FINCHI Innovation Center Co., Ltd. Privacy Policy
Release Date: October 14 th , 2022
Validation Date: October 21 st , 2022
Welcome on using our website!
Please pay attention to our special prompts as follows:
1. All key contents here are “ in bold ”; All sensitive personal information is “ in bold and italicized ” . Please pay special attention thereto when reading. Before providing u s with any sensitive personal information about you, you have given your careful consideration and hereby confirm that such provision of your sensitive personal information is appropriate, and you hereby acknowledge that your sensitive personal information may be processed for such purpose and in such manner as set out herein.
2. As to how to exercise your rights regarding the personal information, we provide the options including but not limited to access, correction or modification, deletion, withdrawal of consent, and timely response to ensure that you have controls over your personal information.
3. This Policy does not apply to the processing of your personal information by any third parties that are not under our control, and we recommend that you read and understand the privacy policies of third parties before interacting with them.
INDEX
How We Collect and Use Your Personal Information
How We Use Cookies and Similar Technologies
How We Entrust Processing, Share, Transfer, and Publicly Disclose Your Personal Information
How We Store Your Personal Information
How We Protect Your Personal Information
Personal Information Protection of Minors
What Rights You Have Over Your Personal Information
We will collect and use your personal information that you voluntarily provide during the use of the Services, and personal information automatically collected during the use of the Services, for the purposes described in this Policy in accordance with the principles of lawfulness, legitimacy and necessity. If we use your personal information for other purposes not described in this Policy, or collect your personal information for other specific purposes, we will inform you in a reasonable manner and obtain your consent again before using. Regardless of how we collect and use your personal information, we only do so with your consent, except in certain circumstances where the collection of personal information from you is based on legal obligations/legal duties or is necessary to enter into or perform a contract to which you are a party or may be necessary to protect your vital interests or those of others.
Please understand that the functions of the Services we provide may change and update as a result of changes in business strategies. If we want to use your personal information for other purposes not stated in this Policy, or if we collect personal information for a specific purpose to use it for other purposes, we will inform you in a reasonable manner and obtain your consent again before using.
When you use the Services, we need/may need to collect your personal information. The following details the business functions corresponding to the services and the personal information necessitated to be collected to achieve such business function. You may reject to provide the personal information we request from you, but if you choose not to do so, in many cases we will not be able to provide the Services to you or respond to your request. Please be noted that if you are providing personal information that is not your own, please ensure that you have obtained the consent of the relevant subject.
● Personal information you voluntarily provide during the use of the Services
To communicate with you and respond to your inquiries on other services. When you ask us questions about the Services through the bottom of home page of our website, you need to provide us with your name, email address, mobile or other phone number and the name of the company you work for, so that our staff can communicate with you about the Services, and if you do not provide the above information, we may not be able to provide you with appropriate feedback or assistance.
● Personal information automatically collected during the use of the Services
To serve you better, we will collect and use your following personal information generated during the use of the Services in compliance with the applicable laws and regulations:
To improve the Service. To improve and optimize the certain functions of the Services, we will collect your weblog information generated during the use of the Services ( including network crashes, system activity information, and software usage records ). This information is collected for the purpose of developing the new Services, enhancing, and improving the Services, managing communications, analyzing products, conducting statistics, cost analysis, audits and other internal functions, and your objection to provide such information will not affect your normal browsing and use of this website.
● Other legitimate basis
In compliance with applicable laws and regulations, your consent is not required when the following legitimate basis for processing your personal information apply:
1) necessary for the establishment or performance of a contract to which the individual is a privity;
2) necessary for the performance of a legal duty or legal obligations;
3) necessary to respond to the public health emergency incidents, or to protect the life, health and property of natural persons in an emergency;
4) in accordance with the Personal Information Protection Law of People’s Republic of China within a reasonable range to deal with personal information disclosed by individuals themselves or other personal information that has been lawfully disclosed;
5) other circumstances as stipulated by laws and administrative regulations.
After collecting your personal information, we may de-identify or anonymize it through technical means, and the de-identified or anonymized information will not be able to identify you, in which case we may use the de-identified or anonymized information for commercial purposes.
If we want to use your personal information for other purposes not described in this Policy, or to collect additional personal information not described in this Policy, we will ask for your prior consent separately.
