Privacy policy
XGRIDS Privacy Policy
Last Updated: Sept 2, 2025
Thank you for your interest in XGRIDS LIMITED and its affiliated companies (“XGRIDS”, “we”, or “us”) and in the LCC Studio, LCC Editor, LCC Viewer, LCC Scan and relavant products or services provided by us and on which a link to this Privacy Policy (this “Policy”) is displayed (each, a “Product” or “Service” and, collectively, the “XGRIDS Products and Services”).
This Policy describes:
• How we use and share this information
• The rights and choices you have regarding this information
• The steps we take to protect this information
• The information gathered by third-party services
• How we transfer your information
• How we may change this Policy
• How you may contact us
By using XGRIDS Products and Services, you consent to the privacy practices described in this Policy. This Policy is incorporated into and is subject to the Terms of Use for the XGRIDS Products and Services you use.
Information We Collect
We may collect information about you directly from you, from third parties, and automatically through your use of the XGRIDS Products and Services. Some information we collect from you are referred to as “personal information” or “personal data” in this Policy. Personal information or personal data is data that can identify you, or data that we can relate to you, such as your name, email address, credit card number, and shipping address.
• Account information. When you create a XGRIDS account, you may provide us with information that includes your username, email address, phone number, avatar, and password.
• When you activate XGRIDS hardware products and connect XGRIDS hardware products with LCC Scan, you may be required to enable certain features of your device (such as GPS, Wi-Fi, and Bluetooth) to identify your location through a variety of means, including GPS location, IP address, cell tower location, or detection by physical on-location Wi-Fi or Bluetooth sensors.
• Communications and after-sales data. When you contact us for requesting after-sales or technical support, we may collect the information you voluntarily provide, including raw product data and related records, system logs, the IP address used to access XGRIDS Products and Services, and timestamps.
• Technical Information. When you use LCC Scan, you may provide us with technical information about the device running the browser. We also collect your device information (connected device SN, version details, device statistics, and regions the device located in) to ensure service availability and continuously improve your experience through firmware updates. This process requires granting your apps location permissions). We may also invite you to participate in XGRIDS’ Product Improvement Program to help us design new products and services or improve existing ones. If you agree, we may collect information such as your account details, device information, diagnostic logs, and usage data for analysis and research. If you choose not to participate, this will not affect your use of XGRIDS products or services. By agreeing to participate, you consent to our analysis of this data in order to provide you with more advanced modeling and intelligent analysis services.
• Cookies. We may use cookies and other similar technologies (e.g. pixels etc.) on XGRIDS websites and online services. Cookies are used to collect information, including personal data, from you. Cookies are small files which, when placed on your device, enable us to provide certain features and functionality. To learn more about cookies please see our Cookie Policy.
How We Use the Information We Collect
We use information we collect through XGRIDS Products and Services in a variety of ways in providing the XGRIDS Products and Services and operating our business. The use of information that we collect includes the following:
• To operate and provide features of the XGRIDS Products and Services, to verify and manage XGRIDS user accounts, to provide services and information that you request,. We will process your personal data in accordance with this Policy and any of your preferences.
• To maintain and enhance XGRIDS Products and Services, to analyze the information you provide to us, to personalize the content you receive and provide you with tailored content that will be of interest to you.
• When you use the Publish Scene feature of our products, the published scenes and related data will also be uploaded to our server. You agree that we may analyze the above data to provide you with better scene modeling and intelligent analysis services.
• To understand and analyze the usage trends and preferences, to improve the XGRIDS Products and Services, and to develop new products, services, features, and functionality.
• To contact you for administrative and informational purposes, including for customer service. We may send direct marketing such as communications, including updates on promotions and events, relating to products and services offered by us and by third parties we work with. If you are an individual or consumer we will only send you direct marketing with your consent or as permitted by applicable law. You may send unsubscribe requests or withdraw your consent at any time. Please visit the section Your Rights and Choices Regarding Collected Information to find out more.
• To detect, prevent, and respond to fraud, abuse, security risks, and technical issues that could harm our users, us, or the public.
• For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.
• We will aggregate personal data we collect, such as the number and frequency of your visits to our sites and apps, to produce metrics and statistical information. We use aggregate data to help us understand how the site is being used and to improve its usability. We also use it to enhance the quality and availability of products and services we offer. If you are located in the European Economic Area, we will only use your information when we have a valid legal ground, including when:
• You have consented to the use of your information, for example to send you marketing communications.
• We need to use your information to enter into or perform a contract with you, for example to deliver XGRIDS products, to provide map services, or provide you with the customer support and other after-sales services.
