Docs
DocsAPI ReferenceLogin
Start typing to search…

Privacy Statement

HISPREAD INC London Co., Limited. ("HISPREAD INC", "we", "our" and "us") understands how important your privacy is to you and fully respects it. Please carefully read this Privacy Statement ("Statement"). This Statement applies to https://console.myhispread.com ("Website"), and use of all our products and services that contain or refer to this Statement (collectively “Services”).

This Statement does not apply to Your Content that we process, store or host as a provider of HISPREAD INC, on behalf of our customers as their data processor, based on HISPREAD INC Data Processing Addendum. Your Content is defined in the agreement you concluded with HISPREAD INC, and it covers all data (including personal data) that you entrust to HISPREAD INC. Our materials, data and information do not form part of Your Content.

This Statement describes how we collect, use and disclose your personal data, as well as our legal bases for processing, and the security measures implemented by us to protect your personal data. It also demonstrates your rights in connection with your personal data, and other related details you need to know. We may inform you of product or service-specific data collection and use which is not reflected in this Statement through supplementary policies or notices provided before the relevant collection of your personal data.

We have created this Statement to help you understand:

  1. How HISPREAD INC Collects Your Personal Data
  2. How HISPREAD INC Processes Your Personal Data
  3. How HISPREAD INC Uses Cookie and Similar Technologies
  4. How HISPREAD INC Shares Your Personal Data
  5. How HISPREAD INC Protects Your Personal Data
  6. How Long HISPREAD INC Retains Your Personal Data
  7. How to Access and Control Your Personal Data
  8. How HISPREAD INC Handles the Personal Data of Children
  9. How Your Personal Data Is Transferred Internationally
  10. How This Statement Is Updated
  11. How to Contact HISPREAD INC

1. How HISPREAD INC Collects Your Personal Data

Personal data means any information relating to identified or identifiable natural person, directly or indirectly, including information that can identify an individual when taken in combination with other information to which we have or are likely to have access.

We collect personal data from you in the course of your interaction with us or our Services, for various purposes, such as providing you (or the entity you represent or work for) with the Services and maintaining the best possible operations of the Services. Your interaction with us may include:

  1. Registering a HISPREAD INC account (the “Account”) with the Website,
  2. Subscribing to the Services,
  3. Completing payment with us,
  4. Contacting us when experiencing (technical) problems or for any other reason,
  5. Browsing our Website,
  6. Configuring your settings for your Account.

If you provide us with any personal data relating to a third party (e.g. information of your employees, officers, agents, representatives and/or end users), by submitting such information to us, you represent and warrant to us that you have notified such third party of the terms of this Statement and that you have an appropriate legal basis to disclose such data to us, including consent of the third party where appropriate, and we may further use such personal data as described in this Statement.

Depending on your use of the Services, we collect the following personal data:

a) Personal data provided through HISPREAD INC ID (which is collected by our affiliate administering HISPREAD INC ID accounts and shared with us) to register user accounts, such as account name, account ID, mobile phone number, email address, country/region as required for registration. For more information about HISPREAD INC ID, please refer to: Statement About HISPREAD INC ID and Privacy.

b) Personal data provided when you manage your account information (such as account name, avatar and authentication credential), contact information (full name, email and mailing address, mobile phone number), business information (such as company name, industry, position, country/region and tax ID number).

c) Personal data provided when you order, subscribe to or use the Services, including your account information, order information, transaction information, service information and payment information (such as bank name, account name, account number, expiry date and security code of your credit card). If the service you select runs on Chinese infrastructure, personal data collected may include your name, ID card number (such as passport or driver's license number), and a scanned copy of your ID card, passport or driver's license when you choose individual real-name authentication in accordance with the laws and regulations of China.

d) Personal data provided when you contact us or request support or help from us through various ways (such as service ticket, hotline, customer service), including account information, operation and maintenance information (such as service logs, service failure reports), contact information, business information, service information (such as service name, specifications, configuration information), chat sessions, phone conversations, problem description and other information you submit (such as text, picture, video).

e) Personal data obtained and collected automatically by us when you access and use the Services, such as your browser history, access date and time, browser information (including but not limited to fonts, types), your activities on the Website, hardware and software features, network link information (such as IP address), and other information about your use of the Services (such as service information, transaction information, billing information, order information, operation and maintenance information).

f) Personal data that we legally obtain from business partners or third parties. We may receive and collect personal data about you from publicly and commercially available sources as permitted by applicable laws and regulations.

