This Policy is written on June 6, 2022, and takes effect on June 15, 2022
We fully understand the importance of personal information protection and will do our best to protect the security and integrity of your personal information. We will collect, store, analyze, transmit, use, process and protect your personal information in accordance with this Policy.
Please read and understand this policy carefully when using our services.
1.1 Services: refers to the risk control service by randomly retrieving user text content for security optimization through SDK, or risk identification and fraud intercepting service by collecting part of device information of your end users.
1.2 Affiliates: refers to any company, organization or individual with whom we have any connection as a result of cooperation, investment or controlling (or co-controlling) relationship.
1.3 Third party: refers to other companies, organizations or individuals beyond the scope of related parties stipulated in this Policy.
1.4 You: user of our website or services.
1.5 Your end user: refers to the users of services or application provided by you, who are the data subject or owner of the personal information provided.
1.6 Personal information: refers to all kinds of information recorded electronically or in other ways that can identify the identity of a particular natural person or reflect the activities of a particular natural person alone or in combination with other information. Personal information includes personal basic information, personal identification information, personal biometric information, network identification information, personal health and physiology information, personal education information, personal property information, personal communication information, contact information, personal Internet access records, personal commonly used equipment information, personal location information, etc.
1.7 Sensitive personal information: refers to information that once disclosed, illegally provided or abused, may endanger personal and property safety, or easily lead to personal reputation, physical and mental health damage or discriminatory treatment. Sensitive personalinformation includes personal property information, personal health and physiological information, personal biometric information, personal identity information, network identity identification information, etc.
2.Personal Information We Collect
2.1 Information Needed for You to Use Our Website
To provide the TrustDecision Products, we must process information about you. Without it, we may not be able to provide all services requested. This information includes:
A.Contact Information, Account, Profile Information.
●Such as your first name, last name, phone number, postal address, email address, date of birth, and profile photo, some of which will depend on the features you use.
B.Identity Verification and Payment Information.
●Such as images of your government issued ID (as permitted by applicable laws), your ID number or other verification information, bank account or payment account information. If a copy of your ID is provided to us, we may scan, use, and store information contained in your ID to verify your identity.
●Such as when you fill in a form, add information to your account, respond to surveys, participate in promotions, communicate with our service team and other Members, or share your experience with us. This may include health information if you choose to share it with us.
2.3 Information Automatically Collected When You Visit Our Website or Use Our Services
The automatically collected information includes:
●Such as precise or approximate location determined from your IP address or mobile device’s GPS depending on your device settings.
●Such as the pages or content you view, searches for Listings, bookings you have made, and other actions on the Airbnb Platform.
C.Log Data and Device Information.
●Such as details about how you’ve used the Airbnb Platform (including if you clicked on links to third party applications), IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, and the pages you’ve viewed or engaged with before or after using the Airbnb Platform. We may collect this information even if you haven’t created an Airbnb account or logged in.
D.Cookies and Similar Technologies as described in Article 5 of this Policy.
E.Payment Transaction Information
Such as payment instrument used, date and time, payment amount, payment instrument expiration date and billing postcode, PayPal or other payment instrument account information, IBAN information, your address, and other related transaction details.
2.4 Personal Information We Collect from Third Parties.
We collect personal information from other sources, such as:
●If you link, connect, or login to our website or use our services with a third party service, you direct the service to send us information such as your registration and profile information as controlled by that service or as authorized by you via your privacy settings at that service.
●To the extent permitted by applicable laws and with your consent where required, we may obtain other information about you and/or your background. We may use your information, including your full name and date of birth, to obtain such information.
C.Enterprise Product Invitations and Account Management
●Organizations that use our products or services may submit personal information to facilitate account management and invitations to use enterprise products.
●To the extent permitted by applicable law, we may receive additional information about you to help detect fraud and safety issues from third party service providers and/or partners, and combine it with information we have about you. For example, we may receive background check results or fraud warnings from identity verification service providers for use in our fraud prevention and risk assessment efforts. We mayreceive information about you and your activities on and off our website, or about your experiences and interactions from our partners.
3.How We Collect and Use Your Information
When you or your end users use the services provided by us, we will collect and use the information you or your end users who owns the data provided (hereinafter referred to as “user”, “end user” or “data subject(s)” or voluntarily provide or generate by using the Services in accordance with the following purposes:
3.1 Help you complete registration and login
When you use our services as a developer, you need to provide your name, company name, mobile phone number, email address, province and other basic information, and create your account number, user name and password, so that we can provide you with specific services. If you refuse to provide, you will not be able to use the relevant products or/and services provided by us, but it will not affect your browsing of our website and other basic functions.
3.2 Maintain the operation of basic functions
In order to ensure the security of your account during the use of our services, identify account anomalies, prevent phishing website fraud, and maintain the normal operation of basic functions, you understand and agree that we will automatically collect and save information related to your use of our services and the way you use them, including:
●log information: which is details about your use of our services and save them as network logs, including pages you have visited and browser types; and
●device information: which is related to the devices you use, including IP address and operating system information of your terminals, in accordance with the specific permissions by your use of our services or products.