• We need to use your information to comply with a legal obligation, for example to comply with a court order, subpoena, or warrant.
• We or a third party have a legitimate interest in using your information. In particular, we have a legitimate interest in using your information to understand and improve our XGRIDS Products and Services, and to monitor for and prevent fraud. We only rely on our own or a third party’s legitimate interests to process your information when these interests are not overridden by your rights and interests.
When We Disclose Information
We will not disclose your information that we collect through XGRIDS Products and Services to third parties except as described in this Policy or as we disclose to you at the time the information is collected. We may disclose information to third parties in the following circumstances:
• We may share your information with our parent company, affiliates and subsidiaries globally when permitted by law, and necessary to provide you with XGRIDS Products and Services.
• Any information that you voluntarily choose to make publicly available by uploading it to a publicly accessible site or venue using XGRIDS Products and Services, or that you otherwise elect to make public, will be available to anyone who has access to that content, including other users.
• We may preserve and disclose your information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a court order, judicial or other government subpoena, warrant or enforceable request.
• We also reserve the right to preserve and disclose your information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activities, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the XGRIDS Products and Services and any facilities or equipment used to make the XGRIDS Products and Services available, or (v) protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights, property, or safety of others.
• Information about our users, including information you provided and any information collected through XGRIDS Products and Services, may be disclosed and otherwise communicated to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
• We may make certain aggregated, de-identified, or non-identifying information about users of XGRIDS Products and Services available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; (iii) product safety analysis; or (iv) to assist such parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality of XGRIDS Products and Services.
Your Rights and Choices Regarding Collected Information
You may update, correct, or delete certain XGRIDS account information and preferences by accessing your account preferences page, available through certain XGRIDS Products and Services. If you receive commercial email or text messages from us, you may unsubscribe at any time by following the instructions contained within the email or text message. You may also opt out from receiving commercial email or text messages from us or object to be profiled by sending your request to us by email at xgrids_privacy@xgrids.com.
If you are located in the European Economic Area, you may also have the right to request access to additional information, including the right to request access to and receive certain information we maintain about you; to update or correct inaccuracies in the information we maintain about you; to receive a copy of the information which you provided for its transmission to another company; to object to the processing on grounds relating to your particular situation; and to have the information blocked, deleted, or erased, as appropriate. When we process personal data on the basis of your consent, you can also withdraw your consent. If you withdraw your consent, we will apply your preferences going forward, and this will not affect the lawfulness of the processing before you withdrew your consent.
Note, however, that if you exercise your right to object or your rights of blocking, deletion or to be “forgotten” or if you decline to share certain information with us, or if you withdraw your consent to our processing of information about you, we may not be able to provide to you some, or any, of the features and functionality of XGRIDS Products and Services.
Likewise, if you close your XGRIDS account, you will not be able to sign in to XGRIDS Products or Services or access any of your information. However, you can open a new account at any time. Please note that while any changes you make will be reflected in active user databases within a reasonable period of time, we may retain all information you submit, as authorized under applicable law, for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so. In addition, if certain information has already been provided to third parties as described in this Policy, retention of that information will be subject to those third parties’ policies.
If you wish to exercise any rights you have under applicable data protection law, including the right to access, amend or delete any information we hold about you, you may contact us at xgrids_privacy@xgrids.com.
Third-Parties Services
XGRIDS Products and Services may contain features or links to websites and services provided by third parties. Any information you choose to provide on third-party sites or services, or any information otherwise collected by such third-party sites or services is collected directly by the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through XGRIDS Products and Services.
We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through XGRIDS Products and Services. If you opt in to use such third-party services, please be sure to check the Privacy Policies of these sites as well as their “Terms of Use” before engaging in any business or uploading any information.
Children’s Privacy
Except for certain products that are marked as “14+” or “for customers over the age of 14”, XGRIDS Products and Services are not directed to children under the age of 18. We do not knowingly collect information from children under the age of 18 without obtaining parental consent.
Data Security
We use certain physical, organizational, and technical safeguards that are designed to improve the integrity and security of information that we collect and maintain. Please be aware that no security measures are perfect or impenetrable and thus we cannot and do not guarantee that your information will not be accessed, viewed, disclosed, altered, or destroyed by breach of any of our physical, technical, or organizational safeguards.
International Transfer of Personal Data
Your information collected by XGRIDS may be transferred to and accessed by XGRIDS entities and business partners globally to provide XGRIDS Products and Services to you. If you choose to use XGRIDS Products and Services from the European Economic Area (EEA), We will not transfer your personal data outside the EEA for storage and processing. You may obtain a copy of the standard contractual clauses by contacting us at xgrids_privacy@xgrids.com.
