English version below.
本政策仅适用于宝马中国(就进口车辆而言指宝马(中国)汽车贸易有限公司,就国产车辆而言指华晨宝马汽车有限公司)(以下简称“宝马中国”或“我们”)通过英文名称“Advanced Car Eye 3.0”,中文名称“BMW/MINI睿眼行车记录仪软件”,(以下简称“ACE 3.0手机APP应用程序”),以及随技术发展出现的新形态向您提供的行车记录仪手机APP应用程序各项产品或服务。
宝马中国将根据对您提供的服务和产品,决定您个人信息的处理目的和方式,并根据本政策的规定对您的个人信息进行保护。
最近更新日期:2024年8月。
如果您对本政策内容有任何疑问、意见或建议,您可通过本政策第9部分提供的联系方式与我们联系。
本政策将帮助您了解以下内容:
1.我们的业务功能以及我们如何收集和使用您的个人信息
2.我们如何使用 Cookie 和同类技术
3.我们如何委托处理、共享、转让、公开披露您的个人信息
4.我们如何保护您的个人信息
5.您的权利
6.我们如何处理儿童的个人信息
7.您的个人信息如何在全球范围转移
8.本政策如何更新
9.如何联系我们
我们深知个人信息对您的重要性,秉承您对宝马产品的高期待值而严谨对待您的个人信息。我们努力创造和维护与您的互信关系,为保护您的个人信息恪守以下原则:权责一致、目的明确、选择同意、最少必要、确保安全、主体参与、公开透明。同时,我们承诺按业界成熟的安全标准,采取相应的安全保护措施以充分保护您的个人信息。
您通过签字,或点击“已阅读”、“同意”或其他类似选项,或接受我们提供的产品或服务,并向我们提交您的个人信息即视为您已接受本个人信息保护政策,我们将按照相关法律法规及本政策合法使用和保护您的个人信息。请您在勾选或点击“已阅读”、“同意”或其他类似选项,接受我们提供的产品或服务,填写、确认、授权导出或导入个人信息,或者签署授权文件之前仔细阅读本隐私政策,确保对其内容的含义及相应法律后果已全部知晓并充分理解。
个人信息是指以电子或者其他方式记录的与已识别或者可识别的自然人有关的各种信息,包括但不限于姓名、出生日期、身份证件号码、个人生物识别信息、地址、电话,但不包括匿名化处理后的信息。
敏感个人信息是指一旦泄露或者非法使用,容易导致自然人的人格尊严受到侵害或者人身、财产安全受到危害的个人信息。一般而言,生物识别、宗教信仰、特定身份、医疗健康、金融账户、行踪轨迹等信息,以及不满十四周岁未成年人的个人信息等被视为敏感个人信息。在本政策中,有关敏感个人信息的条款将以加粗字体标注以提示您的特别注意。在实际收集敏感个人信息的场景中,我们会以增强式告知或即时提示(如弹窗提醒)等方式向您再次提示并获取您的授权,或者要求您另行点击确认,或者签署《单独同意函》。
我们仅会出于本政策所述的以下目的而收集和使用您的个人信息。
除非本政策另有说明或者法律法规另有规定,当我们需要将个人信息用于本政策未载明的其他用途时,会事先向您告知并征求您的同意。
除非在下述用途中另行明确,我们仅在实现相关用途所需的期间存储您的个人信息。如果信息被用于多种用途,一旦具体用途完成,您的信息将被删除或以不能直接或间接追溯到您的形式而存储。
ACE 3.0手机APP应用程序未设置账户或ID功能,您无需登录BMW ID即可完整使用ACE 3.0手机APP应用程序的各项功能。
ACE 3.0手机APP应用程序将为您提供如下服务:
• 视频、音频、图像下载服务。通过该服务您可以把ACE3.0行车记录仪记录的视频、音频、图像直接下载到您的手机上。
o ACE3.0行车记录仪通过汽车前后风挡位置的两个广角摄像头摄取您车外的视频、图像、车外及车内的音频,用于记录驾驶和停车过程中的紧急情况。由ACE3.0行车记录仪记录的视频、音频、图像只会存储在记录仪的SD储存卡上,您可通过ACE3.0手机APP应用程序将行车记录仪记录的视频、音频、图像直接下载到您的手机上。在前述过程中,我们不会另行收集、处理、上传或者分享您的任何个人信息。 上述信息对提供ACE 3.0手机APP应用程序产品的各项功能或相关具体服务是必需的。因此,如您不提供并授权我们使用上述信息,我们将无法提供ACE 3.0手机APP应用程序的各项功能项下的具体服务。对于车内音频,车辆用户必须告知当前和未来的车辆用户,乘客及其监护人对此表示同意并征得他们的许可。 上述信息将在您停止使用ACE 3.0手机APP应用程序的相关功能并从本地设备中删除APP时被删除,除非该等信息是根据法律法规的规定所必须保存的,或我们获得您的单独授权同意的。
• 使用邮件支持服务。通过该功能您可以将遇到的问题和意见发送至ACE 3.0客服团队,由客服团队对您的问题进行解答和帮助。
