Release Date: Oct. 8, 2021
Welcome to access the official website of Zhonghe Group at www.zhonghegroup.com (the “Website”). The Website is operated by Beijing Zhonghetianxia Management Consulting Co., Ltd. (the “Company” or “we/us”).
Please be assured that the security of your information is of our utmost priority.
Please be noted that: this Policy applies to your access to the Website www.zhonghegroup.com and the personal information you provide to us by accessing the Website (including but not limited to the personal information you provide to us when downloading materials made available to you on the Website). We attach great importance to the privacy protection and personal information security of you and other information providers, and will implement applicable security measures in accordance with the requirements of laws and regulations as well as the sophisticated security standards in the industry. This Policy highlights why we collect your information, what we collect and how we use it and how long we store it. It should be specifically noted that, however, this Policy does not apply to any personal information collected from you by any other third parties.
Before accessing the Website and providing us with personal information, please make sure to carefully review and understand this Policy, especially those terms in bold. Your access to the Website and provision of personal information to us, or in case of any update of this Policy, your continued access to the Website and provision of personal information to us, shall be deemed to be your full understanding and acceptance of this Policy and consent to our processing of the personal information of the information providers you submitted in accordance with the provisions of this Policy. If you do not agree to any of the terms of this Policy, please immediately stop providing us with any personal information through the Website.
Please be advised that the Website will adjust the contents of this Policy as appropriate in accordance with laws and regulations and business needs and will remind you by pop-ups on the Website. Your continued access to the Website and provision of personal information after being informed of the changes of contents of this Policy shall represent that you have fully read, understood and accepted the amended contents and will follow the same for purpose of such access and provision. If you do not agree to the amended contents of this Policy, please immediately stop providing us with any personal information through the` Website.
This Policy consists of the following sections:
I. Definition
II. Personal Information We Collect Directly or Indirectly
(I) How Do We Collect Personal Information
(II) How Do We Use Personal Information
(III) How Do We Share, Transfer and Publicly Disclose Personal Information
(IV) How Do We Protect and Preserve Personal Information
(V) Exceptions Where Prior Authorization and Consent Are Required for Processing Personal Information
(VI) Rights in Processing of Personal Information
III. Protection of Minors
IV. How will Personal Information Transfer Worldwide
V. Amendment and Update of this Prolicy
VI. Contact Us
I. Definition
1. User: refers to users or visitors of the official website of Zhonghe Group and shall be referred to as “you” in this Agreement.
2. Personal Information: refers to all kinds of information recorded electronically or by other means that can identify a specific natural person or reflect the activities of the same alone or in combination with other information.
3. Sensitive Personal Information: refers to personal information that may endanger personal safety and property security, or easily cause damage to personal reputation, physical and mental health or discriminatory treatment once leaked, illegally provided or abused.
II. Personal Information We Collect Directly or Indirectly
(I) How Do We Collect Personal Information
1. Personal Information You Provide to Us through the Website
When downloading materials made available to you on the Website, you will need to provide us with your information, including your mobile phone number and verification code. The above information provided by you will facilitate the download of materials you intend to download from the Website. If you do not provide the above information, you will not be able to download the corresponding materials available for download from the Website.
When you access the recruitment information on the Website and propose to apply for any open position, we will collect the personal information of the proposed candidates through Moka system, a third-party technology service provider ( Beijing Si Rui Si Si Technology Co., Ltd.), including, among others, name, mobile phone number, professional experience, date of birth, certificate number, local social security participation, highest education level, recently completed major, graduated school, location of registered residence, nature of registered residence, QQ/Wechat ID, E-mail address, location, emergency contact, phone number of emergency contact, education background, employment history and job intention.
2. Information We Collect when You Access the Website
When you access the Website, we will collect relevant information about such access, including your IP address and requested URL.
You shall undertake and warrant that all information and data provided by you to us have been legally and fully authorized by the subject of personal information (“Information Provider”), including the principal of personal information provided by you through accessing the Website, including but not limited to the Information Provider that has allowed you to provide us with such information and data and agreed that such information and data are stored in the software and systems of the Website and that we may reasonably use the same for lawful purposes. You shall indemnify and hold harmless us from and against any financial loss or liability for damage arising from our acquisition, storage or proper use of such information and data.
(II) How Do We Use Personal Information
1. Personal information collected from the Information Providers will be used for the following purposes:
(1) We will use the personal information you provide to us to provide and perform our services, and maintain, improve and optimize these services and service experience;
(2) For preventing, detecting and investigating fraud, infringement, safety hazard, illegal activities or violations of our policies or rules, and for protecting the legitimate rights and interests of you, other users or the public, and us;
(3) Other purposes permitted by you and the Information Providers concerned.
