Qiniu Cloud Privacy Policy
Overview
Shanghai Qiniu Information Technology Co., Ltd. ("Qiniu Cloud" or "we") attaches great importance to the privacy and information security of its users ("you" or "your"), whether you are an individual or a business user. By using our service, it means that you have confidence on the way we handle your information. Therefore, we understand that Qiniu Cloud has a great responsibility and will make every effort to protect the security of your personal information.
This Qiniu Cloud Privacy Policy ("Policy") intends to help you understand what information we collect, why we collect such information, how we use, store, share and safeguard such information, and the methods we provide for you to access, update, control and protect such information.
If, prior to the registration, browser or use of Qiniu Cloud Service, you confirm your acceptance of this Policy by checking the pop-up window or in any other voluntary manner, you shall be deemed to have carefully read, fully understood and accepted the provisions of this Policy (minors shall read this Policy with the company of their legal guardians), and this Policy shall have legal effect between you and Qiniu Cloud, especially the provisions of limitation or exemption from liability (including jurisdiction provisions) which shall be highlighted in bold and/or underlined forms.
If you have any questions, comments or suggestions, we would be happy to hear them and welcome you to contact us via the contact information set forth in this Policy and we will answer them for you.
This Policy will help you to understand the following:
1. Key Words Definition
2. How We Collect and Use Personal Information About You
3. How We Use Cookies and Similar Technologies
4. When We Share or Disclose Information
5. How Do We Protect Your Personal Information
6. Your Rights to Personal Information
7. How Do We Process Minors' Personal Information
8. Scope of Application of This Policy
9. How is This Policy Updated
10. Contact Information
1. Key Words Definition
1.1 "Qiniu Cloud", "we", "us", "our" refers to Shanghai Qiniu Information Technology Co., Ltd. unless otherwise specifically indicated.
1.2 "Affiliate" refers to its subordinate companies or other affiliates in the scope of consolidated financial statements of Qiniu Cloud.
1.3 "User" or "You" refers to the individual or enterprise that uses Qiniu Cloud's products and/or services.
1.4 "Third party" means a company or individual (unaffiliated) to which we are related, other than by reason of common ownership or control, or any other unrelated individual.
1.5 "Personal information" refers to various types of information recorded by electronic or other means that can, either alone or in combination with other information, identify a specific natural person or reflect the activities of a specific natural person. The personal information referred to in this Policy is of the type listed in the section of How We Collectand Use Personal Information About You. For the avoidance of doubt, Personal information includes, but is not limited to, personally sensitive information.
1.6 "Personal sensitive information" refers to the personal information that once disclosed or illegally used, may easily lead to damage to personal dignity or personal or property safety, and may easily lead to the damage to personal reputation and physical and mental health or discriminatory treatment. Personal sensitive information involved in this Policy may include: your property information (including virtual property information such as bank account and prepayment information); personal identity information (including ID card); online identification information (including account name, account nickname, email address and passwords related to the foregoing); other information (including address book, personal telephone number, mobile phone number, itinerary information, web-browsing record and precise location information). For the above personal sensitive information listed in this Policy, in order to make it more alert to your reading, we define and list it uniformly here, and also highlight it in this Policy by bold font, underlined font, or by pointing it out in a separate way.
1.7 "Non-personal information" refers to information that cannot be identified or associated with specific individuals. It includes anonymized (irrecoverable) information and all non-personal information of corporate users that has already been publicly disclosed by the relevant competent authorities (such as corporate contact address, contact information, years of operation, enterprise scale, industries engaged in, main businesses, main products, website domain names, etc.).
1.8 "De-identification" refers to the process of making personal information unable to identify or associated with you without the use of additional information through technical processing of the personal information.
1.9 "Delete" refers to the action of removing personal information from the system concerned with realizing daily business functions, so that the personal information remains in a state in which the information cannot be retrieved or accessed.
1.10 "Anonymization" refers to the process in which personal information is processed by technology so that you cannot identify or associate with it and the processed information cannot be recovered.
2. How We Collect and Use Personal Information about You
We collect and use your personal information only for the following purposes as described in this Policy:
2.1 In order to better serve you, Qiniu Cloud will comply with the national laws and regulations in effect and with your consent and collect your personal information, including:
2.1.1 Information Provided by You
(1) Registration information.
In the process of account registration, you will directly provide to us with your user name, email address, mobile phone number, mobile phone verification code and password (encrypted) of the account created by you. After the successful registration, your email address and mobile phone number will be used as your login account in our service platform and we will use such email address and mobile phone number to send verification code information for you to verify your identity and for password recovery. Meanwhile, it will be used as one of the contact methods designated by you to us to receive reminders, service messages, account messages, announcement messages and business notices (hereinafter referred to as the "registered user service").
