SHOPLINE aims to provide merchants (hereinafter referred to as "you" or “merchants") a “Software as a Service” platform (hereinafter referred to as “SHOPLINE” or the “Platform”) with all-in-one solutions for website building, leads generation, payments, logistics and other e-commerce related services.
When you visit our websites and use the Platform, we may collect and use personal information about you (including your employees and/or persons who act on your behalf). We may also collect and use personal information from your customers on your behalf under your entrustment if they visit or purchase on the SHOPLINE empowered store. We are fully aware of the importance of personal information to you and your customers (collectively the “Personal Data Subjects”) and we are committed to ensure integrity and security of the Platform.
This SHOPLINE Privacy Policy (hereinafter referred to as “Privacy Policy”) is formulated in accordance with the applicable law and regulations.
We hope that The Privacy Policy will help you to understand why, what and how we collect, use, store, share, transfer and disclose personal information in the process of providing SHOPLINE products/services, as well as the purpose, method, scope, and information security protection measures; how the Personal Data subject realizes the rights and methods of managing its personal information. You shall carefully read and thoroughly understand the Privacy Policy before using this platform, and use the relevant products and/or services of the platform after confirming your full understanding and consent. You shall immediately stop using this platform and any SHOPLINE services if you do not agree with any content of this policy. In order to help you read and understand, we set out key definitions in the appendix to this Privacy Policy. Please pay special attention to the following important notes:
SHOPLINE primarily provides services to you, our merchants, to facilitate your e-commerce business. If you use any SHOPLINE services to support your store, in order to provide relevant SHOPLINE services to you, we may, on behalf of you and under your entrustment and instruction, collect the personal information of your customers who visit or place an order on the store, and process such personal information as directed by you. Legally speaking, we are a “data processor” and we act so in accordance with the agreement we entered with you as well as this Privacy Policy. You, as the personal data controller, assume all responsibilities towards its customers. Because you decide how the personal information of your customers will be used, you need to make sure your customers understand how you (and how we on your behalf) collect and process their personal information. You should do this by, at a minimum, posting a privacy policy on your store that describes the information you collect, how you use it, and who you share it with. It is your sole responsibility to respond to queries and requests from your customers with regard to how you process their personal information. If the customers have questions about how a specific merchant or store uses and process their information, please visit their privacy policy.
Important contents are bolded for your special attention. Sensitive personal information is highlighted in bold and italic. Please pay special attention when reading. Before providing us with any sensitive personal information, you acknowledge that you have considered and confirmed to provide such information as appropriate. You hereby agree that your sensitive personal information may be processed for the purposes and in the manner described in this Privacy Policy.
SHOPLINE only provides services to users aged 18 and above. We do not collect information from or provide any products and/or services on the Platform to minors under the age of 18. Before using our products and/or services, please confirm that you meet the age requirements and have carefully read and understand the details of this Privacy Policy. We will not knowingly collect personal information from minors under the age of 18. If you find that we have inadvertently collected personal information from minors, please notify us immediately and we will try to delete the relevant data as soon as possible.
There are multiple ways for you to exercise rights over your personal information, including but not limited to accessing or correcting your personal information, deleting your personal information, closing your account, withdrawing your consent and getting responses in time, so as to ensure your control over your personal information.
This Privacy Policy will help you understand the following:
What we collect and how we use personal information
How we use “cookies” and other similar tracking technologies
How we process, share, transfer and disclose personal information
How you exercise right over your personal information
How we retain and protect personal information
How we update this Privacy Policy
How to contact us
Definitions
Third-party information sharing list
Subprocessor list
In order to achieve the purposes as set forth in this Privacy Policy, we will collect and use your personal information provided by you voluntarily, generated when you use the Platform, and obtained by us from third parties, in accordance with the principles of legality, legitimacy and necessity. Unless otherwise permitted by law, we will only collect and use personal information with your authorization. Please ensure that you have obtained explicit consent from your customers for you to use such personal information.
You understand that the features of the Platform or any SHOPLINE products and/or services may update and evolve with development of business strategies. If we will collect or use the personal information for any purposes other than those specified in this Privacy Policy, we will inform you with reasonable notice and obtain your consent before collecting or using such personal information.
Information we collect
How we use such information
Information you provide us about you and your employees or authorized persons, such as your name, email address, phone number, third-party account, and log-in password. We may also ask you to provide us with your address, business registration number, and tax number under certain circumstances.
In order to verify your identity and identity of you, your employees, or authorized persons; to provide you information related to the use of the Platform (such as providing verification code, contact you about use and problem of the Platform, issue to you billing or invoice), and to provide you update on new features or services on the Platform.
Payment or billing information you provide us, such as your credit card number, debit card number or bank account number, and your billing records.
In order to charge you relevant services fees upon your authorization, and to assist you to check billing records.
Content information you upload or publish on the Platform, including text, images, audio and video recordings, as well as the date, time and place of such information.
When you use this feature, we will ask for your authorization to use the camera, photo album, microphone and location permissions in your terminal device. You may choose whether or not to grant us such authorization. If you refuse, you will not be able to use this feature, but your use of other SHOPLINE features will not be affected.
If the content contains any personal information, please ensure that you have obtained the explicit consent of the Personal Data Subject.
In order to provide you relevant services on the Platform, including to conduct store management and customer management.
We will collect via “cookies” or similar technologies: device information, including your (and those of your employees and authorized persons) frequently used personal devices, including the IP address, device model, device identification number, operating system, resolution, and telecom operator; and log information, including network diagnosis, lag information, click events, click records, browsing history and potentially unsafe URLs, and retain them as required by applicable laws.
In order to provide you use of, and to improve the features and services of the Platform, to provide you with personalized and customized services; to advertise and market new features and services to you; to identify and troubleshoot issues.
Information of your customers uploaded by you into the Platform, such as your customers’ name, email address and phone number.
Information your customers provide us about them, such as:
- Information your customers provide at the time of member registration, such as their name, email address, phone number and other information that you authorized to collect (such as birthday);
- Information your customers provide at the time of checkout, such as their name, email address, phone number, delivery information and payments information.
Browsing history, behavior data, and device information that we collect through “cookies” or similar technologies, such as network connection, IP address, and details how they browse the store.
In order to provide you relevant services and to carry out store operation and customer management, such as to complete the transactions, fulfill orders, transaction monitoring, prevent fraud, to provide information about your new products, and to identify and troubleshoot issues.
In order to optimize our features and services and to provide you with more customized features and services, such as to provide you data analysis of your customers to help you achieve business growth.
Please refer to the section under this Privacy Policy about requirements for you to obtain authorization from your customers.
When you apply for and use SHOPLINE POS, you provide us with more information about you, including your address, store name, email address, PIN, and opening hours.
