Last Updated: June, 2020
Since the entity that you are employed by or representing for is the data controller, it is principally responsible for the protection of your personal information. Envision Digital, as the data processor, will act according to the data controller’s instruction and relevant agreements between both parties.
- Collection of Personal Information
- Processing of Personal Information
- Storage and Transfer of Personal Information
- Protection of Personal Information
- Customers’ Access or Control of Personal Information
- Contact Details
Collection of Personal Information
Personal Information: means various kinds of information recorded electronically or otherwise that may identify a specific natural person or reflect the activities of a specific natural person, individually or in combination with other information.
According to your use of the Service Offerings, the personal information we collect mainly includes the following:
- Account Registration Information and Authentication Information: When you register for the first time to use the Service Offerings, or when you contact us, use our services, or obtain support or help from us, you need to provide your user name (or user ID)/ mobile phone number, email address. The above information is necessary for you to use the Service Offerings, if you do not provide such information, you will not be able to use our services normally. However, we encourage you to provide your business email or telephone number instead of your personal contact information, which is not personal information.
- When you use the Service Offerings, in order to provide you with service, maintain the normal operation of our services, improve and optimize our service experience and protect the security of your account, we will collect the following information from you:
– Device Information: Based on the device model and the permissions granted during the installation and use of the Service Offerings, we will collect information about the device using the Service Offerings, including device model, operating system, unique device identifier, and device location information (Such as login IP address that can provide relevant information), software version number.
– Log Information: When you use the Service Offerings, we will collect the log information of your use of the service, including the way, type and status of access to the network, network quality data, operation log, service log information.
- When you access and use the Service Offerings provided by the service products, we obtain and automatically record personal information, such as your historical browsing history, access date and time, the browser information you use (including but not limited to fonts and types, etc.), Your operations on the Service Offerings, and network link information (IP address, port, network protocol, etc.).
- Personal information that we legally obtain from business partners (hereinafter referred to as “Partners”) or third parties. We may receive personal information about you from publicly and commercially available sources as permitted by applicable laws and regulations.
Non-personal information refers to information that cannot be used to identify a natural person. For example, we may collect aggregated statistics, such as the number of users of the Software, but this kind of information is not personal information. We may, at our own discretion, collect, use, process, transfer, or disclose non-personal information for other purposes. At any time, your company (the entity that you are employed by or representing for) information, as well as information related to the function of the Service Offerings should not be considered as personal information.
The non-personal information we mainly collect includes:
Equipment’s static and dynamic property information (various equipment connected to the EnOS platform, sensor information, such as equipment identity information, equipment geographic location information, organization structure information, etc.);
and system attribute information (enterprise or third party system information integrated with the EnOS platform, such as integrated database interface, administrative information, etc) .
Ways to Collect Personal Information
- We collect your personal information by active submission of you or the entity that you are employed by or representing for, and relevant records generated during your use of our services.
– Customer Authentication.
- You have the option to permit installation of such Cookies or subsequently disable them. You may accept all Cookies, or instruct the web browser to provide notice at the time of installation of Cookies, or refuse to accept all Cookies by adjusting the relevant function in the web browser of your computer. However, in the event of your refusal to install Cookies, the Service Offerings may be prevented from providing some of its Services available to you.
Processing of Your Personal Information
We may not use your personal information except in the following purposes:
- Creating an account.
- Fulfilling your transaction or service requests, and providing technical support.
- Contacting you; sending you information about products and services that may interest you; inviting you to participate in Envision Digital activities (including promotional activities), market surveys, or satisfaction surveys; or sending you marketing information. If you do not want to receive these types of information, you can opt out at any time.
- Sending you important notices.
- Improving our services through internal audits, data analysis, and research.
- Analyzing the efficiency of our business operations and evaluating market share.
- Troubleshooting when you send us error reports.
- Ensuring the security of our products, services and customers or users, executing and improving our loss prevention and anti-fraud programs.
- Complying with and enforcing applicable legal requirements or industry standards.