When you are using the Services, we will not use Cookies to collect your personal information.
● Entrusted processing
In order to improve efficiency and reduce costs, we may entrust partners to process information on our behalf. For companies, organizations and individuals that we entrust to process personal information, we will require them to comply with strict confidentiality obligations and take effective confidentiality measures by means of written agreements and on-site audits and require them to process your information only within the scope of the entrustment, not to use your information for their own interests, and to supervise the personal information processing activities of the entrusted person. In the event that the entrustment contract is not effective, invalid, revoked or terminated, we will require the entrusted party to return the personal information or delete the personal information and not to retain it.
● Sharing
Other than in the following circumstances, we will not share your personal information with any third-party companies, organizations, or individuals:
1) Basing on your request, or your prior explicit authorization or consent;
2) In connection with our fulfilment of obligations under laws and regulations;
3) Directly relating to national security and national defense;
4) Directly relating to public safety, public health, and major public interests;
5) Directly relating to criminal investigation, prosecution, trial, and enforcement;
6) To protect your or others’ significant legal rights, while difficult to obtain consent of personal information subjects;
7) Personal information that are proactively disclosed by yourself to the public;
8) Collecting personal information that is legally publicly disclosed, such as legitimate news reports, open government information, and other channels;
9) Sharing within affiliated companies: to facilitate the joint service from us and our affiliates and continuously improve the following services, your personal information may be shared among our affiliated company and its service providers. We will only share personal information that is necessary in accordance with the relevant laws and regulations and subject to this Policy. If we share sensitive personal information or if our affiliates change the purpose of using and processing personal information, we will obtain your individual consent again and perform the corresponding obligations in accordance with laws and regulations.
10) Sharing within third-party service providers or commercial partners: to provide you with perfect and high-quality products and services, some of the Services will be provided by authorized partners. We may share some of your personal information with our partners to provide better customer services and user experience. We will only share your personal information for legal, legitimate, necessary, specific, and clear purposes, and will only share personal information necessary to provide services. We will take strict security monitoring on our partners’ methods to obtain information so as to protect data security. At the same time, we will engage strict confidentiality agreements with our partners, requiring them to process your personal information in strict accordance with our instructions, this Policy, and other relevant confidentiality and security measures. We will require our partners not to use the shared personal information for any other purposes.
We recommend you to carefully read and abide by the third-party terms of conditions and privacy policies to understand the purpose of obtaining such information. If you refuse to have our commercial partner and third-party service providers collect personal information necessary to provide services, you may not be able to use the services provided by such partner in the Services.
Currently, our authorized partners include the W ebsite B uilder .
If we provide your personal information to the above third-party partners, we will inform you of the name and contact information of the recipient, purpose of processing, method of processing and type of personal information, and obtain your individual consent.
11) Other circumstances stipulated by laws or regulations.
● Transferring
We may need to transfer your personal information due to partial or complete sale, merger, spin-off, dissolution, bankruptcy, etc. We will inform you of the name and contact information of the recipient and require the recipient to continue to perform the obligations of the processor of personal information, and if the recipient changes the original purposes or method of processing, we will request them to obtain your consent again.
● Public disclosure
We will not publicly disclose your personal information unless we obtain your individual consent or we determine that you have committed a material breach of law or regulation or of an agreement or rule relating to the Services, and we may disclose your breach and the actions we have taken in connection therewith.
Unless otherwise required by laws and regulations or relevant competent authorities, we will only store your personal information for the shortest period of time necessary, for the purposes described in this Policy. We determine appropriateness based on the amount, nature and sensitivity of your personal information we process, the potential risk of harm from unauthorized use or disclosure of your personal information, whether we could otherwise process it, and as required by applicable law personal information retention period.
Your personal information will be deleted after the applicable retention period expires. If there is any personal information that we cannot completely delete from our systems for technical reasons, we will take appropriate measures to prevent further use of this personal information. We retain some non-personal information that is not sufficient to personally identify you.
Personal information collected and generated during our operations in China will be stored in China. If it is necessary to transmit your personal information overseas, we will perform relevant obligations in accordance with laws and regulations, obtain your authorization and consent separately, and require overseas recipients to comply with the signed data protection agreement, this Policy, and relevant laws and regulations. to process your personal information.
