This Privacy Policy applies to the processing of Personal Information collected in the context of our website https://trustdecision.com/, through the services that we offer to our clients, and any features or online services provided by TrustDecision that post or include a link to this Privacy Policy (collectively, the “Services”).
This Privacy Policy describes the types of Personal Information we collect in connection with the Services, the purposes for which we process that Personal Information, the parties with whom we may share it and the measures we take to protect its security. It also tells you and your End-users about your rights and choices with respect to your Personal Information, and how you can contact us about our privacy practices.
Please read and understand this policy carefully when using our services.
1.Definitions
1.1 Services: refers to the intelligent risk decision products and fraud prevention services provided by TrustDecision to our Clients under an Order, or pursuant to a trial, as further defined in the business contract between TrustDecision and the Client.
1.2 Affiliates: refers to any company, organization or individual with whom we have any connection as a result of cooperation, investment or controlling (or co-controlling) relationship.
1.3 Third Party: refers to other companies, organizations or individuals beyond the scope of Affiliates stipulated in this Policy.
1.4 You: refers to users of our website or services, also known as Client.
1.5 Your End-user: refers to the users of services or application provided by you, who are the data subject or owner of the Personal Information provided.
1.6 Personal Information: refers to any information relating to an identified or identifiable individual. We may obtain different types of Personal Information (including Sensitive Personal Information, as may be the case under applicable laws) relating to you and your End-users in the situations described in this Policy.
2.Personal Information We May Collect
2.1 Personal Information We May Collect When Providing TrustDecision’s Products and Services to You
A.Contact Information, Account, Profile Information.
●Such as your first name, last name, phone number, postal address, email address, date of birth, and profile photo, some of which will depend on the features you use.
B.Identity Verification and Payment Information.
●Such as images of your government issued ID (as permitted by applicable laws), your ID number or other verification information, bank account or payment account information. If a copy of your ID is provided to us, we may scan, use, and store information contained in your ID to verify your identity.
C.Other Information.
●Such as when you fill in a form, add information to your account, respond to surveys, participate in promotions, communicate with our service team and other Members, or share your experience with us. This may include health information if you choose to share it with us.
2.2 Information Automatically Collected When You Visit Our Website or Use Our Services
The automatically collected information may include:
A.Location Information
●Such as precise or approximate location determined from your IP address or mobile device’s GPS depending on your device settings.
B.Usage Information
●Such as the pages or content you view, searches for Listings, bookings you have made, and other actions on the TrustDecision Platform.
C.Log Data and Device Information.
●Such as details about how you’ve used the TrustDecision Platform (including if you clicked on links to Third Party applications), IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, and the pages you’ve viewed or engaged with before or after using the TrustDecision Platform. We may collect this information even if you haven’t created an TrustDecision account or logged in.
D.Cookies and Similar Technologies as described in Article 5 of this Policy.
E.Payment Transaction Information
●Such as payment instrument used, date and time, payment amount, payment instrument expiration date and billing postcode, PayPal or other payment instrument account information, IBAN information, your address, and other related transaction details.
2.3 Personal Information We Collect from Third Parties
We may collect Personal Information from other sources, such as:
A.Third-Party Services
●If you link, connect, or login to our website or use our Services with a Third Party service, you direct the service to send us information such as your registration and profile information as controlled by that service or as authorized by you via your privacy settings at that service.
B.Background Information
●To the extent permitted by applicable laws and with your consent where required, we may obtain other information about you and/or your background. We may use your information, including your full name and date of birth, to obtain such information.
C.Enterprise Product Invitations and Account Management
●Organizations that use our products or services may submit Personal Information to facilitate account management and invitations to use enterprise products.
D.Other Sources
●To the extent permitted by applicable law, we may receive additional information about you to help detect fraud and safety issues from Third Party service providers and/or partners, and combine it with information we have about you. For example, we may receive background check results or fraud warnings from identity verification service providers for use in our fraud prevention and risk assessment efforts. We may receive information about you and your activities on and off our website, or about your experiences and interactions from our partners.