除上述提供ACE3.0手机APP应用程序的各项功能或相关具体服务所必需的信息外,在提供相关服务的时候,与个人信息有关的细节如下: 在您使用我们的业务功能时,ACE 3.0手机APP应用程序会向您申请下列与个人信息相关的系统权限及设备属性信息:
1. 蓝牙权限
-我们将在以下情形下向您索取该权限 :
• 在ACE3.0/ACE3.0 PRO行车记录仪进行蓝牙连接时,ACE3.0手机APP应用程序利用kotlin,no.nordicsemi.android获取您的蓝牙权限, 查看更改ACE3.0手机APP应用程序设备的系统设置功能。
2. Wi-Fi权限
-我们将在以下情形下向您索取该权限:
• 在您将ACE3.0行车记录仪记录的视频、音频、图像发送到您的智能手机时, ACE 3.0 手机APP应用程序需要获取WIFI权限, 通过 Wi-Fi 热点进行通信
3. 存储权限(仅Android)
-我们将在以下情形下向您索取该权限:
• 将ACE3.0行车记录仪记录的视频、音频、图像下载和存储到智能手机上
4.相册权限(仅iOS)
-我们将在以下情形下向您索取该权限:
• 将ACE3.0行车记录仪记录的视频、音频、图像下载和存储到智能手机上
5.位置权限(仅限于Android)
-我们将在以下情形下向您索取该权限:
• 在获取Wi-Fi名称, 用于行车记录仪设备与该应用程序的连接
6. 读取设备信息
-我们将在以下情形下向您索取该权限:
• 在ACE3.0/ACE3.0 PRO行车记录仪进行蓝牙连接时, 获取您的以下信息: 蓝牙 MAC 地址、UUID(通用唯一标识符)、蓝牙 HCI(主机-控制器接口)名称、设备名称。
• 在ACE3.0 APP应用程序前台静默期间,ACE3.0 手机APP应用程序和no.nordicsemi.android获取您的蓝牙设备MAC地址,以保持ACE3.0手机应用程序与ACE3.0行车记录仪的持续连接状态
• 在您使用ACE3.0 应用程序时,kotlin和no.nordicsemi.android获取您的已配对蓝牙设备MAC地址,且需要高频获取您的已配对蓝牙设备MAC地址,以保持ACE3.0手机应用程序与ACE3.0行车记录仪的持续连接状态。
• 在您将ACE3.0行车记录仪记录的视频、音频、图像发送到您的智能手机时, ACE 3.0 手机APP应用程序需要获取WIFI权限, 通过 Wi-Fi 热点进行通信,获取您的以下信息:SSID、BSSID(Wi-Fi MAC 地址)。
上述共计6项系统权限。如果您不授权,将会导致我们无法提供该业务功能。除上述权限之外,您可自主选择是否额外授予其他系统权限。
如您想要撤回您授予的权限,您可在App内通过“更多”—“设备权限”—“系统权限管理”—进入您的手机系统权限管理页面操作即可完成权限撤销。
为保障APP相关功能的实现与应用的稳定运行,我们可能会接入开源软件开发包以实现相关目的。不同版本的SDK会有所不同。我们会对获取信息的软件工具开发包(SDK)进行严格的安全监测,以保障数据安全。
在处理与您有关的合同事项(如:本产品的技术问题)或您提出的要求(如:您向宝马客服提交的查询或投诉),我们为联系到您本人而使用您提供的个人信息(如:姓名、电子邮件、车辆型号和电话号码)。我们在处理前述合同事项以及您的要求时,将根据您明确提供的联系方式(如:书面通信、电话、短信、电邮等)而联系您,并将不再另行征得您的同意。
基于法律法规规定的义务,如产品召回或技术活动,我们有可能发布相关通知并根据您提供的信息而联系您。
根据相关法律法规及国家标准,在以下例外情形中,我们可能会依法收集并使用您的个人信息而无需征得您的授权同意:
1.为订立、履行您作为一方当事人的合同所必需;
2.为我们履行法定职责或法定义务所必需;
3.为应对突发公共卫生事件,或者紧急情况下为保护您或他人的生命健康和财产安全所必需;
4.为公共利益实施新闻报道、舆论监督等行为,在合理的范围内处理您的个人信息;
5.依法在合理的范围内处理您自行公开或者其他已经合法公开的个人信息;
6.法律、行政法规规定的其他情形。
ACE 3.0手机APP应用程序产品/服务将不使用cookie或同类技术。
为向您提供专业化、高品质的产品和服务,ACE 3.0手机APP应用程序中某些具体模块或功能由宝马中国授权经销商和/或外部供应商实际提供。我们聘请服务提供商THINKWARE Corp.来协助我们提供客户支持。在该等情形下,为了向您提供相关服务和支持,我们需要将您的个人信息委托该等关联方、宝马授权经销商和/或外部供应商进行处理。在委托处理的情形下,我们将在本政策的范围内,决定您的个人信息的处理目的和处理方式,而受托人将根据我们的指示处理您的个人信息。如果您就该等模块或功能处理个人信息的情况存在疑问,或寻求投诉,可以直接通过第九部分的联系方式与我们取得联系。