It is used to establish and manage your SHOPLINE POS account, provide you with SHOPLINE POS services, and ensure the security of account information.
(1) Authorization and consent of customers
You hereby acknowledge and authorize us to collect, store and process personal information from your customers for you to use the Platform and SHOPLINE services, and hereby undertake to us that you have obtained sufficient and necessary authorization, consent and permission from your customers for us to directly collect and use their personal information required to perform relevant services. When you provide us with personal information of any third parties (including your customers) for our further process, you shall ensure that you have obtained sufficient and necessary authorization, consent and permission from such third parties for us to process such personal information for the purpose as requested by you. Nonetheless, we reserve the right to reject your request due to legal or regulatory requirements or restraints.
(2) Exceptions to the authorization or consent requirements
According to applicable laws and regulations, the consent of the Personal Data Subject is not required for collection and use of their personal information under the following circumstances:
Related to the performance of obligations under laws and regulations;
Directly related to national security or national defense security;
Directly related to public safety, public health and major public interests;
Directly related to criminal investigation, prosecution, trials and enforcement;
For the purpose of safeguarding the life, property and other major legitimate rights and interests of the Personal Data Subject or any other person, but it is difficult to obtain the authorization and consent of that person;
The personal information involved is disclosed to the public by the Personal Data Subject;
Necessary for signing and performing the contract as required by the Personal Data Subject;
Collection from lawfully and publicly disclosed information;
Maintenance as necessary for the safe and stable operation of the Platform, such as troubleshooting;
Other circumstances as stipulated by laws and regulations.
(1) What are "cookies"
A cookie is a small file stored in the Personal Data Subject’s computer, mobile phone or any other smart terminal device by the website server when it logs into the website or browses website content, usually containing identifiers, site names and some numbers and characters. When the Personal Data Subject visits the website again, the website can identify the browser of the Personal Data Subject through cookies. Cookies may store user preferences and other information.
(2) How “cookies” are used"
When a Personal Data Subject uses our website, we may collect the device model, operating system, device identifier and login IP address information of the Personal Data Subject through cookies or similar technologies, as well as cache the browsing information and clicking information of the Personal Data Subject, so as to view the network environment of the Personal Data Subject. Cookies allow us to identify a Personal Data Subject when it visits the website, continuously optimize the user friendliness of the website and make adjustments to the website according to the needs of the Personal Data Subject. The Personal Data Subject can also change the settings of the browser so that the browser does not accept cookies on our website, but this may affect the Personal Data Subject 's use of some features of the website.
On SHOPLINE website, with the help of cookies and other similar technologies, we can identify whether a Personal Data Subject is our user or the user’s customers each time the Personal Data Subject uses the Platform, SHOPLINE services or the store empowered by SHOPLINE, without having to re-login and authenticate on each page.
(3) How to manage “cookies”
Personal Data Subject can manage or delete certain categories of tracking technologies according to their own preferences. Many web browsers have a Do Not Track feature that sends a Do Not Track request to the website.
In addition to the controls we provide, a Personal Data Subject may choose to enable or disable cookies in their Internet browsers. Most Internet browsers also allow Personal Data Subject to choose whether to disable all cookies or only third-party cookies. By default, most Internet browsers accept cookies, but this can be changed. For more information, see the Help menu in your Internet browser or the documentation of your device.
The following links provide instructions on how to control cookies in all major browsers:
Google Chrome:https://support.google.com/chrome/answer/95647?hl=en
IE:https://support.microsoft.com/en-us/help/260971/description-of-cookies
Safari (desktop): https://support.apple.com/kb/PH5042?locale=en_US
Firefox browser: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies
If the Personal Data Subject uses any other browser, please refer to the documentation provided by the browsers.
On SHOPLINE website, a Personal Data Subject may delete existing tracking technologies by clearing the cache.
When a Personal Data Subject browses a webpage without logging in, we will collect cookies necessary to realize the browsing feature in order to provide relevant services to the Personal Data Subject.
Please note that if a Personal Data Subject refuses to use or remove the existing tracking technologies, it is necessary to personally change the user settings at each visit, and we may not be able to provide a quality user experience to the Personal Data Subject, and some feature may not be able to function properly.
(1) Process
Certain features of the Platform may be provided by our third-party partners, and we may entrust partners (including technical service providers) with the processing of certain personal information of the Personal Data Subjects. For example, when you use auto-payments feature, we may ask third-party payments companies to process your credit card information so that to charge you relevant services fee as directed by you. We will sign confidentiality agreements with the third-party services providers to govern purposes of data processing, process period, and the responsibilities of both parties, and will ask the partners to process data in accordance with our requirements and this Privacy Policy. If you do not agree the partners to collect personal information necessary for the provision of relevant services, you or your customers may not be able to use the relevant services.
(2) Sharing
We do not share personal information with any third parties unless one or more of the following circumstances exist:
At the request of the Personal Data Subject, or with the prior explicit authorization or consent of the Personal Data Subject;
Related to performance of our obligations under laws and regulations;
Directly related to national security or national defense security;
Directly related to public safety, public health and major public interests;
Directly related to criminal investigation, prosecution, trials and enforcement;
For the purpose of safeguarding the life, property and other major legitimate rights and interests of the Personal Data Subject or any other person, but it is difficult to obtain the consent of that person;
The personal information involved is disclosed to the public by the Personal Data Subject;
The personal information involved is collected from lawfully and publicly disclosed information.
Sharing with affiliated companies of SHOPLINE: In order to provide you with SHOPLINE products and services, to make recommendation that may be of interest to you, to troubleshoot accounts issues, and protect the personal and property safety of our affiliated companies or other users or the public, you acknowledge and agree that we may share your and your customers' personal information with our affiliated companies. We will only share personal information to the extent necessary and are bound by purposes as specified under this Privacy Policy. If we share sensitive personal information or our affiliated companies use and process the personal information for different purposes, we will seek authorization and consent from you again.
Sharing with our third-party partners: We will only share personal information for lawful, legitimate, necessary, specific and explicit purposes, and will only share personal information necessary to provide relevant services to you or your customers. We will not share personal information that can identify the Personal Data Subjects, unless otherwise permitted by laws or regulations. Generally, these third-party partners are also data controllers who will process personal information in their own accounts after obtaining the consent of the Personal Data Subjects. Such partners may have their own separate privacy policies and user agreements. We encourage you and your customers to read and comply with such user agreements and privacy policies. Following are details of how we share information with third-party partners:
Authorized advertising partners
Unless authorized by you, we will not share your customers’ personal information with advertising partners. We will only provide information about the coverage and efficiency of their ads, or we may summarize information in such manner that no individual customers may be personally identified. The partners may consolidate the aforesaid information with other data they have lawfully obtained for advertising or decision-making recommendations.