Of course, during the registration process, you can also choose to provide your current province and current cityinformation, so that we can provide you with higher quality localized exclusive services. If you have already logged in your Qiniu Cloud account, you can provide us with your nickname, address, QQ number and personal website information through the "Personal Center". You can choose to refuse to provide such information, but this does not affect your registration process and your normal use of the Qiniu Cloud registered user service. If you choose to provide such information, we will protect it as relevant personal information. We also remind you that even if you do not provide us with any personal information, you can fully browse all the public information on our official website, but you will not be able to further access the Qiniu Cloud registered user service.
(2) Real - name authentication
To provide our basic and core technical services (including object storage, cloud host, cloud database, CDN, content auditing, etc., please refer to the real-time service content displayed at our website for details), you are required to complete real-name authentication before purchasing and using our services. We provide you various forms of real-name authentication as follows:
If you are an individual user, you may choose to use face recognition for verification and we will collect your ace recognition information and compare it with the verification data provided by the Ministry of Public Security to verify your identity, but we will not store any face recognition information of you. When you choose to use Alipay verification method, you are required to provide us with your real name, ID card number, and photos of front and back side of your ID card and personal website (optional), and you may authorize us to access your authentication information by logging into Alipay(see more about Alipay, please click here:https://www.alipay.com/). When you choose to use bank transfer verification method, in addition to the above identity information, you shall also provide us with certain financial information including your bank account, bank name and its branch information, so that we may verify your authentic information by transferring some change to the bank account. The above information provided by you shall only be used for the verification of your real-name authentication by Qiniu Cloud.
In addition, once you complete the individual real-name authentication, you can also choose to continue with enterprise authentication. For enterprise authentication, when you choose to use Alipay authentication method, you are required to provide your corporate entity name, unified social credit code, and enterprise information including a scanned copy of the organization's license and certificate, and you may authorize us to access your authentication information by logging into Enterprise Alipay. When you choose to use bank transfer authentication method, in addition to the above enterprise information, you are also required to provide us with relevant financial information including bank account, bank name and its branch information. The above information you provide will only be used for the verification of your real-name authentication by Qiniu Cloud.
You should be aware that various technical services of Qiniu Cloud fall into our basic core business functions. We collect the above information to satisfy the requirements of relevant laws and regulations for the Internet Real-name System. If you fail to provide your personal information and pass the real-name authentication, you will not be able to enjoy the basic and core technical services provided by us.
(3) Payment Information
We support Alipay, WeChat Pay and Online Banking payment. We need to have access to your bank account information for your recharge, withdrawal and product order payment needs. We will display your recharge and withdrawal records on the Finance Center management page to make it easy for you to check your records of fees. When we issue and send invoices to you, we will collect your bank card number or account number, invoice information, tax information, and invoice delivery address (including the addressee’s name, full address, postal code, mobile phone number and email address). We may send an invoice to you using the information above. We will not provide your bank account information, payment passwords, recharge and withdrawal records, payment records, or invoice information to any unrelated third parties.
(4) Additional information
When you participate in Qiniu Cloud's specific service promotions, the specific identity authentication information must be collected for your participation in the relevant promotions. Of course, before we collect and use specific identification information for certain promotions, we will make clear to you of the type, scope and purpose of the collection of information and obtain your explicit consent.
2.1.2 Information we collect in the course of your use of the services.
When you use our services, we may collect the following information about you:
(1) Device information: including the names of the device, device models, device settings, identifiers, regional and language settings, usage habits, operating system versions, settings of the device used for access services, and device abnormality information;
(2) Log information: When you use the services provided by our website or related clients, we will automatically collect the details of your use of our services and save them as relevant web logs.Include your search inquiry contents, IP address, type of browser, telecom operator, language used, date and time of visit and webpage record of your visit;
(3) Location information: including the GPS signal of the equipment or related information of the nearby WiFi access point, the ID of the area at which the equipment is located, and the ID of the network service provider;
(4) Additional Information: Information that must be collected when you use a specific service in order to enable that specific service.We will record and analyze the user ' s inquiry records, trouble reporting records and troubleshooting process for the user ' s fault resulting from your use of our service so that we can respond to your requests for help in a timely manner and use them to improve our service.
Please note that individual device information, log information, etc. is information that cannot be used to identify a particular natural person. However, if we use such non-personal information in combination with other information for the purpose of identifying a particular natural person or in combination with personal information, for example when associated with your account number, such non-personal information will be considered to be personal information for that period of combined use. We will anonymiz or de-identify such personal information unless authorized by you or as otherwise required by law or regulation.
