at merchants and their employees with legal business qualifications and does not directly provide services to minors. If suspected minors' information is collected during the business process, we will immediately start the investigation procedure to verify the identity. If it is confirmed as minors' information, we will take measures such as restricting processing and notifying the guardian in accordance with the relevant laws and regulations to ensure that the privacy of minors is not violated. X. Policy Update This privacy policy will be revised in a timely manner according to the evolution of laws and regulations, business expansion and technological iteration. We will publish policy update notices at prominent positions on the software download interface and official website, and explain the update content in the form of pop-ups and announcements. If you continue to use this software after the update takes effect, it is deemed that you agree to be bound by the new policy; if you do not want to accept the new policy, you have the right to stop using this software and exercise your right to delete and other relevant rights in accordance with this policy. XI. Contact Us If you have any questions, concerns or suggestions about this privacy policy, please feel free to contact us. Customer Service Phone: +86 10 8478 6308 Email: info@emenu.cc Whatsapp: +65 8394 6789 WeChat: 170980311 Office Address: 5th Floor, Building 7, No. 4 Wangjing Road, Chaoyang District, Beijing We solemnly promise that we will always adhere to the original intention of protecting your privacy, continuously improve the privacy protection mechanism, and work with you to create a safe and prosperous business data ecosystem. Newboll Network Technology CO., LTD January 9, 2025