Terms of Service

Last Updated: May 22, 2025
Effective Date: May 22, 2025

Introduction
SteelSQL is a database management product provided by Hangzhou Pengtian Data Information Co., Ltd. This policy outlines the personal information processing activities and protections applicable to the SteelSQL product and related services (hereinafter referred to as "SteelSQL"). To clarify how SteelSQL collects, uses, and stores your personal information and the rights you possess, we explain the relevant matters in this policy, with the following key points:

We will specify the types of personal information we collect and their corresponding purposes, ensuring you understand the categories, reasons for use, and methods of collection for specific functionalities.

When using certain features, we will collect your sensitive personal information only with your consent, unless required by applicable laws and regulations. Refusal to provide such information will only restrict access to those specific features and will not affect your normal use of other SteelSQL functionalities.

We will not actively share or transfer your personal information to third parties unless legally permitted or with your explicit consent. If sharing or transferring your personal information to parties outside Hangzhou Pengtian Data Information Co., Ltd. is necessary, we will directly obtain or confirm that the third party has obtained your explicit consent, except where otherwise required by law or to protect user rights or the security of the SteelSQL ecosystem. Additionally, we conduct risk assessments for such data-sharing activities.

We will not actively obtain your personal information from third parties outside Hangzhou Pengtian Data Information Co., Ltd. If business needs require obtaining your personal information from third parties, we will verify the legality of the source or disclose the origin, type, and scope of use beforehand. If SteelSQL’s business operations involve processing personal information beyond the original consent granted to the third party, we will seek your explicit consent before processing such data. We will also strictly comply with applicable laws and regulations and require third parties to ensure the legality of the information provided.

To collect your information under this policy, provide services, optimize our services, or ensure account security, we may request relevant permissions on specific platforms and devices. These permissions will only be accessed or used within the scope of your explicit consent.

In accordance with the Cybersecurity Law of the People's Republic of China, the Personal Information Protection Law of the People's Republic of China, the Civil Code of the People's Republic of China, the Information Security Technology—Personal Information Security Specification, and other relevant laws, regulations, and technical standards, we have established principles for processing personal information to ensure the legality, legitimacy, and necessity of data processing.

1. How We Collect and Use Your Personal Information
1.1 User Registration and Account Management
1.1.1 Registration and Login
To provide you with user registration services (i.e., creating a SteelSQL account and using it to log in and access our services), we offer multiple registration and login options:

When registering with a mobile number or email, you must provide your phone number or email address. We use this information to send verification codes for identity validation.

For one-click login, with your consent, your mobile carrier will share your phone number with us to facilitate quick login.

When logging in via a third-party account (e.g., WeChat, Apple ID), we will indirectly access and collect authorized personal information (e.g., nickname, profile picture, gender, region) to link your third-party account with your SteelSQL account. Without this information, third-party login will be unavailable.

Note that collecting mobile numbers complies with China’s real-name verification laws. Without this information, certain services requiring real-name authentication may be inaccessible.

1.2 Orders and Payments
1.2.1 Order Placement and Management
When purchasing premium services, we collect transaction details such as product/service type, order number, time, amount, notes, and invoice information (e.g., invoice type, title, tax ID, registered address, bank details). This ensures smooth transactions, order tracking, and customer support (including after-sales service).

1.2.2 Payments
To complete payments and secure transactions, we collect payment details (e.g., amount, time, merchant, payment method, account, status) and share them securely with payment processors (e.g., WeChat Pay, Alipay).

Third-party payment services (e.g., WeChat Pay, Alipay) handle transactions. We may retain payment records (e.g., status, method) for reference.

1.3 Improving Our Products/Services
To optimize functionality and analyze usage, we collect behavioral data (e.g., device type, OS version, access times, features used) via analytics tools. With your consent, we may link this data across our services for unified experiences (e.g., single sign-on).

1.4 Security Safeguards
To enhance security and prevent risks (e.g., phishing, fraud, cyberattacks), we analyze account activity, device data (e.g., model, OS), network logs, usage frequency, crash reports, and distribution channels. This helps verify identities, detect anomalies, and protect accounts.

1.5 Customer Support
For after-sales assistance, we verify your identity and purchase history using account details, device information (e.g., name, brand, model), network location (approximated via IP, carrier, Wi-Fi), logs, and communications (e.g., emails, screenshots, calls).

1.6 Other Purposes
1.6.1 Notifications
We may send service-related messages via pop-ups, alerts, or push notifications based on your device/account data and usage patterns.

1.6.2 Third-Party Purchases
If you buy our services through distributors/agents, we receive order details (e.g., name, account info, purchased services) from them.

1.7 Exceptions to Consent Requirements
We may process your personal information without consent in these legally permitted cases:

Compliance with legal obligations;

National/defense security;

Public health/safety or major public interests;

Criminal investigations/proceedings;

Protecting life/property where consent is impractical;

Publicly disclosed personal information;

Contract fulfillment at your request;

Information from lawful public sources (e.g., news, government disclosures);

Maintaining service security/stability (e.g., troubleshooting);

Other scenarios under applicable laws.

2. Data Analytics and Android System Capabilities
2.1 Use of Statistical Technologies
We employ analytics, web beacons, and log files to:

Store preferences to avoid re-entry;

Measure marketing effectiveness;

Monitor aggregate metrics (e.g., visitors, page views).

3. Sharing, Transfer, and Disclosure of Your Information
3.1 Information Sharing
3.1.1 Data Sharing for Advertising
To deliver ads and optimize ad performance, we share anonymized data with ad partners under strict privacy agreements, ensuring no personal identification.

3.1.2 Ad Display
SteelSQL will not share personally identifiable information with ad servers/networks without your opt-in consent for specific programs.

3.2 Information Transfer
We generally do not transfer your personal information, except:

At your request, if legally permitted;

During corporate mergers/acquisitions/bankruptcy, with prior notice and recipient compliance with this policy.

3.3 Public Disclosure
We only disclose non-public personal information with your separate consent or as legally required, applying industry-standard safeguards beforehand.

4. Data Storage and Protection
4.1 Storage
4.1.1 Location
Your personal information is stored in China. Cross-border transfers, if any, will comply with laws or seek your consent.

4.1.2 Retention Period
We retain data only as long as necessary, then anonymize or delete it, unless legally mandated otherwise.

4.2 Protection Measures
4.2.1 Technical Safeguards
We adhere to Chinese laws, implementing strict measures (e.g., encryption, secure servers, access controls) to prevent unauthorized access/disclosure.

4.2.2 Specific Measures
Data encryption during transmission;

Secure server storage with tiered protection;

Third-party vetting and audits;

Employee training on privacy;

Regular policy updates.

4.2.3 Incident Response
For breaches, we will notify you promptly (via push/notice) and report to regulators as required.

5. Your Rights
You may withhold personal information but may lose access to certain services.

To exercise rights or report concerns, contact us via the methods below. We respond within 15 business days.

If services are discontinued, we will notify you and delete/anonymize data per legal requirements.

6. Protection of Minors’ Information
Users under 18 must obtain parental/guardian consent. Guardians with questions may contact us via the provided channels.

7. Policy Updates and Dispute Resolution
We may revise this policy to improve services but will not reduce your rights without consent. Updates will be notified via login prompts or pop-ups.

8. Contact Us
For questions or requests regarding this policy, contact our Privacy Team at:
Email: biz@steelsql.com
We respond within 15 business days.