2.1.3 Information shared about you by third partie
For the purpose of providing services to you, we will obtain relevant information about you through legal ways from relevant third-party sources such as affiliates and business partners. When you use the services of third parties, the reservation information you provide them may be passed on to us. You authorize us indirectly to obtain information about your booking information from the third parties so that we may process your orders. We will, according to the agreement with the third party, require the third party to explain the source of the personal information and confirm the legality of the source of the personal information. We will also confirm that the scope of the consents the third party has obtained regarding the processing of the personal information includes consent to our use of such personal information and confirm that such personal information is used in compliance with relevant laws and regulations.
2.2 To better serve you, Qiniu Cloud will comply with the currently effective relevant laws and regulations and with your consent and use your personal information for the following purposes:
2.2.1 Provide you with interactive functions and issue business notifications
When you communicate, give feedback, share and other interactions with us or other users, we will collect and use your contact information includes name (nickname), mobile phone number, email address. When you use our technical guidance or technical support service, you are required to submit work order information to us and have our feedback interactions; you may make comments and interact with us on our "Q&A Community" section; we provide you with friend invitation service. You can provide your friend's email address and you choose to send email invitation activities or to share relevant activities on your other account platforms for sharing and interaction.
We will send a notice to you upon any update of the user agreement or the privacy policy to protect your rights and interests. In addition, we will inform you of the interactive response results between youand other users through your contact information, will inform you of feedback on the real-name authentication result of your account, complaint and report notices of right holders or users and solution of your feedback problems.
2.2.2 Improve our products or services
In order to improve our products, services and develop better services for you, we will use your personal information. You should be aware, however, that we will generally only use anonymized comprehensive and statistical information for this purpose, and will not personally identify you. We will use such information for data analysis and research, as well as for auditing.
We will use such information to comprehensively determine the necessity of a particular product, solution or function of Qiniu Cloud and may invite users to participate in various kinds of feedback and interaction so as to launch new products and services (for example, communicating with the company's business contact person by mobile phone or email, etc.). In order to improve our product or service, upon your consent, we may match your personal information with third party data to create indirect user portrait for us to conduct product research and development or provide service information to you on a targeted basis (via mail, email or phone call). Of course, even if you agree to our use of such information, you may inform us at any time by using the contact information published in this Policy that we will no longer collect your information for the above scenarios. This will not affect your normal use of the basic core technical services of Qiniu Cloud.
2.2.3 Conducting Marketing and Promotional Activities
The personal information collected by us will be used to promote and introduce products and services to you. For example, commercial information about products and services is sent to you via email and mobile phone numbers.Of course, even if you agree to our use of such information, you have the right to choose not to receive promotion and introduction information of products and services at any time in accordance with the functions set up by us on the Website or by the opt-out method provided by us.
2.2.4 To provide you with security
The personal information we collect will be used to ensure the security and reliability of our products and services, and to prevent cyber fraud, cyber attacks and intrusions, etc., so as to more accurately identify violations of laws and regulations or the rules of relevant agreement of Qiniu Cloud. We may use or integrate your account information, device information, software use information and information obtained from you by our affiliated companies and partners or shared according to law for the purpose of identity verification, detection and prevention of security incidentsand take necessary recording, auditing, analysis and disposal measures as required by law.
2.3 We will seek your consent when we wish to use the information for purposes otherthan those set out in this Policy.We will seek your consent when we wish to use the information we collect for a specific purpose for other purposes.
2.4 Exceptions with Your Authorized Consent
In accordance with relevant laws and regulations as well as personal information protection standards, we do not need to obtain your authorizationand consent for collection and use of personal information in the following circumstances:
2.4.1 Those related to national security or national defense security;
2.4.2 The confidential information relates to public security, public health and other major public interests;
2.4.3 The evidence relating to criminal investigation, prosecution, trial and judgment execution;
2.4.4 For the purpose of maintaining material legitimate rights and interests such as the life and property of personal information subjects or other individuals, it is difficult to obtain your consent;
2.4.5 The personal information collected is disclosed to the public on your own initiative;
2.4.6 Collecting personal information from legally and publicly disclosed information, such as legally disclosed channels of news report and government information disclosure;
2.4.7 The entry into and performance of the contract at your request is necessary;
2.4.8 Necessary for maintaining the safe and stable operation of our products or services, such as detecting and handling the faults of our products or services;
2.4.9 The information has been subject to technical processing of your personal information, such that your subject cannot be identified, and the processed information cannot be recovered(not personal information), or the circumstances of de - identification technical processing of your personal information and guarantee security;
2.4.10 Other circumstances provided for in laws, regulations or relevant rules.
3. How we use cookies and similar technologies
3.1 Cookie
To make sure that Qiniu Cloud works properly, provide you with an easier access experience, recommend content or advertisements that you may be interested in, and so on, we store a small data file called a Cookie on your computer or mobile device when you log on to our website or browse content on the Web.Cookie usually contains an identifier, the name of the site, and some numbers and characters. For example, with Cookies, our website and our clients may store data such as your account number, email address, password (encrypted), and preferences. Cookies can also help us to collect traffic information, analyze the effectiveness of page design and advertising, and continuously optimize the user-friendliness of our website and adjust our website according to your needs.