3.How We Collect and Use Your Information
When you or your End-users use the Services provided by us, we will collect and use the information you or your End-users who owns the data provided (hereinafter referred to as “user”, “end user” or “data subject(s)” or voluntarily provide or generate by using the Services in accordance with the following purposes:
3.1 Help You Complete Registration And Login
When you use our services as a developer, you need to provide your name, company name, mobile phone number, email address, province and other basic information, and create your account number, user name and password, so that we can provide you with specific services.
3.2 Maintain The Operation Of Basic Functions
In order to ensure the security of your account during the use of our services, identify account anomalies, prevent phishing website fraud, and maintain the normal operation of basic functions, you understand and agree that we will automatically collect and save information related to your use of our services and the way you use them, including:
●Log Information: which is details about your use of our services and save them as network logs, including pages you have visited and browser types; and
●Device Information: which is related to the devices you use, including IP address and operating system information of your terminals, in accordance with the specific permissions by your use of our Services or Products.
3.3 Provide Content Security Scrutiny Services
When using our content security scrutiny services, we will inspect the content texts. When necessary and reasonable, we will collect some content texts of your End-users through the SDK, including their published comments, chat records, account nickname and character signature, etc. Some of them may contain Personal Information about the End-users.
3.4 Provide Risk Identification, Fraud Prevention And Risk Control Services
We will use SDK to collect device information of your End-users (including device identification information, device type, device model, system information, login IP address, device App list information, etc.). We will analyze and process the de-identified Personal Information generated by their use of application. This is to identify risks and intercept fraud.
3.5 Provide, Personalize, Measure, And Improve Our Advertising And Marketing
We may:
●Send you promotional messages, marketing, advertising, and other information based on your preferences and social media advertising;
●Personalize, measure, and improve our advertising;
●Analyze characteristics and preferences to send you promotional messages, marketing, advertising, and other information that we think might be of interest to you;and
●Invite you to events and relevant opportunities.
3.6 Others
When we act on behalf of and under the instructions of you which act as a data controller, we may use your End-user’s Personal Information for other Services provided by us (such as related credit services). In that situation, please ensure that you obtain the legitimate and effective authorization of your End-users for our collection, use and processing of their Personal Information in accordance with this Policy. Meanwhile, the scope of authorization and consent under the aforementioned services shall cover that we shall provide some of the Personal Information in the process of providing SDK services to our partners or authorities (like professional and authorized personal credit investigation agencies) when necessary.
If we use your or your End-users’ Personal Information for other purposes not specified in this Policy or change the process method, we will obtain your or your End-users’ consent separately in accordance with the law through page prompts, interactive processes, website announcements or other means. Once your or your End-user’s consent is obtained, this Policy will also apply to such additional information.
3.7 Notice On Sensitive Personal Information
The above mentioned information provided by you or your End-users or that we are authorized to collect may contain Personal Sensitive Information about you or your End-users. You and your End-users acknowledge and agree that we may process Sensitive Personal Information in accordance with the purposes and manner stated in this Policy. At the same time, we will provide special protection for such Sensitive Personal Information in accordance with applicable laws, regulations and regulatory requirements.
4.Consent and Authorization of End-Users
If you are a developer, please note that you integrate our SDK into your application, and we collect, use, and process relevant information within the scope of the agreed Services. Therefore, you acknowledge and warrant that:
● You have drafted and published privacy policy in accordance with applicable laws and regulations; and
● You have acquired effective, explicit and legal consent and authorization of your End-users for us to collect and process relevant Personal Information via SDK for the purpose of the agreed Services.
5.Cookies
To ensure the quality of the Services, we will store a small data file called cookie on your or your End-users’ computer or mobile device. Cookies typically contain identifiers, site names, and some numbers and characters. With cookies, we store identity data and read the identity in relevant Services. We do not use cookies for any purpose other than those stated in this Policy. You can manage or delete cookies according to your preference.
6.Sharing, Transfer and Disclosure
6.1 Sharing
We may share the necessary Personal Information with our Affiliates within the scope of purposes stipulated under this Policy.
We may share Personal Information with our partners and Third Parties as necessary only after obtaining your or your End-users’ consent or authorization. Our partners or the Third Parties have no right to use the shared Personal Information for any other purpose. If it is necessary to use information beyond the scope of authorization, we will again seek authorization or consent from you or your End-users.