在委托处理的情况下,对上述接受我们的委托,协助我们处理个人信息的公司、组织和个人,我们会根据您对我们的授权范围,与受托人约定委托处理的目的、期限、处理方式、个人信息的种类、保护措施及我们与受托人的权利义务等,并对其个人信息处理活动进行监督。我们将会确保受托人按照我们与其的约定处理您的个人信息,不会超出约定的处理目的、处理方式等处理您的个人信息。我们会与其签署严格的保密协定,要求其根据我们的要求、本隐私政策以及其他任何相关的保密和安全措施来处理个人信息。
我们可能会根据法律法规规定,或按监管机构的强制性要求,对外共享您的个人信息。
我们仅共享必要的个人信息,且受本隐私政策中所声明目的的约束。在对您的个人信息进行共享前,我们会以弹窗等方式向您再次提示并获取您的授权,或要求您另行点击确认或签署《单独同意函》。
除上述第一和第三(一)节已明示列出的客户服务与支持以及履行法定义务,我们不会将您的个人信息提供给任何公司、组织和个人。
但以下情形除外:
1.在获取明确同意的条件下提供。获得您的明确同意后,我们会向其他方提供您的个人信息。
2.在涉及合并、收购或破产清算时,如涉及到个人信息向公司的权利义务承继方提供,我们会单独向您告知有关情况,并要求新的持有您个人信息的公司、组织继续受此隐私政策的约束,否则我们将要求该公司、组织重新向您征求授权同意
我们仅会在以下情形下,公开您的个人信息:
1. 对于我们的业务确有必要且获得您的单独同意后;
2.基于法律的公开:在法律、法律程序、诉讼或政府主管部门强制性要求的情形下,我们可能会公开您的个人信息。
根据相关法律法规及国家标准,以下情形中,我们可能会共享、转让、公开披露您的个人信息而无需事先征得您的授权同意:
1. 为订立、履行您作为一方当事人的合同所必需;
2. 为我们履行法定职责或法定义务所必需;
3. 为应对突发公共卫生事件,或者紧急情况下为保护您或他人的生命健康和财产安全所必需;
4. 为公共利益实施新闻报道、舆论监督等行为,在合理的范围内处理您的个人信息;
5. 依法在合理的范围内处理您自行公开或者其他已经合法公开的个人信息;
6. 法律、行政法规规定的其他情形。
(一)我们已使用符合业界标准的安全防护措施保护您提供的个人信息, 防止数据遭到未经授权访问、公开披露、使用、修改、损坏或丢失。我们会采取一切合理可行的措施,保护您的个人信息。例如,我们会使用加密技术确保数据的保密性;我们会使用受信赖的保护机制防止数据遭到恶意攻击;我们会部署访问控制机制,确保只有授权人员才可访问个人信息;以及我们会定期举办安全和隐私保护培训课程,加强员工对于保护个人信息重要性的认识。
(二) 我们会采取一切合理可行的措施,确保仅收集为实现本政策所述目的所必需的个人信息。我们只会在达成本政策所述目的所需的期限内保留您的个人信息,除非确有需要延长保留期并获得您的单独授权同意、或根据法律法规或有关数据保留期的特别监管要求。
(三)互联网环境并非百分之百安全,虽然我们致力于保护您的个人信息,但我们无法担保或保证其绝对安全。因此,您也应积极采取措施保证您的个人信息安全,如定期修改账号密码,不将个人的账号密码信息透露给他人。
(四)在不幸发生个人信息安全事件后,我们将按照法律法规的要求,及时向您告知:安全事件的基本情况和可能的影响、我们已采取或将要采取的处置措施、您可自主防范和降低风险的建议、对您的补救措施等。我们将及时将事件相关情况以邮件、信函、电话、推送通知等方式告知您,难以逐一告知个人信息主体时,我们会采取合理、有效的方式发布公告。
同时,我们还将按照监管机构要求,主动上报个人信息安全事件的处置情况。
(五)ACE3.0手机APP应用程序可能包含由第三方负责运营维护的网络链接,如,实现ETC功能需要跳转“e高速”手机APP应用程序。但我们无法控制此类第三方。请注意,您向第三方提供的任何信息都将受到该第三方的隐私政策或个人信息保护政策条款的约束。我们建议您在向第三方提供任何信息前进行了解并询问。对于第三方的内容、行为或政策,我们不承担任何责任。ACE3.0手机APP应用程序产品上出现第三方链接,并不代表我们认同该第三方的内容、行为或政策。
我们建议您仔细阅读该第三方的隐私政策。鉴于该第三方应用程序可能基于您的服务需求收集和使用相应个人信息,详细内容请访问第三方应用的隐私政策。
按照中国相关的法律、法规、标准,以及其他国家、地区的通行做法,我们保障您对自己的个人信息行使以下权利:
您有权访问您的个人信息,法律法规规定的例外情形除外。如果您想行使个人信息访问权,您可以发送邮件至:support@ace-30.cn。我们将在验证您的身份后受理请求,并在十五个工作日内完成核查和处理。
您也有权复制您的个人信息,或获取您的信息的副本。您可以通过电子邮件support@ace-30.cn联系我们.
