简体中文
GeeTest CAPTCHA v3 Privacy Policy
Welcome to the services provided by Wuhan Jiyi Network Technology Co., Ltd. (GeeTest, we/us/our). GeeTest strictly complies with applicable laws and regulations and follows privacy protection principles to develop this GeeTest CAPTCHA v3 Privacy Policy (Privacy Policy/Policy). This Privacy Policy applies to the collection and protection of personal information you and/or your end users provide when using the GeeTest CAPTCHA v3 products and services (GeeTest CAPTCHA v3 products/services), including developer services, data services, and other related services we may develop from time to time.
The security of your and your end users’ personal information is of the utmost importance to us. We respect and protect such information and are committed to providing a secure online environment. We comply with the Cybersecurity Law of the People’s Republic of China, the Data Security Law of the People’s Republic of China, the Personal Information Protection Law of the People’s Republic of China, the Civil Code of the People’s Republic of China, and other applicable regulations, as well as recommended national standards such as the Information Security Technology Personal Information Security Specification (GB/T 35273-2020).
This Privacy Policy explains the purposes, methods, and scope of how we collect, use, store, share, and transfer your and your end users’ personal information, the security measures we adopt, and the rights you and your end users have (such as access, review, update, correction, deletion, and portability). This Privacy Policy is designed to help you fully understand how we handle personal information. Please read it carefully before using our products and services and ensure that you understand and agree before proceeding.
By registering, you acknowledge that you have read and fully understood this Privacy Policy. Please note that clauses materially affecting your rights are highlighted in bold for your attention. Before providing us with any personal information of you and/or your end users, please carefully consider whether it is appropriate and consent to our processing of such information in accordance with this Privacy Policy. With your consent, and based on the principles of legality, legitimacy, necessity, and good faith, we will collect and use such information to deliver the relevant functions of the GeeTest CAPTCHA v3 products/services. You may choose not to provide certain information, but this may affect the functionality or availability of the services.
This Policy will help you understand the following:
- How We Collect and Use Personal Information of You and/or Your End Users
- How We Use Cookies and Similar Technologies
- Authorization and Consent of End Users
- How We Entrust, Share, Transfer, and Disclose Personal Information of You and/or Your End Users
- How We Protect Personal Information of You and/or Your End Users
- How We Enable You and/or Your End Users to Exercise Rights over Personal Information
- How We Handle Personal Information of Minors
- Storage and Transfer of Personal Information of You and/or Your End Users
- Updates and Modifications to This Policy
- How to Contact Us
- Confidentiality Obligations
Notice Clause
To protect your rights and the rights of your end users, please read all terms of this privacy policy carefully and complete the registration process in accordance with the instructions on the page after fully understanding their meaning. Upon completion of registration, you will gain access to our related services. We have included the [GeeTest CAPTCHA v3 Compliance Guide] in our website documentation to assist you in using GeeTest products or services in a smarter and more compliant manner. By clicking the “I Agree” button during registration, you confirm that you have read and fully accept all terms of this privacy policy and knowingly and explicitly consent to our processing of your and your end users’ information in accordance with this policy. If you do not accept all or part of this policy, or if you cannot fully understand the meaning of all or part of its terms, please do not install, use, register for, or otherwise access the GeeTest CAPTCHA v3 products or services we provide, including the GeeTest platform, website, or related offerings.
It should be noted that when you use GeeTest CAPTCHA v3 products and services, we process personal information as described in Section 1 of this policy, “How We Collect and Use Personal Information of You and/or Your End Users.”
The way we process these categories of personal information may differ because our contractual relationship is directly with you, unlike our indirect relationship with your end users. As our customer, if you use GeeTest CAPTCHA v3 to provide services to your end users and collect information in the process, you must, in accordance with applicable laws and regulations, establish a separate privacy policy with your end users. GeeTest assumes no responsibility in this regard. You must clearly disclose in your privacy policy or other legal documents that GeeTest products or services are integrated into your services, and ensure that any personal information collected through our products or services is authorized by your end users, with sensitive personal information collected only with their separate and explicit consent.
