Privacy Policy

Updated: December, 29 2022

This privacy policy (the “Privacy Policy”) is designed to provide users (“you”) of our websites, apps, software and other online services (the “UDictionary”, “Service” or “Platform”) with clear information relating to how Youdao Hong Kong Limited and its affiliates (“Youdao” or “We”) process your personal data or personal information (“Personal Information”). If you do not agree with this policy, you should not use the Service.

In this Privacy Policy, you will find the following information:

  1. What is Personal Information and Who is the Provider and Controller?
  2. Who are We?
  3. What Personal Information Do We collect from you?
  4. Cookies
  5. Why and how do We use your Personal Information?
  6. Who Do We Share Your Personal Information with?
  7. Your Rights and Choices
  8. Data Security and Data Retention
  9. Data Transfers, Storage and Processing Globally
  10. Children’s Privacy Notice
  11. Modifications to the Privacy Policy
  12. Contact Us
  13. European Data Protection Specific Information
  14. California Privacy Rights

1. What is Personal Information and who is the provider and controller?

What is Personal

Information?

Personal Information refers to any information that could identify you either directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Who is the Service Provider?

A service provider is a for-profit legal entity that processes personal information on behalf of a business pursuant to a written contract for a business purpose. The types of service providers to whom we entrust personal information for IT, network, cloud hosting and related services; content moderation; marketing; analytics; payment processing; customer service activities; the provision of the Business Services and the provision of information and services you have requested, such as Alibaba Cloud, Firebase, Google, Facebook, Apple, App Annie.

Who is the Data Controller?

A Data Controller is the entity that determines how and why Personal Information are processed. For the processing activities described in the Privacy Policy, 【Youdao】 acts as the Data Controller.

2. Who are We?

Youdao Hong Kong Limited is a company established at 1/F Xiu Ping Comml Bldg 104 Jervois St SHEUNG WAN HONG KONG. For UDictionary, We has appointed a Data Protection Officer whom you can contact at udictionary01@gmail.com for all matters relating to personal data, including in particular the exercise of your rights in relation to UDictionary’s processing of your data.

3. What Personal Information Do We collect from you?

We collect your information in three ways: Information You Provide, Automatically Collected Information, and Information from Other Sources. More detail is provided below.

Information You Provide

User Content. We may collect the content you create or publish through the Service, such as audio recordings, videos, and the associated metadata (such as when, where, and by whom the content was created). Even if you are not a user, information about you may appear in content created or published by users on the Platform. We may also collect content (such as text, images, and video) from your device's clipboard if you choose to copy and paste content to or from the Platform or share content between it and a third party platform.

Surveys, Research, and Promotions. We may collect information you provide if you choose to participate in a survey, research, promotion, contest, marketing campaign, or event conducted or sponsored by us.

Information When You Contact Us. When you contact us, we may collect the information you send us, such as proof of identity or age, feedback or inquiries about your use of the Service or information about possible violations of our Terms of Service (our “Terms”) or other policies.

Automatically Collected Information

Information From Other Sources

4. Cookies

Cookies are small text files that are placed on your device when you browse our UDictionary platform. We use Cookies for providing users with a simpler and easier-to-use personalized web experience. Cookies enables us to serve you better and faster, and to make your experience on UDictionary Service more personal.

Using such technologies, we, our service providers, and our business partners may automatically log information about you, your computer or mobile device (if any), and activity over time occurring on or through the Services and other online services. We use them for the following purposes:

If you consented to our use of cookies but later wish to opt out, you may change, at any time, your cookies preferences through the browser (if you access UDictionary Services via a browser) or user selection mechanism, you can use your browser settings in order to block the cookies. The following links provide instructions in order to manage your cookies preferences:

In addition, if you do not want Google Analytics to be used in your browser, you can

In addition, you may wish to visit www.aboutcookies.org , which contains comprehensive information on how to do this on a wide variety of browsers.

Moreover, you can use another online service enabling you to manage the advertisement cookies placed on your devices: http://www.youronlinechoices.com/ .