在技术可行的前提下,例如数据接口匹配,且符合国家网信部门规定的条件的,我们还可按您的要求,直接将您的个人信息副本传输给您指定的第三方。
当您发现我们处理的关于您的个人信息有错误时,您有权要求我们做出更正。您可以联系support@ace-30.cn咨询具体更正流程。我们将在验证您的身份后受理请求,并在15个工作日内完成核查和处理。
有下列情形之一的,您可以要求删除您的个人信息:
(1) 当我们对个人信息的处理违反法律、法规的规定时;
(2)我们未经您同意收集、使用您的个人信息;
(3) 当我们处理个人信息的行为违反了我们与您的约定;
(4) 当您已经实现、或者认为不可能或没有必要实现处理您的信息的目的时(例如您不再使用我们的产品或服务、或者您注销账户);
(5) 当您撤销对我们处理您的个人信息的同意时。
如果我们同意您删除信息的请求,我们还将通知从我们获取您个人信息的主体,要求其及时删除相关信息,但法律法规另有规定或已获得您单独授权的除外。
一旦您的信息从我们的服务中删除,由于适用法律法规的限制,我们可能不会立即从备份系统中删除相应的信息,但我们会安全地存储该信息,不再进行进一步处理,直至备份消除或匿名。为充分保护您的个人权益,我们可能会在备份系统中保留必要的信息,同时通过技术手段使这些信息无法被搜索或访问。
ACE 3.0手机应用程序APP未设置账户或ID功能。
对于我们收集和使用您的个人信息,您可以随时给予或撤回您的授权同意。您可以通过致电服务热线+86 4001 204 236撤回您的同意。如您想要撤回您授予的权限,您可在App内通过“更多”—“设备权限”—“系统权限管理”—进入您的手机系统权限管理页面操作即可完成权限撤销。
但请您注意,每个业务功能需要一些基本的个人信息才能得以完成(见本政策第一部分),因此如果您撤回对我们收集和使用对于业务功能必需的您的个人信息的同意的,我们将无法为您继续提供相应的服务。
当您撤回同意后,我们将不再处理您撤回同意范围内的个人信息。但您撤回同意的决定,不会影响此前基于您的同意而开展的个人信息处理。
您可以根据上述列出的具体方式提出您对您个人信息的权利请求。为保障安全,您可能需要证明您的身份。我们可能会先要求您验证自己的身份,然后再处理您的请求。
我们将在15个工作日内做出答复。如您不满意,可以通过以下途径投诉。
邮箱: support@ace-30.cn
热线:+86 4001 204 236
对于您合理的请求,我们原则上不收取费用,但对多次重复、超出合理限度的请求,我们将视情形收取一定成本费用。对于无端重复、需要过多技术手段(例如,需要开发新系统或从根本上改变现行惯例)、给他人合法权益带来风险或者非常不切实际(例如,涉及备份磁带上存放的信息)的请求,我们可能会予以拒绝。
在以下情形中,我们将无法响应您的请求:
1.与我们履行法律法规规定的义务相关的;
2.与国家安全、国防安全直接相关的;
3.与公共安全、公共卫生、重大公共利益直接相关的;
4.与犯罪侦查、起诉、审判和执行判决等直接相关的;
5.我们有充分证据表明您存在主观恶意或滥用权利的;
6.出于维护您或他人的生命、财产等重大合法权益但又很难得到您同意的;
7.响应您的请求将导致您或其他个人、组织的合法权益受到严重损害的;
8.涉及商业秘密的。
ACE 3.0手机APP应用程序服务主要面向成年人。ACE3.0手机APP应用程序没有创建任何ID和账户的功能,也不会收集、使用儿童的个人信息,如果确有必要收集、使用儿童个人信息的,我们将事先告知该等儿童的监护人并征得其单独同意。
为本政策之目的,我们将不满 14 周岁的任何人均视为儿童。
如果我们发现自己在未事先获得可证实的监护人的单独同意的情形下收集了儿童的个人信息,则会设法尽快删除相关账号和个人信息。
我们在中华人民共和国境内收集和产生的个人信息,将存储在中华人民共和国境内。因此,您的个人信息不会被转移到中国境外管辖区,或者受到来自中国境外管辖区的访问。如果未来我们需要向境外传输,我们将会另行征求您的同意,遵循相关法律法规的规定并确保您的个人信息得到在中国境内足够同等的保护。
我们的个人信息保护政策可能变更。未经您明确同意,我们不会削减您按照本隐私政策所应享有的权利。我们会在本页面上发布对本政策所做的任何变更。我们会将本政策的旧版本存档,供您查阅。
对于重大变更,我们还会提供更为显著的通知。
本政策所指的重大变更包括但不限于:
1.我们的服务模式发生重大变化。如处理个人信息的目的、处理的个人信息类型、个人信息的使用方式等;
2.我们在所有权结构、组织架构等方面发生重大变化。如业务调整、破产并购等引起的所有者变更等;
3.个人信息共享、转让或公开披露的主要对象发生变化;
4.您参与个人信息处理方面的权利及其行使方式发生重大变化;
5.我们负责处理个人信息安全的责任部门、联络方式及投诉渠道发生变化时。
1. 如果您对本隐私政策有任何疑问、意见或建议,请通过以下方式与我们联系:
邮箱: support@ace-30.cn
热线:+86 4001 204 236
宝马(中国)汽车贸易有限公司,注册地址:中国北京市朝阳区东三环北路霞光里18号佳程广场B座28层,邮编:100027
华晨宝马汽车有限公司,注册地址:沈阳市大东区山嘴子路14号,邮编:110143
我们将尽力在15个工作日内回复您。
2. 我们设立了专门的个人信息保护团队,即宝马(中国)汽车贸易有限公司数据治理部,您可以通过邮箱: servicecenter@bmw.com.cn或致电BMW客户服务中心400-800-6666与其联系。
如果您对我们的回复不满意,特别是您认为我们的个人信息处理行为损害了您的合法权益,您还可以通过以下外部途径寻求解决方案:向被告方所在地有管辖权的法院提起诉讼。
This policy applies solely to the products and services of the dashcam mobile apps ("ACE 3.0 Mobile Apps") offered by BMW China (which refers to BMW (China) Automotive Trading Co. Ltd. in the case of imported vehicles and to BMW Brilliance Automotive Ltd. in the case of domestically-manufactured vehicles) (hereinafter referred to as ‘BMW China’ or ‘We’) under the English name ‘Advanced Car Eye 3.0’ and the Chinese names ‘BMW/MINI睿眼行车记录仪软件’, as well as any new forms that may emerge with technological advancements.