Many of the Services require personal data to operate. If you choose not to provide the data required, you may not be able to use those Services. For example, if you do not register an Account on our Website by submitting your personal data (that is, by logging in via HISPREAD INC ID which involves sharing your data with us by the HISPREAD INC ID provider), you cannot purchase the Services. In other cases, where providing personal data is optional, and you choose not to submit your personal data, you may be unable to use certain features of the Services, such as personalization. However, this will not affect your use of other features of the Services.

2. How HISPREAD INC Processes Your Personal Data

We process (which includes collecting, using and disclosing) your personal data for the following purposes:

a) Creating your Account and managing your Account.
b) Performing a contract entered into with you, in particular processing your transaction or service requests, including orders, requests for purchase, payment and use. c) Responding to your requests, inquiries, comments or suggestions about us, including requests for changes or information (such as materials on the Services, and white papers). d) Delivering, activating, or verifying the Services; providing maintenance services, customer service and technical support. e) Contacting you, and sending you notices related to the provision of the Services by telephone, email and other means. f) Sending you information about the Services that may interest you; inviting you to participate in HISPREAD INC activities (including promotional activities), market surveys, or satisfaction surveys; or sending you marketing information. If you do not want to receive such information through messages, please refer to paragraph 7(c) or use the subscription mechanism as specified in our correspondence with you if applicable. g) Evaluating and improving the Services through troubleshooting, internal audits, data analysis and research. h) Ensuring the security of the Services and our customers and users, executing and improving our loss prevention and anti-fraud programs. i) Complying with and/or enforcing applicable legal or regulatory requirements, legal processes, lawful government requests or industry standards. For example, to meet our financial and record-keeping obligations, or anti money-laundering and anti-terrorist-financing or regulatory and governmental guidance on and industry standards e.g. on financial prudence. j) Any other purposes which we may separately notify you and obtain your consent for.

We process your personal information on one or more of the following legal bases:

a) As necessary to enter into a contract with you or a legal entity you represent, or to perform our contractual obligations, e.g. to provide Services, to respond to requests from you, or to provide customer support;
b) Where processing is based on our legitimate interests and those of third parties as described in this Statement; c) When necessary to comply with applicable law and relevant legal obligations; d) When you gave your consent.

3. How HISPREAD INC Uses Cookie and Similar Technologies

To ensure our Services work correctly, we may at times place cookies and similar technologies (collectively cookies) on your computer or mobile device. Please see our Cookie Policy for details on the cookies we use. This Statement applies to how we process your data with the use of cookies.

4. How HISPREAD INC Shares Your Personal Data

Sharing means providing third parties with personal data, where such third parties would handle the personal data independently of us or on our behalf. We do not share your personal data with third parties without your consent, except in the following circumstances or as described in this Statement:

a) Third parties under your instruction. We may share your personal data with your consent and/or in accordance with your instructions.

b) For compliance, fraud prevention and security. We may share your personal data for the purposes of complying with applicable laws and regulations, legal processes, lawful government requests and enforcing or applying our terms or agreements, protecting the rights or property of HISPREAD INC, and protecting our customers and/or the public. For example, we may share your personal data, when we believe sharing is necessary or appropriate to prevent or defend against cyber threat, fraud, physical harm, or financial loss, or when it is in connection with an investigation of suspected or actual illegal activity.

c) Affiliates. We may share your personal data with our affiliates, for purposes of transactions support, Services support or security support. Your information will be shared only for reasonable purposes and to the extent required by the Services. If the service you select is located in China data center region, we may share your personal data with our affiliates for other purposes specified at Section 2 above. We have appropriate agreements with our affiliates for the sharing and/or processing of your personal data.

d) Service providers and professional advisors. We may share your personal data with third party companies and individuals that provide services on our behalf or help us operate the Website and the Services (such as supply, payment, marketing, analytics, and compliance assessment). We share such data only for purposes consistent with this Statement or under your authorization. For example, we need to share your order information with logistic service providers in order to arrange delivery, and we may need to share your payment information with payment service providers (e.g. Worldpay, learn more about Worldpay Privacy Policy) in order to confirm and proceed with your payment instructions. We may share your personal data with professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.