6.2 Transfer
Unless we have obtained explicit consent or authorization from you or your End-users, we won’t transfer any your or your End-users’ Personal Information to any Third Party.
As our business continues to grow, it is possible for us to pursue mergers, acquisitions, asset transfers or similar transactions. Information about you or your End-users may be transferred as part of such transactions. In the event of such changes, we will require the new information processor to continue to protect your or your End-users’ information in accordance with applicable laws and regulations and at least the same scrutiny provided by this Policy.
6.3 Disclosure
We will not publicly disclose your or your End-users’ Personal Information unless we have obtained your or your End-users’ express and explicit consent or such disclosures are required by laws, regulations, litigation or authorities.
c research institutions to carry out statistical or academic research. Also, the research is necessary for the public interest, and results are to be published.
● Other circumstances permitted by applicable laws and regulations.
6.4 Disclaimers
Under the following circumstances, we may share, transfer or publicly disclose your or your End-user’s Personal Information without obtaining any consent or authorization in advance:
● You or your End-users have already made it public;
● Such information is directly related to national security, national defense security, public security, public health or public interest;
● Disclosure is necessary under the mandatory requirements of applicable laws and regulations, or is directly related to criminal investigation, prosecution, trial and execution of judgment. Subject to compliance with laws and regulations, when we receive such disclosure requests, we will require the other party to issue corresponding legal documents, such as subpoenas or letters of investigation. We will carefully review all requests to ensure they have a legitimate basis;
● To the extent permitted by applicable laws and regulations, the disclosure is necessary to safeguard the life, property and other legitimate rights and interests of our other users, our Affiliates and ourselves.
● The Personal Information is collected from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels.
● Such disclosure is necessary to enter into or perform the service under the contract with you or your End-users.
● The disclosed information is de-identified and is for the academic research institutions to carry out statistical or academic research. Also, the research is necessary for the public interest, and results are to be published.
● Other circumstances permitted by applicable laws and regulations.
7.Securities
We attach great importance to the security of Personal Information.
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your Personal Information against unauthorized access, loss, destruction, or alteration. We will try to take all kinds of reasonable industry standard security measures (including technical and management) to protect your Personal Information against improper use or unauthorized access, modification, damage, loss or leakage.
We will protect Personal Information by reasonable and practicable means such as encryption and anonymization, and use trusted protection mechanisms to protect Personal Information from malicious attacks.
We will establish specialized information security team, security management system and data security procedures to ensure Personal Information security and integrity. We adopt strict data use and access policies to ensure that only authorized personnel can access Personal Information. We also conduct timely data security audits.
We have emergency response plans, and will immediately launch emergency response plans in case of information security incidents. We will strive to prevent the impact and consequences of any security incidents from expanding. Once an information security incident (leakage, loss, etc.) occurs, we will, in accordance with the requirements of applicable laws and regulations, timely inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take. We will timely inform you of the incident in the form of notification, email, letter, SMS and other forms. If it is unrealistic to inform all the impacted users one by one, we will take reasonable and effective ways to make announcements. At the same time, we will also report the security incidents to the competent authorities in accordance with the applicable laws and regulations.
We would like to remind you or your End-users that the Personal Information protection measures provided in this Policy only apply to related Services provided by us and our Affiliates/partners. We do not have the ability or obligation to protect any Personal Information submitted by you or your End-users in applications or websites other than the relevant Services. No matter whether you or your End-users log in or browse the software or websites based on our links or guidance, we do not assume any legal responsibility for this.
8.Your Rights
You can exercise any of the rights described in this section consistent with applicable laws. You may exercise your rights by making a request to us via contact information provided in this Policy. We may ask you to verify your identity and request before taking further action on your request.
8.1 Managing Your Information
You can access and update some of your Personal Information through your account settings. You are responsible for keeping your Personal Information up to date.
8.2 Data Access And Portability
In some jurisdictions, applicable laws may entitle you to request certain copies of your Personal Information or information about how we handle your Personal Information, request copies of Personal Information that you have provided to us in a structured, commonly used, and machine-readable format, and/or request that we transmit this information to another service provider (where technically feasible).