Retention of Your Information
We retain your information to provide service to you, or as required by applicable laws or regulations. We aim to retain your information only for the period necessary to fulfil our obligations under this Policy, unless otherwise required or permitted by law. We will carefully assess the need to collect data, the type of data collected, relevant legal framework, and the statute of limitations when determining the retention period.
Changes and Updates to this Policy
We may update this Policy from time to time. If we modify this Policy, we will make it available on or through the XGRIDS Products and Services and indicate the date of the latest revision. We will make reasonable efforts to notify you of the change.
Our Contact Information
Please contact us with any questions or comments about this Policy or our data practices by email at xgrids_privacy@xgrids.com. You may contact us to have your information blocked, deleted or erased, or to opt out from profiling where your prior usage of XGRIDS Products and Services is processed to provide you with customized or personalized products, services or advertisements, or to obtain copies of certain of your information in a portable format. If you think that any of your rights have been infringed by us, you may also lodge a complaint with us or with a data protection regulator, including in your country of residence, place of work or where an incident took place. If you have any queries or wish to exercise any of your rights under this Policy, please contact us as set out above.
Appendix I: Attachment on SDKs
To provide and optimize our services, third-party SDKs are embedded in our products. While these third-party SDKs cooperate with us to provide you with more comprehensive services, they may collect your personal information.
If you have any questions about the collection of your personal information by third parties through the SDKs, please refer to the privacy policies of these third parties.
|
Name of the Third-Party SDK
|
Third-Party Entity
|
Personal Data Collected
|
Purpose of Collection and Use
|
Link to the Third-Party Privacy Policy
|
|
MQTT
|
Eclipse Foundation
|
None
|
It is used for message passing between devices.
|
https://www.eclipse.org/legal/epl-2.0/
|
|
sentry
|
Functional Software, Inc.
|
User activity records
|
It is used for improving the stability of the system.
|
https://sentry.io/legal/terms/3.0.0/in-app/?userCurrentVersion=3.0.0 https://sentry.io/legal/privacy/3.3.1/in-app/?userCurrentVersion=3.3.1
|
Appendix II: GDPR-related Terms
This appendix only applies to users located in the European Union, Liechtenstein, Norway, the United Kingdom, or Switzerland ("Europe").
The General Data Protection Regulation (GDPR) divides roles in personal data processing into data controller and data processor. A data controller refers to a natural or legal person, public authority, agency, or any other body that, alone or together with others, determines the purposes and means of processing personal data. A data processor refers to a natural or legal person, public authority, agency, or any other body that processes personal data on behalf of a data controller.
If you are a user located in Europe, we (XGRIDS LIMITED, hereinafter referred to as "XGRIDS", "we", "us", or "our") act as the "data controller" as defined in the GDPR. We determine the purposes for which your personal information is collected and processed, and we process your personal information in compliance with this Privacy Notice.
The personal information herein (also "personal data") refers to any information related to a natural person that has been identified or is identifiable. Personal data of special types (referred to as "sensitive personal information" in the main body of this Policy) refers to sensitive personal data that includes data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person's sex life or sexual orientation.
1. Legal Basis for the Processing of Personal Data
The processing of your personal information as described in Section 1 "How we collect and use your personal information" under the main body of this Policy is lawful only if and to the extent that at least one of the following legal bases under the GDPR applies:
Consent:
We have obtained your explicit consent for specific processing purposes, such as when you agree to participate in our Product Improvement Program. You have the right to withdraw your consent at any time. Withdrawing your consent does not affect the lawfulness of processing based on consent before its withdrawal.
Performance of a Contract entered into between you and us
The processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. This includes, but is not limited to, creating your account, enabling you to use core product functions like LCC Scan's device connection, and providing you with after-sales or technical support.
Compliance with a Legal Obligation
The processing is necessary for compliance with a legal obligation to which we are subject. This may include processing your personal information when required by law, legal proceedings, or mandatory requirements from government authorities.
Legitimate Interests:
The processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms. This includes processing your data to improve your service experience, enhance service quality, ensure the security and availability of our services and prevent risks.
2. Scope of Personal Information We Process and the Purposes
|
Feature and Processing Purpose
|
Personal Information Collected
|
Legal Basis (under GDPR)
|
|
Account Registration and Profile Completion
|
Username, mobile phone number, email address, profile picture, password.
|
Performance of a contract; Consent
|
|
Providing Core Product Functions
|
Permissions for wireless data, nearby Bluetooth devices, and location access (LCC Scan).
|
Performance of a contract; Consent
|
|
Providing After-sales or Technical Support
|
Raw product data and related records, system logs, IP address, timestamps.
|
Performance of a contract; Consent
|
|
Improving Service Quality and Security
|
connected device SN, version details, device statistics, and regions the device located in
|
Legitimate interests; Consent
|
|
Product Improvement Program and Data Analysis
|
Account details, device information, diagnostic logs, usage data.
|
Consent
|
In principle, personal information collected and generated from users in Europe will be stored on servers located within the European Economic Area (EEA).