When we share your personal data with third parties, their responsibilities and obligations will be governed by contracts and we will require them to take appropriate measures to ensure the security of the personal data shared and/or processed. For personal data transferred internationally, please refer to section 9 “How Your Personal Data Is Transferred Internationally”.

5. How HISPREAD INC Protects Your Personal Data

We take the security of your personal data seriously. We take appropriate physical, organizational, and technical measures to protect your personal data. For example, we use encryption to ensure data confidentiality; we use trusted protection mechanisms to prevent malicious data attacks; we deploy access control mechanisms to ensure that only authorized personnel can access your personal data; and we raise awareness among employees about the importance of protecting personal data through security and privacy protection training sessions. While we take the utmost care to protect your personal data, please note that no security measures are completely infallible. You can find more details on our security measures at HISPREAD INC Security. To this end, HISPREAD INC takes the following measures:

a) Sets up a privacy protection organization to identify and manage personal data protection risks.
b) Adopts strict data security and personal data protection policies, in accordance with the risk of the categories of data processed. Develops security breach response and data breach process to reduce privacy and security risks brought by personal data breaches and guide relevant departments to handle personal data in compliance with laws and regulations. c) Holds security and privacy protection training courses, tests, and publicity activities to raise employees' personal data protection awareness. d) Takes reasonable and feasible measures to ensure that the personal data collected is minimal and relevant to what is necessary in relation to the purposes for which they are processed. e) Takes a range of measures such as an entrance and exit control, entrance guard systems and CCTV system to ensure the physical security of the data centers to prevent unauthorized persons from gaining access to data processing systems with which personal data are processed or used. f) Deploys access control mechanisms and implements hierarchical permission management on them based on service requirements and personnel levels to ensure that only authorized personnel can access personal data. g) Clearly defines and assigns cyber security roles and responsibilities, and implements separation of duties (SOD) based on a risk assessment to reduce risks to prevent data processing systems from being used by unauthorized persons. h) Encryption and pseudonymisation of personal data, as appropriate, using recommended industry standard protocols to prevent data breach and unauthorized access. i) Degausses the discarded storage media before returning to the warehouse to ensure that software-based overwriting shall be performed on media prior to their disposal. In cases where this is not possible (CD’s, DVD’s, etc.) physical destruction shall be performed. j) Implements appropriate O&M security management and technical measures, including identity authentication and access control, change and event management, vulnerability management, configuration management, event logging, and continuously monitors cyber security events and threats, detects exceptions in a timely manner, and proactively takes measures to deal with them to ensure that personal data cannot be read, copied, altered or removed by unauthorized persons. k) Implements protection mechanisms such as DDoS protection to protect networks from attacks, develops vulnerability management policies, evaluation standards, and management processes to manage security vulnerabilities throughout the lifecycle. In addition, regularly runs vulnerability scanning programs to detect potential security vulnerabilities and promptly take countermeasures. l) Strictly selects business partners and service providers and incorporates personal data protection requirements into commercial contracts, audits, and appraisal activities.

In a word, HISPREAD INC is committed to protecting your personal data.

6. How Long HISPREAD INC Retains Your Personal Data

We will retain your personal data for no longer than is necessary for the purposes set out in this Statement, unless otherwise required by laws or requested by you. The data storage period may vary depending on the processing purpose and the relevant Service.

We will maintain your account information as long as is necessary for us to provide the Services to you or to perform our obligations or exercise our rights under agreements related to the Services. You can choose to close your Account. After you close your Account, we will stop providing you with the Services and delete your relevant personal data within reasonable time, provided that we are not required to continue to process certain of your personal data by law, e.g., for accounting or bookkeeping purposes or to perform our obligations or exercise our rights under agreements related to the Services.

7. How to Access and Control Your Personal Data

You should provide us with correct personal data. We are dedicated to maintaining the accuracy and completeness of your personal data and keeping your personal data up-to-date based on the information you provide to us.

According to applicable laws and regulations of some countries and/or regions, data subjects may have rights to make requests (hereinafter referred to as “requests”) of in particular accessing, correcting, deleting or erasing the personal data retained by us.

You can easily amend and control the personal data we hold about you as follows:

a) Account information: If you want to add or update personal data related to your Account, please go to the Website log into your Account via Log in > My Account. For modification of information provided through HISPREAD INC ID, please refer to Statement About HISPREAD INC ID and Privacy.

b) Cookies: Regarding the management of Cookies, please see our Cookie Policy.

c) Messages: Please go to the Website and log into your Account mailbox via Log in > My Account button > unread messages. You set your preferences in the upper right corner of your mailbox via > Message Receive Management.