5. Why and how do We use your Personal Information?

We may use the information we collect for a variety of purposes, such as the purposes outlined below:

6. Who do We share your Personal Information with?

For the purposes referred to under this Privacy Policy, We may share your Personal Information with certain recipients. Such recipients will either act as another controller or as processor acting on behalf and upon our instructions.

The processors which We may share your Personal Information with are the following:

Customer Communications and Insights Platforms. We may share email, app usage and interactions with our third-party customer communications platform provider for the following business purposes: performing services that allow us to communicate with you and administer your account as well as track your usage for our internal analytics.

Internal Business Insights Platforms. Our third-party internal business analytics platform provides us with the tools to help us understand app usage and interactions and uncover insights that allow us to improve our product and features. We may share or make available unique user identifiers, IDFA, device id, IP address and app usage and events (such as when you subscribed to our services) with these providers for the following business purposes: performing services that allow us to (i) monitor and understand usage in order to enhance existing Services or develop new products and features and (ii) better understand our customers in order to market our products more effectively.

Measurement and Data Partners. We also share Technical Information and Usage Information with third party measurement providers who help us measure advertising served on the Platform and help our advertisers determine how effective their ads have been.

Other technology providers necessary to provide our services (including cloud storage and web hosting providers). We may make certain Automated Information and/or aggregate or non-personally identifiable information available for various purposes including monitoring network traffic to detect malicious actors and to protect against malware, fraud or other unlawful uses or activity.

Marketing providers. We, or the third-party service providers we use to assist us with marketing our own products to you, may use the information we collect from you to provide advertisements and offers for our other products. Additionally, we may share certain information with Facebook that allows us to create Custom or Lookalike Audiences here. You may learn more about Facebook Lookalike Audiences here and about your off-Facebook activity and how to opt out of having such activity sent to Facebook  here.We encourage you to review Facebook's Privacy Policy. We may also use Google Ads and Google Analytics to advertise our products, and for remarketing and optimization purposes. For example, where individuals allow for personalized ads in their Google settings, we use Google Signals on our websites to target those interested in our products with advertisements. You may opt-out of the use of this tracking technology by visiting Google’s Advertising and Privacy page  or by interacting with our website cookie banners.

Our UDictionary may contain links to third-party websites, tools or services. Those third parties have separate and independent privacy policies that you are invited to read carefully. This Privacy Policy does not apply to your use of such third-party sites, tools or services. We do not own or control those third parties, and We assume no responsibility or liability for their content and activities.

7. Your Rights and Choices

You can access and edit most of your profile information by signing into our Service. You can delete the User Content you uploaded. You may also be afforded certain rights under applicable laws, which may include the right to access, delete, update, or rectify your data, to be informed of the processing of your data, to file complaints with authorities, and potentially other rights.

Please be aware that if you do not allow us to collect personal information from you, we may not be able to deliver certain experiences, products, and services to you, and some of our services may not be able to take account of your interests and preferences. If collection of personal information is mandatory, we will make that clear at the point of collection so that you can make an informed decision whether to participate.

If you have any questions on how to use the above tools, want to know about what rights you may have or want to exercise them, or have any requests, inquiries, or complaints, please contact us pursuant to the means mentioned in Article 12 of this Policy.

8. Data Security and Data Retention

Security of your information is important to us. We maintain appropriate technical, administrative, and physical security measures that are designed to protect your information from unauthorized access, theft, disclosure, modification, or loss. We regularly review our security measures to consider available new technology and methods. However, you should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.

We retain information for as long as necessary to provide the Service and for the other purposes set out in this Privacy Policy. We also retain information when necessary to comply with contractual and legal obligations, when we have a legitimate business interest to do so (such as improving and developing the Service, and enhancing its safety, security and stability), and for the exercise or defense of legal claims.

Upon expiry of the applicable data retention period, We undertake to erase or irrevocably anonymize the relevant Personal Information.

9. Data Transfers, Storage and Processing Globally

The personal data we collect from you may be stored on a server located in United States,Singapore and Hong Kong, outside of the country where you live. We maintain major servers around the world to bring you our services globally and continuously.