2. In addition, we may also use the personal information for data statistics, data analysis, research and other internal purposes, so as to improve service quality. We have the right to conduct model training and development, group portrait analysis, data statistics or otherwise satisfy reasonable commercial demands in accordance with laws and regulations using such data after anonymized by technical means. We will fully comply with the Cyber Security Law, Personal Information Protection Law, Personal Information Security Specification and other legal obligations to implement the aforesaid information processing activities.
3. Depending on the use of personal information, we will confirm with you whether to delete or destroy the personal information you provide belonging to you and any other Information Provider, and adopt the following processing methods according to your confirmation:
① If you request deletion or destruction, we will delete or destroy or anonymize the information we collect from you upon your request, unless otherwise required by laws or regulations in respect of the period for which we preserve the relevant information or the Information Provider has directly authorized us to use his personal information;
② If you do not request deletion or destruction, you need to specify the period for which you entrust us to preserve the information in order to use our information query service, and we will further preserve the information until the later of the following two dates with your consent:
> The last day of the period you agree to;
> The last day of the period that applicable laws and regulations require us to preserve it.
(III) How Do We Share, Transfer and Publicly Disclose Personal Information
1. Sharing
We will not share any personal information of you and the Information Providers you submit with any organizations, companies or individuals other than the company’s branches and affiliates, except that:
(1) Sharing under statutory circumstances: We may share the personal information of the Information Providers owning the information you submit in accordance with the provisions of laws and regulations or mandatory requirements of the competent government authorities, or necessary for the performance of statutory duties or obligations under litigation dispute resolution and other statutory circumstances;
(2) Sharing with third-party suppliers (those of our main business): For the purposes stated in this policy solely, certain of our services will be provided by us in association with third-party suppliers. We may process the relevant personal information by entrusting third-party suppliers to deliver better services and user experience. We will entrust third-party suppliers to process the personal information of the Information Providers you submit solely for lawful, legitimate, necessary, specific and explicit purposes, and will limit such processing to the extent necessary. Our third-party suppliers will have no right use such personal information for any other purpose not related to the products or services we entrust them to provide. We will enter into a strict confidentiality agreement with them, requiring them to strictly comply with our requirements, this Privacy Protection Policy and any other relevant confidentiality and security measures when processing the personal information, and delete it upon the completion of matters entrusted by us as agreed.
(3) Sharing with third-party technology service providers: For the purposes stated in this policy solely, certain functions on the Website will be provided by us in association with third-party technology service providers (such as Moka and other third-party technology service providers with whom we will enter into future partnerships). Such third-party technology service providers we access may collect your personal information, such as the information that you agree to be collected and processed directly by them when you use such services provided by a third party in certain functions on the Website. We will evaluate the legality, legitimacy and necessity of such third-party technology service providers’ collection of personal information and require them to take measures to protect your personal information and strictly comply with relevant laws, regulations and regulatory requirements.
2. Transfer
We will not transfer to any companies, organizations or individuals any personal information of you and the Information Providers owning the information you submit, except that:
(1) Transfer with explicit consent: We will transfer the personal information of the relevant Information Providers to other parties after obtaining their explicit consent provided for such transfer;
(2) You agree that, if we have to transfer the personal information and data collected on the Website due to merger, acquisition, dissolution, bankruptcy or liquidation, or due to asset transfer or business transfer, we may so transfer directly without obtaining the consent of you and the Information Providers. In such case, we will inform you by pop-ups or other appropriate means on the Website of the name of the new company or organization that holds the personal information of you or the Information Providers and require the company or organization either continue to be bound by this Privacy Policy or to re-solicit authorization from you or the Information Providers concerned.
3. Public Disclosure
We will publicly disclose the personal information of the Information Providers you submit solely under the following circumstances where:
(1) We may publicly disclose the personal information of the Information Providers after we explain to them the type of personal information to be publicly disclosed and the reasons for disclosure, promise not to bring any danger to them, and obtain their explicit consent or at their own option;
(2) If we are convinced that you or the Information Provider have violated laws and regulations or seriously violated this Policy, or in order to protect the personal safety and property security of our customers or the public from infringement, we may disclose the relevant personal information of the Information Providers you submit in accordance with laws and regulations or this Policy, including the violation itself and measures we have taken against you or the Information Provider.
4. No Disclosure
(1) Under no circumstances will we publicly disclose the personal biological recognition information, gene, disease and other personal physiological information of the Information Providers provided by you;
(2) Under no circumstances will we publicly disclose the analysis results in respect of race, ethnicity, political views, religious beliefs and other sensitive data of the Information Providers provided by you.
