Memory Privacy Policy
Last Updated: December 2, 2025
Effective Date: December 2, 2025

To better protect your personal information, we recommend that you carefully read the updated Memory Privacy Policy, especially the terms in bold. If you have any objections or questions regarding this Privacy Policy, you may contact us through the contact information provided in Section 10, “Contact Us,” of this Memory Privacy Policy.

Table of Contents of the Memory Privacy Policy

1. Introduction
2. About Us
3. How We Collect and Use Your Personal Information
4. How We Share, Transfer, and Publicly Disclose Your Personal Information
5. Your Rights to Manage Your Personal Information
6. Use of Cookies and Similar Technologies
7. Storage and Protection of Your Personal Information
8. Protection of Minors’ Personal Information
9. Protection of Deceased Users’ Personal Information
10. Contact Us
11. How This Policy Is Updated
12. Dispute Resolution
13. Definitions

1. Introduction

1. This Memory Privacy Policy (hereinafter referred to as “this Privacy Policy”) applies to all client applications, official websites, and software development kits (SDKs) and application programming interfaces (APIs) provided by Memory and/or its legitimate partners for use by third-party websites and applications. The terminal devices for these products/services include, but are not limited to, PCs, tablets, mobile phones, TVs, set-top boxes, wearable devices, in-car tablet devices, smart speaker devices, and more.

Special Reminder: Due to the variety of Memory’s products/services and differences in the content provided to you, this Privacy Policy serves as a general privacy policy applicable to all of Memory’s offerings. For certain specific products/services, Memory will also establish specific privacy policies. You should fully read and agree to the entire content of the specific privacy policy before using that particular product/service.

1. Before using any of Memory’s products/services, please carefully read and fully understand the entire content of this Privacy Policy. By using or continuing to use Memory’s products/services, you indicate your consent to our use and processing of your relevant information in accordance with this Privacy Policy.
2. We may revise this Privacy Policy from time to time in accordance with legal requirements or business adjustments. When changes are made to this Privacy Policy, we will notify you of the updated content through prominent notices, push notifications, messages, or other means after the version update.
3. Please understand that we will only collect, use, process, and store your personal information in accordance with the updated Memory Privacy Policy after you have confirmed and agreed to the changes. You have the right to refuse the updated Privacy Policy, but please be aware that if you refuse, you may not be able to use or continue to fully use Memory’s related services and features, or we may not be able to achieve the intended service outcomes.

2. About Us

1. Memory refers to Qingdao Vector Lightyear Co., Ltd. (hereinafter referred to as “Vector Lightyear”) and its affiliated companies (collectively referred to as “we” or “us”).
2. Affiliated companies refer to companies or institutions that, now or in the future, control Vector Lightyear, are controlled by Vector Lightyear, or are under common control with Vector Lightyear. Control refers to the ability to directly or indirectly influence the management/operation of the controlled entity through ownership, voting shares, contracts, actual operational relationships, or other legally recognized means.

3. How We Collect and Use Your Personal Information

1. Memory collects and uses personal information that you actively provide during the use of our services or that is generated due to the needs of our products/services, in accordance with laws and regulations and the principles of legitimacy, legality, and necessity. If we intend to use your personal information for purposes not specified in this Privacy Policy or to use information collected for a specific purpose for other purposes, we will inform you in a reasonable manner in a timely manner and obtain your consent again before such use.
2. The types of personal information we collect and use fall into two categories:
   1. First category: Information essential for the core business functions of our products/services. This information is necessary for the normal operation of our products/services, and you must authorize us to collect it. If you refuse to provide it, you will not be able to use our products/services normally.
   2. Second category: Information that may be required for additional business functions. This information is not essential for core business functions, and you may choose whether to authorize us to collect it. If you refuse to provide it, the additional business functions may not be realized or may not achieve the intended effect, but this will not affect your normal use of the core business functions.
3. You can contact us via email or feedback channels to specifically inquire about how we collect and use your personal information.
4. Generally, we collect and use your personal information in the following scenarios:

4.1 Account Registration and Login
When you register/log in to a Memory account, you need to follow our instructions to complete a series of registration/login procedures.

4.2 Customer Service
When you file a complaint, appeal, or inquiry with Memory, to ensure the security of your account and our system, we may require you to provide account information and verify it against your previously provided personal information to confirm your identity. Additionally, to facilitate communication or help resolve your issue, we may also need you to provide the following sensitive personal information: name, mobile phone number, email address, other contact information, and city/region information. We may also collect communication records (including text, images, audio, video, or call records) and other necessary information related to your requests. We collect this information to investigate facts and assist in resolving your issues. If you refuse to provide the aforementioned information, we may not be able to provide timely feedback on your complaint, appeal, or inquiry.