Authorized statistics analyzing partners
Unless authorized by you, we will not share your customers’ personal information with statistics analyzing partners. We will provide them with summarized information in such manner that no individual customers may be personally identified. The partners may consolidate the aforesaid information with other data they have lawfully obtained for statistical analysis.
Authorized payments partners
When you pay U.S. dollars or other local currencies with an international credit card to use some of our payments or subscription features, acquirer services are provided by our third-party payments partners (such as Checkout and Stripe). We will provide these partners with necessary information to enable the acquiring services, and no more than that. When you pay with an international credit card, the payment will be collected by the aforementioned third-party payments partners (as applicable) and be remitted to our affiliated companies as follows:
SHOPLINE COMMERCE PTE. LTD. (30 Pasir Panjang Road, #15-31A Mapletree Business City, Singapore 117440)
If your contracting party under the SHOPLINE Terms is SHOPLINE TECHNOLOGY (SHENZHEN) CO., LTD.:SHOPLINE SOLUTIONS LIMITED (Room 1801-07, Leighton Centre, 77 Leighton Road, Causeway Bay, Hong Kong), and then remitted via licensed third-party payments partners to SHOPLINE TECHNOLOGY (SHENZHEN) CO., LTD.
STARLING LABS LIMITED (Room 1801-07, Leighton Centre, 77 Leighton Road, Causeway Bay, Hong Kong)
SHOPLINE (M) SDN. BHD. (6, Jalan Kia Peng, Kuala Lumpur, 50450 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, Malaysia)
SHOPLINE AUSTRALIA PTY. LTD. (Suite 5 Level 17 1-7
Bligh Street, Sydney NSW 2000, Australia)
SHOPLINE TECHNOLOGY (UK) LIMITED. (Suite 1, 7th Floor 50 Broadway, London, United Kingdom, SW1H 0DB)
SHOPLINE US INC. (156 W 56th St 3rd Floor, New York, NY 10019, United States)
Other vendors, service providers and partners
We may share information with other suppliers, service providers and other partners who support our business for the purpose to provide SHOPLINE services. Such support includes providing technical infrastructure services, customer services, facilitating payments or conducting academic research. We will agree with them on data protection measures and require them to process personal information in accordance with our instructions, this Privacy Policy and any other relevant confidentiality and security measures.
In addition, almost all merchants will use non-SHOPLINE features or services when they use the Platform (including apps from Apps Store, payments gateways or logistics services providers). Please note that such features or services are provided by third parties. The rules and procedures described in this Privacy Policy do not apply to such third-party features and services. Any information you provide to third-party websites or services will be provided directly to the network operators of these services. Even if you access through the Platform, you must comply with the applicable privacy policies and user agreements (if any) of these third parties. We are not responsible for the content of any third-party websites, and third-party policies on personal information and security measures. You shall read and understand the privacy policies and user agreements of third parties before providing any personal information to them.
(3) Transfer
In principle, we will not transfer control of personal information to any third parties, except in the following circumstances:
At the At the request of the personal information subject, or with your prior express authorization or consent;request of the Personal Data Subject, or with the prior explicit authorization or consent of the Personal Data Subject;
Related to performance of our obligations under laws and regulations;
Directly related to national security or national defense security;
Directly related to public safety, public health and major public interests;
Directly related to criminal investigation, prosecution, trials and enforcement;
For the purpose of safeguarding the life, property and other major legitimate rights and interests of the Personal Data Subject or any other person, but it is difficult to obtain the authorization and consent of that person;
The personal information involved is disclosed to the public by the Personal Data Subject;
The personal information involved is collected from lawfully and publicly disclosed information;
Transfer in the event of a change of operational entities following an acquisition, merger, reorganization or bankruptcy.
Note: If transfer is necessary due to the above reasons, we will inform you of the purpose and type of transfer and transferee of the information before the transfer (we will also let you know if sensitive information is involved) and obtain your consent to such transfer, except as otherwise provided by law or regulation. The transferee will continue to perform personal information related obligations hereunder. If we go bankrupt or cease operation and there is no transferee, we will delete or anonymize your personal information.
(4) Public disclosure
In principle, we will not disclose your personal information to the public or undefined groups, except that we may disclose your personal information based on our agreement with you or according to applicable laws and regulations.
(1) Access and amend personal information
You are entitled to access your SHOPLINE account at any time to view your personal information. If you find that the personal information we collect, store, use, or disclose is incorrect or incomplete, or in other circumstances stipulated by laws and regulations, you can log in to SHOPLINE administrative panel and enter the "Personal Center" to amend or supplement your personal information.
If you want to access or amend your other personal information, or encounter any difficulty in exercising the above right, you can contact us and we will promptly respond to your request after verifying your identity, except as otherwise provided by law or regulation or otherwise agreed in this Privacy Policy.
(2) Delete personal information
Under the following circumstances, you can contact us to delete your personal information, except that the data has been anonymized or as otherwise provided by law or regulation:
We collect and use personal information in violation of any law or administrative regulation or our agreement with you;
If we share or transfer personal information to a third party in violation of any law or regulation or our agreement with you, we will immediately stop such sharing or transfer and ask the third party to delete it promptly;
You terminate your SHOPLINE account and cease to use the Platform or any SHOPLINE products or services;
Other circumstances as stipulated by laws and regulations.
Before deleting relevant information, we may require you to verify your identity to ensure the account security. Once verified and confirmed, we will delete your information from SHOPLINE products and/or server as soon as possible. However, we will retain (but not use) your contact information and transaction records within the period as permitted by law in order to prevent crimes and safeguard national security as required by regulatory authorities. Please note that we may not immediately delete the information from the backup system, and will only delete it when the backup system is updated.
(3) Account termination
You may terminate your SHOPLINE account or any of our products in accordance with SHOPLINE Terms and any other applicable terms. You acknowledge and understand that you no longer have access to your SHOPLINE accounts and data relating to your SHOPLINE account once you terminate your SHOPLINE accounts. We will terminate your accounts after verifying your identity and agreeing with you on disposal of assets in your account. After termination, we will promptly delete your personal information or anonymize it unless it is necessary to retain your personal information according to any laws or regulations.
The account termination is irreversible. Once your account is terminated, we will no longer collect your personal information and will no longer provide you with our products and/or services or share any data processed by us under such product, irrespective whether you later re-activate your account under the same registration details. Therefore, please exercise caution before you terminate your account and take all necessary actions to back up important data under your account.
(4) Restraint of automated decision-making systems
In some business functions of the Platform, we may make decisions based on automated decision mechanisms including information systems, algorithms, etc. If these decisions significantly affect your legitimate interests, you have the right to request an explanation from us, and you can contact us using the methods provided in this Privacy Policy.
