III. How we share, transfer and publicly disclose your personal information
We will not share your personal information with any other companies, organizations and individuals, except for the following cases.
- (1) Sharing with explicit consent: We will share your personal information with other parties after obtaining your explicit consent.
- (2) We may share your personal information with external parties in accordance with laws and regulations, or as mandated by government authorities.
- (3) Sharing with our affiliated companies: Your personal information may be shared with our affiliated companies. We will only share personal information that is necessary and subject to the purposes stated in this policy. Affiliates who wish to change the purposes for which personal information is processed will again seek your authorized consent.
- (4) Sharing with Authorized Partners: Certain of our services will be provided by authorized partners only to achieve the purposes stated in this policy. We may share some of your personal information with our partners in order to provide better customer service and user experience. We will only share your personal information for purposes that are legal, legitimate, necessary, specific, and explicit, and only as much personal information as is necessary to provide the services. In order to better operate and improve technology and services, you agree that we and our authorized partners may use the collected information for other services and purposes, subject to relevant laws and regulations.
- (5) Advertising, Media: We may share the information we collect with advertising, media and our other authorized partners for commercial purposes including optimizing advertising placement and improving marketing effectiveness. If you do not wish to receive commercial electronic messages from us, you may unsubscribe by contacting us.
- (6) For companies, organizations and individuals with whom we share personal information, we will enter into strict confidentiality agreements with them, requiring them to handle personal information in accordance with our instructions, this policy and any other relevant confidentiality and security measures.
We will not transfer your personal information to any company, organization, or individual, except for the following.
- (1) Transferring with express consent: We will transfer your personal information to other parties after obtaining your express consent.
3. Public Disclosure
We will only disclose your personal information publicly when.
- (1) After obtaining your express consent.
- (2) Disclosure based on law: We may publicly disclose your personal information when compelled to do so by law, legal process, litigation or government authorities.
4. Exceptions to prior authorized consent for sharing, transferring, or publicly disclosing information
Please understand that, in accordance with laws and regulations and relevant national standards, we are not required to obtain your authorized consent for sharing, transferring, or publicly disclosing your personal information in the following cases.
- (1) Directly related to national security and national defense security.
- (2) Directly related to public safety, public health, and significant public interests.
- (3) Directly related to crime investigation, prosecution, trial and execution of judgments, etc.
- (4) For the protection of your or other individuals' life, property and other significant legitimate rights and interests but it is difficult to obtain your consent.
- (5) Information that you disclose to the public on your own.
- (6) Gathered from lawful public disclosures, such as lawful news reports, government information disclosure and other channels.
IV. How we protect your personal information
1. We have used security measures that meet industry standards to protect the personal information you provide against unauthorized access, public disclosure, use, modification, damage or loss of personal information. We will take all reasonably practicable steps to protect your personal information. For example, we use encryption technology to ensure the confidentiality of personal information; we use trusted protection mechanisms to prevent malicious attacks on personal information; we implement access control mechanisms to ensure that only authorized personnel have access to personal information; and we conduct security and privacy protection training courses to enhance employee awareness of the importance of protecting personal information.
2. We will take all reasonable and practicable steps to ensure that no unrelated personal information is collected. We will only retain your personal information for as long as necessary to achieve the purposes described in this policy, unless an extended retention period is required or permitted by law.
3. The Internet is not an absolutely secure environment, and since e-mail, instant messaging, and other forms of communication with individuals are not encrypted, we strongly recommend that you do not send personal information through such means.
4. To protect the security of your personal information, you and we need to cooperate together, please do not disclose your login and password to others, if you find that your personal information, especially your account or password is leaked, please contact us immediately so that we can take appropriate and reasonable measures according to your application.
5. The Internet environment is not 100% secure and we will do our best to ensure the security of any information you send us. Even if we make great efforts and take all reasonable and necessary measures, it may still be impossible to prevent your personal information from being illegally accessed, illegally stolen, illegally tampered with or destroyed, resulting in damage to your legitimate rights and interests, please understand the above-mentioned risks of information networks and voluntarily assume them.
6. After the unfortunate occurrence of personal information security incident, we will inform you in a timely manner in accordance with the requirements of laws and regulations: the basic situation of the security incident and the possible impact, the disposal measures we have taken or will take, the suggestions you can independently prevent and reduce the risk, the remedial measures for you, etc. We will promptly inform you of the event-related situation by email, letter, telephone, push notification, etc. When it is difficult to inform the subject of personal information one by one, we will take a reasonable and effective way to issue an announcement. At the same time, we will also take the initiative to report the disposition of personal information security incidents in accordance with the requirements of the regulatory authorities.
V. Your rights
1. Access to your personal information
You have the right to access your personal information, except for the exceptions provided by laws and regulations. If you want to exercise the right of access, you can access it by yourself in the following ways.
- (1) If you wish to access or modify your personal information, such as address information, etc., you can perform such operations by visiting the personal information-related pages in ZWO Store; if you wish to access to modify your personal password, you can perform such operations by visiting the account security pages in ZWO Store.