We operate globally and may transfer your personal information our Affiliates or third parties in locations around the world for the purposes described in this Privacy Policy. Wherever your personal information is transferred, stored or processed by us, we will take reasonable steps to safeguard the privacy of your personal information. These steps may include implementing standard contractual clauses which recognized by law, obtaining your consent, or other lawful means of transferring personal information.

10. Children’s Privacy Notice

We are not directed at children (the age of 13 in the United States, the age of 16 in the EU, or any age if required in an applicable jurisdiction to comply with applicable laws), and we do not knowingly collect information from children. If you are under the age then DO NOT DOWNLOAD OR USE THE SERVICES. If you believe that we may have personal information from or about a child, please contact us as the means mentioned in Article 12 of this Policy. Note that we'll attempt to delete the account of any child that's reported to us as soon as possible. You are responsible for any and all account activity conducted by a child on your account.

11. Modifications to the Privacy Policy

We reserve the right to change this Privacy Policy at any time. When we update the Privacy Policy, we will notify you by updating the “Last Updated” date at the top of this policy and posting the new Privacy Policy and providing any other notice required by applicable law. We recommend that you review the Privacy Policy each time you visit the Platform to stay informed of our privacy practices.

12. Contact Us

If you have any requests, questions, comments, or concerns regarding this Privacy Policy or privacy practices, please contact our Data Protection Officer at udictionary01@gmail.com

13. European Data Protection Specific Information

Data Subjects Rights

If you are in the European Economic Area (“EEA”), Switzerland, or the United Kingdom (“UK”), You have various rights in relation to the processing of your Personal Information:

In order to exercise any of your rights, or if you have any other questions about our use of your Personal Information, please send a request at the contact details specified at the Article 12 of this Privacy Policy. We will reply your requests in 30 days, for complicated issues we may need a 60-day extension period. Please note that We may request you to provide us with additional information in order to confirm your identity and ensure that you are entitled to access the relevant Personal Information.

In any case, you also have the right to lodge a complaint with the competent data protection authority.

Legal Bases for Processing

We rely on the following legal bases when we process Personal Information about individuals in the EEA, Switzerland, or the UK.

International Data Transfers

The personal data we collect from you is stored on a server located in United States, Singapore and Hong Kong.We maintain major servers around the world to bring you our services globally and continuously. These entities commit to processing information in compliance with applicable privacy laws and to implementing appropriate security measures to protect your information.

When we transfer your information outside of the EEA, the UK, or Switzerland, we ensure it benefits from an adequate level of data protection by relying on:

• Adequacy decisions. These are decisions from the European Commission under Article 45 GDPR (or equivalent decisions under other laws) where they recognize that a country offers an adequate level of data protection. We transfer your information as described in What Information We Collect to some countries with adequacy decisions; or

• Standard contractual clauses. The European Commission has approved contractual clauses under Article 46 of the GDPR that allows companies in the EEA to transfer data outside the EEA. These (and their approved equivalent for the UK and Switzerland) are called standard contractual clauses. We rely on standard contractual clauses to transfer information to certain entities in our affiliates and third parties in countries without an adequacy decision.

14. California Privacy Rights

California Consumer Privacy Act

The California Consumer Privacy Act of 2018 (CCPA) provides California residents the right to request:

As required by the CCPA, we will not discriminate against you for exercising any of these rights.

You may exercise your rights by sending a request at the contact details specified at the Article 12 of this Privacy Policy. We will acknowledge receipt of your request within 10 business days, and provide a substantive response or notify you of the reason and extension period within 45 days. Under the CCPA, only you or an authorized agent may make a request related to your Personal Information. We must verify your identity to respond to certain requests. We may do so by requiring you to log into your account, provide information relating to your account or other additional information, or give a declaration as to your identity under penalty of perjury.

To opt out of the use of cookies on the Service for interest-based advertising purposes, follow the instruction mentioned in Article 4 of this Policy.

California’s Shine the Light Law

California Civil Code Section 1798.83, also known as “Shine The Light” law, permits California residents to annually request, free of charge, information about the disclosure of their Personal Information (if any) to third parties for the third parties’ direct marketing purposes in the preceding calendar year. If applicable, this information would include the categories of customer information, as well as the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year. To submit a request, you could contact us with the method mentioned in Article 12 in this Policy.