(5) Response to requests
In order to exercise your rights over your personal information, or if you have any questions, complaints, opinions or suggestions, you can contact us using the methods provided in this Privacy Policy. To ensure security, we may request to verify your user identity before processing your request. Generally, your user identity will be verified and a reply will be provided within 15 business days upon receipt of your request.
In principle, we do not charge for your reasonable request. For repeating request in a specific period of time, we reserve the right to charge you as appropriate; for requests that require excessive technical support (e.g., the need to develop a new system or fundamentally change existing practices) or entail other significant difficulties, we will provide you with alternatives.
We will reject your request under the following circumstances:
Related to the performance of obligations under laws and regulations;
Directly related to national security or national defense security;
Directly related to public safety, public health and major public interests;
Directly related to criminal investigation, prosecution, trials and enforcement;
There is sufficient evidence of subjective malice or abuse of rights on the part of the user;
For the purpose of safeguarding the life, property and other major legitimate rights and interests of the user or any other person, but it is difficult to obtain the authorization and consent of that person;
Responding to the user's request will cause serious damage to the legitimate rights and interests of the user or third parties;
Trade secrets are involved.
Please note that you shall respond directly to requests made by your customers (which are not our direct clients) relating to their personal information. Unless we receive a request from you for assistance, we may forward any request we receive from your customers to you or ask your customers to seek help directly from you.
(1) Retention period
When you use the Platform and any SHOPLINE products and/or services, we will retain your and your customers’ personal information on behalf of you. We undertake that, we will only retain your and your customers’ personal information for such period as necessary to achieve the purposes as authorized by you and your customers hereunder, unless otherwise provided by law or regulation or otherwise authorized by the Personal Data Subjects.
If you terminate your SHOPLINE account or delete your information, or if we cease operation for whatever reasons, we will cease collecting your personal information and delete or anonymize personal information we have collected, in accordance with laws and regulations.
(2) Where we store personal information
As we provide the Platform and SHOPLINE products and services to users in multiple jurisdictions, you acknowledge the information and data you provided to us maybe transferred to, stored or processed outside of your country. In principle, we will store your personal information in Singapore. However, for statistical and analytical purposes, we may transfer your personal data to regions outside of Singapore. Nonetheless, we will ensure that your personal information is adequately protected as it is in the country or region where you are located and will use encryption in cross border data transfer.
(3) Protection of personal information
We take the personal information security very seriously. We have adopted technical security measures, appropriate organizational structure and management system and other protections in line with industry standards to prevent leak, damage, misuse, unauthorized use, disclosure or amendment of your personal information, including:
Technical measures for data security
In order to ensure information security, we strive to take all reasonable technical measures to protect personal information, so that you and your end users' personal information will not be leaked, damaged, destroyed, or lost. We use encrypted transmission technologies such as SSL to protect the security of data transition and use appropriate protection mechanisms to prevent malicious data attacks. We adopt an encrypted storage and data permission control mechanism for personal information to prevent your and your end users' personal information from being accessed, disclosed, used or altered without authorization, or intentionally or accidentally damaged or lost.
Organizational and management measures for data security
We appoint a data protection officer as required by laws and regulations and set up a working group for personal information protection. We have also established relevant internal control management processes to strictly limit access to personal information to personnel to the minimum on a “need-to-know” basis.
We have established internal policies for the safe use of data and implement strict management rules for employees or contractors who may have access to your and your customers’ information, including but not limited to implementing different access controls for different roles, signing confidentiality agreements with them, and monitoring their operations.
We provide employees with training on security and privacy protection and require them to complete assessments, in order to enhance their awareness of the importance of personal information protection.
Contractual obligations for data security
Before we collect your personal information from a third party, we will expressly require the third party in writing to obtain your explicit consent before collecting and processing your and your customers' personal information, and require the third party to guarantee the in writing legitimacy and compliance of the source of personal information. In the event of breach by the third party, we will expressly hold the third party legally liable.
Before we share your and/or your customers’ personal information with our partners, we will require our partners to hold up to their obligations and responsibilities relating to information protection. To this end, we will require our partners to sign a data processing agreement or set out the terms of data protection in a cooperation agreement signed by both parties, which stipulates that partners' confidentiality obligations, including to ensure that the custody, use and transfer of information shall satisfy our requirements and subject to our review, supervision and audit, and in the event of any breach, we will hold the counterparty legally liable.
Handling of security incident
In the event of a personal information security incident, we will immediately activate the emergency plan, take remedial measures, record the incident, and report it in time in accordance with the applicable laws and regulations. If the security incident may cause serious damage to the legitimate rights and interests of you and/or your customers, such as the disclosure of sensitive personal information, we will inform you of situation of the security incident and its possible impact, the measures we have taken or are about to take, risk prevention and mitigation we recommend for you, the remedies we provide to you and/or your customers, and our contact. We will promptly inform you of the above by email, letter, telephone or notification. When it is difficult to inform the Personal Information Subject one by one, we will issue a warning notice in a reasonable and effective way.
Please note that the Internet is not an absolutely secure environment. We strongly suggest that you shall safeguard security of your SHOPLINE account by using a secure and complex password. If you find that your personal information, especially your account number or password, has been leaked, please contact us immediately using the methods provided in this Privacy Policy, so that we can take appropriate measures to protect your information.
We may update the terms of this Privacy Policy from time to time, and such update shall form part of this Privacy Policy. If such update results in a substantial diminution of your rights under this Privacy Policy, we will give you reasonable advance notice by posting a notice on the home page, by email or otherwise. In that case, if you do not agree with the Privacy Policy, or disagree with any updated Privacy Policy, you may stop using our products/services or terminate your SHOPLINE account. However, please note that this Privacy Policy shall still apply to you until you effectively terminate your SHOPLINE account or cease using our services.
In the event of significant or material changes, we will notify you in a prominent manner as appropriate.
Significant or material changes include but are not limited to the following circumstances:
Our business model has changed significantly, including the way of processing personal information, type of personal information being processed, and use of personal information, etc.;
Your right over personal information and the manner in which you may exercise such right have changed significantly;
Our ownership structure and organizational structure have changed significantly.
The main counterparty with whom we share, transfer, or disclose personal information has changed;
Our responsible department, contact method or complaint channel for handling personal information issues has changed;
The personal information security impact assessment report indicates that there is a high risk.