- Unless otherwise agreed, this privacy policy applies to all services provided by GeeTest, including any upgrades or adjustments to the services.
- GeeTest may update or adjust this privacy policy from time to time. Such updates will be announced on the relevant website. Once published online, the updated privacy policy will replace the previous version and take effect immediately. We will provide notice prior to the effective date, either through prominent display on the GeeTest website or by other means. Continued use of our services constitutes your acceptance of the revised policy.
Special notice to end users: Since GeeTest services are provided as part of developer services, by clicking the “Agree” button (the exact wording may vary) to accept the developer’s user agreement, terms of service, or other documents, you also indicate your acceptance of this policy.
Definitions
You: Refers to developers who have successfully registered a GeeTest account to use the Application Programming Interface (API) to access GeeTest services, or who have successfully registered a GeeTest account and integrated GeeTest-provided Software Development Kits (SDKs) into websites or applications under their account system. This includes natural persons, legal entities, and other organizations.
End Users: Refers to natural persons who directly access or use the content you provide, such as websites or mini-programs, or users of devices on which applications developed or operated by you are installed.
Anonymization: The process of technically processing personal information in such a way that the data subject cannot be identified, and the processed information cannot be restored.
Pseudonymization: The process of technically processing personal information so that the data subject cannot be identified without access to additional information.
1.How We Collect and Use Personal Information of You and/or Your End Users
Personal information refers to various types of information recorded in digital form or by other means relating to an identified or identifiable natural person, excluding information that has been anonymized.
In accordance with the relevant laws and regulations referenced in the introduction, and following the principles of legitimacy, necessity, and propriety, we collect and use personal information of you and/or your end users during the use of GeeTest CAPTCHA v3 products and/or services for the purposes described in this policy. This personal information may be:
- Actively provided by you and/or your end users;
- Generated through your and/or your end users’ use of GeeTest CAPTCHA v3 products and/or services; or obtained from third parties.
Regardless of the method of collection or use, personal information of you and/or your end users will only be collected and used for the business purposes described in this policy. We typically collect and use personal information only with your and/or your end users’ consent, except in circumstances where collection is necessary to comply with legal obligations or to protect the vital interests of you, your end users, or others.
Please note that, due to changes in business strategy, the features of GeeTest CAPTCHA v3 products and/or services may be updated or modified over time. If we intend to use personal information of you and/or your end users for purposes not stated in this policy, or if personal information collected for a specific purpose is to be used for another purpose, we will notify you in a reasonable manner via the platform and obtain your consent before use.
To provide full functionality, when GeeTest CAPTCHA v3 products and/or services are active on the platform, the purposes, methods, types of personal information processed, and rules for processing are as follows:
1.1 Personal Information You Must Provide When Registering, Logging In, or Verifying as a Developer on the Platform
1.1.1 Registration and Login
When registering a GeeTest account, you are required to provide your mobile phone number so that we can communicate with you regarding product usage and payment matters. Please provide complete and accurate information during registration and keep it up to date. All originally entered information will be considered your registration information. You bear full responsibility for any consequences arising from providing false registration information.
You are strongly advised to safeguard your account and not transfer or lend your account or password to others. If you discover that your account has been illegally accessed, stolen, or lost, please notify us immediately. Any negative consequences arising from illegal use due to hacking or negligence in safeguarding your account and password shall be borne by you.
1.2 Personal Information of Your End Users That We May Collect and Use When Providing GeeTest CAPTCHA v4 or Other Services You Choose
1.2.1 GeeTest CAPTCHA v3
GeeTest CAPTCHA v3 leverages the analysis of users’ behavioral characteristics to establish a machine learning model incorporating three layers of protection against simulation, forgery, and brute force attacks. The model is capable of continuous adjustment and self-optimization while resisting cyberattacks, thereby effectively distinguishing human users from automated bots and enhancing the experience of legitimate users.