(IV) How Do We Protect and Preserve Personal Information
1. We have taken industry-standard security measures to protect the personal information of the Information Providers owning the information you submit from unauthorized access, public disclosure, use, modification, damage or loss. We will take all reasonable and feasible measures to protect the personal information of the Information Providers, by, for example, specifying confidentiality clause in the employment contract with our employees, organizing training courses in security and privacy protection to enhance the employees’ awareness of the importance of protecting the personal information, providing secure browsing mode of HTTPS for official website, using encryption technology to ensure the data confidentiality, using trusted protection mechanisms to prevent the information from malicious attacks and deploying access control mechanisms to ensure that only authorized persons have access to the personal information.
2. Our data security capabilities: the internal network is protected by a security firewall. Access to any internal network, including dial-up, E-mail, and the Internet, is restricted to authorized users. Computer accounts are protected by passwords and will undergo regular security checks to ensure that a secure password is used.
3. We will make every effort to avoid collecting irrelevant personal information and preserve the personal information of you and the Information Providers provided by you for the shortest period necessary to achieve the purpose stated in this Policy, except as otherwise provided by laws and administrative regulations.
4. The Internet environment is not 100% secure. Despite the security measures we take, please note that there is no “perfect security measure” for the Internet. We will do our best to ensure the security of your information and the personal information of the Information Providers you provide.
5. In the unfortunate occurrence of any security incident of personal information, we will be in accordance with the requirements of laws and regulations by timely informing you and the Information Providers concerned: the basic situation and possible impact of the security incident, the measures we have taken or will take to deal with it, the suggestions you and the Information Providers concerned can take to prevent and reduce the risk, the remedial measures we take and so forth. We will timely inform you and the Information Providers concerned of the relevant information by E-mail, letter, phone call, push notification and other means. If it is difficult to inform the subject of personal information one by one, we will take reasonable and effective ways to release announcements. Meanwhile, we will also report the management of the personal information security incident as required by regulators.
(V) Exceptions Where Prior Authorization and Consent Are Required for Processing Personal Information
Prior authorization and consent of relevant information subjects are not required for processing personal information in the following circumstances where:
1. It is required for the conclusion or performance of a contract to which a particular individual is a party;
2. It is required for the performance of statutory duties or obligations;
3. It is required to respond to public health emergencies or to protect the life, health and property of natural persons in case of emergency;
4. It is required to process personal information to a reasonable extent in order for press reporting, public opinion monitoring and similar activities to safeguard the public interest;
5. It is required to process personal information disclosed by oneself or otherwise lawfully disclosed to a reasonable extent in accordance with the provisions hereof;
6. Other circumstances as stipulated by laws and administrative regulations.
(VI) Rights in Processing of Personal Information
In accordance with relevant Chinese laws, regulations and standards, as well as common practices in other countries and regions, we will protect the rights of Information Providers in the processing of personal information. Information Providers may exercise the following personal information rights to us in accordance with the law:
1. To access personal information
Information Providers have the right to access their own personal information, with exceptions provided by laws and regulations. Information Providers who wish to exercise the data access right may contact us through the contact information listed in Section VI.
We will reply to the access request within 15 working days after receipt thereof.
2. To correct personal information
When the Information Providers find that any personal information processed by us is inaccurate or incomplete, they have the right to request correction and supplement by contacting us through the contact information listed in Section VI.
We will reply to the correction request within 15 working days after receipt thereof.
3. To delete personal information
Information Providers may make the following request for deleting personal information in the following circumstances where:
(1) The processing purpose has been realized, cannot be realized or the information is no longer necessary to realize the processing purpose;
(2) The products or services we provide or the preservation period expires;
(3) The Information Providers withdraw their consent;
(4) The personal information is processed in violation of laws, administrative regulations or agreement;
(5) Other circumstances as stipulated by laws and administrative regulations.
Information Providers may contact us through the contact information listed in Section VI.
We will reply to the deletion request within 15 working days after receipt thereof.
4. To change the scope of authorization
Each business function requires certain basic personal information to complete. Information Providers may at any time grant or withdraw their authorization for the collection and use of additional personal information collected.
Information Providers may contact us through the contact information listed in Section VI.
We will reply to the request within 15 working days after receipt thereof.
After the consent of the Information Providers is withdrawn, we will stop further processing of relevant personal information, provided that their decision to withdraw your consent will not affect the processing of personal data previously carried out on the basis of their authorization.
5. To acquire copies of personal information
Information Providers have the right to obtain the copies of personal information and contact us through the contact information listed in Section VI. We will provide channels of transfer in respect of requests that meet the conditions set by Cyberspace Administration of China.