However, as we are a company based in the People's Republic of China, providing our products and services may require transferring your personal information to regions outside of the EEA, including the People's Republic of China, for processing and storage.
Where your personal information is transferred to a country or region outside the EEA, we will ensure that appropriate safeguards are in place to protect your data in compliance with the GDPR. These measures include:
(1) Ensuring the recipient is located in a country that the European Commission has recognized as providing an adequate level of data protection through an "adequacy decision."
(2) Entering into a contract with the recipient that incorporates the "Standard Contractual Clauses" (SCCs) as approved by the European Commission, requiring them to protect your personal information.
(3) In the absence of the above safeguards, we will ask for your explicit consent for the cross-border transfer or rely on other measures recognized as providing a sufficient level of protection for your personal information.
For more information about the safeguards relating to personal data transfers outside the EEA, please contact us as set forth in the "Contact Us" section.
4. Additional Information on Cookies and Other Similar Technologies
For detailed information on how we use cookies and similar technologies, please refer to Section 2 "How we use cookies and similar technologies" in the main body of this Policy and our separate Cookie Policy.
5. Additional Information on Your Rights Regarding Personal Data
According to the GDPR, you have the following rights regarding your personal data:
(1) Right of Access: You have the right to request access to and a copy of the personal information we hold about you.
(2) Right to Rectification: You have the right to request the correction of inaccurate or incomplete personal information.
(3) Right to Erasure ('Right to be Forgotten'): You have the right to request the erasure of your personal information where there is no compelling reason for its continued processing.
(4) Right to Restrict Processing: You have the right to request the restriction of processing of your personal information in certain circumstances.
(5) Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal information based on our legitimate interests.
(6) Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to have it transmitted to another controller where technically feasible.
(7) Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. You can manage your authorization settings as described in Section 6 (4) of the main Policy.
(8) Right to Lodge a Complaint: You have the right to lodge a complaint with a competent supervisory authority regarding our processing of your personal information.
To exercise these rights, including the request to delete your account, please submit a written request via email to xgrids_privacy@xgrids.com. To protect your security, we may ask you to verify your identity before processing your request. We will respond to your request within one month of receipt.
6. Contact Us
If you have any questions, suggestions, or complaints regarding this Privacy Notice or our privacy practices, you can contact us via: Email: xgrids_privacy@xgrids.com
Appendix III: United States-Specific Terms
This appendix applies only to users who are residents of certain states in the United States. This appendix provides more details about personal information to meet the disclosure requirements under the laws of California, Nevada, Colorado, Connecticut, Virginia, and Utah.
Under this appendix, "personal information" refers to any information that, either directly or indirectly, identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular consumer or household. Additional Information on the categories of personal information we collect and how your personal data is processed is provided below.
1. Categories of Personal Information We Process and Use of Personal Information
The personal information is divided into the following categories according to the laws of the aforementioned states:
|
Categories
|
Example
|
|
A. Identifier
|
Your real name, alias, postal address, unique personal identifiers (such as a device identifier; cookies), online identifier, Internet Protocol ("IP") address, email address, account name, and other similar identifiers.
|
|
B. Other Personal Information in Compliance with California Law for Customer Record-Keeping (Cal. Civ. Code § 1798.80(e))
|
Your phone number or any other financial information.
|
|
C. Characteristics of protected classifications under California or federal law
|
Classified characteristics under the protection of California or federal law, such as age and gender.
|
|
D. Commercial Information
|
Records of products or services purchased, obtained, or considered, or other purchase or consumption histories or tendencies.
|
|
E. Biometric Information
|
Any physical or behavioral traits that can be used to identify you.
|
|
F. Activity Information from the Internet or Other Electronic Network
|
This includes, but is not limited to, browsing history, and information about how you use the services and interact with our products or websites.
|
|
G. Location Data
|
Your physical location and routes.
|
|
H. Sensory Data
|
Audio, electronic, visual, or other similar information.
|
|
I. Applicable Professional or Employment Information
|
Current or past work experience.
|
|
J. Non-public Educational Information (according to FERPA, 20 U.S.C. § 1232g; 34 CFR Part 99)
|
Educational records that relate directly to a student.
|
|
K. Inferences
|
Inferences made from any of the information mentioned above that can be used to create a profile that reflects your interests and behaviors.
|
|
L. Sensitive Personal Information
|
Login credentials (username combined with required access codes or passwords), and precise location.
|
The information we collect depends on the context of your interactions with us and the choices you make, including your privacy settings and the XGRIDS Products and Services you use. The aforementioned categories of personal information may have been processed (and may have been used in the twelve (12) month period prior to the effective date of our Privacy Policy) for one or more of the purposes provided in our Privacy Policy.