We may collect your end users’ personal information through the invocation of relevant system interfaces. Such collection will occur strictly on the condition that you have confirmed the end users’ consent has been duly obtained, and provided that the end users have not refused the services, nor requested to modify their authorization, delete their personal information, or cancel their accounts. Details of the personal information collected and its use are set out in the table below:
Table: Personal Information Collection and Use for GeeTest CAPTCHA v3
Device Information:
| Types of Personal Information | Configurable | Purpose of Use | Frequency | Client Side |
|---|---|---|---|---|
| Device Model | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| Device Brand | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| Device Battery Charging Status | Not configurable | Used for security policies | Collected passively on each request | Android / iOS |
| Device Battery Level | Not configurable | Used for security policies | Collected passively on each request | Android / iOS |
| System Platform | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| System Version | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| System Language | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| Screen Height | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| Screen Width | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| Tablet Indicator | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| Memory Size | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| Device Name | Not configurable | Used for security policies | Collected passively on each request | Android / iOS / HarmonyOS |
| User Agent (UA) | Not configurable | Supporting business data | Collected passively on each request | Android / iOS / HarmonyOS / Web / Mini Programs |
| Jailbreak/Root Indicator | Not configurable | Supporting security capabilities | Collected passively on each request | Android / iOS |
| Device Debugging Indicator | Not configurable | Supporting security capabilities | Collected passively on each request | Android / iOS |
| Proxy Indicator | Not configurable | Supporting security capabilities | Collected passively on each request | Android / iOS |
| Emulator Indicator | Not configurable | Supporting security capabilities | Collected passively on each request | Android / iOS |
| Code Tampering Indicator | Not configurable | Supporting security capabilities | Collected passively on each request | Android / iOS |
Network Information:
| Type of Personal Information | Configurable | Purpose and Use | Frequency | Platforms |
|---|---|---|---|---|
| IP address | Not configurable | To support business and security strategies | Collected passively on each request | Android / iOS / HarmonyOS / Web / Mini Program |
| Wi-Fi status (yes/no) | Not configurable | To support business and security strategies | Collected passively on each request | Android / iOS / HarmonyOS / Web / Mini Program |
| Network type | Not configurable | To support business and security strategies | Collected passively on each request | Android / iOS / HarmonyOS / Web / Mini Program |
1.2.2 Security Services
To comply with applicable laws and regulations, meet the basic requirements of service provision, protect your account security and the operational security of our systems, and more effectively prevent phishing and fraud, we collect information generated by you or your end users during the use of GeeTest services. This helps us to assess account-related risks, ensure the normal provision of services, analyze traffic, troubleshoot anomalies, and detect abuse or security incidents. These functions form part of the extended business features of GeeTest CAPTCHA v3.
Log Information
When you or your end users visit and browse GeeTest websites or use GeeTest products and/or services, we automatically collect details of such usage and store them as network logs. This may include IP address, browser type, operating system, date/time stamps, and clickstream data.
If we intend to use personal information for purposes not specified in this Privacy Policy, we will notify you in advance, and you shall notify your end users and obtain their consent. If we wish to use information collected for a specific purpose for other purposes, we will also notify you in advance, and you shall notify your end users and obtain their consent.
1.2.3 Permissions Requested by GeeTest CAPTCHA v3
For optional system permissions that may be requested by GeeTest CAPTCHA v4, please refer to the following tables for details regarding the relationship between such permissions and specific business functions, as well as the timing when these permissions are requested. GeeTest CAPTCHA v3 does not proactively request optional system permissions; however, the absence of such permissions may affect the corresponding functionalities. You may configure these settings reasonably according to your actual business needs.
Android Application Permissions
| Permission | Permission Type | Purpose and Use | Timing of Request |
|---|---|---|---|
| android.permission.INTERNET | Required | Network access for the device | Upon first installation of the app |
iOS Application Permissions
| Permission | Permission Type | Purpose and Use | Timing of Request |
|---|---|---|---|
| Cellular | Required | Network requests | When accessing the network through the cellular data |
HarmonyOS Application Permissions
| Permission | Permission Type | Purpose and Use | Timing of Request |
|---|---|---|---|
| ohos.permission.INTERNET | Required | Network access for device | Upon first installation of the app |
Notwithstanding the specified purposes and uses under which we may collect personal information from you and/or your end users, we may, when necessary, directly and explicitly request authorization from your end users to decide whether to permit such collection. This may be done through methods including but not limited to pop-up windows, links, or other clear means.
