Nexconn SDK privacy policy
Effective date: March 26, 2026
This Nexconn SDK Privacy Policy ("Policy") explains how Nexconn processes end user data when developers integrate Nexconn SDK products into their applications and services. "Nexconn" means RCLOUD GLOBAL PTE. LTD., a company incorporated under the laws of the Republic of Singapore with its registered office at 25 SEAH STREET, #02-01, SINGAPORE 188381, and its Affiliates. In this Policy, "we", "us", and "our" refer to Nexconn.
This Policy applies to the following SDK Products and any later updates we may provide:
- Nexconn Chat SDK for Android, iOS, Web, and Flutter
- Nexconn Call SDK for Android, iOS, and Web
This Policy explains to developers and their end users ("end users") how our SDK Products collect and process end user data after developers integrate them into their applications or products, including mobile apps, web applications, and other services (collectively, "Applications"). "Process" or "processing" includes collection, storage, use, processing, transmission, provision, disclosure, and other handling of personal information. In these scenarios, the developer, as the personal information controller, decides the purpose and means of processing end user data. We act as the entrusted processor and collect and process data only on the developer's behalf to provide the relevant SDK functions, and only according to the developer's instructions.
Under applicable law, personal information means any information recorded electronically or otherwise that can identify a specific natural person, either on its own or when combined with other information, including a person's name, date of birth, identity document number, biometric data, photograph, occupation, address, telephone number, email address, health information, location data, and similar information.
Sensitive personal information means personal information that, once leaked or misused, can easily harm a person's dignity or personal or property safety. This includes biometric data, religious beliefs, specific identity information, medical and health data, financial account data, location tracking data, and the personal information of minors under the age of 14. In this Policy, we highlight sensitive personal information with bold and underlined text where appropriate. We process sensitive personal information only for a specific purpose, when strictly necessary, and only after obtaining separate consent where required.
Special notes
For developers
If you are a developer:
- Read and agree to this Policy before you integrate the SDK Products. If you do not agree to any part of this Policy, stop integrating and using the SDK Products immediately.
- Integrate the SDK Products and process end user personal information only after obtaining the end user's consent.
- Comply with all laws and regulations that apply to the collection, use, and processing of end user personal information. This includes publishing a privacy policy, providing a user-friendly process for exercising user rights, and informing end users how to access, copy, correct, delete, and transfer their personal information, withdraw consent, restrict processing, obtain a copy of their personal information, and delete or deactivate their accounts.
For end users
If you are an end user:
- This Policy does not replace the privacy policy of the developer's Application.
- The developer must disclose its own privacy policy to explain how it collects, processes, and protects your personal information.
- If you want to access, correct, modify, or delete your data, or if you no longer want to use an Application that integrates the SDK Products, contact the relevant developer directly. The developer is the personal information controller.
Overview
This Policy helps you understand:
- What personal information we collect and how we use it
- How we share, transfer, and publicly disclose personal information
- End user rights
- How we handle children's personal information
- How we protect personal information
- How we store personal information
- How we update this Policy
- How to contact us
1. What personal information we collect and how we use it
We do not require developers to proactively provide personal information. The information we collect cannot, by itself, identify a specific natural person. Based on the technical characteristics of the SDK Products, the SDK runtime cannot independently obtain information that, by itself, identifies a specific natural person.
1.1 Chat SDK
The Chat SDK provides real-time messaging functions and services.
If a developer integrates the Chat SDK, the SDK may collect the following information programmatically on the developer's behalf, depending on the platform and features used:
| Personal information type | Purpose | Required or optional | Processing method | Applies to |
|---|---|---|---|---|
| End user message content, including message text, images, audio and video, files, and other message payloads, and related log data | Provide real-time messaging functions and services | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| Device brand | Ensure compatibility across device vendors and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android, iOS, and Flutter mobile builds |
| Device model | Ensure compatibility across device models and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android, iOS, and Flutter mobile builds |
iOS device ID (deviceToken) | Support push notifications and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | iOS |
| Operating system version | Ensure compatibility across operating system versions and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android, iOS, and Flutter mobile builds |
| CPU information | Ensure compatibility across CPU models and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android, iOS, and Flutter mobile builds |
| Memory usage | Ensure compatibility across device memory configurations and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android, iOS, and Flutter mobile builds |
| IP address | Determine how to connect to the server | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| Network access method and network type | Determine network access status and connectivity | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| User ID under the App Key, which is a unique numeric or string identifier for a user under the same App Key | Identify the user in a session and ensure uniqueness under the same App Key | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| App package name or bundle identifier | Support push notifications | Required | Encrypted transmission and other secure processing methods | Android, iOS, and Flutter mobile builds |
| Time zone | Determine language settings and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| Language | Support multilingual features and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| App version | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| App Key | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| User token | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| Nexconn SDK version | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
Carrier code (MNO) | Troubleshoot compatibility or crash issues | Optional | Encrypted transmission and other secure processing methods | Android and iOS |
| API call error codes | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
| Connection failure error codes | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Chat SDK platforms |
The following permissions are required or used to provide Chat SDK functions:
| Permission | Purpose | Required or optional | Platform |
|---|---|---|---|
WRITE_EXTERNAL_STORAGE | Cache images, messages, conversations, and logs | Required | Android |
NSFileProviderAddUsageDescription | Cache images, messages, conversations, and logs | Required | iOS |
Notes:
- The Web Chat SDK does not use mobile OS runtime permissions.