We enable Cookies for the same reason that most Web sites and Internet service providers enable Cookies: to improve the user experience. We will not use Cookies for any purposes other than those stated in this Policy. You can manage or delete Cookies according to your preferences. Many Web browsers have a "Do Not Track" feature that allows you to issue a "Do Not Track" request to a Web site. You can use the various browsers' built-in features to deny or erase all Cookies saved on your device, but if you do so, you'll need to change your user settings yourself every time you use Qiniu Cloud. Also, we may not be able to provide you with a better experience, and some services may not work properly.
Most browsers also allow you to choose whether you want to disable all Cookies or only third-party Cookies. By default, most Internet browsers accept Cookies, but this can be changed. The following links provide instructions on how to control cookies in all major browsers:
If you use another browser, please refer to the documentation provided by the browser manufacturer.
3.2 Website Beacons and Pixel Tags
In addition to Cookies, we may use other similar technologies, such as Web beacons and pixel tags. For example, we may send you an email that contains a link to our click URL. If you click on that link, we track that click, helping us to understand your preferences for products or services and to improve customer service. Web beacons are usually transparent images embedded in a Web site or email. With pixel tags in an email, we can tell if an email has been opened, helping us to determine the number of emails sent to users or whether to send them. If you do not want your activity to be tracked in this way, you can unsubscribe from our mailing list at any time.
4. How We delegate, Share, Transfer, and Disclose Your Personal Information
4.1 Delegate
Subject to some of our data processing capabilities and service resources, certain functions may be provided by the vendors (including the providers of technical services) that we entrust ("delegatee"). For the delegatees entrusted by us to process your personal information, we will select the delegatees who are able to provide adequate guarantee of expertise, reliability and resources, and sign strict entrusted processing agreements and confidentiality agreements with them, specifying data processing matters, treatment period, treatment nature, treatment purpose and responsibilities of the two parties, and shall supervise the processing of personal information. We will request the delegatees to process your personal information only in accordance with our requirements, this Policy and any other relevant confidentiality and security measures, and will request the delegatees to return the personal information to us or delete it upon the termination of the entrusted matters (including invalidation, invalidity, cancellation or termination of the entrustment contract).
4.2 Sharing
Unless otherwise required by laws, regulations and regulatory bodies, we will not share your information with third parties without your consent. At present, in order to provide services to you, after obtaining the explicit consent of you (and your guardian), we solicit the authorization and consent from you to share personal information with third parties in the forms of confirmation agreement, case following in specific scenario and pop-up window prompt under the following circumstances, in accordance with the requirements of the laws and regulations and national standards:
4.2.1 Your personal information may be shared with affiliates of Qiniu Cloud. We will only share the personal information deemed necessary and subject to the purposes stated in this Policy. If affiliates want to change the purpose of processing personal information, they will seek your authorization again.
4.2.2 Sharing with Authorized Partners: Solely for the purposes stated in this Policy, certain of our services will be provided by authorized partners (including, without limitation, third party software development kits (SDK), vendors, service providers, etc.). We may share certain of your personal information with our partners to provide better customer service and user experience. We shall only share your personal information for legal, proper, necessary, specific and explicit purposes and only share the personal information necessary for the provision of the Services. Our partners are not authorized to use the personal information for any other purposes.If partners want to change the purpose of personal information processing, processing methods, you will be asked for authorization again.
Our authorized partners mainly serve the needs of you and other users. Therefore, we may change our partners if we meet the needs of new service and changes in business functions. We will keep you updated on the cooperation and partners (if any). We will perform strict security inspection on the application programming interface (API) and software development kit (SDK) that the authorized partners use to obtain relevant information. We will also agree to strict data protection measures with our authorized partners and require the processing of personal information in accordance with this Policy and any other relevant confidentiality and security measures.