We will reply to the request within 15 working days after receipt thereof.
6. To impose constraints on automatic decision-making of information systems
In certain business functions, we may make decisions based solely on non-manual automatic decision-making mechanisms, including information systems and algorithms. Information Providers may contact us for an explanation or request a manual review of the automated decisions, and we will provide them with closure channels or other appropriate remedies.
7. To respond to the above requests
For purpose of security, the Information Providers should provide written requests or otherwise prove their identity, and we may require verification of their identity before processing their individual requests. If the Information Providers exercise the above rights by entrusting you, you shall give us all necessary cooperation in responding to their requests.
We will reply to the requests within 15 working days after receipt thereof. If the Information Providers are not satisfied, they can also make complaints through online consultation or telephone consultation on our official website.
In principle, we do not charge the Information Providers a fee for a reasonable request, but we will do so for repeated requests that exceed reasonable limits as the case may be. We may reject requests that are unnecessarily repetitive, require too much technology (for example, to require to develop a new system or radically change existing practices), pose a risk to the legitimate rights and interests of others, or are highly unrealistic (for example, involving information stored on backup tape).
We will not be able to respond to a request from the Information Providers if:
(1) It is related to the performance of obligations prescribed by laws and regulations;
(2) It is directly related to national security or national defense security;
(3) It is directly related to public security, public health or major public interests;
(4) It is directly related to criminal investigation, prosecution, trial and execution of judgment;
(5) There is sufficient evidence to prove that the personal information subject has subjective malice or abuse of rights;
(6) We do that for the purpose of safeguarding the life, property and other important legitimate rights and interests of the personal information subject or other individuals and it is difficult to obtain the consent and authorization therefrom;
(7) Responding to the request of the personal information subject will cause serious damage to the legitimate rights and interests of the same or other individuals and organizations;
(8) It involves trade secrets.
III. Protection of Minors
We value the protection of minors’ personal information and have no intention to collect their information. If a minor has provided us with personal information without the consent of his parents or legal guardians, the parents or legal guardians may then contact us through the contact information listed in Section VI.
IV. How will Personal Information Transfer Worldwide
The personal information collected and generated during our operations in the People’s Republic of China will generally be stored in the People’s Republic of China. For users of the Website who are outside the People’s Republic of China, you agree to send back the personal information of the Information Providers submitted during accessing the Website for storage on servers in the Territory of China, or otherwise you will not be able to use the existing services of the Website, and you shall ensure that you have obtained the full consent and authorization from the Information Providers for such transmission. In such case, we will ensure that the personal information of the Information Providers you submit will be protected adequately as if it were submitted in the People’s Republic of China.
V. Amendment and Update of this Policy
(I) This Policy shall be governed by the laws of the People’s Republic of China. In case of any conflict between the contents of this Policy and the provisions of relevant laws, the latter shall prevail. This Policy is severable, and if any provision hereof is judged or ruled invalid, the validity of the remaining provisions shall not be affected.
(II) We may amend this policy as appropriate, and if so, we will post updates to keep you informed.
(III) For major changes, we will also provide more prominent notices (including soliciting comments through announcements on the Website, releasing announcements and even sending you pop-ups), and, upon your consent, will process by such means as be subjected to such material changes the personal information of your staff and the Information Providers from whom you have obtained authorization. If you refuse to accept the relevant major changes, we will stop providing you with further services and process your account and the personal information of your staff and the Information Providers from whom you have obtained authorization in accordance with the provisions of this Policy. Before agreeing to such major changes made by us, you should ensure that you have obtained the full consent and authorization from the Information Providers owning the information you submit regarding such changes.
Major changes referred to herein shall include without limitation when:
1. Our service model is changed significantly, such as the purpose of processing personal information and the way of using personal information;
2. The main objects of sharing, transfer or public disclosure of personal information are changed;
3. The department responsible for personal information security, contact information and complaint channels change;
4. Personal information security impact assessment report indicates that there is a high risk.
VI. Contact Us
This Policy is executed in the Chinese language. Should any conflict arise between the Chinese language version of this Agreement and any translation hereof, the Chinese language version shall be controlling. For any questions, comments, suggestions, complaints or questions related to the protection of minors, please contact us through the following contact information, and we will provide a reply and answer within 15 working days upon verification of your identity.
