Zettlab Memo Personal Information Collection List

Business type

Scenario

Information

Purpose

Collection method

Storage / recipients

Necessity

Core

Registration and login

Email, verification code, user ID, nickname, login token, refresh token, login method, login device, account status

Account creation, authentication, session, security

User input, system generated

US cloud, local secure storage, IAM service

Necessary for account features

Core/optional

Third-party sign-in

Google id_token, third-party account ID, email, avatar/nickname if enabled

Google sign-in, account linking, replay prevention

User authorization, third-party return

Zettlab IAM/Logto/Frank IAM, Google Sign-In, local secure storage 

Necessary if selected

Core

Region and credits

Account region, service region, free credits, validity, usage, risk status

Region routing, credit management, fraud prevention

User selection, system generated

US cloud

Necessary

Optional

Profile

Nickname, avatar, language, theme, notification preference

Account display and personalization

User settings, system generated

Cloud or local client

Optional

Core

Device binding

Device SN, device name, binding relationship, user ID, role, QR code data

Bind NAS device, authorize access, device management

QR scan, user input, cloud generated

US cloud, device local storage

Necessary for device features

Core

Device connection

LAN IP, peerId, cloud host/port, gatewayId, appToken, relaySecret, connection status, time, IP, port

LAN, P2P, cloud relay, remote access

Device reports, system generated

Cloud, app/web/electron local storage and device. P2P traversal is provided by Shenzhen Peergine Technologies Co.,Ltd. only as a network connectivity service; it does not collect or process personal information or device data, and no separate provider privacy policy link is required.

Necessary for connection/remote access

Core

Bluetooth provisioning

Bluetooth device ID, device name, RSSI, nearby Wi-Fi SSID, Wi-Fi password

Discover and provision device network

Bluetooth scan, user input

App and device local storage; Wi-Fi password normally not uploaded

Necessary for provisioning

Core

Device control and automation

Commands, scheduled tasks, sync tasks, shared users, device name, custom directory, settings, execution results

Execute commands, automation, sync, sharing

User action, device generated

Device, local client; cloud/P2P when remote access is used

Necessary for device features

Core

File management

File name, path, size, type, created/modified time, thumbnail, tags, favorite, rating, recycle-bin records, search records

Browse, upload, download, preview, search, manage NAS files

User action, device generated

Primarily device; cloud/P2P when remote access is used

Necessary for file features

Core

Images/video/audio

Media, EXIF/capture time, dimensions, duration, compression/transcoding result

Preview, thumbnails, AI media understanding

User selection, device processing

Device; model provider/object storage if sent or uploaded

Necessary for related features

Core

AI chats

Prompts, context, history, AI output, model choice, parameters, Agent config, attachments, tool results, credit records

AI replies, continuity, credit, safety

User input, model output, system generated

Cloud, device, model provider; local model primarily device

Necessary for AI features

Core

Skill/template marketplace

Skill/template package, author ID, version, cover, description, upload status, review status, install/download records

Publish, review, distribute, install, authorize

User upload, system generated

US cloud, object storage, AI review service

Necessary for marketplace features

Core

Firmware update

Device model, device SN, firmware version, update status, error code, network status

Version check, OTA, security update

Device report, system generated

Device, US cloud

Necessary for maintenance

Core

Device diagnostics

Device SN, IP/MAC, CPU, memory, disk model/serial/temperature/SMART, network, service state, error logs, power/running state

Status, troubleshooting, security

Device collection

Device; cloud if user requests support or uploads logs

Necessary for diagnostics

Core

Analytics and stability

Event name, page/feature, region, device type, connection mode, latency, error code, status code, attachment type/size, file category/size, pseudonymous user/device ID

Performance, funnel, error analysis, service improvement

System generated

Analytics/logging platform, ClickHouse/equivalent

Necessary for security and troubleshooting purposes; product analytics and improvement activities shall be conducted in accordance with the principles of data minimization and optional user authorization.

Core

Support and after-sales

Email/contact, issue description, screenshots, logs, device info, repair records, shipping/on-site service info, communications

Support, complaint handling, repair

User submission, system records

Support system, cloud, repair/logistics providers

Necessary for support

Optional

Third-party connectors

Third-party account ID, authorization token, messages, files, tool results, sync state

Feishu, Slack, GitHub, Notion, Gmail, MCP integrations

User authorization, third-party return

Device, cloud, third-party service

Optional; necessary if selected

Optional

Third-party connectors and custom API/MCP connections

Provider name/ID, third-party account ID, account alias/external account ID, authorized scopes, connection status, OAuth state/code, OAuth access token, refresh token or equivalent authorization credentials, user-entered API Key, bearer token, authentication headers, OAuth client secret/token JSON, mTLS certificates/private key, endpoint URL, bridge configuration, tool definitions, Agent/workspace/team/conversation context, tool invocation audit metadata