(1) To achieve the sharing between advertising partners and advertising partners and statistical analysis partners for the push of advertisements. Qiniu Cloud may only provide such partners with user portrait tags and de - identification or anonymization statistical information that fail to identify you, so as to help them increase effective access to advertisements without identifying you. Unless we have obtained your permission, we will not share your personally identifiable information(meaning your information, such as name or mobile phone number, through which you may be contacted or identified) with our advertising and analysis partners.
(2) Sharing with suppliers, service providers, and other partners.We send information to service providers, smart device suppliers, systems service providers and other partners(e.g., hardware vendors, telecom operators, cloud service providers) that support our business.For example, we provide technical infrastructure services, analyze the way our services are used, provide customer services, conduct compliance investigations, pay facilities, or conduct academic studies and investigations.We enter into stringent data protection agreements with the people who share our information. We require them to deal with the personal information in accordance with our instructions and in accordance with this Privacy Policy and any other relevant confidentiality and security measures. If we share your personal sensitive information or authorize a partner to change the use or processing of the personal information, we will ask for your written consent again.
4.2.3 Sharing under legal circumstances: we may share or disclose your personal information in accordance with laws and regulations, as required for dispute resolution or upon request made by administrative or judicial authority according to law. For example, if we determine that you have violated laws or regulations or seriously violated the relevant agreements or rules of Qiniu Cloud, or to protect the personal and property safety of Qiniu Cloud and its affiliated companies ' users or the public from infringement upon the personal and property safety of Qiniu Cloud and its affiliated companies ' users or the public, we may disclose the personal information about you in accordance with laws and regulations or rules of the relevant agreements on our platform, including relevant violations and the measures that Qiniu Cloud Platform has taken against you. For example, if you seriously violate our platform rules, laws and regulations and / or public order and good morals by using your account or uploading illegal videos, illegal videos and any other content to your users, resulting in material social impact and causing losses to the reputation of our platform, we may publicly disclose your information and penalties.
4.3 Transferring
We will not transfer your personal information to any company, organization or individual, except that:
4.3.1 After obtaining your express prior consent;
4.3.2 Pursuant to law, regulation or compulsory administrative or judicial requirements;
4.3.3 In the event of merger, acquisition or bankruptcy liquidation, if transfer of personal information is involved, we will request new companies or organizations that hold your personal information to continue to be bound by this Policy.Otherwise, we will request such companies or organizations to seek consent from you again.
4.4 Disclosure
We may publicly disclose your personal information only under the following circumstances and have adopted industry-standard security precautions:
4.4.1 To disclose the personal information you designate in the manner of disclosure expressly agreed to by you based on your needs.
4.4.2 If we have to provide your personal information in accordance with the requirements of laws, regulations, compulsory administrative enforcement or judicial requirements, we may publicly disclose your personal information dependingon the type of personal information required and the manner of disclosure.Subject to laws and regulations, when we receive a request for disclosure of information mentioned above, we will request that relevant legal documents, such as subpoena or investigation letter, be issued in connection with the request.We are firmly convinced that there is as much transparency as the law permits with respect to the information we are asked to provide.All requests are carefully reviewed by us to ensure that they have a legitimate basis and will be limited to those data that the law enforcement authority has the legal right to obtain for the specific investigation.
4.5 Exceptions Where the Sharing, Transferring and Disclosure of Your Information Are Subject to Authorization in Advance
No prior authorized consent is required for the sharing, transferring or disclosure of your user information in the following circumstances:
4.5.1 Those related to national security or national defense security;
4.5.2 The confidential information relates to public security, public health and other major public interests;
4.5.3 The evidence relating to criminal investigation, prosecution, trial and judgment execution;
4.5.4 To protect your or other individuals ' life, property and other material legal rights and interests, but it is hard to obtain my consent;
4.5.5 Personal information that you disclose to the public or provide to the counterparty;
4.5.6 Collecting personal information from legally and publicly disclosed information, such as channels of news report and government information disclosure, etc.;
4.5.7 Evaluation information or other information required by laws and regulations to be disclosed. For example, in order to build a trustworthy transaction environment for cloud market, your credit evaluation information(star rating, customer evaluation) needs to be publicly shared. If you are a service provider, you shall publicly share the relevant information of enterprises or natural persons in accordance with applicable lawsand regulations as well as the requirements of market rules;
4.5.8 Other circumstances provided by laws and regulations.
5. How Do We Protect Your Personal Information
5.1 Security Exception
We take reasonable practical and technical measures to protect the information we collect in connection with our services. Please note, however, that while we take reasonable measures to protect your information, no website, internet transmission, computer system or wireless connection is absolutely secure. Please properly protect your personal information and only provide it to others where necessary. If you find that your personal information has been disclosed, in particular your account and password, please contact our online customer service immediately so that we can take appropriate action.