Chief Information SecurityOfficer: DING Xue
Phone Number: 400 668 5151 (ext. 5)
Company E-mail: security@51shebao.com
Contact Address: 16th Floor, Building 17, Jianwai SOHO West Area, 39 Dongsanhuan Middle Road, Chaoyang District, Beijing
发布日期:2021年10月8日
欢迎您访问众合云科(Zhonghe Group)官方网站(网址:www.zhonghegroup.com)(简称:本网站)。本网站是由北京众合天下管理咨询有限公司(简称:“公司”或“我们”)运营。
本网站视您的信息安全与隐私保护为自己的“生命线”。
特别提示本政策适用于您访问本网站(网址: www.zhonghegroup.com),以及您通过访问本网站向我们提供的个人信息(包括但不限于您下载本网站上为您提供的资料时向我们提供的个人信息)。我们重视您及信息提供方的隐私保护和个人信息安全,将按法律法规要求和业界成熟的安全标准采取相应的安全措施。本政策阐述了在处理通过访问本网站所收集到的个人信息方面的政策。特别说明的是,本政策不适用于其他第三方向您收集的个人信息。
请您在访问本网站并向我们提供个人信息前,务必仔细阅读并理解本政策,尤其是其中加粗的条款。一旦您开始访问本网站并向我们提供个人信息,或在本政策更新后继续访问本网站并向我们提供个人信息,即视为您已充分理解并完全同意本政策,同意我们按照本政策的约定处理您提交的信息提供方的个人信息。如您不同意本政策的任何条款,请您立即停止通过本网站向我们提供个人信息。
请您知悉,本网站将根据法律法规及业务的需要及时调整本政策内容,并在本网站以弹窗方式提醒您;若您在本政策内容公告变更后继续访问本网站并向我们提供个人信息,表示您已充分阅读、理解并接受修改后的本政策内容,也将遵循修改后的本政策内容访问本网站并向我们提供个人信息;若您不同意修改后的本政策内容,您应停止通过本网站向我们提供个人信息。
本政策包含以下内容章节:
一、定义
二、我们直接和间接收集的个人信息
(一)我们如何收集个人信息
(二)我们如何使用个人信息
(三)我们如何共享、转让、公开披露个人信息
(四)我们如何保护和保存个人信息
(五)处理个人信息时事先征得授权同意的例外
(六)个人信息处理活动中的权利
三、未成年人保护
四、个人信息如何在全球范围转移
五、本政策的修改与更新
六、如何联系我们
一、定义
1、用户:指众合云科官方网站的使用者或者访问者,在本协议中称为“您”。
2、个人信息:指以电子或者其他方式记录的能够单独或者与其他信息结合识别特定自然人身份或者反映特定自然人活动情况的各种信息。
3、个人敏感信息:是指一旦泄露、非法提供或滥用可能危害人身和财产安全,极易导致个人名誉、身心健康受到损害或歧视性待遇等的个人信息。
二、我们直接和间接收集的个人信息
(一)我们如何收集个人信息
1、您通过本网站并向我们提供个人信息
当您在本网站下载本网站为您提供的资料时,您需要向我们提供您的信息,包括您的手机号码和验证码。您提供的上述信息将帮助您成功下载本网站您需下载的资料。如果您不提供以上信息将无法下载本网站上对应可供下载的资料。
当您访问本网站的招聘信息并拟投递拟聘岗位时,我们会通过第三方技术服务提供商Moka(Moka的运营主体是:北京希瑞亚斯科技有限公司)系统收集拟应聘者的个人信息,包括姓名、手机号码、工作经验、出生日期、证件号码、本市社保情况、最高学历、最近毕业专业、毕业院校、户口所在地、户口性质、QQ/微信号、邮箱、所在地、紧急联系人、紧急联系人电话、教育背景、工作经历、求职意向等。
2、您访问本网站过程中我们收集的信息
当您访问本网站时,我们会收集关于您访问本网站的相关信息,包括您的IP地址、请求URL。
您应当承诺并保证,您向我们提供的全部信息资料已获得包括委托人您访问本网站提供其个人信息的委托人在内个人信息主体(“信息提供方”)的合法及充分授权,包括但不限于信息提供方已允许您向我们提供该等信息资料,并同意该等信息资料本网站软件及系统中存储,以及我们出于合法目的对该等信息资料进行合理使用。如我们因获取、储存或正当使用该等信息资料而遭受任何经济损失或承担任何赔偿责任,您应向我们相应赔偿并保证我们免受损失。