BMW China will determine the purpose and manner for processing your personal data based on the services and products provided to you, and it will protect your personal data in accordance with the provisions of this policy.
Last updated: August 2024.
If you have any questions, comments, or suggestions about the content of this policy, you can contact us through the contact information provided in Section 9 of this policy.
This policy will help you in understanding the following:
1. Our business functions and how we collect and use your personal data
2. How we use cookies and similar technologies
3. How we entrust the processing, sharing, transfer, and public disclosure of your personal data
4. How we protect your personal data
5. Your rights
6. How we handle the personal data of minors
7. How your personal data is transferred globally
8. How this policy updated
9. How to contact us
We are well aware of the importance of personal data to you, and we treat your personal data with the utmost care in line with your high expectations for BMW products. We strive to establish and maintain a relationship of trust with you and adhere to the following principles to protect your personal data: accountability and responsibility, clearly defined purposes, choice and consent, minimum necessity of data, data security, individual participation, and openness and transparency. We also promise to employ appropriate security measures in accordance with well-established industry standards to fully protect your personal data.
By signing, or clicking ‘Read’, ‘Agree’ or other similar options, or by accepting our products or services and submitting your personal data to us, you are deemed to have accepted this privacy policy. We will use and protect your personal data in accordance with the relevant laws and regulations and this policy. Before checking or clicking ‘Read’, ‘Agree’, or other similar options to accept our products or services, or filling in, confirming, or authorising the export or import of personal data, or signing authorisation documentation, please carefully read this privacy policy to ensure that you fully understand the implications of its contents and the corresponding legal effect(s).
Personal data refers to various data recorded in electronic or other means related to identified or identifiable natural persons, including but not limited to name(s), date(s) of birth, identity card number(s), personal biometric data, address(es), and telephone number(s), but excluding data that has been anonymised.
Sensitive personal data refers to personal data that, once divulged or illegally used, could easily cause infringement of an individual's dignity or the endangerment of their personal and property security. In general, biometrics, religious beliefs, specific identities, medical health, financial accounts, location, and other data, as well as the personal data of minors under the age of fourteen, are considered sensitive personal information. Provisions regarding sensitive personal data will be highlighted in bold in this policy In actual scenarios where sensitive personal data is collected, we will provide enhanced notifications or immediate prompts (such as pop-up reminders) to remind you again and obtain your authorisation, or require you to click confirm again, or to sign a ‘Separate Consent Form’.
We will only collect and use your personal data for the following purposes as stated in this policy.
Unless otherwise specified in this policy or as required by laws and regulations, we will inform you in advance and seek your consent when we need to use personal data for purposes not specified in this policy.
Unless explicitly stated otherwise for the following purposes, we only store your personal data for the period necessary to achieve the relevant purpose(s). If data is used for multiple purposes, once the specific purposes are fulfilled, your data will be deleted or stored in a form that cannot be directly or indirectly traced back to you.
(1) User registration/Login
The ACE 3.0 mobile app does not require you to set up an account or ID. You can use all the features of the ACE 3.0 mobile app without logging in with your BMW ID.
(2) Provision of the functionalities of the ACE 3.0 mobile app product
The ACE 3.0 mobile app provides you with the following services:
• Video, audio, and image download services. You can use this service to directly download the videos, audio, and images recorded by the ACE 3.0 dashcam to your mobile phone.
The ACE 3.0 dashcam uses two wide-angle cameras positioned on the front and rear windshields of the car to capture video and images of the surroundings, as well as audio from both inside and outside the vehicle, and for recording any emergencies during driving and parking. The videos, audios, and images recorded by the ACE 3.0 dashcam will only be stored on the dashcam's SD storage card. You can use the ACE 3.0 mobile app to directly download the recorded videos, audios, and images from the dashcam to your mobile phone. During the processes above, we will not separately collect, process, upload, or share any of your personal data.
The above data is necessary for providing the various functionalities or related specific services of the ACE 3.0 mobile app product. Therefore, if you do not provide and authorise us to use the above data, we will be unable to provide specific services of the ACE 3.0 mobile app. For in-vehicle audio, vehicle users must inform current and future vehicle users, passengers, and their guardians of the circumstances, and obtain their consent and permission.
The above information will be deleted when you cease using the relevant functionalities of the ACE 3.0 mobile app and delete the app from your local device, unless such data is required to be retained according to the provisions of laws and regulations or your separate authorised consent.
• Using email support services. Through this function, you can send any issues or feedback to the ACE 3.0 customer service team, who will provide assistance and help.
In addition to the necessary data to provide the various functionalities or specific services of the ACE 3.0 mobile app, the following details related to personal data are required when providing the relevant services:
When you use our business functions, the ACE 3.0 mobile app will request the following system permissions and device properties related to personal data:
1. Bluetooth permissions
-We will request these permissions from you in the following situations:
• When the ACE 3.0/ACE 3.0 PRO dashcam is connected via Bluetooth, the ACE 3.0 mobile app uses Kotlin and no.nordicsemi.android to obtain Bluetooth permissions and to access the system settings in order to modify the ACE3.0 mobile app device functions.
2. Wi-Fi permissions
-We will request these permissions from you in the following situations:
• When you send the video, audio, and images recorded by the ACE 3.0 dashcam to your smartphone, the ACE 3.0 mobile app needs to obtain Wi-Fi permissions for communicating through a Wi-Fi hotspot.