Establish and maintain connectors, refresh authorization, authenticate connector requests, invoke tools at your request or enabled Agent/Skill instruction, permission control, troubleshooting, security audit, revocation/deletion

User authorization, third-party return, user input, system-generated runtime token/audit metadata

Zettlab cloud; selected third-party provider or custom endpoint; App/local-server process memory for short-lived runtime token; device local audit metadata where enabled

Optional; necessary if selected

Optional

Surveys and feedback

Survey answers, contact, feedback, experience

Research, product improvement, activity contact

User submission

Cloud or survey/support provider

Optional

Optional

Marketing and events

Email, account ID, event participation, subscription status

Activity notice, benefits, unsubscribe

User consent, system generated

Cloud or messaging provider

Optional

Platform

Permission

Use

Default

Impact if disabled

Android

Camera

QR scan, taking photos, avatar, image attachments

No, requested when used

QR/photo unavailable

Android

Bluetooth / Nearby devices

Discover and provision Zettlab devices

No, requested during provisioning

Bluetooth provisioning unavailable

Android

Fine location

Android Bluetooth scanning requirement on some versions

No, requested with scan

Scan may fail; not used for active location

Android

Local network / cleartext LAN traffic

Communicate with NAS over LAN HTTP/WS

Used during connection

LAN direct connection unavailable

Android

Photos/media or system picker

Select images/videos/avatar/attachments

No, requested or picker-triggered

Media selection unavailable

Android

Document picker/file access

Select files for NAS upload or AI

Triggered when used

File selection unavailable

Android

Notifications

Status, task completion, alerts

No, requested when enabled

Notifications unavailable

iOS

Camera

QR scan, taking photos, avatar, image attachments

No, requested when used

QR/photo unavailable

iOS

Bluetooth

Discover and provision devices

No, requested during provisioning

Bluetooth provisioning unavailable

iOS

Location When In Use

Bluetooth scanning compatibility/system requirement

No, requested when needed

Bluetooth scan may be affected

iOS

Photos / Photo Library

Select images/videos/avatar/attachments

No, requested or picker-triggered

Media selection unavailable

iOS

Local Network / LAN access

Communicate with NAS over LAN

Used during connection

LAN direct connection unavailable

iOS

Document picker

Select files for NAS upload or AI

Triggered when used

File selection unavailable

iOS

Notifications

Status, task completion, alerts

No, requested when enabled

Notifications unavailable

Web/Electron

Cookies/local storage

Session, region, preferences, connection info

Used when using service

Login/preferences may not persist

Electron

Shenzhen Peergine Technologies Co.,Ltd. P2P native module

Desktop P2P and remote access

Enabled during remote access

P2P unavailable

SDK/service

Operator

Purpose

Data processed

Client/service

Policy

Google Sign-In

Google LLC

Third-party sign-in if enabled

Google id_token, email, third-party account ID, avatar/nickname

App

Google Privacy Policy

Zettlab IAM/ Frank IAM/ Logto 

Zettlab or IAM provider

Account, login, tokens, social sign-in

Email, verification code, tokens, user ID, third-party account ID

App/Web/Server

Product/IAM documentation

Shenzhen Peergine Technologies Co.,Ltd.

P2P traversal/connectivity technology provider

P2P, remote access, connection keepalive

No personal information or device data is collected or processed by the provider.

App/Electron/device

Not applicable

DeepSeek/Qwen/Volcengine

Hangzhou DeepSeek LLC/ Hangzhou Tongyi LLC /Beijing Volcengine LLC/relay provider 

Cloud AI model or review

Prompts, output, attachments, context, metadata

Server/device

Provider policy

Zhipu BigModel / GLM

Zhipu AI provider

Cloud AI model or review

Prompts, output, attachments, context, metadata

Server/device

Provider policy

OpenAI API / Anthropic / Google AI

Corresponding providers

Optional overseas model/user API key

Prompts, output, attachments, context, metadata

Server/device

Provider policy

GCS, Alibaba Cloud OSS or equivalent object storage

Cloud storage provider

Skill packages, avatars, media, logs, user uploads

Files, media, packages, metadata, upload records

Server/device

Cloud provider policy

Feishu/Slack/GitHub/Notion/Gmail/MCP

Corresponding third parties

Connectors and automation

Authorization token, account ID, messages, files, tool results

App/Web/device

Third-party policy

Zettlab connector cloud service; selected connector providers/custom endpoints

Zettlab and the corresponding third-party provider or endpoint operator

Connector authorization, credential refresh, tool invocation, automation, audit and troubleshooting

Connector credentials, account identifiers, scopes, messages/files/tool inputs and results as needed, invocation metadata; short-lived runtime token in memory only on App/local-server

App/Web/Server/device

This Policy, product notices and the selected third-party/custom endpoint policy

Analytics/logging platform, ClickHouse/equivalent

Zettlab or infrastructure provider

Analytics, performance, errors

Events, latency, error codes, pseudonymous IDs

App/Web/Server/device

This Policy/product docs