5.2 Safety measures we take
We have applied industry-standard security precautions to protect the personal information you have provided to protect it from unauthorized access, disclosure, use, alteration, destruction or loss. We will take all reasonable and practical measures to safeguard your personal information. In particular, we have taken the following measures:
5.2.1 We de - identify the personal information we collect about you to reduce the risk that other organizations and individuals may identify you through the personal information. We use SSL to encrypt our services. We review our practices(including physical security measures) in respect of information collection, storage and processing to prevent unauthorized access to various systems.
5.2.2 We have obtained ISO 27001 Certificate of Information Security Management System Certification issued by the British Standards Institute (BSI) and Certificate of Trusted Cloud Service Certification issued by China Academy of Information and Communications Technology,which can effectively protect the security of your information system, intellectual property and trade secrets.
5.2.3 We only allow the employees of Qiniu Cloud who need to know the personal information for us, and personnel of the service company that is authorized to process such information on our behalf to have access to the personal information; furthermore, they will be required to abide by strict contractual confidentiality obligations and shall conduct safety training in due time; if they fail to perform these obligations, they may be investigated for legal liabilities or their relationship with Qiniu Cloud may be terminated.
For us, the security of your information is very important. Therefore, we will constantly strive to protect the security of your personal information, and implement full storage and transmission security encryption and other safeguards, so as to prevent your information from being accessed, used or disclosed without authorization. At the same time, the specific content of certain encrypted data, no one but the user has the right to access. When we transmit and store your sensitive personal information, we will apply security measures such as encryption; when we store personal biometric information, we will use technical measures to process it before storing it, such as storing only a summary of the personal biometric information.
5.3 Emergency responses to security incidents
After the occurrence of personal information security incidents, we will, in accordance with the requirements of laws and regulations, inform you of the basic information and possible effect of the security incident, measures we have taken or will take, suggestions on your own prevention and reduction of the risk and remedial measures for you. We will notify you of the relevant information of the incident by email, letter, telephone call, push notice and other means. If it is difficult to notify each subject of personal information, we will take a reasonable and effective manner to release the announcement. In the meantime, we will also proactively report the handling of personal information security incidents according to the requirements of regulatory authorities.
5.4 Duration and territory
During the period that you use Qiniu Cloud, we will continue to preserve your personal information for you but the relevant information will be preserved for the minimum period necessary to achieve the Purpose. Unless you agree to an extension of the storage period or we are permitted by law, we will delete or anonymize the source data and back-up data of your personal information. If you cancel your account or delete the aforesaid information voluntarily, Qiniu Cloud will retain your existing personal information for the shortest period in accordance with laws and regulations. During the shortest storage period as required by law, we will not use your personal information commercially. When your personal information expires the above storage period, we will delete or anonymize the source data and back-up data of it.
Qiniu Cloud will, in accordance with laws and regulations, store the personal information collected and generated during its operation within China in the People's Republic of China, and will not transmit such information overseas. If Qiniu Cloud needs to transfer relevant personal information collected in China to overseas institutions due to its involvement in cross-border business, we will comply with laws and regulations and the provisions of the relevant regulatory authorities. We shall inform you of the name of the offshore recipient, contact information, processing method, purpose of the personal information, type of personal information involved, and methods and procedures for you to exercise the subject rights of personal information against the offshore recipient and obtain your consent. In the meantime, we will require the offshore institution to keep confidential your personal information obtained through execution of agreements, on-site verification and other effective measures.
6. Your Rights to Personal Information
We will respond to your request for the rights set out below within the time frames expressly specified in this Policy. If we are unable to respond in a timely manner, we will also specify within such time frame the time frame for our response, and the reason for any failure to respond within the short time frame.
In principle, we do not charge fees for your reasonable requests. However, we will charge you a cost if the request is repeated and exceeds the reasonable limit. We may refuse requests that are repetitive, require excessive technical means (for example, require the development of new systems or fundamental changes to existing practices), pose risks to the legitimate rights and interests of others, or are highly impractical. In addition, we may not be able to respond to your request if it directly relates to:
(1) It relates to our performance of obligations under laws and regulations;
(2) Those directly related to national security or national defense security;
(3) Directly related to public security, public health and major public interests;
(4) Where the evidence is directly related to criminal investigation, prosecution, trial and judgment execution;
(5) Where there is sufficient evidence indicating that the subject of personal information has subjective malice or abuses its power;
(6) A position to maintain personal information or other material legal rights and interests such as personal statement and property for which it is difficult to obtain your consent
(7) Where response to the request of the Personal Information Subject will result in material damage to the legitimate rights and interests of the Personal Information Subject or of other individuals or organizations;
(8) Concerning business secrets.