1.3 Exceptions to Consent Requirement
Please note that under the following circumstances, in accordance with applicable laws, regulations, and relevant national standards, we may collect and use personal information from you and/or your end users without obtaining prior authorization or consent:
A. Where it is necessary to perform statutory duties or obligations;
B. Where it is directly related to national security or national defense security;
C. Where it is directly related to criminal investigation, prosecution, trial, or enforcement of court judgments;
D. Where it is necessary to respond to public safety incidents, public health emergencies, major public interest events, or to protect the life, health, and property of natural persons in emergency situations;
E. Where personal information is processed within a reasonable scope in accordance with the law when such information has been disclosed by you and/or your end users themselves, or has otherwise been legally disclosed;
F. Other circumstances as prescribed by laws or administrative regulations.
Special Notice: Information that cannot, either on its own or in combination with other data, be used to identify you and/or your end users, does not constitute personal information under applicable law. However, when information can, either independently or in combination with other data, identify you and/or your end users, or when we combine non-identifiable data with other personal information of you and/or your end users, such information will be treated and protected as personal information during the period in which the combined data is used.
2. How We Use Cookies and Similar Technologies
To ensure the proper functioning of our websites, we store small data files called Cookies on your computer or mobile device. A Cookie typically contains an identifier, the name of the site, and a string of numbers and characters. The primary purpose of Cookies is to facilitate your use of our products and/or services, and to help us track the number of unique visitors. By using Cookie technology, we are able to provide you with more attentive, personalized services and allow you to configure specific service preferences.
When you use our products and/or services, a Cookie will be sent to your device. When you interact with services we provide to our partners, we allow Cookies (or other anonymous identifiers) to be transmitted to our servers.
We will not use Cookies for any purpose other than those specified in this Policy. You may manage or delete Cookies at your own discretion. You may delete all Cookies stored on your computer, and most web browsers include functionality to block Cookies. However, if you choose to do so, you will need to change user settings manually each time you visit our websites. Such changes may prevent you from logging in or using services and features provided by GeeTest that rely on Cookies.
If your browser is set to reject Cookies, you will still be able to access most pages of GeeTest’s websites.
3. Authorization and Consent of End Users
As our business partner, you understand that in order to provide the selected GeeTest services to you and/or your end users, we may collect, store, and process your end users’ personal information in a de-identified or anonymized form. By accepting this Policy and integrating our SDK, API, or other statistical analysis or developer tools into your product, you hereby acknowledge, confirm, and warrant that:
You have truthfully, accurately, and completely informed your end users, in a clear and prominent manner, of the purposes, methods, categories of personal information to be processed, the retention period, as well as our name and contact information, and any other information regarding us that is required to be disclosed to end users under applicable laws, regulations, policies, or standards (as updated from time to time). You have also obtained your end users’ sufficient, necessary, and explicit authorization, consent, and permission to allow us to collect and use their information for the purpose of providing services.
Unless otherwise provided by applicable laws, you have informed your end users and obtained their sufficient and necessary authorization, consent, and permission to allow us to de-identify or anonymize collected personal information, and to use such information for the service purposes set forth in Section I of this Policy, provided such use complies with applicable laws and regulations.
You have complied, and will continue to comply, with all applicable laws, regulations, standards, and supervisory requirements, including but not limited to formulating and publishing relevant policies or documents concerning personal information protection and privacy protection.
You have provided your end users with convenient and user-friendly mechanisms to exercise their rights, including but not limited to: how and when users may exercise the right of choice; how they may access or correct their personal information; how they may exercise the right to deletion; and how they may modify the scope of their authorization or consent.