- (2) If you are unable to access such personal information through the above means, you can send to an email to firstname.lastname@example.org, we will respond to your request for access as soon as possible.
2. Correct your personal information
You have the right to ask us to make corrections when you find that our personal information about you is incorrect. You can send an email to email@example.com , we will reply to your visit request as soon as possible.
3.Deletion of your personal information
You can request us to delete your personal information in the following cases.
- (1) If we handle personal information in violation of laws and regulations.
- (2) If we collect and use your personal information without your consent.
- (3) If our handling of personal information violates our agreement with you.
- (4) If you no longer use our products or services and you cancel your account.
- (5) If we no longer provide products or services to you. We will evaluate your request for deletion and take appropriate steps to process it if it meets the appropriate requirements.
- (6) When you make a deletion request to us, we may require you to verify your identity to safeguard your account. When you delete information from our service, we may not immediately delete the corresponding information from our backup system because of applicable laws and security technology, and we will store your information securely until the backup can be erased or anonymized. However, your decision to delete will not affect our previous processing of personal information based on your authorization.
4. Personal information subject to cancel the account
- (1) You can cancel your registered account at any time. Please send an email to firstname.lastname@example.org.
- (2) After canceling your account, we will stop providing you with products or services and delete or anonymize your information upon your request, except as otherwise provided by law or regulation. This may also result in you losing access to data in your account, so please proceed with caution.
5. Automatic Information System Decision Making
In some business functions, we may make decisions based solely on automated, non-human decision-making mechanisms, including information systems and algorithms. If these decisions significantly affect your legal rights, you have the right to request an explanation from us and we will provide appropriate remedies.
6. To respond to your request above
For security purposes, you may be required to provide a written request or otherwise prove your identity. We may ask you to verify your identity before we process your request.
We will respond within fifteen business days. If you are not satisfied, you may also file a complaint by the following means: Supplementing other avenues of complaint.
For your reasonable requests, we do not charge a fee in principle, but for requests that are repeated several times and exceed reasonable limits, we will charge a cost fee depending on the circumstances. We may deny requests that are unwarrantedly repetitive, require excessive technical means (for example, requiring the development of new systems or fundamental changes to current practices), pose a risk to the legal rights of others, or are highly impractical. Please also understand that we may not be able to respond to some of your requests due to safety and security concerns, requirements of relevant laws and regulations, or technical limitations, such as the following.
- (1) Related to the personal information controller to fulfill the obligations under laws and regulations.
- (2) Directly related to national security and national defense security.
- (3) Directly related to public safety, public health, and significant public interest.
- (4) Directly related to crime investigation, prosecution, trial and execution of judgments, etc.
- (5) Where the controller of personal information has sufficient evidence of subjective malice or abuse of rights by the subject of personal information
- (6) For the purpose of safeguarding the life, property and other significant legitimate rights and interests of the subject of personal information or other individuals but where it is difficult to obtain the consent of the person.
- (7) Responding to the request of the subject of personal information will lead to serious damage to the legitimate rights and interests of the subject of personal information or other individuals or organizations.
- (8) Where commercial secrets are involved.
VI. How we handle children's personal information
1. We take the protection of children's personal information very seriously. Children should not create their own user accounts without the consent of their parents or guardians. If you are a child, we ask that you ask your parent or guardian to read this policy carefully and to use our products or services and provide information to us with the consent of your parent or guardian.
2. In the case of personal information collected from children with the consent of their parents or guardians, we will only store, use, share, transfer or publicly disclose this information as permitted by law, with the express consent of the parents or guardians, or as necessary to protect the child, or we will seek to delete the data as soon as possible.
3. Given the limitations of existing technology and business models, it is difficult for us to actively identify children's personal information. If you discover that we have collected children's personal information without their knowledge or prior verifiable guardian consent, you may promptly contact us and we will attempt to delete it promptly upon discovery, or if we discover the foregoing ourselves, we will promptly delete it, except where we are required by law to Except for those that we are required by law to retain.
VII. How your user information is stored or transferred worldwide
In principle, the personal information we collect and generate in the People's Republic of China will be stored in the People's Republic of China.
We will provide your personal information to entities outside of China after we have fulfilled our obligations under the law in the following cases.
- (1) The applicable law expressly provides for it.
- (2) With your express and separate consent.
- (3) Where you engage in personally-initiated conduct such as cross-border transactions via the Internet.
- (4) Because we provide our products or services through resources and servers located around the world, this means that, with your authorized consent, your personal information may be transferred to, or accessed from, jurisdictions outside the country in which you use the product or service.
- (5) Such jurisdictions may have different data protection laws or even no relevant laws in place. We will seek your consent before doing so. If you consent to the transfer of your personal information, we will ensure that your personal information is adequately and equally protected within the People's Republic of China. For example, we may ask for your consent to transfer personal information across borders or implement security measures such as data de-identification prior to the transfer of data across borders.
In such cases, we will ensure, including through contracts, that your personal information is protected to a level no less than that set out in this policy.