3. Storage permissions (Android only)
-We will request these permissions from you in the following situations:
• Downloading and storing the videos, audio, and images recorded by the ACE 3.0 dashcam on a smartphone.
4. Photo album permissions (iOS only)
-We will request these permissions from you in the following situations:
• Downloading and storing the videos, audio, and images recorded by the ACE 3.0 dashcam on a smartphone.
5. Location permissions (Android only)
-We will request these permissions from you in the following situations:
• To obtain the Wi-Fi name for connecting the dashcam device with the app
6. Reading device information
-We will request these permissions from you in the following situations:
• When the ACE 3.0/ACE 3.0 PRO dashcam is connected via Bluetooth in order to obtain the following information: Bluetooth MAC address, UUID (Universally Unique Identifier), Bluetooth HCI (Host-Controller Interface) name, and device name.
• When the ACE 3.0 app is in the foreground, the app and no.nordicsemi.android obtain your Bluetooth device MAC address to maintain a continuous connection between the ACE 3.0 mobile app and the ACE 3.0 dashcam.
• When you use the ACE 3.0 app, Kotlin and no.nordicsemi.android obtain the MAC address of your paired Bluetooth devices. Frequent retrieval of the MAC addresses of your paired Bluetooth devices is necessary to maintain a continuous connection between the ACE 3.0 mobile app and the ACE 3.0 dashcam.
• When you send the video, audio, and images recorded by the ACE 3.0 dashcam to your smartphone, the ACE 3.0 mobile app needs to obtain Wi-Fi permissions to communicate through the Wi-Fi hotspot and obtain the following information: SSID, and BSSID (Wi-Fi MAC address).
The above is a total of six system permissions. If you do not provide authorisation, we will be unable to provide such business functionalities. Apart from the permissions outlined above, you may choose whether to grant additional system permissions.
If you wish to revoke the permissions granted, you can do so within the app by going to ‘More’ - ‘Device Permissions’ - ‘Permissions’ – ‘System Setting Management’, and then entering your phone's system permission management page to complete the permission revocation process.
In order to ensure the implementation of app-related functions and the stable operation of the app, we may integrate open-source software development kits to achieve these purposes. There may be variations in features across different SDK versions. We will carry out strict security monitoring on software development kits (SDKs) that obtain data in order to ensure data security.
(3) Customer service
In handling contractual matters related to you (e.g. technical issues with this product) or requests you make (e.g. queries or complaints submitted to BMW customer service), we use the personal data you have provided (e.g. name, email, vehicle model, and phone number) to contact you directly. When handling the aforementioned contractual matters and your requests, we will contact you according to the contact information you have clearly provided (such as written correspondence, phone, text messages, email, etc.) and will not seek to obtain your consent separately.
(4) Fulfilment of legal obligations
In accordance with legal and regulatory obligations, such as product recalls or technical activities, we may issue relevant notices and contact you according to the information you provide.
(5) Exceptions to obtaining authorisation and consent for the collection and use of personal data
In accordance with relevant laws, regulations, and national standards, we may collect and use your personal data without obtaining your authorisation in the following exceptional circumstances:
1. Where it is necessary for the conclusion and performance of a contract to which you are a party;
2. Where it is necessary for us to fulfill our legal duties or obligations.
3. In response to sudden public health emergencies, or in emergency situations necessary to protect your or others' lives, health, and property.
4. To process your personal data within a reasonable scope for news reporting, public opinion monitoring and other activities in the public interest;
5. To process your personal data that you have voluntarily disclosed or that has been lawfully disclosed within a reasonable scope in accordance with the law.
6. Other circumstances as stipulated by laws and administrative regulations.
The ACE 3.0 mobile app will not use cookies or similar technologies for its products/services.
(1) Entrustment for processing
In order to provide you with specialised and high-quality products and services, certain specific modules or functions in the ACE 3.0 mobile app are actually provided by authorised dealers and/or external suppliers of BMW China. We have engaged the service provider THINKWARE Corp. to assist us in providing customer support. In such cases, in order to provide you with relevant services and support, we need to entrust your personal data to such relevant affiliated parties, authorised BMW dealers, and/or external suppliers for processing. In the case of entrustment for processing, we will determine the purposes and methods of processing your personal data within the scope of this policy, and the entrustee(s) will process your personal data according to our instructions. If you have any questions about the processing of personal data by such modules or functions, or if you wish to make a complaint, you can contact us directly via the contact information in Section 9.
In the case of entrustment for processing, with respect to the companies, organisations, and individuals mentioned above who accept our entrustment and assist us in processing personal data, we will agree with the entrusted parties with respect to the purpose, duration, method, types of personal data, protection measures, and the rights and obligations between us and the entrusted parties, based on the scope of authorisation you have granted us, and we will supervise their processing of personal data. We will ensure that the entrustees process your personal data in accordance with our agreement with them, and that they will not process your personal data beyond the agreed processing purposes and methods. We will sign a strict confidentiality agreement with them, requiring them to handle personal data in accordance with our requirements, this privacy policy, and any other relevant confidentiality and security measures.
(2) Sharing
We may share your personal data with third parties as required by laws and regulations, or as mandated by regulatory authorities.
We only share necessary personal data and are bound by the purposes stated in this privacy policy. Prior to sharing your personal data , we will prompt you again and obtain your authorisation through pop-ups or other means, or ask you to click to Confirm or sign a ‘Separate Consent Form’.