8.3 Data Erasure Or Authorization Revocation
In some jurisdictions, you can request that your Personal Information be deleted or that your authorization be revoked or partly revoked. Please note that if you request deletion of your Personal Information or revocation of your prior authorization, or if your account is suspended, terminated, or voluntarily closed:
● We may retain your Personal Information as necessary for our legitimate business interests, such as prevention of money laundering, fraud detection and prevention, and enhancing safety. For example, if we suspend an account for fraud or safety reasons, we may retain information from that account to prevent that user from opening a new account in the future.
● We may retain and use your Personal Information to the extent necessary to comply with our legal obligations. For example, we may keep information for tax, legal reporting, and auditing obligations.
● Because we take measures to protect data from accidental or malicious loss and destruction, residual copies of your Personal Information may not be removed from our backup systems for a limited period of time.
8.4 How To Exercise Your Rights
If you or your End-users need to modify (update or correct), delete or terminate any or all of the authorized information, you or your End-users may contact us at service@TrustDecision.com and submit a written application to us.
Please understand that for security purposes, we may require you or your End-user to provide appropriate identification and will process the request within a reasonable period of time after verifying the applicant’s identity.
8.5 Disclaimers
The deletion or correction of Personal Information, or revocation of prior authorization will not affect the previous Personal Information processing that has been carried out authorization based on your or your End-users’ original authorization or consent.
In the meanwhile, we may not be able to respond to your or your End-users’ requests to exercise the aforesaid rights under any of the following circumstances:
● The requests or the information are related to national security and national defense security;
● The requests or the information are related to public security, public health or major public interests;
● The requests or the information are related to criminal investigation, prosecution, trial and execution of judgment;
● There is sufficient evidence that you or your End-users have subjective malice or abuse of rights;
● The legitimate rights and interests of you or other individuals or organizations will be seriously damaged by responding to relevant requests;
● The requests or the information involving commercial secrets; and
● Other circumstances stipulated by applicable laws and regulations.
9.Minors
We take the protection of minors' Personal Information very seriously. If you or your End-users are minors under applicable laws, you or your End-users should read and agree to this Policy under the supervision and guidance of your or your End-users’ legal custodians jointly before engaging services provided by us.
We protect the Personal Information of minors in accordance with applicable laws and regulations. We will only collect, use or disclose the Personal Information of minors when permitted by applicable laws, with the express and explicit consent of parents or other custodians of the minors, or when necessary to protect the minors. You and your custodian shall be responsible for the authenticity of the information provided by you or your End-users. If we cannot determine that you or your End-users are minors or not from the information obtained, we shall not assume the responsibility of protecting the privacy of minors. If you are the custodian of a minor and you have questions about the Personal Information of the minor under your custody, please contact us through the contact information set forth in Article 11.
10.Updates to the Policy
This Privacy Policy may be updated periodically to reflect changes in our Personal Information practices. If we update our Privacy Policy, we will post the latest Policy here (on this page) or through our official website https://trustdecision.com/ or notify you separately. In certain circumstances, we may seek your consent. Please regularly follow this page or the notifications we send to you to stay informed of updates to this Privacy Policy.
11.Others
11.1 Taking effect
This policy takes effect on the effective date, or when you or your End-users voluntarily provide registration and login information to us, or when you or your End-users use the services provided by us.
11.2 Title and headings
Title and headings in this Policy are for convenience only and do not affect the meaning or interpretation of any provisions in this Policy.
11.3 Liabilities
We and our Affiliates shall independently and not jointly assume the obligations and liabilities set forth in this Policy.
11.4 Feedbacks and Dispute Resolution
We have set up a special feedback channel for Personal Information protection. You or your End-users can contact us through the following ways: service@TrustDecision.com. We will reply to your request and try our best to solve it within 15 days after verifying your identity.
Any dispute arising out of or in connection with this Policy shall be referred to and finally resolved by arbitration administered by the Singapore International Arbitration Centre (“SIAC”) in accordance with the Arbitration Rules of the SIAC for the time being in force. The seat of the arbitration shall be Singapore. The Tribunal shall consist of one arbitrator. The language of the arbitration shall be English. The award rendered by the arbitrator shall be final and binding upon both Parties.