- The Chat SDK for Flutter includes native Android and iOS implementations. When you build for mobile, the applicable permissions follow the underlying Android or iOS platform.
1.2 Call SDK
The Call SDK provides real-time audio and video calling functions and services.
If a developer integrates the Call SDK, the SDK may collect the following information programmatically on the developer's behalf, depending on the platform and features used:
| Personal information type | Purpose | Required or optional | Processing method | Applies to |
|---|---|---|---|---|
| End user message content, including message text, images, audio and video, files, and other message payloads, and related log data | Provide real-time communication functions and services | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| Device brand | Ensure compatibility across device vendors and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android and iOS |
| Device model | Ensure compatibility across device models and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android and iOS |
iOS device ID (deviceToken) | Support push notifications and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | iOS |
| Operating system version | Ensure compatibility across operating system versions and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android and iOS |
| CPU information | Ensure compatibility across CPU models and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android and iOS |
| Memory usage | Ensure compatibility across device memory configurations and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | Android and iOS |
| IP address | Determine how to connect to the server | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| Network access method and network type | Determine network access status and connectivity | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| User ID under the App Key, which is a unique numeric or string identifier for a user under the same App Key | Identify the user in a session and ensure uniqueness under the same App Key | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| App package name or bundle identifier | Support push notifications | Required | Encrypted transmission and other secure processing methods | Android and iOS |
| Time zone | Determine language settings and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| Language | Support multilingual features and troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| App version | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| App Key | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| User token | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| Nexconn SDK version | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
Carrier code (MNO) | Troubleshoot compatibility or crash issues | Optional | Encrypted transmission and other secure processing methods | Android and iOS |
| API call error codes | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
| Connection failure error codes | Troubleshoot compatibility or crash issues | Required | Encrypted transmission and other secure processing methods | All Call SDK platforms |
The following permissions are required or used to provide Call SDK functions:
| Permission | Purpose | Required or optional | Platform |
|---|---|---|---|
CAMERA | Enable video calling by accessing the camera | Required | Android |
RECORD_AUDIO | Enable audio and video calling by accessing the microphone | Required | Android |
MODIFY_AUDIO_SETTINGS | Modify global audio settings | Optional | Android |
BLUETOOTH | Support Bluetooth headsets or earbuds during calls | Optional | Android |
WRITE_EXTERNAL_STORAGE | Store call records | Required | Android |
READ_PHONE_STATE | Notify the remote user when a SIM call arrives during an active call | Optional | Android |
NSCameraUsageDescription | Enable video calling | Required | iOS |
NSMicrophoneUsageDescription | Enable audio calling | Required | iOS |
NSFileProviderAddUsageDescription | Store call records | Required | iOS |
| Browser camera permission | Enable video calling | Required when the web application starts or answers a video call | Web |
| Browser microphone permission | Enable audio and video calling | Required when the web application starts or answers an audio or video call | Web |
1.3 Profile Hosting service
The Profile Hosting service is enabled by default. We process and store end user profile data according to the developer's instructions. This data can include a user's nickname, avatar, email address, birthday, gender, location, role, level, friend remark name, and other custom attributes defined by the developer's Application, together with related log data.
We act only as the entrusted processor for this service. We store and process this data only according to the developer's instructions and do not use it for any purpose outside the Profile Hosting service unless required by law or otherwise instructed by the developer. Unless the developer instructs us otherwise or laws and regulations require otherwise, we do not proactively access, view, or use this data.
1.4 Third-party SDKs
In addition to the data required for our own services, the SDK Products may integrate third-party SDKs. Developers can decide whether to integrate them. For data collected by those third-party SDKs, developers and end users should review the relevant third-party privacy policies.
The current list of third-party SDKs covered by this Policy is as follows:
| Nexconn SDK | Third-party SDK | Privacy policy | Purpose |
|---|---|---|---|
| Android Chat SDK | Huawei Push Kit | Huawei Developer Alliance Privacy Statement | 1. Improve push delivery across supported vendor channels. 2. Optional for developers. |
| Android Chat SDK | Google FCM SDK | Google Privacy Policy | 1. Provide the system-level push channel for overseas Android devices, where applicable. 2. Optional for developers. |
1.5 Notes and exceptions
Please note:
- The way permissions are displayed and disabled may vary by device and operating system. End users should refer to the instructions provided by the relevant device or operating system vendor.
- If an end user disables a permission, that end user withdraws the related authorization. In that case, we and the developer can no longer collect or use the corresponding personal information, and we can no longer provide the related feature.
Under applicable laws and regulations, we may process personal information without obtaining end user consent in the following circumstances:
- The processing is necessary to conclude or perform a contract with the end user.
- The processing is necessary for us to perform our legal obligations.
- The processing is necessary to respond to a public health emergency or to protect the life, health, or property of an individual in an emergency.
