Information security is an important foundation for business development. We always attach importance to information security and continuously strengthen our employees’ awareness of information security. With the rapid development of the digital economy, we realize that the security of personal information cannot be neglected either.
We may collect some personal information in our business and management process. We are fully aware of the company’s responsibility to maintain personal information security and decided to take measures to protect it.
“Legal and compliant” is our basic principle. We respect personal privacy and will continue to improve our privacy protection strategy to ensure personal information security. In the meantime, we will also require our suppliers to comply with the personal data protection requirements no less than this Privacy Notice.
How We Collect Information
When you are a candidate, we will get your resume through our recruitment channels (including third-party recruitment platforms) and use it in the recruitment process. It may contain basic personal information, education, and work experience, etc.
We collect necessary employee information to implement human resource management according to labor rules and regulations formulated in accordance with the law.
We may collect and process data on behalf of customers when we act as a data processor. In this case, we will strictly comply with the customer’s privacy policies and procedures to ensure the security of personal data.
Epidemic Prevention and Control
On the premise of complying with relevant laws and regulations, we may collect necessary information from employees as required by the government and relevant units to cooperate with epidemic prevention and control work.
If there are other circumstances not described herein, we will process and update personal information in accordance with the requirements of relevant laws and regulations.
How We Process Information
We follow the basic principles of personal information protection and minimize processing the personal information based on clear and reasonable purposes.
We have developed a series of data access and processing processes, and through technical means to ensure that personal information will not be accessed, tampered, or used by unauthorized users. We provide relevant training for personnel dealing with personal information to improve their awareness of privacy protection. We also conduct regular internal audits to ensure operational compliance and strive to integrate privacy security awareness into our daily work.
Personal Information Retention
We only retain your personal information for as long as it is necessary to fulfill the purposes we have based on the requirements of relevant laws and regulations. In the meantime, we adopt technical measures and access controls to ensure the security of personal information.
Personal Information Usage
We will only use personal information for the purpose for which it was collected. If we need to use personal information for a different purpose, we will inform the data subject and obtain authorization again.
Sharing, Transfer and Disclosure of Personal Information
We will not share, transfer, or disclose the data subject’s personal information to any other third party without their authorization. Unless exempted within the scope of the law. Any action requiring disclosure of personal information to a third party, on the premise of complying with laws and regulations, the data subject will be informed in advance, and the third party will be required to comply with the personal data protection requirements no less than this Privacy Notice.
Personal Information Disclosure Management
In the event of personal information disclosure, we will actively respond based on our established information security incident management process. We will assess the impact of the event, take necessary measures to control the situation, and timely inform the affected data subjects, and strive to minimize the impact of the event.
Protection of Individual Rights
We respect the rights of data subjects to their personal information, including the access right, correction right, revoke consent right, delete right, and have implemented relevant processes to protect individual rights and interests. If the data subject needs to exercise its power, he/she can contact the interface person to handle it.