Privacy Policy

Falling Cloud is operated by Qionghai Ruduoyan Technology Co., Ltd., a company registered in China and engaged in Computer Systems Design and Related Services. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website or use our services. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Please read this policy carefully. By using our website or services, you acknowledge the practices described herein. If you do not agree with any part of this policy, you should discontinue use immediately.

1. Data Controller

The data controller responsible for your personal information is:

2. Information We Collect

We collect information that you voluntarily provide to us, as well as information automatically collected when you interact with our website and services.

2.1 Personal Information You Provide

• Contact details — such as your name, email address, phone number, and company name when you fill out a form, subscribe to a newsletter, or contact us.
• Account credentials — if you register for an account, we collect your username and password (stored securely using hashing).
• Payment information — if you purchase services, we collect billing details and payment data (processed by our PCI-compliant payment processors; we do not store full credit card numbers).
• Communications — any messages, feedback, or inquiries you send to us.

2.2 Information Collected Automatically

• Usage data — pages visited, time spent, referral source, clicks, and navigation patterns.
• Device and browser data — IP address, browser type and version, operating system, device type, screen resolution, and similar technical data.
• Cookies and similar technologies — we use cookies, web beacons, and local storage to enhance your experience and analyze usage. You can control cookie preferences in your browser settings.

3. How We Use Your Information

We use your personal data for the following purposes:

• To provide, operate, and maintain our website and services.
• To process transactions and send related communications (invoices, confirmations, support).
• To respond to your inquiries, comments, or requests.
• To send you marketing and promotional materials — only with your explicit consent where required by law. You may opt out at any time.
• To improve our website, products, and services through analytics and user research.
• To detect, prevent, and address fraud, security breaches, or technical issues.
• To comply with legal obligations and enforce our terms of service.

4. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to improve functionality, analyze traffic, and personalize content. Cookies are small text files stored on your device by your browser.

4.1 Types of Cookies We Use

• Essential cookies — necessary for the website to function (e.g., session management, security). These cannot be disabled.
• Analytics cookies — help us understand how visitors interact with our site (e.g., Google Analytics, Matomo). We use aggregated data only.
• Functionality cookies — remember your preferences and settings for a personalized experience.
• Marketing cookies — used to deliver relevant advertisements and measure campaign effectiveness (only with your consent).

4.2 Your Cookie Choices

When you first visit our site, you will be presented with a cookie consent banner where you can accept or reject non-essential cookies. You can also modify your cookie preferences at any time through your browser settings. Note that disabling certain cookies may affect website functionality.

We use em dashes to separate cookie categories in our consent manager for clarity.

5. Data Sharing & Disclosure

We do not sell your personal information. We may share your data only in the following circumstances:

• Service providers — trusted third parties who help us operate our business (e.g., hosting, payment processing, email delivery, analytics). They are contractually bound to protect your data and use it only for the services we engage them for.
• Legal compliance — if required by law, regulation, court order, or governmental authority, we may disclose your information to protect our rights, your safety, or the safety of others.
• Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you of any change in control.
• With your consent — we may share your information for other purposes if we obtain your explicit consent.

6. International Data Transfers

Your personal data may be transferred to and processed in countries other than your country of residence, including China, where our company is headquartered, and to countries where our service providers operate. These countries may have data protection laws that differ from those in your jurisdiction.

When we transfer your data across borders, we implement appropriate safeguards to ensure an adequate level of protection, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Binding corporate rules (where applicable).
• Data processing agreements that require recipients to maintain equivalent security and privacy standards.

By using our services, you acknowledge that your data may be processed in locations outside your home country. If you have questions about specific transfer mechanisms, please contact us.

7. Data Security

We take the security of your personal information seriously. We implement a combination of technical, organizational, and administrative measures to protect your data from unauthorized access, loss, misuse, or alteration. These include:

• Encryption in transit (TLS 1.3) and at rest (AES-256).
• Regular security audits, penetration testing, and vulnerability assessments.
• Access controls — only authorized personnel with a legitimate business need can access personal data.
• Secure data centers with physical and environmental safeguards.
• Staff training on data protection and privacy best practices.

While we strive to protect your data, no method of transmission or storage is 100% secure. We encourage you to use strong passwords and to keep your account credentials confidential.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes described in this policy, or as required by applicable law. The retention period depends on the type of data and the legal or operational need:

• Account and transaction data — retained for the duration of your account plus 7 years for tax and accounting purposes.
• Communications and support inquiries — retained for 3 years after the last interaction.
• Analytics and usage data — retained in aggregated form for up to 26 months.
• Marketing data — retained until you opt out or withdraw consent, after which we delete it within 30 days.

When data is no longer needed, we securely delete or anonymize it.

9. Your Rights

Depending on your jurisdiction, you have certain rights regarding your personal data. We respect and facilitate the exercise of these rights.

9.1 GDPR Rights (for users in the European Economic Area, UK, and Switzerland)

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — request correction of inaccurate or incomplete data.
• Right to erasure (right to be forgotten) — request deletion of your data where there is no compelling reason to keep it.
• Right to restrict processing — request that we limit how we use your data.
• Right to data portability — request a structured, machine-readable copy of your data to transfer to another controller.
• Right to object — object to processing based on legitimate interests, including direct marketing.
• Right to withdraw consent — at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

9.2 CCPA Rights (for California residents)

• Right to know — request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to delete — request deletion of personal information we have collected, subject to certain exceptions.
• Right to opt out of sale — we do not sell personal information, but you may still submit a request to be notified if this practice changes.
• Right to non-discrimination — we will not discriminate against you for exercising any of your CCPA rights.

9.3 How to Exercise Your Rights

To exercise any of the above rights, please contact us at anderson@fallingcloud.autos or call +8613320161190. We will respond to your request within the time frame required by law (usually 30 days for GDPR and 45 days for CCPA). We may need to verify your identity before processing your request.

If you are in the EEA, you also have the right to lodge a complaint with your local data protection supervisory authority.

10. Children’s Privacy

Our website and services are not directed at children under the age of 16 (or the equivalent age of majority in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete it immediately. If you believe we have inadvertently collected data from a child, please contact us right away at anderson@fallingcloud.autos.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will notify you by email (if we have your contact information) and/or by posting a prominent notice on our website. We encourage you to review this policy periodically.

The date of the latest revision is shown at the bottom of this page. Your continued use of our website or services after changes take effect constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out:

We aim to respond to all inquiries within 48 hours during regular business days.