If you have any questions, opinions or suggestion to this Privacy Policy, you may contact us as follows:
If you are located in Singapore:
Customer service email: support@shopline.com
Data protection/security email: privacy@shopline.com
If you are located in Hong Kong, Malaysia, Thailand, Vietnam or other country or region:
Customer service email: support@shopline.com
Data protection/security email: privacy@shopline.com
If you are located in Mainland China:
Customer service hotline: 400-809-2080
Data protection/security email: privacy@shopline.com
If you are located in USA, Australia, UK, and other countries in EU:
Customer service email: support@shopline.com
Data protection/security email: privacy@shopline.com
You: the registered seller user who uses SHOPLINE/its employees/developers/other persons authorized to operate the Platform.
Personal information: all kinds of information recorded electronically or otherwise that can be used alone or in combination with other information to identify a specific natural person or reflect the activities of a specific natural person. Personal information under this Privacy Policy includes name, date of birth, ID number, personal biometric information, address, contact information, communication record and content, password, finance information, transaction information, etc.
Sensitive personal information: personal information that, once leaked, illegally provided or misused, may cause damage to personal or property safety, and easily lead to damage to personal reputation, physical and mental health or discriminatory treatment, including ID card number, personal biometric information, bank account, finance information, credit information, whereabouts, health and physiological information, and transaction information.
Deletion: the act of removing personal information from the system involved in the realization of routine service functions, so that it cannot be retrieved or accessed.
Anonymization: the process of technically processing personal information in an unrecoverable way that results in information that cannot identify or be associated with you.
When you use the services provided by a third party, we will share the corresponding information after obtaining or ensuring that the third party obtains your authorization and consent, as well as other cases in compliance with laws and regulations. You can know how the third party will deal with your personal information through the relevant information listed. We will also strictly restrict the third party's access to personal information to protect the security of your personal information. We may also access the software development kit (SDK) provided by a third party to achieve to ensure the stable operation of the platform or realize relevant functions.
Brand Name
Corporation Name
Location
Privacy Policy
SHOPLINE aims to provide merchants (hereinafter referred to in this Privacy Policy as "you" or “merchants") with a “Software as a Service” platform (hereinafter referred to as “SHOPLINE” or the “Platform”) with all-in-one solutions for website building, leads generation, payments, logistics and other e-commerce related services.
When you visit our websites and/or use the Platform, we may collect and use personal information about you (including your employees and/or persons who act on your behalf). We may also collect and use personal information from your customers on your behalf under your entrustment if they visit or make a purchase on your SHOPLINE-enabled online store. We are fully aware of the importance of personal information to you and your customers (collectively the “Personal Data Subjects”) and we are committed to ensuring the integrity and security of the Platform.
This SHOPLINE Privacy Policy (hereinafter referred to as “Privacy Policy”) is formulated in accordance with the applicable law and regulations. We hope that the Privacy Policy will help you to understand why, what and how we collect, use, store, share, transfer and disclose personal information in the process of providing SHOPLINE products/services, as well as the purpose, nature, method, scope, and information security protection measures, and how the Personal Data subjects exercise their rights in relation to manage their personal information. You should carefully read and thoroughly understand the Privacy Policy before using this Platform, or any other SHOPLINE services. In order to help you read and understand, we set out key definitions in the Section 9 at this Privacy Policy. Please pay special attention to the following important notes:
This Privacy Policy describes what we do with personal information that we collect and use for our own purposes, as a data controller, such as your account information and information about how you use and interact with our Platform or services, including information you submit when you seek assistance from our customer support service.
SHOPLINE primarily provides services to you, our merchants, to facilitate your e-commerce business. If you use any SHOPLINE services to support your store, in order to provide relevant SHOPLINE services to you, we may, on behalf of you and under your entrustment and instruction, collect the personal information of your customers who visit or place an order on the store, and process such personal information as directed by you. Legally speaking, we are a “data processor” and we act so in accordance with the agreement we entered with you as well as this Privacy Policy. You, as the personal data controller, assume all responsibilities towards its customers. Because you decide how the personal information of your customers will be used, you need to make sure your customers understand how you (and how we on your behalf) collect and process their personal information. You should do this by, at a minimum, posting a privacy policy on your store that describes the information you collect, how you use it, and who you share it with. It is your sole responsibility to respond to queries and requests from your customers with regard to how you process their personal information. If the customers have questions about how a specific merchant or store uses and process their information, please visit their privacy policy.
SHOPLINE only provides services to users aged 18 and above. We do not collect information from or provide any products and/or services on the Platform to minors under the age of 18. Before using our products and/or services, please confirm that you meet the age requirements and have carefully read and understand the details of this Privacy Policy. We will not knowingly collect personal information from minors under the age of 18. If you find that we have inadvertently collected personal information from minors, please notify us immediately and we will try to delete the relevant data as soon as possible.
There are multiple ways for you to exercise rights over your personal information, including but not limited to accessing or correcting your personal information, deleting your personal information, closing your account, withdrawing your consent and getting responses in time, so as to ensure your control over your personal information.
This Privacy Policy will help you understand the following:
SCHEDULE A. ADDITIONAL LOCATION SPECIFIC INFORMATION
We will collect and use your personal information provided by you voluntarily, generated when you use the Platform, and obtained by us from third parties, in accordance with the principles of legality, legitimacy and necessity.
You understand that the features of the Platform or any SHOPLINE products and/or services may update and evolve with development of business strategies. If we change our privacy practices, we may update this Privacy Policy. To the extent any changes are material, we will give you reasonable notice.
Information we collect
How we use such information
Information you provide to us about you and your employees or authorized persons, such as your name, business name, email address, phone number, registration number, VAT number, and log-in password.
To provide you with the Platform or other services (i.e. open an account, contact you about issues with the Platform).
Payment or billing information you provide us, such as your credit card number, debit card number or bank account number, and your billing records.
To provide you with the Platform or other services.
To charge you relevant services fees upon your authorization, and to assist you to check billing records.
Customer support communications that you send us in the event of encountering an issue.
To provide support and address any issues relating to the Platform.
We also collect the following via cookies or similar technologies: device information, including your (and those of your employees and authorized persons) frequently used personal devices, including the IP address, device model, device identification number, operating system, resolution, and telecom operator; and log information, including network diagnosis, lag information, click events, click records, browsing history on the Platform and potentially unsafe URLs (“Usage Data").
To provide you with the Platform or other services.
To prevent fraudulent activity on the Platform.
We collect Usage Data and other information uploaded by you for analytics.
To improve and optimise Platform performance.
Processing of the personal information we hold about you as required or permitted by applicable law to comply with a legitimate disclosure request.
Disclosures to law enforcement, government, and national security authorities.
The personal information we hold about you.
As required for the purpose of any reorganization of our business or corporate transaction we enter into.
Information your customers provide us about them, such as:
- Information your customers provide at the time of member registration, such as their name, email address, phone number, and other information that you authorized to collect (such as birthday);
- Information your customers provide at the time of checkout, such as their name, email address, phone number, delivery information, and payment information.