We may not disclose your personal information to a third party except in the following cases:
- With consent or instruction of you or the entity that you are employed by or representing for regarding the disclosure to third parties.
- The disclosure is mandatorily required in accordance with applicable laws, regulations.
- We may disclose your personal information, when appropriate, for protecting rights or property of the Service Offerings, our customers of the Service Offerings and the public. For example, we may disclose your personal information, when we believe disclosure is necessary or appropriate to prevent or defend cyber threat, fraud, physical harm, or financial loss, or when it is in connection with an investigation of suspected or actual illegal activity.
Storage and Transfer of Personal Information
The retention period may vary with scenario, product, and service. The standards we use to determine the retention period are as follows: the time required to retain personal information to fulfill business purposes; maintaining corresponding transaction and business records as required by laws; ensuring the security of systems and services; handling possible user queries or complaints and locating problems; whether the Customer agrees to a longer retention period; and whether the laws, contracts, and other equivalencies have special requirements for data retention; etc. We will maintain your account information as long as your account is necessary for service provision. You can choose to deregister your account. After you deregister your account, we will stop providing you with products and services through your account and delete your relevant personal information, provided that deletion is not otherwise stipulated by special legal requirements.
Protection of Personal Information
We take information security seriously. We will take appropriate physical, organizational, and technical measures to protect your personal information against unauthorized access, disclosure, use, modification, damage or loss. For example, we use encryption to ensure data confidentiality; we use trusted protection mechanisms to prevent malicious data attacks; we deploy access control mechanisms to ensure that only authorized personnel can access personal information; and we raise awareness among employees about the importance of protecting personal information through security and privacy protection training sessions.
While we take the utmost care to protect your personal information, please note that no security measures are completely infallible. The transmission of information through the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of the information transmitted to our Software.
In case of any data breaches we found on your personal information we collected, stored and processed, we may inform you and/or the competent authority through publishing an announcement on our Service Offerings, sending you an email or other reasonable means according to the requirements of applicable laws and/or from competent authority.
Customers’ Access or Control of Personal Information
You can access, correct, and delete some of your personal information while using our services. The method by which you access, correct, and delete your personal information depends on the specific service you are using.
If you find that we violate the mandatory requirements of laws and regulations or the agreement of both parties, by collecting and processing your personal information, you can contact your OU Administrator to delete it. If you find any error in your personal information collected and stored by us and cannot correct it by yourself, you may also request your OU Administrator to correct it.
You can deregister the account of the Service Offerings by contacting the OU Administrator. This agreement will terminate when the Customer completes the Software deregister procedure. After you deregister your account, we will stop providing you with products and services through your account and delete your relevant personal information, provided that deletion is not otherwise stipulated by special legal requirements.
When accessing, modifying, or deleting relevant information, we may require you to authenticate to ensure the security of your account. Please understand that some of your requests may not be responsive due to technical limitations and regulatory requirements.
Some of your personal information may not be accessed, modified or deleted for legitimate reasons, such as legal requirements and information security protection purposes.
In case of significant changes to the terms hereof, we will notify you of such changes by the means of announcement on the official website, push notification or pop-up window that is more eye-catching.
For the purpose of this article, significant changes include but are not limited to:
- Significant changes in our service mode, such as purpose of processing the personal information, type of the personal information processed and approach for use of the personal information;
- Significant changes in the ownership structure and organizational directory, such as change in the owner caused by business adjustment, bankruptcy and merger & acquisition;
- Changes in the main target with or to whom we share, transfer or publicly disclose the personal information;
- Significant changes in your right to engage in processing of the personal information and the approach for exercise thereof;
- Changes in the department responsible for security in processing the personal information, the contact information, and the complaint channel;
- High risks as shown in the personal information security impact assessment report.
801, Building B, SOHO Zhongshan Plaza, 1065 West Zhongshan Road, Shanghai, China
We will review the question as soon as possible and reply timely after verifying your user identity. Under normal circumstances, we will reply within thirty days.
We have set up a personal information protection specialist, you can contact them through DPO@envision-digital.com.