4.3 Payment
When you subscribe to membership services, order products/services, or engage in other payment activities on Memory, you will use the payment function. To ensure the security of your account and funds, as well as the safe and stable operation of payment services, and to fulfill legal obligations such as combating telecom and online fraud, we may collect necessary device information (e.g., IP address) and provide it to the third-party payment channel you select. The aforementioned information is essential for providing purchase functions for goods and/or services. We cannot obtain your personal financial information solely based on this information, nor can we identify a specific individual’s identity.

5. Other Scenarios Where We May Collect and Use Your Personal Information
5.1 To prevent malicious programs and ensure the normal operation of our products/services, we may collect (including in the background) information about running processes to understand the overall operation and usage of applications. Please understand that individual process information alone cannot identify a specific individual. If we combine such non-personal information with other information to identify a specific individual or use it in conjunction with personal information, such non-personal information will be treated as personal information during the period of combined use. Unless we obtain your authorization or as otherwise provided by laws and regulations, we will anonymize or de-identify such personal information.

5.2 For Other Reasonable and Necessary Purposes
If a product/service requiring the collection of your personal information is not covered in this Privacy Policy, or if we exceed the stated purpose or reasonably related scope of the collected personal information, we will inform you through updates to this Privacy Policy, page prompts, pop-ups, in-app messages, website announcements, or other accessible means before collecting and using your personal information. We will also provide you with the option to consent autonomously and will only collect and use the information after obtaining your explicit consent.

5.3 Circumstances Exempt from Requiring Consent Under Law
You understand and agree that we may collect and use your personal information without obtaining your authorization or consent in the following circumstances:
(1) When necessary to conclude or perform a contract signed with you;
(2) When necessary to fulfill statutory duties or legal obligations, such as those directly related to national security, national defense, criminal investigations, prosecutions, trials, or enforcement of judgments;
(3) When necessary to respond to public health emergencies or to protect the life, health, or property safety of individuals in emergencies;
(4) When processing personal information within a reasonable scope for public interest activities such as news reporting or public opinion oversight;
(5) When processing personal information that you have voluntarily disclosed or that has been legally disclosed, within a reasonable scope;
(6) Other circumstances stipulated by laws and regulations.

4. How We Share, Transfer, and Publicly Disclose Your Personal Information

1. Sharing
In general, we do not share your personal information with any company, organization, or individual. However, to provide you with better and higher-quality products/services, we may share certain personal information with third-party partners under the principles of legitimacy, necessity, and clear purpose, while complying with applicable laws. When doing so, we will sign strict confidentiality agreements with our partners, requiring them to process your personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures. If you refuse to allow our partners to collect personal information necessary for providing their services, you may not be able to use those third-party services on our platform. Typically, our partners include the following categories:

1.1 Service Providers Supporting Our Products/Services: For example, payment institutions providing payment services, third-party companies providing delivery services, content distribution service providers (such as developers authorized by you on the Memory Open Platform), verification agencies providing real-name authentication functions, and other service providers. We share information solely to enable the functionality of our products/services.

1.2 Third-Party SDK Service Providers: Our products may include third-party SDKs or similar applications. When you use services provided by third parties on our platform, you agree that they may directly collect and process your information (e.g., through embedded code, plugins, etc.). For details on the third-party SDK services currently included in our products, please refer to the Memory Third-Party Cooperation Directory. The collection and processing of information by these service providers are governed by their own privacy policies, not this Privacy Policy. To maximize the security of your information, we recommend that you review their privacy policies before using any third-party SDK services. To protect your legitimate rights and interests, if you discover risks associated with these SDKs or similar applications, we suggest you immediately stop the relevant operations and contact us promptly.

2. Transfer
We will not transfer your personal information to any company, organization, or individual without your explicit consent. In cases where the transfer of your personal information is required due to mergers, acquisitions, or bankruptcy liquidation, we will inform you of the recipient’s name or identity and require the recipient to continue to be bound by this Privacy Policy. If the recipient changes the purpose or method of processing personal information as agreed in this Privacy Policy, we will require them to obtain your consent again.

3. Public Disclosure
We will not publicly disclose your personal information that you have not disclosed yourself or that has not been legally disclosed, except where required by laws and regulations or with your separate consent. If public disclosure of your personal information is necessary, we will conduct a personal information protection impact assessment in advance and adopt security measures and methods that comply with industry standards to protect the security of your personal information.