Browsing history, behavior data, and device information that we collect through “cookies” or similar technologies, such as network connection, IP address, and details of how they browse the store.
To provide you with relevant services and to carry out store operations and customer management, such as completing transactions, fulfilling orders, monitoring transaction monitoring, preventing fraud, providing information about your new products, and identifying and troubleshooting issues.
To optimize our features and services and to provide you with more customized features and services, such as to provide you with data analysis of your customers to help you achieve business growth.
We may share your personal information with the following parties for the purposes set out in the table under Section 1 above:
Certain features of the Platform may be provided by our third-party partners, and we may entrust partners (including technical service providers) with the processing of certain personal information of the Personal Data Subjects. For example, if you use the auto-payments feature, we may ask third-party payments companies to process your credit card information so that to charge you relevant services fee as directed by you.
In addition, in order to provide the Platform to you, we may use service providers. These service providers process your personal information as our data processors, on the basis of our instructions pursuant to a written agreement and we do not allow them to use your personal information for their own purposes.
Affiliates – we share personal information with our affiliates to help provide services to you or analyse / improve the Platform. Please refer to clause (e).
Third-party partners – we share personal information with business partners, i.e. when our Platform is integrated with third-party e-commerce platforms / services.
Social Networking Sites – we may share personal information, at your direction, with website plugins and social media platforms, e.g. to log into your account.
Third-party service providers – we share personal information with partners that perform services on our behalf, such as logistics providers. Please refer to Section 10.
Payment processing companies – we share personal information with payment processors to administer payment.
When you pay U.S. dollars or other local currencies with an international credit card to use some of our payments or subscription features, acquirer services are provided by our third-party payments partners (such as Checkout and Stripe). We will provide these partners with necessary information to enable the acquiring services, and no more than that. When you pay with an international credit card, the payment will be collected by the aforementioned third-party payments partners (as applicable) and be remitted to our affiliated companies as follows:
If your contracting party under the SHOPLINE Terms is SHOPLINE TECHNOLOGY (SHENZHEN) CO., LTD.; SHOPLINE SOLUTIONS LIMITED (registered address: 21/F, 148 Wing Lok St, Sheung Wan, Hong Kong), and then remitted via licensed third-party payments partners to SHOPLINE TECHNOLOGY (SHENZHEN) CO., LTD.;
SHOPLINE (M) SDN. BHD. (6, Jalan Kia Peng, Kuala Lumpur, 50450 Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, Malaysia)
SHOPLINE AUSTRALIA PTY. LTD. (Suite 5 Level 17 1-7 Bligh Street, Sydney NSW 2000, Australia)
Shopline Technology (UK) Limited. (Suite 1, 7th Floor 50 Broadway, London, United Kingdom, SW1H 0DB)
SHOPLINE US INC. (156 W 56th St 3rd Floor, New York, NY 10019, United States)
In connection with any reorganisation, company acquisition, merger, restructuring, transfer of our business or assets, bankruptcy or insolvency, or change in the operational entity.
To comply with legal requirements – we share personal information if determined reasonably necessary to comply with the law, or as permitted by applicable law in order to comply with a legitimate disclosure request.
When the Company is required to disclose personal data by applicable law, such as to law enforcement bodies, governmental and regulatory bodies, the courts and other competent authorities that may request personal data in connection with any inquiry, court order, or other legal or regulatory procedures which we would need to comply with.
Merchants may use non-SHOPLINE features or services when they use the Platform (including apps from SHOPLINE Apps Store, payments gateways or logistics services providers). Please note that such features or services are provided directly by third parties. This Privacy Policy does not apply to such third-party features and services. Any information you provide to third-party websites or services will be provided directly to the network operators of these services. Even if you access through the Platform, you must read and understand the applicable privacy policies and user agreements (if any) of these third parties. We are not responsible for the content of any third-party websites, and third-party policies on personal information and security measures. You should read and understand the privacy policies and user agreements of third parties before providing any personal information to them.
As we provide the Platform and SHOPLINE products and services to users in multiple jurisdictions, you acknowledge the information and data you provided to us maybe transferred to, stored or processed outside of your country. We will store your personal information in Singapore and United Stated. However, for statistical and analytical purposes, we may transfer your personal data to regions outside of Singapore and United Stated. Nonetheless, we will ensure that your personal information is adequately protected as it is in the country or region where you are located and will use encryption in cross border data transfer.
(1) Access and amend personal information
You can access your SHOPLINE account at any time to view your personal information. If you find that the personal information we collect, store, use, or disclose is incorrect or incomplete, or in other circumstances stipulated by laws and regulations, you can log in to SHOPLINE administrative panel and enter the "Personal Center" to amend or supplement your personal information.
If you wish to access or update your personal information or experience any difficulty exercising these rights, please contact us. We will verify your identity and respond promptly, except where otherwise required by law, regulation, or this Privacy Policy.
(2) Delete personal information
Under the following circumstances, you can contact us to delete your personal information, except that the data has been anonymized or as otherwise provided by law or regulation:
We collect and use personal information in violation of any law or administrative regulation or our agreement with you;
If we share or transfer personal information to a third party in violation of any law or regulation or our agreement with you, we will immediately stop such sharing or transfer and ask the third party to delete it promptly;
You terminate your SHOPLINE account and cease to use the Platform or any SHOPLINE products or services;
Other circumstances as stipulated by laws and regulations.
Before deleting relevant information, we may require you to verify your identity to ensure the account security. Once verified and confirmed, we will delete your information from SHOPLINE products and/or server as soon as possible. However, we will retain (but not use) your contact information and transaction records within the period as permitted by law in order to prevent crimes and safeguard national security as required by regulatory authorities. Please note that we may not immediately delete the information from the backup system, and will only delete it when the backup system is updated.
(3) Account termination
You may terminate your SHOPLINE account or any of our products in accordance with the SHOPLINE Terms and any other applicable terms. Please note that once your SHOPLINE account is terminated, you will no longer have access to your account or data. We will proceed with account termination after verifying your identity and agreeing with you on the disposal of any assets in your account. Following termination, we will promptly delete or anonymize your personal information unless retention is required by applicable laws or regulations.
The account termination is irreversible. Once your account is terminated, we will no longer access your personal information and will no longer provide you with our products and/or services or share any data processed by us under such product, irrespective whether you later re-activate your account under the same registration details. Therefore, please exercise caution before you terminate your account and take all necessary actions to back up important data under your account.
(4) Restraint of automated decision-making systems
In some business functions of the Platform, we may make decisions based on automated decision mechanisms including information systems, algorithms, etc. If these decisions significantly affect your legitimate interests, you have the right to request an explanation from us, and you can contact us using the methods provided in this Privacy Policy.