(3) Provision
Apart from the customer service and support expressly stated in Sections 1 and 3(1) above as well as the fulfillment of legal obligations, we will not provide your personal data to any company, organisation, or individual.
However, the following situations are excluded:
1. If provided with explicit consent. We will provide your personal data to other parties after obtaining your explicit consent.
2. In the case of mergers, acquisitions, or bankruptcy liquidation, if personal data is provided to the successors of the rights and obligations of the Company, we will inform you separately of the relevant circumstances and require the new company or organisation holding your personal data to continue to be bound by this privacy policy. Otherwise, we will require the company or organisation to seek your authorisation again.
(4) Public disclosure
We will only disclose your personal data in the following circumstances:
1. Where it is necessary for our business and requires your separate consent;
2. Disclosure according to legal requirements: We may disclose your personal data in situations where it is required by law, legal procedures, litigation, or governmental regulatory authorities.
(5) Exceptions for sharing, provision, and disclosing personal data with prior consent
In accordance with relevant laws, regulations, and national standards, in the following situations, we may share, transfer, or publicly disclose your personal data without obtaining your prior authorisation:
1. Where it is necessary for the conclusion and performance of a contract to which you are a party;
2. Where it is necessary for us to fulfill our legal duties or obligations.
3. In response to sudden public health emergencies, or in emergency situations necessary to protect your or others' lives, health, and property.
4. To process your personal data within a reasonable scope for news reporting, public opinion monitoring and other activities in the public interest;
5. To process your personal data that you have voluntarily disclosed or that has been lawfully disclosed within a reasonable scope in accordance with the law.
6. Other circumstances as stipulated by laws and administrative regulations.
(1) We have used security measures that comply with industry standards to protect the personal data you provide, in order to prevent unauthorised access, disclosure, use, modification, damage, or loss of the data. We will take all reasonable and practical measures to protect your personal data. For example, we use encryption to ensure the confidentiality of data; we use trusted protection mechanisms to protect data from malicious attacks; we deploy access control mechanisms to ensure that only authorised personnel can access personal data; and we regularly conduct security and privacy protection training courses to enhance the awareness of employees with respect to the importance of protecting personal data.
(2) We will take all reasonable and practical measures to ensure that only the personal data necessary to achieve the purposes stated in this policy is collected. We will only retain your personal data for the period necessary to achieve the purposes stated in this policy, unless it is necessary to extend the retention period and obtain your separate authorised consent, or as required by laws and regulations or specific regulatory requirements for data retention.
(3) The internet is not 100% secure, and although we are committed to protecting your personal data, we are unable to guarantee its absolute security. Therefore, you should also take active steps to ensure the security of your personal data, such as regularly changing your account password and not disclosing to others information relating to your password for your personal account.
(4) In the unfortunate event of a security incident involving your personal data, we will promptly inform you in accordance with the requirements of laws and regulations of information such as the basic details and possible impact of the security incident, the actions we have taken or will take, suggestions for your own risk prevention and mitigation, and remedial measures for you. We will promptly inform you of relevant information via email, letters, telephone, push notifications, and so on. In the event of difficulty in informing each individual data subject, we will take reasonable and effective measures to issue a public notice.
We will also proactively report the handling of personal data security incidents as required by regulatory authorities.
(5) The ACE 3.0 mobile app may contain network links operated and maintained by third parties. For example, to access ETC functionality, users may need to be redirected to the “e-Gaosu" mobile app. We, however, have no control over such third parties. Please be advised that any data you provide to a third party will be subject to the privacy policy or personal data protection policy of that third party. We suggest that you investigate and inquire into the situation before providing any data to a third party. We do not take any responsibility for the content, actions or policies of third parties. The appearance of third-party links in the ACE 3.0 mobile app does not imply our endorsement of the content, actions, or policies of the third party.
We suggest you carefully read the privacy policies of such third parties. As third-party apps may collect and use relevant personal data based on your service needs, please read the privacy policies of third-party apps for detailed information.
In accordance with relevant Chinese laws, regulations, standards, in addition to common practices of other countries and territories, we guarantee you the following rights with respect to your personal information:
(1) Access, review and copying of your personal data
You have the right to access your personal data, except in the exceptional circumstances provided for by laws and regulations. If you wish to exercise your right to access your personal data, you can send an email to: support@ace-30.cn. We will process your request after verifying your identity and complete the verification and processing within fifteen working days.
You also have the right to copy your personal data, or to obtain a copy of your data. You can contact us via email at support@ace-30.cn.
Upon your request, we can also directly transfer a copy of your personal data to a third party you specify, provided that it is technically feasible, such as data interface matching, and that it meets the conditions specified by the national internet administration.
(2) Correcting your personal data
If you discover that your personal data that we are processing is not correct, you have the right to request that we make corrections. You can contact support@ace-30.cn for the specific correction workflow. We will process your request after verifying your identity, and complete the verification and processing within 15 working days.
(3) Deleting your personal information
If any of the following circumstances apply, you may request the deletion of your personal data:
(1) When our processing of personal data violates laws or regulations.
(2) When we collect or use your personal data without your consent.
(3) When our processing of personal data violates our agreement with you.
(4) When the purpose of processing your data has been achieved, or you believe it is no longer possible or necessary to achieve the purpose (for example, you no longer use our products or services, or you have closed your account).
(5) When you withdraw your consent to our processing of your personal data.