6. Exceptions for Sharing, Transferring, or Publicly Disclosing Your Personal Information
Please be aware that, in accordance with applicable laws and regulations, we may share, transfer, or publicly disclose your personal information without your prior consent in the following circumstances:
6.1 When necessary to conclude or perform a contract signed with you;
6.2 When necessary to fulfill statutory duties or legal obligations, such as those directly related to national security, national defense, criminal investigations, prosecutions, trials, or enforcement of judgments;
6.3 When necessary to respond to public health emergencies or to protect the life, health, or property safety Franchised individuals in emergencies;
6.4 When processing personal information within a reasonable scope for public interest activities, such as news reporting or public opinion oversight;
6.5 When processing personal information that you have voluntarily disclosed or that has been legally disclosed, within a reasonable scope;
4.6 Other circumstances stipulated by laws and regulations.

6.6 Your Rights to Manage Your Personal Information
We understand your concerns about your personal information and strive to ensure your rights to access, correct, delete, and withdraw authorization for your personal information, empowering you to fully protect your privacy and security. Your rights include:

Account Deletion:
You may request to delete your account through online applications, customer service, or other methods we publicly disclose. Once your account is deleted:

• You will no longer be able to log in or use our products and services with that account.
• All unconsumed rights and future overdue benefits associated with the account, including those generated during its use across Memory and its related products/services, will be cleared.
• Content, information, data, and records associated with the account will be deleted or anonymized .
• Once a Memory account is deleted, it cannot be recovered.

If, after careful consideration, you decide to delete your Memory account, you can submit a deletion request through the relevant function settings page of our products/services or by following the provided instructions. For the Memory app, the deletion path is: “User—Settings—Account Deletion”.

If you have any questions while managing your personal information, you can contact us using the contact information provided in Section 10, “Contact Us,” of this Privacy Policy.

6.8 Use of Cookies and Similar Technologies

1. When you use our products/services, we may use Cookies and similar technologies to collect certain personal information, including your browsing habits, browsing information, and login information. Cookies and similar technologies are used to:
   • Ensure the proper functioning of our products/services;
   • Simplify repetitive operations (e.g., registration, login);
   • Facilitate access to your usage history;
   • Protect the security of your information and account;
   • Improve our products/services.
2. If you refuse to allow us to use Cookies and similar technologies to collect and process your related information, you can manage, partially or fully reject Cookies and/or similar technologies through your browser settings (if supported by your browser), or delete Cookies and/or similar technologies already stored on your computer, mobile device, or other devices. This will prevent us from tracking all or part of your personal information. For detailed instructions on how to change browser settings, please refer to the relevant settings page of your browser.

Please understand that some of our products/services rely on Cookies or similar technologies to function. If you refuse or delete them, you may not be able to use our related products/services normally or achieve the optimal service experience through our products/services. This may also impact the protection of your information and account security to some extent.

6.9· Sharing
In general, we do not share your personal information with any company, organization, or individual. However, to provide you with better and higher-quality products/services, we may share certain personal information with third-party partners under the principles of legitimacy, necessity, and clear purpose, while complying with applicable laws. When doing so, we will sign strict confidentiality agreements with our partners, requiring them to process your personal information in accordance with our instructions, this Privacy Policy, and any other relevant confidentiality and security measures. If you refuse to allow our partners to collect personal information necessary for providing their services, you may not be able to use those third-party services on our platform. Typically, our partners include the following categories:

· Service Providers Supporting Our Products/Services: For example, payment institutions providing payment services, third-party companies providing delivery services, content distribution service providers (such as developers authorized by you on the Memory Open Platform), verification agencies providing real-name authentication functions, and other service providers. We share information solely to enable the functionality of our products/services.

· Third-Party SDK Service Providers: Our products may include third-party SDKs or similar applications. When you use services provided by third parties on our platform, you agree that they may directly collect and process your information (e.g., through embedded code, plugins, etc.). For details on the third-party SDK services currently included in our products, please refer to the Memory Third-Party Cooperation Directory. The collection and processing of information by these service providers are governed by their own privacy policies, not this Privacy Policy. To maximize the security of your information, we recommend that you review their privacy policies before using any third-party SDK services. To protect your legitimate rights and interests, if you discover risks associated with these SDKs or similar applications, we suggest you immediately stop the relevant operations and contact us promptly.

· Transfer
We may transfer your personal information to other countries or regions for processing. Memory will ensure that such transfers are conducted in full compliance with applicable data protection laws and frameworks, including but not limited to:

EU-U.S. Data Privacy Framework (DPF): If we transfer personal data from the European Economic Area (EEA), the United Kingdom (UK), or Switzerland to the United States, we will do so under the EU-U.S. Data Privacy Framework (DPF).