6.1 Access to personal information
You have the right to access your personal information subject to the exceptions set forth by laws and regulations. If you want to exercise the right of data access, you may log in your account on the Qiniu Cloud website and enter into "Personal Dashboard - Personal Information" to access and edit your personal information, account information, service information and other contents under your account.
6.2 Correction of personal information
When you find that we process any error in your personal information, you have the right to submit the application for correction to us through the contact information publicized in this Policy, and request us to make a correction or log in the account to make the correction yourself and change your personal information through the "Personal Dashboard – Personal Information/Security Settings" of Qiniu Cloud.When updating your personal information, we may request you to verify your identity (for example, by sending a verification message to your E-mail or mobile phone number) before we process your request. Under normal circumstances, we will complete the correction processing within fifteen business days.
6.3 Delete your personal information
You may request us to delete your personal information in the following situations:
6.3.1 If our processing of personal information violates laws or regulations;
6.3.2 If we collect or use your personal information, but without your consent;
6.3.3 If our processing of personal information breaches our agreement with you;
6.3.4 If you are no longer using our products or services, or you have cancelled your account;
6.3.5 If we no longer provide you with products or services.
If we decide to respond to your request, we will also at the same time notify the persons from whom we have received your personal information, requiring them to request them to delete it promptly, unless otherwise provided by laws and regulations or unless those persons are independently authorized by you.
When you delete information from our service, we may not immediately delete it from the backup system, but we will delete it when the backup is updated.
6.4 Vary the scope of your consents
Each business function requires some basic personal information or device access to be performed. You may give or withdraw your consent to additional collection and use of your personal information, and device access that you then consider unnecessary, at any time through your online customer service or by email, and we will respond promptly to the request. Upon withdrawal of your consent, we will no longer process the personal information on the request. However, your decision to withdraw the consent will not affect any previous processing of personal information based on your authorization.
6.5 Cancellation of account number
If your account has no resources, no unpaid fee or no dispute, you maycancel your account by submitting a work order. Please be aware that your cancellation of your account is irreversible. After you cancel your account, you will not be able to access the products or services provided by Qiniu Cloud through your cancelled account. We will delete or anonymize all information regarding your account and ensure that such information will not be disclosed, except for the data that are required to be preserved by law and regulation.
6.6 Obtain the duplicate of personal information
To the extent permitted by laws and regulations, you shall have the right to obtain a copy of your personal information, which may be handled by contacting our online customer service. Where technically feasible and in reasonable cost, we may also directly transfer a copy of your personal information to your designated third party in accordance with your express request.
6.7 Automatic decision of constrained information systems
In some business functions, we may make decisions based only on non-human automated decision-making mechanisms, including information systems, algorithms, etc. If these decisions significantly affect your legal rights, you are entitled to ask us for an explanation, and we will also provide options that are not based on your personal characteristics or easy ways of refusal.
6.8 Complaints, reports and response
If you have any other complaints, suggestions or relevant questions, please contact Qiniu Cloud via the contact information published in this Policy. We will review the issue as soon as possible and reply after we verify your identity. In general, we will reply within thirty days after we verify your identity. Of course, if you are not satisfied with our reply, especially if you think that our processing of personal information has damaged your legitimate rights and interests, and we fail to provide a satisfactory reply and refuse to improve after your feedback to us, you may also file a complaint to the relevant regulatory authorities.
6.9 Entitled to receive notices of cessation of operation
If Qiniu Cloud terminates its service or operation, we will promptly cease our collection of your personal information and notify you of the cessation of operation by delivery or by announcement at least thirty days in advance, and delete or anonymize your personal information after the termination of service or operation.
7. How Do We Process Minors Personal Information
7.1 Our products and services are mainly targeted at adults but we attach great importance to the protection of the personal information of minors.If you are a minor we require that you and your parent or guardian read this Policy carefully and use our services or provide information to us only with your parent ' s or guardian ' s consent.
7.2 With respect to the personal information of minors we collect with a parent or guardian ' s consent to the use of our products or services, we will use, share, transfer or disclose that information only as permitted by law or with the express consent of a parent or guardian, or necessary for the protection of the minor.
7.3 If we find that we have collected a minor ' s personal information without verifiable prior consent of a parent or guardian, we attempt as soon as practicable to delete or anonymize the minor ' s information we hold.