4. How We Entrust, Share, Transfer, and Disclose Personal Information of You and/or Your End Users
4.1 Entrusted Processing
Certain specific modules of our products or services may be provided by external vendors. In such cases, we will enter into strict confidentiality agreements and/or related contracts with entrusted processors, clearly defining the rights and obligations of entrusted processing. We also require the counterparties to process personal information in accordance with our instructions, this Policy, and any other applicable confidentiality and security measures.
4.2 Sharing
We do not share your and/or your end users’ personal information in identifiable form with any company, organization, or individual outside of GeeTest, except in the following circumstances:
With explicit consent: Upon obtaining your and/or your end users’ explicit consent, we may share such information with third parties.
Legal compliance: We may share personal information as required by applicable laws and regulations, or by mandatory requests from governmental authorities.
Public interest and safety: Within the scope permitted or required by law, we may share personal information with third parties (including consumer rights protection organizations and similar industry bodies) where it is necessary to protect the interests, property, or safety of you, the public, or others.
National security: Where necessary to protect national security, public safety, or the significant lawful rights and interests of you or other individuals.
With authorized partners: To fulfill the purposes of your use of our products or services, we may share certain information with partners in jointly developed or provided products or services. Such sharing is limited to the minimum scope necessary, and we prioritize sharing de-identified or anonymized information so that it cannot be used to identify you personally. We require partners to comply with this Policy and to adopt appropriate confidentiality and security measures, ensuring that your information is not used for any purpose other than those authorized.
4.3 Transfer
We do not transfer your and/or your end users’ personal information to any company, organization, or individual, except under the following circumstances:
With your and/or your end users’ explicit prior consent or authorization.
As required by applicable laws, regulations, legal proceedings, or mandatory administrative or judicial requests.
As stipulated in relevant agreements or other legal documents signed with you.
In the event of mergers, joint ventures, acquisitions, asset transfers, bankruptcy, or similar transactions, if the transfer of personal information is involved, the new holder of such information will be required to seek renewed consent from you and/or your end users, and will inform you of the recipient’s name, contact details, processing purpose, processing method, and categories of personal information involved. If the methods of collection or processing of personal information specified in this Policy change, the new entity will again seek renewed consent from you and/or your end users.
4.4 Public Disclosure
We will only publicly disclose your and/or your end users’ personal information under the following circumstances:
With your and/or your end users’ explicit consent.
As required by applicable laws and regulations, or by mandatory administrative or judicial requests, we may disclose personal information in accordance with the type of information and manner of disclosure required.
Other circumstances permitted by law or as agreed between the parties.
5. How We Protect Your and/or Your End Users’ Personal Information
5.1 Security Measures
We adopt industry-standard security safeguards to protect the personal information you and your end users provide, preventing unauthorized access, disclosure, use, modification, damage, or loss. Reasonable and feasible measures are taken to secure your and/or your end users’ personal information. For example, data transmission between your browser and our services is protected by SSL encryption; we provide secure browsing via HTTPS on our official website; we use encryption, anonymization, and trusted security mechanisms to protect confidentiality and guard against malicious attacks; we establish internal management systems and organizational measures to ensure information security; we strictly limit personnel access to information, impose confidentiality obligations, and conduct audits; and we provide employees with security and privacy protection training to strengthen awareness of the importance of personal information protection. In the event of a security incident such as a data breach, we will activate an emergency response plan to mitigate further impact and notify you through push notifications, announcements, or other means.
5.2 Certifications
We have obtained the following certifications: ISO 27001 Information Security Management System Certification, ISO 27701 Privacy Information Management System Certification, ISO 9001 Quality Management System Certification, and CMMI Level 3 Certification.
5.3 Data Security Capabilities
In compliance with the Data Security Law, the Cybersecurity Law, the Personal Information Security Specification, and other applicable laws, regulations, and industry standards, we have completed Level 3 Classified Protection of Information Systems, implemented data classification and grading standards, and adopted supporting security measures (including data masking, secure storage, etc.). We have also established internal control processes and emergency response procedures such as the Data Classification and Grading Specification. Our security defenses cover the entire data lifecycle, including collection, transmission, storage, use, circulation, archiving, and deletion.