(5) Response to requests
In order to exercise your rights over your personal information, or if you have any questions, complaints, opinions or suggestions, you can contact us using the methods provided in this Privacy Policy. To ensure security, we may request to verify your user identity before processing your request. Generally, your user identity will be verified and a reply will be provided within 15 business days upon receipt of your request.
In principle, we do not charge for your reasonable request. For repeating request in a specific period of time, we reserve the right to charge you as appropriate; for requests that require excessive technical support (e.g., the need to develop a new system or fundamentally change existing practices) or entail other significant difficulties, we will provide you with alternatives.
We will reject your request under the following circumstances:
Related to the performance of obligations under laws and regulations;
Directly related to national security or national defense security;
Directly related to public safety, public health and major public interests;
Directly related to criminal investigation, prosecution, trials and enforcement;
There is sufficient evidence of subjective malice or abuse of rights on the part of the user;
For the purpose of safeguarding the life, property and other major legitimate rights and interests of the user or any other person, but it is difficult to obtain the authorization and consent of that person;
Responding to the user's request will cause serious damage to the legitimate rights and interests of the user or third parties;
Trade secrets are involved.
Please note that you shall respond directly to requests made by your customers (which are not our direct clients) relating to their personal information. Unless we receive a request from you for assistance, we may forward any request we receive from your customers to you or ask your customers to seek help directly from you.
(1) Retention period
When your service agreement with us ends or you terminate your account, your store data will be retained for up to twelve (12) months. After this period, the data will be securely archived and subsequently deleted in accordance with our data retention policy and applicable laws. Once deleted, you will no longer be able to access or recover the data.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
By law we have to keep basic information about our customers (including contact and financial data) for six (6) years after they cease being customers for tax purposes.
In some circumstances, you can ask us to delete your data. Please see your legal rights above for further information.
(2) Protection of personal information
We take the personal information security very seriously. We have adopted technical security measures, appropriate organizational structure and management system and other protections in line with industry standards to prevent leak, damage, misuse, unauthorized use, disclosure or amendment of your personal information.
(1) What are "cookies"
A cookie is a small file stored in the Personal Data Subject’s computer, mobile phone or any other smart terminal device by the website server when it logs into the website or browses website content, usually containing identifiers, site names and some numbers and characters. When the Personal Data Subject visits the website again, the website can identify the browser of the Personal Data Subject through cookies. Cookies may store user preferences and other information.
(2) How “cookies” are used"
When a Personal Data Subject uses our website, we may collect the device model, operating system, device identifier and login IP address information of the Personal Data Subject through cookies or similar technologies, as well as cache the browsing information and clicking information of the Personal Data Subject, so as to view the network environment of the Personal Data Subject. Cookies allow us to identify a Personal Data Subject when it visits the website, continuously optimize the user friendliness of the website and make adjustments to the website according to the needs of the Personal Data Subject. The Personal Data Subject can also change the settings of the browser so that the browser does not accept cookies on our website, but this may affect the Personal Data Subject 's use of some features of the website.
On SHOPLINE website, with the help of cookies and other similar technologies, we can identify whether a Personal Data Subject is our user or the user’s customers each time the Personal Data Subject uses the Platform, SHOPLINE services or the store empowered by SHOPLINE, without having to re-login and authenticate on each page.
(2) Managing Cookies
You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling certain cookies may affect the functionality and user experience of our website.
You can manage or delete cookies through your browser settings. For more information, please refer to the following guides:
- Google Chrome. https://support.google.com/chrome/answer/95647
- Internet Explorer (IE). https://support.microsoft.com/en-us/topic/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
- Safari (Desktop). https://support.apple.com/en-us/HT201265
- Mozilla Firefox. https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox
- Opera. https://help.opera.com/en/latest/web-preferences/#cookies
We may update the terms of this Privacy Policy from time to time, and such update shall form part of this Privacy Policy. We encourage you to periodically review this Privacy Policy to stay informed about how we are using and protecting information that we collect.If you have any questions, opinions or suggestion to this Privacy Policy, you may contact us as follows:
In the event of significant or material changes, we will notify you in a prominent manner as appropriate.
SHOPLINE COMMERCE PTE. LTD.
30 Pasir Panjang Road, #15-31A Mapletree Business City, Singapore 117440.
If you have any questions, opinions or suggestion to this Privacy Policy, you may contact us as follows: privacy@shopline.com.
You: the registered seller user / merchant who uses the SHOPLINE Platform or other services, and its employees/developers/other persons authorized to operate the Platform.
Personal information: means data, whether true or not, about an individual who can be identified from that data or from that data and other information to which the organization has or is likely to have access.
Sensitive personal information: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
Deletion: the act of removing personal information from the system involved in the realization of routine service functions, so that it cannot be retrieved or accessed.
Brand Name
Corporation Name
Location
Privacy Policy
We will only use your personal information when the law allows us to. In respect of each of the purposes for which we use your personal information, the UK GDPR requires us to ensure that we have a "legal basis" for that use. Most commonly, we will use your personal information in the following circumstances. We have set out our specific purposes and associated legal bases in more detail in table format above.
Where we need to perform a contract we are about to enter into or have entered into with you (“Performance of our contract with you”);
Where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests ("Legitimate Interests"). More detail about the specific legitimate interests pursued in respect of each purpose we use your personal information for is set out in the table above;
Where we need to comply with a legal or regulatory obligation (“Compliance with a legal obligation”); and
Where we have your specific consent to carry out the processing for the purpose in question (“Consent”).
Information we collect
Legal basis
Information you provide to us about you and your employees or authorised persons, such as your business name, email address, phone number, registration number, VAT number, and log-in password.
Legitimate Interests;
Performance of our contract with you;
Compliance with a legal obligation.
Payment or billing information you provide us, such as your credit card number, debit card number or bank account number, and your billing records.
Performance of our contract with you;
Legitimate Interests;
Compliance with a legal obligation.
Customer support communications that you send us in the event of encountering an issue.
Legitimate Interests
We also collect the following via cookies or similar technologies: device information, including your (and those of your employees and authorised persons) frequently used personal devices, including the IP address, device model, device identification number, operating system, resolution, and telecom operator; and log information, including network diagnosis, lag information, click events, click records, browsing history on the Platform and potentially unsafe URLs (“Usage Data").
Legitimate Interests;
Performance of our contract with you;
Consent.
We collect Usage Data and other information uploaded by you for analytics.
Compliance with a legal obligation;
Legitimate Interests.
Processing of the personal information we hold about you as required or permitted by applicable law to comply with a legitimate disclosure request.
Compliance with a legal obligation;
Legitimate Interests.
The personal information we hold about you.
Legitimate Interests.