We will not collect any personal information from other categories or use the personal information we collect for materially different, irrelevant, or incompatible purposes without informing you.
|
Category of personal information
|
Source
|
Purpose
|
Disclosure to third parties
|
|
A. Identifier
|
Directly from you (e.g., when you create an account); Indirectly from you (e.g., from observing your actions on our services).
|
To create an account; To provide after-sales or technical support; To ensure service security.
|
/
|
|
B. Other Personal Information in Compliance with California Law for Customer Record-Keeping (Cal. Civ. Code § 1798.80(e))
|
Directly from you.
|
To create an account.
|
/
|
|
C. Characteristics of protected classifications under California or federal law
|
/
|
/
|
/
|
|
D. Commercial Information
|
/
|
/
|
/
|
|
E. Biometric Information
|
/
|
/
|
/
|
|
F. Activity Information from the Internet or Other Electronic Network
|
Indirectly from you (from your use of our services).
|
To provide after-sales or technical support; To improve service quality; For data analysis and product improvement.
|
/
|
|
G. Location Data
|
Indirectly from you (collected via app permissions on your device).
|
To provide device connection support (only approximate location); To ensure service availability through firmware updates (only approximate location).
|
/
|
|
H. Sensory Data
|
/
|
/
|
/
|
|
I. Applicable Professional or Employment Information
|
/
|
/
|
/
|
|
J. Non-public Educational Information
|
/
|
/
|
/
|
|
K. Inferences
|
/
|
/
|
/
|
|
L. Sensitive Personal Information
|
Directly from you.
|
To secure your account (Password).
|
/
|
2. Disclosure, Sale, and Sharing of Personal Information (Within the Last 12 Months)
According to the law in California, "sharing" refers to sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating a consumer's personal information by the business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.
As stated in our Privacy Policy, at present, we do not share your personal information with authorized partners. We do not sell your personal information to, nor share your personal information with, any third parties for commercial or cross-context behavioral advertising purposes (within the past 12 months).
3. Additional Information on Your Rights Regarding Personal Data
You may enjoy the following data privacy rights. Please note that these rights are not absolute and may be subject to conditions or limitations.
(1) Right to access and data portability: You have the right to know and access the categories and specific information we collect about you, the sources of collection, the purposes for collection, and the types of third parties with which the personal information is shared.
(2) Right to request: You have the right to request information regarding our disclosure of personal data to third parties for business purposes.
(3) Right to rectification: You have the right to correct inaccurate personal data that we may hold about you.
(4) Right to erasure: You have the right to request the erasure of your personal data, except in cases where certain exceptions apply.
(5) Right to opt out: You have the right to opt out of the sale or sharing of your personal data with third parties. As we do not sell or share your personal information, this right does not currently apply.
(6) Right to limit the use of sensitive personal information: We do not use or collect sensitive personal information to infer user characteristics, so this right does not apply.
(7) Right not to be discriminated against: You have the right to non-discrimination for exercising any of the above rights.
Right to make requests under the "Shine the Light" law
The "Shine the Light" law (Cal. Civ. Code § 1798.83) allows residents of California to request: (1) the list of personal information categories we shared with third parties for their direct marketing uses in the last calendar year; and (2) the identities of such third parties.
You may contact us at xgrids_privacy@xgrids.com to exercise your right of access, right to data portability, right to know, right to erasure, right to rectification, and right to make requests under the "Shine the Light" law.
Before handling your request, we will need to verify your identity. This process may require us to request additional personal information from you, including your email address or phone number, to match with the information we hold about you in our systems. In some cases, we may reject requests, particularly if we are unable to verify your identity.
4. Submitting a Request Through an Authorized Agent
In some cases, you can designate an authorized agent to act on your behalf to submit a request. For a request to know about, delete, or rectify personal information, we need the following for identity verification:
(a) A valid authorization letter from you or your authorized agent; or
(b) Sufficient evidence to indicate that you have: 1) provided the authorized agent with a signed license to act on your behalf; and 2) verified your identity directly with us or directly confirmed with us that you have granted permission to your authorized agent to submit the request.