(二)我们如何使用个人信息
1、收集信息提供方的个人信息后,我们会把该等个人信息用于下列用途:
(1)我们使用您提供给我们的个人信息以提供和完成我们的服务,并维护、改进、优化这些服务及服务体验;
(2)为预防、发现、调查欺诈、侵权、危害安全、非法或违反与我们的政策或规则的行为,保护您、其他用户或公众,我们的合法权益;
(3)经您及所涉及信息提供方许可的其他用途。
2、除此之外,为改善服务质量,我们还可能会将个人信息用于数据统计、数据分析和研究等内部目的。我们通过技术手段对数据进行匿名化处理后,有权对该等匿名化数据进行模型训练和开发、群体画像分析、数据统计或其他符合法律法规规定合理的商业诉求。在上述信息处理活动中,我们将全面遵守《网络安全法》《个人信息保护法》《个人信息安全规范》等各项法律义务。
3、根据个人信息的使用情况,我们会对是否删除或销毁您提供的您及信息提供者的个人信息与您进行确认,并根据您的确认采取如下处理方式:
①如果您要求删除或销毁的,我们会根据您的要求对我们自您处收集的信息进行删除或销毁或进行匿名化处理,但如果法律法规对我们保存相关信息的期限另有要求或信息提供者已直接对我们就其个人信息的使用进行授权的除外;
②如您未要求删除或销毁,则您需要对您为了使用我们的信息查询服务而委托我们保存该等信息的时间进行明确,我们将根据您的同意进一步保留至如下两个日期中较晚者:
> 您同意的期限的最后一日;
> 法律法规要求我们保留的期限的最后一日。
(三)我们如何共享、转让、公开披露个人信息
1、共享
我们不会与公司分支机构、关联公司以外的其他组织、公司和个人共享您及您提交的信息提供方的个人信息,但以下情况除外:
(1)法定情形下的共享:我们可能会根据法律法规规定、按政府主管部门的强制性要求,或在诉讼争议解决等其他法定情形下,基于履行法定职责或者法定义务所必需,对外共享您提供的信息提供方的个人信息;
(2)与第三方供应商(指我们主营业务方面供应商)共享:仅为实现本政策中声明的目的,我们的某些服务将由我们和第三方供应商共同提供。我们可能会委托第三方供应商处理相关个人信息,以提供更好的服务和用户体验。我们仅会出于合法、正当、必要、特定、明确的目的委托第三方供应商处理您提交的信息提供方的个人信息,并且将其限于必要的范围内。我们的第三方供应商无权将该等个人信息用于与我们委托其提供的产品或服务无关的其他用途。我们会与其签署严格的保密协定,要求他们按照我们的要求、本隐私保护政策以及其他任何相关的保密和安全措施来处理个人信息,并按照协议约定在我们委托其处理的事宜完成后删除相关个人信息。
(3)与第三方技术服务商共享:仅为实现本政策中声明的目的,本网站上的某些功能将由我们和第三方技术服务商共同(比如 Moka及其他未来我们将合作的第三方技术服务商)提供。我们接入的第三方技术服务商可能会收集您的个人信息,如您在本网站上的某些功能中使用这类由第三方提供的服务时,您同意将由其直接收集和处理您的信息。我们会评估这类第三方技术服务商收集个人信息的合法性、正当性、必要性,要求该等第三方对您的个人信息采取保护措施,并严格遵守相关法律法规与监管要求。
2、转让
我们不会将您或者您提供的信息提供方的个人信息转让给任何公司、组织和个人,但以下情况除外:
(1)在获取明确同意的情况下转让:向信息提供方征求对转让个人信息的授权同意,获得明确同意后,我们会向其他方转让相关信息提供方的个人信息;
(2)您同意:如我们因合并、收购、解散、破产、清算,或因为资产转让、业务转让而需要转让本网站收集之个人信息、数据时,我们可以直接予以转让而不需要额外征得您及信息提供方的同意。在该等情况下,我们会在本网站以弹窗或其他合适的方式通知您新的持有您或信息提供方的个人信息的公司、组织的名称,并要求其继续受此隐私政策的约束,否则我们将要求该公司、组织重新向您或者所涉信息提供方的征求授权同意。
3、公开披露
我们仅会在以下情况下,公开披露您提交的信息提供方的个人信息:
(1)向信息提供方说明公开披露的其个人信息类型、原因、承诺不会对其带来任何危险,并获得其明确同意或基于其的主动选择,我们可能会公开披露其个人信息;
(2)如果我们确定您或信息提供方出现违反法律法规或严重违反本政策的情况,或为保护本网站客户或公众的人身财产安全免遭侵害,我们可能依据法律法规或本政策披露您提交的信息提供方的相关个人信息,包括相关违规行为以及我们已对您或信息提供方采取的措施。