- The processing is carried out within a reasonable scope for news reporting, public interest supervision, or similar public interest activities.
- The processing is carried out within a reasonable scope for personal information that the end user has made public or that has otherwise been lawfully disclosed.
- Other circumstances provided by laws and administrative regulations.
Important: If the information we collect cannot identify an end user, either on its own or when combined with other information, it is not personal information in the legal sense.
2. How we share, transfer, and publicly disclose personal information
- We may disclose your personal information to our Affiliates. In this section, "Affiliates" means any entity that directly or indirectly controls us, is controlled by us, or is under common control with us.
- We strictly limit third parties involved in data processing and require them to follow our measures and requirements for personal information protection. Except as described in this Policy or otherwise disclosed when collecting end user information, we do not share end user information with third parties without the developer's explicit consent.
- We do not transfer end user personal information to any company, organization, or individual, except in the following circumstances:
- We inform the developer and/or the end user in advance of the categories, purpose, method, and scope of the transfer, and obtain separate consent where required.
- The transfer is part of a merger, acquisition, or bankruptcy liquidation involving personal information. In that case, we require the new holder of the personal information to continue to be bound by this Policy. Otherwise, we require that party to obtain new authorization and consent. If the recipient changes the original processing purpose or method, we require the recipient to obtain end user consent again.
- We do not publicly disclose end user personal information, except in the following circumstances:
- We inform the developer and/or the end user in advance of the categories, purpose, method, and scope of the disclosure, and obtain separate consent where required.
- Disclosure is required by law, legal process, litigation, or a competent government authority.
3. End user rights
If you are a developer, you must provide end users with a clear way to access, copy, correct, delete, transfer, and restrict the processing of their personal information, withdraw consent, obtain a copy of their personal information, and delete or deactivate their accounts.
If you are an end user, you are not our direct user. We process your personal information as the entrusted processor according to our agreement with the developer and the developer's instructions. The developer, as the personal information controller, is responsible for the processing of your personal information and must disclose how it processes and protects your personal information. To exercise your rights as a personal information subject, contact the developer. We will cooperate with the developer and, after receiving a valid request from the developer, promptly delete or anonymize your relevant data in the hosted service.
4. How we handle children's personal information
If a developer uses our SDK Products to provide services to children, the developer is responsible for obtaining consent from the child's parent or guardian. If, in that scenario, you are the parent or guardian of a child and believe that the developer collected the child's information through our SDK Products without your consent, contact the developer as soon as possible to request deletion. Based on the developer's request, we will verify the situation and assist with deleting the relevant data as soon as reasonably possible.
5. How we protect personal information
We commit to complying with the laws and regulations of the Republic of Singapore and to taking necessary and appropriate technical measures to store, manage, and transmit personal information, so that the information remains accurate and intact and is protected against tampering, leakage, or loss.
We use physical, administrative, and technical safeguards to protect the personal information we collect against accidental or unlawful destruction, loss, unauthorized alteration, disclosure, access, misuse, and other unlawful processing. We have completed and registered a Level III Multi-Level Protection Scheme assessment and established information security technology and management systems. We use encryption and other reasonable and feasible measures that are at least consistent with industry standards. We also use security protection mechanisms to help prevent malicious attacks against end user personal information. We have dedicated security teams, security management policies, and data security processes, and we strictly control who may access personal information. Personnel with access must comply with confidentiality obligations and are subject to review.
Even with these reasonable and effective measures, and even though we follow the standards required by applicable law, no internet-based system can guarantee 100 percent security because of technical limitations and the possibility of malicious attacks. We will do our best to protect the security of the personal information we process. If a personal information security incident occurs, we will notify the developer by email as required by laws and regulations.
6. How we store personal information
6.1 Retention period
We retain end user personal information only for as long as necessary to provide services to the developer. After the storage period agreed with the developer expires, or after we receive the developer's corresponding instruction, we delete or anonymize end user personal information unless applicable law requires a longer retention period or a longer period is needed for another lawful purpose.
6.2 Storage location
Personal information is stored in the developer's selected service region (Singapore, Saudi Arabia, or United States).
7. How we update this Policy
We may update this Policy from time to time and publish the updated version on our website. Review this page periodically to stay informed about changes. If you continue to use our services after an updated Policy is published, that continued use means that you accept the relevant changes or updates.
If an update materially reduces end user rights under this Policy, we will provide more prominent notice before the changes take effect, including, for some services, notice by email or website announcement. If you are a developer and an updated version of this Policy materially changes how end user personal information is processed, you must update your own privacy policy in a timely way, notify end users by pop-up, and obtain their consent. If an end user does not agree to this Policy, stop integrating the SDK Products.
8. How to contact us
If you have any questions, comments, or suggestions about this Policy or related matters, contact us through the following channels. We will review the issue as soon as possible and respond within 15 business days, or within any shorter period required by laws and regulations:
- Submit a ticket: https://console.nexconn.ai/agile/formwork/ticket/create
- Customer service phone:
400-919-9066 - Contact email for the department or person responsible for personal information protection:
privacy@nexconn.ai
Last updated: March 26, 2026