Standard Contractual Clauses (SCC): In cases where the transfer of your personal information is necessary between entities in different jurisdictions that do not have a data protection adequacy decision, we will use the EU-approved Standard Contractual Clauses (SCC) or equivalent contractual protections to ensure that the transfer complies with applicable data protection laws and provides an adequate level of protection for your personal data. These contractual protections apply to personal data transfers to third countries such as the United States and others that may not have been deemed adequate by the European Commission.

Other Legal Mechanisms: In accordance with the relevant legal requirements, we may also use other legal mechanisms such as Binding Corporate Rules (BCRs) or other regulatory-approved mechanisms for transferring personal information internationally.

In the event that your personal information is transferred as part of a business reorganization, such as a merger, acquisition, or sale of assets, we will notify you and ensure that your personal information continues to be protected in compliance with this Privacy Policy.

· Public Disclosure
We will not publicly disclose your personal information that you have not disclosed yourself or that has not been legally disclosed, except where required by laws and regulations or with your separate consent. If public disclosure of your personal information is necessary, we will conduct a personal information protection impact assessment in advance and adopt security measures and methods that comply with industry standards to protect the security of your personal information.

7. Storage and Protection of Your Personal Information

1. Information Storage

1.1 Storage Duration: We retain your personal information for the minimum period necessary to fulfill the purposes of our products/services. For example, when you use our registration and membership functions, we need to collect your mobile phone number and retain it during the period you use these functions to provide the services normally and ensure the security of your account and our system. Additionally, we may retain your relevant information for the period required by applicable laws.

1.2 After the above storage period expires, we will delete or anonymize your personal information.

2. Information Protection
2.1 The security of your personal information is of utmost importance to us. We strictly comply with relevant laws and regulations and adopt reasonable and feasible measures recognized within the industry to protect your personal information, preventing unauthorized access, disclosure, use, or modification, as well as damage or loss of information.

2.2 Security Technical Measures: We use industry-standard security measures to protect the personal information you provide, preventing unauthorized access, public disclosure, use, modification, damage, or loss of data. For instance, we employ SSL encryption to protect data.

2.3 Management Systems: We have established access control mechanisms to ensure that only authorized personnel can access personal information. We periodically conduct security and privacy protection training to enhance our employees’ awareness of the importance of protecting personal information. In the event of a personal information security incident, we will comply with legal requirements and promptly inform you of: the basic details and potential impact of the incident, the measures we have taken or will take, suggestions for you to mitigate and reduce risks, and remedial measures for you. We will immediately activate an emergency plan to minimize losses and notify you of the incident details via phone, push notifications, or other methods.

Security Reminder: Despite implementing the above reasonable and effective measures and complying with the standards required by relevant laws, please understand that due to technical limitations and potential malicious activities, we cannot guarantee 100% security of information at all times. However, we will do our utmost to provide security measures to protect the personal information you provide to us.

You acknowledge and understand that the systems and communication networks used to access our services may experience security issues beyond our control. Therefore, we strongly recommend that you take proactive measures to protect your personal information, including but not limited to not disclosing your account password or related personal information to others.

If you leave Memory to visit browsing pages or use products/services provided by third parties, we have no ability or direct obligation to protect any personal information you submit to those third parties, regardless of whether your login, browsing, or use of such products/services is based on links or guidance from Memory. However, we will remind you when you are about to access third-party products or services to help you better protect your personal information.

8. Protection of Minors’ Personal Information

1. Minors must obtain their guardian’s consent before using our products/services. If you are a minor, you should read this Privacy Policy together with your guardian under their supervision and guidance and use our products/services or submit personal information only with their explicit consent and guidance. We protect minors’ personal information in accordance with national laws and regulations, collecting, using, or disclosing such information only when permitted by law, with the explicit consent of the guardian, or when necessary to protect the minor’s rights and interests.
2. If you are a guardian of a minor and have questions regarding the minor’s personal information, you may contact us using the contact information provided in Section 10, “Contact Us,” of this Privacy Policy. If we discover that we have collected a minor’s personal information without verifiable guardian consent, we will delete the relevant data as soon as possible.