4、不得披露
(1)任何情况下,我们不会公开披露您提供的信息提供方的个人生物识别信息和基因、疾病等个人生理信息;
(2)任何情况下,我们不会公开披露您提供的信息提供方的种族、民族、政治观点、宗教信仰等敏感数据分析结果。
(四)我们如何保护和保存个人信息
1、我们已使用符合业界标准的安全防护措施保护您提供的信息提供方的个人信息, 防止数据遭到未经授权访问、公开披露、使用、修改、损坏或丢失。我们会采取一切合理可行的措施,保护信息提供方的个人信息。例如,我们在与员工签订的劳动合同中约定了保密条款;以及我们会举办安全和隐私保护培训课程,加强员工对于保护个人信息重要性的认识;我们对官方网站提供 https 安全浏览方式;我们会使用加密技术确保数据的保密性;我们会使用受信赖的保护机制防止数据遭到恶意攻击;我们会部署访问控制机制,确保只有授权人员才可访问个人信息等。
2、我们的数据安全能力:公司内部网络由安全防火墙进行保护。任何内部网络的进入,包括拨号进入,电子邮件和互联网进入,都仅限于授权用户。电脑账户由密码进行保护,并且有规律地进行安全审查以确保使用安全密码。
3、我们尽力避免收集无关的个人信息,并在限于达成本政策所述目的所必要的最短期限内保留您及您提供的信息提供方的个人信息,法律、行政法规另有规定的除外。
4、互联网环境并非百分之百安全,尽管我们有这些安全措施,但请注意在互联网上不存在“完善的安全措施”,我们将尽力确保您的信息以及您提供的信息提供方的个人信息的安全性。
5、在不幸发生个人信息安全事件后,我们将按照法律法规的要求,及时向您和涉及的信息提供方告知:安全事件的基本情况和可能的影响、我们已采取或将要采取的处置措施、您和涉及的信息提供方可自主防范和降低风险的建议、我们采取的补救措施等。我们将及时将事件相关情况以邮件、信函、电话、推送通知等方式告知您和涉及的信息提供方,难以逐一告知个人信息主体时,我们会采取合理、有效的方式发布公告。同时,我们还将按照监管部门要求,主动上报个人信息安全事件的处置情况。
(五)处理个人信息时事先征得授权同意的例外
以下情形中,处理个人信息无需事先征得相关信息主体的授权同意:
1、为订立、履行特定个人作为一方当事人的合同所必需;
2、为履行法定职责或者法定义务所必需;
3、为应对突发公共卫生事件,或者紧急情况下为保护自然人的生命健康和财产安全所必需;
4、为公共利益实施新闻报道、舆论监督等行为,在合理的范围内处理个人信息;
5、依照本法规定在合理的范围内处理个人自行公开或者其他已经合法公开的个人信息;
6、法律、行政法规规定的其他情形。
(六)个人信息处理活动中的权利
按照中国相关的法律、法规、标准,以及其他国家、地区的通行做法,我们保障信息提供方在个人信息处理活动中的权利。信息提供方可以依法向我们行使其如下个人信息权利:
1、访问个人信息
信息提供方有权访问其个人信息,法律法规规定的例外情况除外。如果信息提供方想行使数据访问权,可以通过第六节所列的联系方式与我们联系。
我们将在收到请求后的15个工作日内回复上述访问请求。
2、更正个人信息
当信息提供方发现我们处理的个人信息不准确或者不完整,有权请求进行更正、补充,可以通过第六节所列的联系方式与我们联系。
我们将在收到请求后的15个工作日内回复上述更正请求。
3、删除个人信息
在以下情形中,信息提供方可以提出下述删除个人信息的请求:
(1)处理目的已实现、无法实现或者为实现处理目的不再必要;
(2)我们提供产品或者服务,或者保存期限已届满;
(3)信息提供方撤回同意;
(4)违反法律、行政法规或者违反约定处理个人信息;
(5)法律、行政法规规定的其他情形。
信息提供方可以通过第六节所列的联系方式与我们联系。
我们将在收到请求后的15个工作日内回复上述删除请求。
4、改变授权同意的范围
每个业务功能需要一些基本的个人信息才能得以完成。对于额外收集的个人信息的收集和使用,信息提供方可以随时给予或收回授权同意。
信息提供方可以通过第六节所列的联系方式与我们联系。
我们将在收到请求后的15个工作日内回复上述请求。
当信息提供方收回同意后,我们将不再处理相应的个人信息,但信息提供方收回同意的决定,不会影响此前基于信息提供方的授权而开展的个人信息处理。
5、获取个人信息副本
信息提供方有权获取个人信息的副本,信息提供方可以通过第六节所列的联系方式与我们联系,我们将对符合国家网信部门规定条件的提供转移的途径。