We attach great importance to the security of your personal information. Thus, we have adopted multi-level protections, such as industrial standard technical measures and corresponding organizational structures and management schemes. In this way, we may prevent your personal information from being leaked, damaged, misused, and accessed or disclosed without authorization to the greatest extent. The measures include the following:
● Data security technical measures
In terms of data transmission security, we use cryptographic technologies such as the transfer layer security protocol to build a secure private data environment and ensure the privacy and integrity of data, where Https and other methods are utilized to prevent the transmission link from being eavesdropped and intercepted. We also use Token to protect data during its transmission and take appropriate protection mechanisms to prevent data from malicious attacks. We will implement additional security protection measures on your information such as encrypted storage.
We will take all reasonable and feasible measures to ensure that irrelevant personal information is not collected. We will only retain your personal information for the period necessary to achieve the purposes stated in this Policy, unless the extension of the retention is needed or permitted by laws.
● Data security organization and management measures
In accordance with relevant laws and regulations, we have established a department/position in charge of the personal information protection. We have also established a correlative internal control management process, strictly set information access permissions for staff who may be exposed to your personal information and control the scope of personal information that they can access under the principle of minimum authorization.
We have established an internal standard system for data usage security to ensure that the processing of your personal information meets the security criteria under applicable laws and regulations in collection, transmission, use, storage, transfer, and destruction. According to applicable laws and regulations, we require the person in charge of personal information protection or authorized management personnel to approve the staff who need to access personal information, record their access, and take technical measures to avoid illegal copying and downloading of personal information.
We organize employees to participate in security and privacy protection related trainings and require them to complete the assessments to strengthen their awareness of the importance in protecting personal information.
We have also taken other feasible organization and management measures.
● Guarantee clause of cooperation agreement
Before we collect your personal information indirectly from a third party, we will clearly require the third party to obtain your explicit written consents before collecting and processing (such as data sharing) your personal information, and require the third party to make a commitment in the form of the written agreement on the legality and compliance of the source of personal information (e.g., via cooperation agreement, letter of commitment). If the third party commits a violation, we will explicitly require them to bear the corresponding legal liabilities.
Before we share your personal information with our business partners, we will strictly require our partners to undertake information protection obligations and responsibilities. To this end, we will require our business partners to sign a data processing agreement or set out the terms of data protection in a cooperation agreement entered by both parties before cooperation. The agreement strictly stipulates confidentiality obligations of our business partners on users’ information, including accepting our review, supervision, and audit, while that the storage, use, and circulation of information shall all meet our management and control requirements. Once there is any violation, we will require the counterparty to bear corresponding legal liabilities.
As stated above, we do not knowingly collect or solicit personal information from minors under the age of 18. the Services are for adults and for adults. the Services are not aimed at minors, and we do not knowingly collect personal information from minors. If you are under the age of 18, please do not attempt to register for the Services or send us any personal information about you. If we learn that we have collected personal information from a minor under the age of 18, we will delete that information as soon as possible. If you believe that a minor under the age of 18 may have provided us with personal information, please contact us at finchi@finchi.cn.
We attach great importance to the management of your personal information and do our best to protect your rights to inquire, update, change, transfer, delete and withdraw consent to personal information, so that you have the full ability to maintain your privacy and personal information security. You have certain rights with respect to your personal information, including those described below. For more information on these rights, or to submit a request, please email at finchi@finchi.cn. Please note that in some cases we may not be able to fully meet your request. For example, if your request is meaningless or extremely impractical, jeopardizes the rights of others or if it is not required by law. However, in these circumstances we will respond and notify you of our decision that we cannot meet the request. In some cases, we may also need to ask you to provide us with additional information, which may include personal information, where necessary to verify your identity and the nature of your request.
● Inquiries: You can request to inquire about the personal information we hold about you and request a copy of this personal information. You can also inquire about your personal information by sending us an email to finchi@finchi.cn.
● Updates or changes: If you believe that any personal information, we hold about you is incorrect or incomplete, you can ask us to update or change it. You can request us to update or change your personal information by sending an email to finchi@finchi.cn.