5.4 Service Discontinuation
If we cease operations of relevant products, we will promptly stop collecting your personal information, and will make reasonable efforts to notify you and your end users at least seven (7) days in advance through direct notice or public announcement. We will delete or anonymize personal information we hold about you and your end users. Where it is impracticable to notify each individual data subject, we will publish an announcement through reasonable and effective channels.
5.5 Security of Communication Channels
The internet is not an absolutely secure environment, and methods of communication such as email, instant messaging, and interactions with other users are not encrypted. We strongly recommend that you do not transmit personal information through such channels. Please use strong, complex passwords to help secure your account.
5.6 Security of Information Transmission
While we make every effort to safeguard information transmitted by you and/or your end users, please note that no internet environment is 100% secure. Despite our reasonable and necessary protective measures, information may still be illegally accessed, stolen, altered, or destroyed, potentially affecting the lawful rights and interests of you and/or your end users. By using our services, you acknowledge and accept such risks inherent in information networks and agree to assume the consequences voluntarily.
5.7 Security Incidents
In the unfortunate event of a personal information security incident, we will notify you promptly in accordance with applicable laws and regulations. Such notification will include: the basic facts and possible impact of the incident, the measures we have taken or plan to take, recommendations for you to prevent and mitigate risks, and remedies available to you. We will notify you via email, telephone, push notifications, or other reasonable means. Where it is impracticable to notify each individual data subject, we will issue a public announcement through reasonable and effective methods. We will also proactively report the handling of such incidents to the competent regulatory authorities as required.
6. How We Enable You and/or Your End Users to Exercise Rights over Personal Information
We place great importance on ensuring that you and/or your end users are able to manage personal information, and we make every effort to safeguard your and/or your end users’ rights to access, copy, correct, withdraw, cancel, supplement, obtain a copy of, or delete personal information, as well as to lodge complaints, report violations, and configure privacy settings. This empowers you and/or your end users to protect personal privacy and information security.
You agree to provide your end users with accessible mechanisms to exercise their rights, including instructions on how they may determine, access, copy, correct, withdraw, cancel, supplement, obtain copies of, delete, or change the scope of their consent. In accordance with relevant laws, regulations, and standards of the People’s Republic of China, we adopt various measures to safeguard these rights for you and/or your end users depending on the relationship context, as detailed below:
6.1 For Direct Users of GeeTest
6.1.1 Access, Copy, Correct, Withdraw, Cancel, Supplement, and Obtain Personal Information
You have the right to access, copy, obtain, correct, or supplement your and/or your end users’ personal information, unless otherwise restricted by law or regulation. If you wish to exercise access or copy rights, correct or supplement inaccurate or incomplete information, or exercise data access rights (such as editing enterprise/personal profile information, payment details, or changing your password), you may do so directly in the Developer Console. We will process your request within fifteen (15) days. If certain rights cannot be exercised directly, or if assistance is required, you may contact us using the contact details provided in this Policy, and we will provide support.
To protect security, we may require sufficient information to verify your identity before fulfilling requests, ensuring the requester is the data subject or a legally authorized representative. Any additional information you provide will be processed in line with this Policy.
Please note that due to legal requirements or technical limitations, certain requests may not be fulfilled. For legitimate reasons such as compliance or security protection, access to certain information may not be possible.
6.1.2 Deletion of Personal Information
You may request deletion of personal information under the following circumstances:
- Where we collect or use personal information in violation of laws or regulations.
- Where we collect or use personal information in violation of our agreement with you.
- Where we unlawfully share or transfer personal information with third parties, in which case we will cease such activities and notify third parties to delete the relevant information.
- Where we unlawfully disclose personal information in violation of laws or agreements, in which case we will cease such disclosures and notify recipients to delete the relevant information.
- Where you withdraw consent for processing.
- Where you close your account or stop using our products or services.
- Where we permanently cease providing products or services to you.
We may require identity verification before deleting information to protect account security. Once a deletion request is granted, your personal information will be erased unless retention is required by law or regulation. For backup systems, deletion may not occur immediately; however, we will ensure secure storage until deletion or anonymization becomes feasible, and we will safeguard the data during this period.