我们将在收到请求后的15个工作日内回复上述请求。
当信息提供方收回同意后,我们将不再处理相应的个人信息,但信息提供方收回同意的决定,不会影响此前基于信息提供方的授权而开展的个人信息处理。
5、获取个人信息副本
信息提供方有权获取个人信息的副本,信息提供方可以通过第六节所列的联系方式与我们联系,我们将对符合国家网信部门规定条件的提供转移的途径。
我们将在收到请求后的15个工作日内回复上述请求。
6、约束信息系统自动决策
在某些业务功能中,我们可能仅依据信息系统、算法等在内的非人工自动决策机制作出决定,信息提供方可以联系我们作出解释、或者要求对自动化决策结果进行人工复核,我们将为其提供关闭途径或者其他适当的救济方式。
7、响应上述请求
为保障安全,信息提供方需要提供书面请求,或以其他方式证明身份,我们可能会先要求验证其身份,然后再处理个人的请求。如果信息提供方系通过您行使上述权利,您应当对我们响应其请求给予一切必要的配合。
我们将在收到请求后的15个工作日内作出答复,如信息提供方不满意,还可以通过我们的官网在线咨询、电话咨询等方式投诉。
对于信息提供方的合理的请求,我们原则上不收取费用,但对多次重复、超出合理限度的请求,我们将视情况收取一定成本费用。对于那些无端重复、需要过多技术手段(例如,需要开发新系统或从根本上改变现行惯例)、给他人合法权益带来风险或者非常不切实际(例如,涉及备份磁带上存放的信息)的请求,我们可能会予以拒绝。
在以下情形中,我们将无法响应信息提供方的请求:
(1)与履行法律法规规定的义务相关的;
(2)与国家安全、国防安全直接相关的;
(3)与公共安全、公共卫生、重大公共利益直接相关的;
(4)与刑事侦查、起诉、审判和执行判决等直接相关的;
(5)有充分证据表明个人信息主体存在主观恶意或滥用权利利的;
(6)出于维护个人信息主体或其他个人的生命、财产等重大合法权益但又很难得到本人同意的;
(7)响应个人信息主体的请求将导致个人信息主体或其他个人、组织的合法权益受到严重损害的;
(8)涉及商业秘密的。
三、未成年人保护
我们重视对未成年人个人信息的保护,并不试图收集未成年人信息。如有未成年人在未取得其父母或法定监护人同意的情况下向我们提供了个人信息,其父母或法定监护人可通过第六节所列的联系方式与我们联系。
四、个人信息如何在全球范围转移
原则上,我们在中华人民共和国境内运营中收集和产生的个人信息,存储在中华人民共和国境内。就中华人民共和国境外本网站用户访问本网站过程中提交的信息提供方的个人信息,您同意回传存储在中国境内的服务器上,否则您无法使用现有本网站的服务,并应保证就该等传输取得了信息提供方充分的同意和授权。在此类情况下,我们会确保您提交的信息提供方的个人信息得到在中华人民共和国境内足够同等的保护。
五、本政策的修改与更新
(一)本政策受中华人民共和国法律管辖,如其内容与相关法律规定相抵触,应以法律规定为准。本政策为可分割的,被判决或裁定为无效的内容不影响其他内容的有效性。
(二)我们可能会适时对本政策进行修订,届时,我们会公布更新的内容以使您随时了解更新情况。
(三)对于重大变更,我们还会提供更为显著的通知(包括我们会通过本网站公示的方式进行意见征集、公告通知甚至向您提供弹窗提示)并在取得您的同意之后方按照重大变更后的方式处理您的工作人员以及您已获得授权的信息提供者的个人信息。如您拒绝接受相关重大变更,则我们将不再继续为您提供服务,并按照本政策规定对您的账户、您提交的您的工作人员以及您已获得授权的信息提供者的个人信息进行处理。您在同意我们的该等重大变更之前,应当确保您已就该等变更获得了您提交的信息提供者的充分同意和授权。
本政策所指的重大变更包括但不限于:
1、我们的服务模式发生重大变化,如处理个人信息的目的、个人信息的使用方式等;
2、个人信息共享、转让或公开披露的主要对象发生变化;
3、我们负责处理个人信息安全的责任部门、联络方式及投诉渠道发生变化时;
4、个人信息安全影响评估报告表明存在高风险时。
六、如何联系我们
当您有疑问、意见、建议、投诉或与未成年人保护相关的问题时,请通过以下联系方式与我们取得联系,我们将在确认您的身份后15个工作日内予以回复解答。
个人信息保护负责人:丁学
联系方式:400 668 5151(转按键5)
公司邮箱:security@51shebao.com
联系地址:北京市朝阳区东三环中路39号建外SOHO西区17号楼16层