● Deletion: You can ask us to delete some or all of your personal information from our systems, except when personal information has been anonymized or otherwise stipulated by laws and regulations.
● Withdrawal of consent: You have the right to withdraw the consent previously granted to us for a specific purpose at any time. We will process your request within a reasonable time after your request and will, in accordance with your request, no longer collect, use and/or disclose your personal information. Depending on the extent to which you withdraw your consent, it may result in your no longer being able to enjoy the Services. However, your decision to withdraw your consent or authorization will not affect the validity of our previous personal information processing activities based on your consent. After you withdraw your consent, we will no longer process your personal information. At the same time, we will delete all your personal information.
● Data transfer: You may request a machine-readable copy of your personal information. You can also request that we transfer your personal information to third parties where in accordance with applicable laws and regulations as well as technically feasible.
● Responding to your request: In order to fulfill the rights of users under this Policy, or if you have any questions, complaints, comments or suggestions regarding your data subject rights, you may contact us through the contact information provided in this Policy. We will complete identity verification and processing response within 15 business days of receiving your message. For your reasonable requests, we do not charge in principle, but for repeated requests that exceed reasonable limits, we will charge a cost fee as appropriate. We may reject requests that are repeated for no reason, require excessive technical means, pose a risk to the legal rights of others, or are very impractical.
● Protection of personal information of deceased users: From November 1, 2021, we will establish a system for the protection of personal information of deceased users in accordance with the relevant provisions of the Personal Information Protection Law. If a user dies, his or her next of kin may, for their own legal and legitimate interests, exercise the right to access, copy, correct, delete, etc., the personal information related to the deceased user through the contact information disclosed in this Policy, unless otherwise arranged by the deceased user during his or her lifetime. You understand and acknowledge that in order to fully protect the rights and interests of the deceased user’s personal information, the next of kin of the deceased user applying to exercise the rights in this section will be required to submit the deceased user’s identification documents, death certificate documents, applicant’s identification documents, applicant’s proof of kinship with the deceased user, and provide the type and purpose of the rights applied for in accordance with our designated process or customer service instructions.
● We may revise and update this Policy from time to time. Regarding the update of this Policy, we will release it in a timely manner, and you can check the latest version of this Policy at any time. We will not reduce your rights deserved in this Policy without your explicit consent.
Please carefully read the content of this Policy after the updates. If you do not, or have objections to the modification or updates of this Policy, you can choose to stop using the Services. Please be aware that your conduct and activities prior to discontinuing use of the Service remain subject to this Policy.
If major and substantive changes are involved, we will notify you in a noticeable way or in the manners such as email, mobile phone text message based on specific circumstances.
Significant and substantial changes include but are not limited to the following:
1) the Service model has undergone major changes, such as the purpose of personal information processing, the type of processed personal information, the method of using personal information, etc.;
2) Significant changes have taken place in our ownership structure and organizational structure, such as changes in owners caused by business adjustments, bankruptcy mergers, etc.;
3) The main objects of personal information sharing, transfer, or public disclosure have changed;
4) Your right to participate in the processing of personal information and how to exercise it have undergone major changes;
5) When the department responsible for handling personal information security, contact information, and complaint channels changes;
6) When the personal information security impact assessment report indicates that high risks exist.
● We will keep an older version of this Policy on record for your review.
● All rights not expressly granted in this Policy are reserved by us.
If you have any questions or concerns about privacy related to the Services, please send us detailed information to finchi@finchi.cn and we will make every effort to resolve your concerns. Please describe your problem completely and we will complete the identity verification and processing response within 15 business days.
The interpretation of this Policy and dispute resolution shall be governed by the laws of the People’s Republic of China. Any dispute related to this Policy shall first be resolved by friendly negotiation between the parties. If the dispute cannot be resolved through negotiation, you hereby agree to render the dispute to the jurisdiction of Shanghai Pudong New Area People’s Court.
If any court of competent jurisdiction determines or decides that any provision of this Policy is invalid, that provision will be waived from this Policy, but the invalidity of that provision will not affect the validity of the remaining provisions of this Policy. The remaining provisions of this Policy will continue to be enforced.
The headings in this Policy are designed for convenience only and do not affect the meaning or interpretation of any provision of this Policy.