You may have the following rights regarding your personal data under applicable laws:

a) The right to access the personal data we hold about you and obtain copies thereof;
b) The right to request us to update or correct your personal data; c) The right to request us to erase your personal data; d) The right to object to our processing of your personal data; e) The right to restrict our processing of your personal data; f) The right to obtain the personal data you provided to us in a structured, commonly used and machine-readable format and to have us transfer it to a third party of your choice (data portability); and g) The right to lodge a complaint with the competent data protection authority.

Please note that these rights are not absolute and may be restricted in accordance with applicable laws. If you need our assistance to exercise the rights above, please contact us as set out in “11. How to Contact HISPREAD INC” below.

Generally, we will respond to you within one month, unless otherwise required by applicable laws. Depending on the complexity of your requests, we may extend the period by a further two months. In this case, we will inform you of the extension and its reasons within one month of receiving your request. Please note that under some circumstances, for example where we cannot verify your identity, we may need to request additional information in order to verify your identity, otherwise we are prohibited by law from giving effect to your request, or your request exceeds your rights under applicable laws, we may refuse your request. In this case, we will inform you that your request is refused together with the reasons for our refusal.

You can withdraw your consent, without affecting the lawfulness of the processing activities based on the consent and prior to such withdrawal. Your right to withdraw consent can be exercised by setting privacy options on your Account or unsubscribing via link sent in an email / SMS / other message. Disabling related Services or deleting your Account will be treated as withdrawal of consent, where consent is collected. You may also seek help by contacting us as set out under “11. How to Contact HISPREAD INC”.

You can delete your Account in the account-related Services. After you delete your Account, we will stop providing Services, and delete your personal data unless otherwise stipulated by law. Your Account cannot be restored after deletion. You need to register a new Account if you want to use related Services again.

8. How HISPREAD INC Handles Personal Data of Children

Our Services are only intended for adults. Minors are not allowed to create their own user Account.

9. How Your Personal Data Is Transferred Internationally

Your personal data is stored on a server located in Ireland, and we serve you through our global resources. In order to provide the Services to you, your personal data may be transferred to or accessed by countries/regions where HISPREAD INC, HISPREAD INC’s affiliates, HISPREAD INC’s partners are located.

These countries/regions may have different data protection laws. In such circumstances, HISPREAD INC will take measures to ensure that data is processed as required by this Policy and applicable laws, which includes when transferring the data subject’s personal data from the EU to a country or region which has not yet been acknowledged by the EU Commission as having an adequate level of data protection, we may use a variety of legal mechanisms, such as signing standard contractual clauses approved by the EU Commission, obtaining the consent to the cross-border transfer of a data subject in the EU, or implementing security measures like anonymizing personal data before cross-border data transfer. You can click here to obtain a copy of the EU’s standard contractual clauses.

10. How This Statement Is Updated

We may update or modify this Statement from time to time according to changes in our Services or data processing. If we update this Statement, we will publish the latest version of the Statement on the Website or by otherwise notifying you. The modified terms will come into effect immediately upon posting or otherwise notified by us. You are encouraged to review this Statement periodically for any changes. We will always indicate the date the last changes were published.

11. How to Contact HISPREAD INC

We have appointed a data protection officer (“DPO”). If you have any questions, comments, or suggestions, please contact us or submitting them to our office at 2nd Floor, Building D, Room 202, No. 116 Zizhuyuan Road, Haidian District, Beijing, China. If you want to exercise your privacy rights, or wish to raise or consult us on any privacy issues please visit our Data Subject Right Portal. You can also contact the DPO by [email protected]. You can also raise a concern or lodge a complaint with a data protection authority or other official with jurisdiction.

Governing Law and Dispute Resolution

This Statement and any issues, disputes or claims arising out of or in connection with this Statement or its subject matter or formation (whether contractual or non-contractual in nature such as claims in tort, from breach of statute or regulation or otherwise) shall be governed by and construed in accordance with the laws of the People's Republic of China.

The Parties agree irrevocably that the courts of Beijing, Haidian District, People's Republic of China shall have exclusive jurisdiction to settle any issues, claims, disputes or matters arising out of, relating to, or in connection with this Statement (whether contractual or non-contractual).

Updated 3 months ago