Information your customers provide us about them, such as:
- Information your customers provide at the time of member registration, such as their name, email address, phone number, and other information that you authorized to collect (such as birthday);
- Information your customers provide at the time of checkout, such as their name, email address, phone number, delivery information, and payment information.
Browsing history, behavior data, and device information that we collect through “cookies” or similar technologies, such as network connection, IP address, and details of how they browse the store.
Performance of our contract with you;
Legitimate Interests;
We may share your personal information within our group, which may involve transferring your personal information outside the EEA and/or UK.
Some of our third-party partners are also based outside the EEA and/or UK so their processing of your personal information may involve a transfer of data outside the EEA and/or UK.
Whenever we transfer your personal information out of the EEA and/or UK, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information; or
We will take measures to comply with applicable data protection laws related to such transfers and use appropriate transfer solutions for any transfers of data outside the EEA and/or UK, such as the UK Standard Contractual Clauses.
You have the right to, at any time:
Request access to your personal information (commonly known as a data subject access request). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal information where we are relying on a Legitimate Interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information in the following scenarios:
If you want us to establish the data’s accuracy;
Where our use of the data is unlawful but you do not want us to erase it;
Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; and
You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal information to you or to a third party. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
Make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues – if you are unhappy about how we process your personal information, you can always file a complaint with the ICO at www.ico.org.uk. We would however appreciate the opportunity to resolve your concerns in the first instance before you contact the ICO.
If we deploy automated technologies which give rise to automated decision-making about you, we will either: (1) have a human being involved in the process; or (2) use these technologies in ways that don’t have legal or similarly significant effects.
You have the right to, at any time:
You have the right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we have collected about you.
You have the right to request that we delete certain personal information we have collected from you.
You have the right to correct inaccurate personal information that we maintain about you.
You have the right to opt-out of sale or sharing of personal information. We do not “sell” your personal information to third parties in exchange for money or other valuable consideration. We also may “share” your personal information, as described by the CCPA, for purposes of cross context behavioral advertising.
You have the right to opt-out of targeted advertising.
You may request to opt-out of profiling in furtherance of a decision that produces a legal or similarly legal effect, or request to learn about the logic involved in decision making processes.
You have the right to obtain your personal data and a list of third parties to which we have disclosed your personal data in a portable, and to the extent technically feasible, readily useable format, which you can use to transmit your data to another entity.
You have the right to request that we limit the use and disclosure of sensitive information necessary to perform the services requested. Once we have received and confirmed your request, we will limit the use and disclosure (and direct our service providers to limit thew use and disclosure) of your sensitive personal information, unless and exception applies. You also have the right to not receive discriminatory treatment for exercising this right.
You may appeal our decision to your request regarding your personal information. To do so, please contact us in any of the ways list above. We respond to all appeal requests as soon as we reasonably can, and no later than legally required.
If you direct us not to sell/share your personal information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes. Please know that the privacy rights outlined above are subject to exceptions. We will confirm receipt of every request within 10 business days and respond to every request within 45 calendar days. We may extend that response time as appropriate, if permitted. We will not retaliate or discriminate against you for exercising any of these privacy rights.
Requests to exercise privacy rights must be verified. This process may require us to request additional personal information from you in order to authenticate your identity. In certain circumstances, we may decline a request to exercise a privacy right, particularly where we are unable to verify your identity.
You may designate an authorized agent to make a request on your behalf. An authorized agent must have written documentation of their authority to act on your behalf, such as receiving: (i) a power of attorney; or (ii) sufficient evidence to show that the individual has provided the authorized agent signed permission to act on their behalf, verified the individual’s own identity directly with us pursuant to the procedures above, and directly confirmed with us the individual provided the authorized agent permission to submit the request on their behalf.
Our services are not for children under the age of 13. We do not knowingly collect personal information from children under 13 years of age. Individuals under the age of 13 should only use our services with the permission and under the supervision of a parent or guardian. Individuals under the age of 13 should not attempt to provide us with any personal information. If you think we have received personal information from children under the age of 13, please contact us immediately.
This appendix seeks to provide additional information to residents of California and supplements the information provided in the Privacy Policy. As discussed in the Privacy Policy in further detail, we “sell” and “share” any personal information as such terms are defined under California privacy law.
To learn more about the categories of personal information we collect, how we collect it, why we collect it, with whom we share it, and how long we retain it, please see the items below. To submit a privacy request, please see the instructions provided in the Privacy Policy.
Category
What we collect
How we collect it
Why we collect it
With whom we share it
How long we retain it
Identifiers
Such as, name, email, phone number, birth date, log-in password, registration number and VAT number.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above.
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law. For more information, please see the How we retain and protect personal information section of this privacy policy.
Protected classification characteristics under California or federal law
Any protected classification characteristics you voluntarily provide to us.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law. For more information, please see the How we retain and protect personal information section of this privacy policy.
Commercial information
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above.
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law. For more information please see the How we retain and protect personal information section of this privacy policy.
Customer Records
Bank account number, credit card number, debit card number, or any other financial information.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law.
For more information please see the How we retain and protect personal information section of this privacy policy.
Biometric information
N/A
N/A
N/A
N/A
N/A
Internet or other similar network activity
Information on a customer’s interaction with our services including browsing history, behavior data and device information, such as IP address, device model, device identification number, operating system, resolution, and telecom operator; and log information, including network diagnosis, lag information, click events, click records, browsing history on the Platform and potentially unsafe URLs.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law. For more information please see the How we retain and protect personal information section of this privacy policy.
Geolocation data
In some instances IP addresses are collected.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law.
For more information please see the How we retain and protect personal information section of this privacy policy.
Sensory data (Audio, video, etc.)
N/A
N/A
N/A
N/A
N/A
Professional or employment-related information
N/A
N/A
N/A
N/A
N/A
Non-public education information
N/A
N/A
N/A
N/A
N/A
Inferences drawn from other personal information
Information generated from your use of our services, such as usage and data analytics.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above.
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law.
For more information please see the How we retain and protect personal information section of this privacy policy.
Sensitive personal information
Account log-in information, financial account, debit card, or credit card number in combination with any access code, and precise geolocation.
For more information please see the Information We Collect section of the Privacy Policy.
Collected directly or indirectly through your use of the service or obtained from third parties.
For more information please see the What we collect and how we use personal information section of the Privacy Policy.
We collect this information for the purposes listed in the How we use such information section of this privacy policy.
Shared with our affiliates, partners, social networking sites, service providers and payment processing companies as described in the When we share, transfer and disclose personal information section above.
We retain personal information for such a period as necessary to achieve the purposes authorized by you and your customers or otherwise provided by law.
For more information please see the How we retain and protect personal information section of this privacy policy.