If we agree to your request to delete data, we will also notify the entities from which we obtained your personal data, and request them to promptly delete the relevant data, unless otherwise provided by laws and regulations or unless we have obtained your separate authorisation.
Once your information has been deleted from our services, we may not immediately delete the corresponding data from backup systems due to legal and regulatory restrictions. However, we will securely store the data and cease any further processing until deletion or anonymisation of the backup(s) is carried out. In order to fully protect your personal rights, we may retain necessary information in backup systems and use technical means to make this information unsearchable or inaccessible.
(4) Account closures by personal data subjects
The ACE 3.0 mobile app does not have the functionality to set up an account or ID.
(5) Changing the scope of your authorisation or withdrawing your consent
You can grant or withdraw your consent for us to collect and use your personal data at any time. You may withdraw your consent by calling our service hotline at +86 4001 204 236. If you wish to revoke the permissions granted, you can do so within the app by going to ‘More’ - ‘Device Permissions’ - ‘Permissions’ - ‘System Setting Management’, and then entering your phone's system permission management page to complete the permission revocation process.
Please note, however, that each business function requires certain basic personal data (see the first part of this policy). Therefore, if you withdraw your consent for us to collect and use your personal data that is necessary for a business function, we will not be able to continue providing you with the corresponding services.
Once you withdraw your consent, we will no longer process the personal data within the scope of your withdrawn consent. However, withdrawing your consent will not affect the processing of personal data that was carried out based on your consent prior to the withdrawal.
(6) Responding to your requests on the above
You can make requests regarding rights to your personal information based on the specific methods listed above. To ensure safety, you may need to prove your identity. We may first request you to verify your identity before processing your request.
We will respond within 15 business days. If you are not satisfied, you can file a complaint through the following channels.
Email: support@ace-30.cn
Hotline: +86 4001 204 236
We generally do not charge a fee for reasonable requests, but we may charge certain fees for multiple repeated requests or excessive requests, depending on the situation. We may refuse requests that are unjustifiably repetitive, require disproportionate technical effort (such as the need to develop a new system or fundamentally change current practices), that pose risks to the legitimate rights and interests of others, or that are highly impractical (such as involving information stored on backup tapes).
We will be unable to respond to your request in the following circumstances:
1. If related to our fulfillment of obligations stipulated by laws and regulations;
2. If directly related to national security or defence;
3. If directly related to public safety, public health, or major public interests;
4. If directly related to a criminal investigation, prosecution, trial, or execution of judgment;
5. If we have sufficient evidence to demonstrate that you have acted with subjective malice or abused your rights;
6. For the purpose of safeguarding major legitimate rights and interests such as your or others' lives or property, but where it is difficult to obtain your consent;
7. If responding to your request would result in serious harm to your or other individuals' or organisations' legitimate rights and interests;
8. If trade secrets are involved.
The ACE 3.0 mobile app service is mainly targeted at adults. The ACE 3.0 mobile app does not have the functionality to create any ID or account, nor does it collect or use the personal data of minors. If it is necessary to collect and use minors’ personal data, we will inform their guardians in advance and obtain their separate consent.
For the purpose of this policy, we consider anyone under 14 years of age as a minor.
If we find that we have collected minors’ personal data without the prior consent of a verifiable guardian, we will make every effort to promptly delete the relevant account and personal data.
Personal data we collect and generate within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China. Therefore, your personal data will not be transferred to jurisdictions outside of China or accessed from jurisdictions outside of China. If we need to transfer your personal data outside of China in the future, we will seek your separate consent, comply with relevant laws and regulations, and ensure that your personal data receives an adequate level of protection equivalent to that in China.
Our personal data protection policy may change. We will not reduce the rights you are entitled to under this privacy policy without your explicit consent. We will post any changes made to this policy on this page. We will archive previous versions of this policy for your reference.
We will also provide more prominent notifications for major changes.
Major changes referred to in this policy include, but are not limited to:
1. Where our service model has undergone a major change. For example, the purpose of processing personal data, the types of personal data being processed, and the ways in which personal data is used.
2. Where we have undergone significant changes in ownership structure, organisational structure, and other aspects. For example, changes in ownership caused by business adjustments, bankruptcy, and mergers and acquisitions;
3. Where the main recipients of personal data sharing, transfer, or public disclosure have changed;
4. Where there are significant changes in your rights to participate in the way your personal data is processed and how you can exercise your rights;
5. Where our department responsible for handling personal data security, contact information, and complaint channels change.
1. If you have any questions, comments or suggestions about this privacy policy, please contact us through the following channels:
Email: support@ace-30.cn
Hotline: +86 4001 204 236
BMW (China) Automotive Trading Co., Ltd., with registered address at 28th Floor, Tower B, Gateway Plaza, No. 18 Xia Guang Li, North Road East Third Ring, Chaoyang District, Beijing, China, 100027.
BMW Brilliance Automotive Ltd., with registered address at No. 14, Shanzuizi Road, Dadong District, Shenyang City, China, 110143.
We will do our best to reply to you within 15 working days.
2. We have set up a dedicated personal data protection team, the Data Governance Department of BMW (China) Automotive Trading Co., Ltd. You can contact us by emailing servicecenter@bmw.com.cn or by calling the BMW Customer Service Centre on 400-800-6666. If you are not satisfied with our response, especially if you believe that our handling of personal data has harmed your legitimate rights and interests. You may also seek resolution through the following external channels: By filing a case with a court that has jurisdiction over the defendant's location.