9. Protection of Deceased Users’ Personal Information

1. Memory will protect the personal information of deceased users in accordance with the relevant provisions of the Personal Information Protection Law. After the death of a Memory user (limited to natural persons), their close relatives may, for their own legitimate and lawful interests, exercise rights such as accessing, copying, correcting, or deleting the deceased user’s personal information by contacting us through the contact information provided in Section 10, “Contact Us,” of this Privacy Policy, unless the deceased user had made other arrangements during their lifetime.
2. You understand and confirm that, to fully protect the personal information rights of deceased users, close relatives applying to exercise these rights must follow Memory’s designated process or customer service instructions and submit the deceased user’s identification documents, death certificate, the applicant’s identification documents, proof of the familial relationship between the applicant and the deceased, and specify the type and purpose of the rights being exercised.

10. Contact Us
To better protect your personal information, we have established a dedicated cybersecurity and personal information protection department. If you have any questions or suggestions regarding this Privacy Policy or your personal information while using Memory, please contact us through the following method, and we will generally respond within 15 days:
Contact Email: service@vectorlightyear.com

If you are dissatisfied with our response, particularly if you believe our personal information processing practices have harmed your legitimate rights and interests, and we fail to provide a satisfactory response or refuse to improve after your feedback, you may file a complaint or report to the relevant regulatory authorities.

Additionally, you understand and acknowledge that we will be unable to respond to your requests in the following circumstances related to personal information:

1. Matters related to national security or defense security;
2. Matters related to public safety, public health, or significant public interests;
3. Matters related to criminal investigations, prosecutions, or trials;
4. Cases where there is sufficient evidence of your subjective malice or abuse of rights;
5. Cases where responding to your request would cause serious harm to the legitimate rights and interests of you or other individuals or organizations;
6. Matters involving trade secrets;
7. Other circumstances stipulated by laws and regulations.

11. How This Policy Is Updated

1. To provide better services, we may update the terms of this Privacy Policy based on product updates and relevant legal requirements. Such updates form an integral part of this Privacy Policy. We will not reduce your rights under this policy without your explicit consent. Before the updated Privacy Policy takes effect, we will notify you through prominent notices, push messages, or other means. If such updates result in a substantial reduction or significant change to your rights under this Privacy Policy, we will seek your explicit consent again.
2. Significant changes include, but are not limited to:
   2.1 Major changes in our service model, such as the purpose of processing personal information, the types of personal information processed, or the methods of use;
   2.2 Significant changes in our ownership structure or organizational framework, such as changes in ownership due to business adjustments, bankruptcy, or mergers;
   2.3 Changes in the primary recipients of personal information sharing, transfer, or public disclosure;
   2.4 Significant changes in your rights to participate in personal information processing or the methods to exercise those rights;
   2.5 Changes in the department responsible for personal information security, contact information, or complaint channels;
   2.6 When a personal information security impact assessment indicates a high risk.

12. Dispute Resolution

1. For any disputes arising from this Privacy Policy or our handling of your personal information, you agree to submit the matter to the Shenzhen Arbitration Commission for arbitration. The arbitration decision is final and legally binding on both parties.
2. If you believe our processing of personal information has harmed your legitimate rights and interests, you may also choose to report the matter to the relevant government authorities.
3. The headings in this Privacy Policy are for convenience and readability only and do not affect the meaning or interpretation of any provisions in the text.

13. Definitions
Unless otherwise specified, the terms used in this Privacy Policy generally have the following definitions:

1. Personal Information : Various types of information recorded electronically or otherwise related to identified or identifiable natural persons, excluding anonymized information.
2. Sensitive Personal Information : Personal information that, if leaked or illegally used, could easily harm the dignity, personal safety, or property safety of natural persons, including biometric data, religious beliefs, specific identities, medical health, financial accounts, location tracking, and personal information of minors under 14 years old.
3. Device Information: Typically includes device name, device model, hardware serial number, MAC address, device identification information (IMEI/MEID/AndroidID/OpenUDID/IMSI/IDFA/IDFV/OAID/ICCID, or other device identifiers formed by combining device parameters and system information), software and hardware feature information such as the list of installed mobile applications, operating system and application versions, language settings, resolution, service provider network ID (PLMN), IP address, and browser type.
4. SSL: SSL (Secure Socket Layer) is a security protocol implemented on transmission communication protocols (TCP/IP). SSL supports various types of networks and provides three basic security services, all achieved through public key and symmetric key technologies to ensure information confidentiality.
5. Cookie: A Cookie is a small file containing a string of characters, sent to and stored on your computer, mobile device, or other device (usually encrypted) when you log in to or use websites or other online content. Cookie-like technologies refer to other technologies used for similar purposes, such as Web Beacons, Proxies, and embedded scripts.
6. Anonymization: The process of technically processing personal information so that the individual cannot be identified or associated, and the processed information cannot be restored.
7. De-identification: The process of technically processing personal information so that the individual cannot be identified or associated without additional information.