6.1.3 Account Cancellation
You may cancel your registered GeeTest account at any time by contacting us using the contact details in this Policy. Please note that account cancellation is permanent and you will lose access to the account and its data. After verifying your identity and settling any account assets, we will provide account cancellation services. Once canceled, we will cease providing products or services and will delete or anonymize your personal information unless otherwise required by law or regulation. For convenience, cancellation requests may also be initiated directly through the User Console.
(英文后台需加入注销账号选项及提示)
6.1.4 Obtaining a Copy of Personal Information
You have the right to request a copy of your personal information by contacting us. Where technically feasible, such as when data interfaces are compatible, we may, at your request, transmit a copy of your personal information directly to a designated third party.
6.1.5 Refusal of Targeted Communications
You may opt out of receiving promotional emails from GeeTest by following the unsubscribe/opt-out instructions provided in the emails, or by contacting us through the contact information provided in this Policy. Please note, however, that even if you opt out of promotional communications, we may still send non-promotional messages such as updates to our Terms of Service or Privacy Policy, security alerts, and other notices related to the services you use, to protect your lawful interests under this Policy.
6.1.6 Responding to Your Requests
To ensure security, we may require identity verification before processing requests. You may need to provide a written request or other proof of identity. We will respond to all requests under this Section within fifteen (15) business days of receipt, upon successful verification of your identity.
6.2 For End Users of Applications Using GeeTest Products or Services
If you are an end user of an application that integrates GeeTest, but not a direct customer of GeeTest, we recommend the following:
- Submit requests regarding your personal information directly to the relevant application provider in accordance with their privacy policy.
- To protect you, the application provider, and third parties, we may require supporting documents to verify your identity. Once verified with the application provider and ensuring customer account security, we will handle your request in accordance with applicable laws, regulations, and this Policy. We will provide feedback within fifteen (15) business days of receiving and verifying your request.
6.3 Costs Associated with Responding to Requests
We generally do not charge fees for reasonable requests from you and/or your end users. However, for repeated or excessive requests, we may charge a fee based on actual costs incurred. Requests that are manifestly unfounded, require disproportionate technical effort (such as developing new systems or altering existing practices), compromise others’ lawful rights, or are otherwise impracticable (such as those involving backup tapes) may be refused.
Please note that, for security, legal, or technical reasons, we may not be able to respond to requests under the following circumstances:
- When related to our legal or regulatory obligations.
- When directly related to national security or defense.
- When directly related to public safety, public health, or major public interests.
- When directly related to criminal investigations, prosecutions, trials, or enforcement of judgments.
- When there is sufficient evidence of malicious intent or abuse of rights.
- When necessary to protect vital lawful rights and interests of you or others, such as life or property, but it is difficult to obtain consent.
- When responding to a request would cause serious harm to the lawful rights of you, other individuals, or organizations.
- When the request involves trade secrets.
- Other circumstances stipulated by applicable laws and regulations.
6.4 Questions Regarding Rights
If you and/or your end users have any questions about exercising these rights, please contact us using the contact details provided in Section 10 of this Policy.
7. How We Handle Personal Information of Minors
We attach great importance to the protection of minors’ personal information. As a general principle, we do not accept registration by minors as our users, nor do we accept the provision of end-user personal information of minors under the age of fourteen (14).
Due to the limitations of current technologies and business models, it is difficult for us to proactively identify minors’ personal information. If you discover that we have inadvertently or mistakenly collected information from minors, please contact us promptly using the contact details provided in this Policy. We will delete the relevant data in a timely manner unless we are legally required to retain such data.
It is particularly important to note that if your application is designed and developed for minors under the age of fourteen (14), you must strictly comply with the Personal Information Protection Law of the People’s Republic of China, the Provisions on the Protection of Children’s Personal Information Online, as well as other applicable laws, regulations, policies, standards, and guidelines relating to the protection of minors’ personal information. You must ensure that your end users are guardians, and that your application has established dedicated rules for the processing of personal information of minors under the age of fourteen (14). Only after the guardians have carefully read your policies and the relevant processing rules and have given their explicit consent may you provide the minors’ personal information to us for the purpose of using our services, or submit such information to us for the fulfillment of your application’s functions.