7.4 We further take the following measures to safeguard the personal information of children under the age of 14 that may be involved:
7.4.1 We shall, in addition to complying with the provisions of this Policy on users ' personal information, store, use and disclose children ' s personal information collected under the principles of legitimacy and necessity, informed consent, explicit purpose, security assurance and lawful use in strict accordance with the Provisions on the Online Protection of Children ' s Personal Information and other laws and regulations, and shall not exceed the necessary period for achieving the purpose of collection and use.Upon expiration, we will delete or anonymize children ' s personal information. We will designate a person to be responsible for the protection of children ' s personal information. We will also develop an internal special system for the protection of children ' s personal information.
7.4.2 When you, as the guardian, choose to use relevant services of Qiniu Cloud for your ward of a child, we may need to collect the personal information of the child from you for the purpose of performing relevant services to you. If it is necessary to collect personal information of children in the specific services, we will obtain prior authorization from you and inform you of the purpose and use of the collection. If you do not provide the above information, you will not be able to enjoy the relevant services provided by us.As the guardian, you shall properly perform your guardianship duties and protect the safety of children ' s personal information. If a child needs to register himself / herself or use our products and / or services, you shall properly guide and monitor him / her.
7.4.3 Children or their guardians have the right to access and correct children ' s personal information at any time, and can also request us to make corrections and deletions.If you have any comments, suggestions or complaints, reports on matters related to children ' s personal information, please contact us.We will always be there to help you.
7.4.4 If we find ourselves having collected personal data from a child without first, verifiable guardian consent, we try to delete the data as soon as possible.
8. Application Scope
8.1 If you register an account on Qiniu Cloud website or purchase products and services of Qiniu Cloud, this Policy will apply, unless the relevant service has a separate privacy policy or there are special provisions in the corresponding user agreement.
8.2 To the extent that our services may contain links, content, products and services to third parties, we have no control over such third parties. This Policy will not apply to any links, content, products or services provided by such third parties. We do not control the privacy and data protection policies of third parties but we will make efforts to require them to take protective measures to protect your personal information. You have the right to choose whether or not to access the links, content, products and services provided by third parties but it is advisable to contact such third parties to obtain details about their privacy policies before submitting personal information to such third parties. If you find that there are risks to the links, content, products and services provided by such third parties, it is advisable to terminate the relevant operation to protect your legitimate rights and interests. This Policy will not apply to your data processed, stored, uploaded, downloaded, distributed or otherwise processed by you by using Qiniu Cloud products.
8.3 In particular, as a customer of Qiniu Cloud, we also suggest that if you use our cloud service to provide services to your users involving the collection and use of your users' personal information, you should enter into a separate privacy policy with your users.
9. Update
9.1 Because of the changing nature of the Internet, we reserve the right to update or revise this Policy from time to time.Such revisions shall constitute part of our cost policy; in principle, we will not reduce your rights under this Policy.
9.2 If any of the foregoing amendments or updates may materially reduce your rights under this Policy or change material to important rules that expand the scope of information we collect and use, such as by posting the latest version of the Privacy Policy on our website or by email or otherwise, before such amendment becomes effective, we will notify and remind you of any amendment to the Privacy Policy in a conspicuous place on our website or by other means, and we will provide more prominent notices (including that for certain services, we will notify you by publishing a notice on our website or even provide you with pop-up notices explaining the changes to the Privacy Policy).
9.3 For the purpose of this Policy, material changes include but are not limited to:
9.3.1 Our service model has undergone major changes. Such as the purpose of personal information processing, the type of personal information processing, personal information use, etc.;
9.3.2 The company has undergone a material change in its ownership structure, organizational structure and other aspects. Such as change of owner resulting from business adjustment, bankruptcy or merger or acquisition etc.;
9.3.3 The main objects of sharing, transferring or public disclosure of personal information have changed;
9.3.4 There are material changes in the rights you exercise to participate in processing of personal information;
9.3.5 When the department in charge of dealing with personal information security, our contact information and channels for complaints change;
9.3.6 Personal information security impact assessment report indicates that there is a high risk.
9.4 We will also keep the previous version of this Policy on file for your review.
9.5 If you continue to use our service under such circumstances, it shall mean that you agree to accept the amended content.
10. Contact Information
10.1 If you have any questions, comments, suggestions or complaints regarding Qiniu Cloud and this Policy, you can contact us at:
10.1.1 Submission of Work Order;
10.1.2 Call our customer service hotline (400 - 808 - 9176 ext. 1);
10.1.3 Send mail to bd@qiniu.com;
10.1.4 Mailing letters to: Customer Service Center, Building Q, Shanghai Pudong Software Park, 66 Boxia Road, Pudong New Area, Shanghai.
10.2 To ensure that we can efficiently deal with your questions and give you timely feedback, you are required to submit proof of identity, valid contact information, written requests and relevant evidence.We will process your request after we verify your identity.
Updated and Effective on November 1, 2021