8. Storage and Transfer of Personal Information of You and/or Your End Users
8.1 Storage Location
In principle, we only collect personal information generated within the People’s Republic of China. All of your personal information will be stored within the territory of the People’s Republic of China.
You are solely responsible for determining the scope of your use of this Service and for complying with any applicable laws. If you use our products or services in regions outside mainland China, you must comply with the requirements of the Personal Information Protection Law of the People’s Republic of China regarding cross-border transmission of personal information, as well as local laws, regulations, and regulatory requirements related to cross-border data transfer.
Please note that any risks, liabilities, disputes, penalties, complaints, or losses arising from your cross-border use of our products or services shall be borne solely by you. If we incur complaints, penalties, lawsuits, or other disputes as a result, you shall be responsible for resolving them and, where necessary, for bearing any losses caused to us.
8.2 Storage Period
We retain you and/or your end users’ personal information only for the shortest period necessary to achieve the purposes described in this Policy and for the minimum retention period required by law and regulation. Data generated by the GeeTest CAPTCHA v3 product will be stored for one year (for purposes such as dispute resolution and annual reporting). After the retention period has expired, we will delete or anonymize your and/or your end users’ information.
In the following circumstances, and solely for the relevant purposes, we may extend the retention period for you and/or your end users’ personal information:
- To comply with applicable laws and regulations;
- To comply with court judgments, rulings, or other legal processes;
- To comply with the requirements of government authorities or other competent bodies;
- With your and/or your end users’ consent;
- As reasonably necessary for the execution of relevant service agreements or this Privacy Policy, for maintaining the public interest, handling complaints/disputes, or protecting the personal and property safety or other lawful rights and interests of our customers, us, our affiliates, other users, or employees.
9. Updates and Modifications to This Policy
To provide you with better services, this platform and related services may be updated or adjusted from time to time, and we will revise this Policy accordingly. These revisions will form part of this Policy and have the same legal effect as this Policy. Without your explicit consent, we will not reduce the rights you and/or your end users are entitled to under this Privacy Policy.
After an update, we will publish the revised version on our official website and remind you of the updated content through appropriate means before the updated terms take effect, so that you can stay informed. The updated Privacy Policy will take effect within five business days from the date of publication.
For material changes, we will also provide more prominent notice (including, for certain services, email notifications specifying the details of the changes).
Material changes to this Policy include but are not limited to:
- Significant changes in our service model, such as changes to the purposes of processing personal information, the types of personal information processed, or how personal information is used;
- Significant changes in ownership structure or organizational structure, such as changes caused by business adjustments, bankruptcy, or mergers and acquisitions;
- Changes in the primary recipients of personal information sharing, transfer, or public disclosure;
- Significant changes to your rights to participate in the processing of personal information or the manner in which such rights may be exercised;
- Changes to the department responsible for personal information security, its contact information, or complaint channels;
- High-risk findings in personal information security impact assessment reports.
- We will also archive previous versions of this Policy for your reference. This Policy forms an integral part of the GeeTest Service Agreement. All rights not expressly granted herein are reserved by GeeTest.
10. How to Contact Us
If you have any questions, comments, suggestions, or complaints about this Privacy Policy, you may contact us through the following methods:
We have established a dedicated department that you may reach via:
- Email: service@geetest.com
If you have questions, suggestions, or complaints regarding your account information, personal information, or other technical documentation, or if you wish to exercise your rights, you may contact us via email at service@geetest.com or through our online customer service. Under normal circumstances, we will respond within 15 business days.
11. Confidentiality Obligation
We welcome you to enter into a dedicated Non-Disclosure Agreement (NDA) with us to explicitly define our rights and obligations, thereby safeguarding our legitimate interests.
GeeTest
Wuhan Jiyi Network Technology Co., Ltd.