3.3 Provide content security scrutiny services
When using our content security scrutiny services, we will inspect the content texts. When necessary and reasonable, we will collect some content texts of your end users through the SDK, including their published comments, chat records, account nickname and character signature, etc. Some of them may contain personal information about the end users.
3.4 Provide risk identification, fraud prevention and risk control services
We will use SDK to collect device information of your end users (including device identification information, device type, device model, system information, login IP address, device App list information, etc.). We will analyze and process the de-identified personal information generated by their use of App. This is to identify risks and intercept fraud.
3.5Provide, personalize, measure, and improve our advertising and marketing
●send you promotional messages, marketing, advertising, and other information based on your preferences and social media advertising,
●personalize, measure, and improve our advertising,
●analyze characteristics and preferences to send you promotional messages, marketing, advertising, and other information that we think might be of interest to you, and
●invite you to events and relevant opportunities.
We may use your end user’s personal information for other services provided by our affiliates (such as related credit services). Please ensure that you obtain the legitimate and effective authorization of your end users for our collection, use and processing of their personal information in accordance with this Policy. Meanwhile, the scope of authorization and consent under the aforementioned services shall cover that we shall provide some of the personal information in the process of providing SDK services to our partners or authorities (like professional and authorized personal credit investigation agencies) when necessary.
If we use your or your end users’ personal Information for other purposes not specified in this Policy or change the process method, we will obtain your or your end users’ consent separately in accordance with the law through page prompts, interactive processes, website announcements or other means. Once your or your end user’s consent is obtained, this Policy will also apply to such additional information.
3.7 Notice on sensitive personal information
The abovementioned information provided by you or your end users or that we are authorized to collect may contain personal sensitive information about you or your end users. You and your end users acknowledge and agree that we may process sensitive personal information in accordance with the purposes and manner stated in this Policy. At the same time, we will provide special protection for such sensitivepersonal information in accordance with laws, regulations and regulatory requirements.
4.Consent and Authorization of End Users
If you are a developer, please note that you integrate our SDK into your application, and we collect, use, and process relevant information within the scope of the agreed services. Therefore, you acknowledge and warrant that:
6.Sharing and Disclosure
We share the necessary personal information with our affiliates within the scope of purposes stipulated under this Policy.
We share personal information with our partners and third parties as necessary only after obtaining your or your end users’ consent or authorization. Our partners or the third parties have no right to use the shared personal information for any other purpose. If it is necessary to use information beyond the scope of authorization, we will again seek authorization or consent from you or your end users.
Unless we have obtained explicit consent or authorization from you or your end users, we won’t transfer any your or your end users’ personal information to any third party.
As our business continues to grow, it is possible for us to pursue mergers, acquisitions, asset transfers or similar transactions. Information about you or your end users may be transferred as part of such transactions. In the event of such changes, we will require the new information processor to continue to protect your or your end users’ information in accordance with applicable laws and regulations and at least the same scrutiny provided by this Policy.
We will not publicly disclose your or your end users’ personal information unless we have obtained your or your end users’ express and explicit consent or such disclosures are required by laws, regulations, litigation or authorities.
Under the following circumstances, we will share, transfer or publicly disclose your or your end user’s personal information without obtaining any consent or authorization in advance:
● You or your end users have already made it public;
● Such information is directly related to national security, national defense security, public security, public health or public interest;
● Disclosure is necessary under the mandatory requirements of applicable laws and regulations, or is directly related to criminal investigation, prosecution, trial and execution of judgment. Subject to compliance with laws and regulations, when we receive such disclosure requests, we will require the other party to issue corresponding legal documents, such as subpoenas or letters of investigation. We will carefully review all requests to ensure they have a legitimate basis;
● To the extent permitted by applicable laws and regulations, the disclosure is necessary to safeguard the life, property and other legitimate rights and interests of our other users, our affiliates and ourselves.
● The personal information is collected from legally publicly disclosed information, such as legal news reports, government information disclosure and other channels.
● Such disclosure is necessary to enter into or perform the service under the contract with you or your end users.
● The disclosed information is de-identified and is for the academic research institutions to carry out statistical or academic research. Also, the research is necessary for the public interest, and results are to be published.
● Other circumstances permitted by applicable laws and regulations.
We attach great importance to the security of personal information.
While no organization can guarantee perfect security, we are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. We will try to take all kinds of reasonable industry standard security measures (including technical and management) to protect your personal information against improper use or unauthorized access, modification, damage, loss or leakage.
We will protect personal information by reasonable and practicable means such as encryption and anonymization, and use trusted protection mechanisms to protect personal information from malicious attacks.
We will establish specialized information security team, security management system and data security procedures to ensure personal information security and integrity. We adopt strict data use and access policies to ensure that only authorized personnel can access personal information. We also conduct timely data security audits.
Although the above reasonable and effective measures have been taken, please understand that due to technical limitations and possible malicious means, it is impossible to always ensure the absolute security of information even if we try our best to strengthen security measures. We will do our best to ensure the security of the personal information you or your end users provide to us. You acknowledge and understand that the systems and communication networks you use to access our services are beyond our control and may expose you to the possible attacks. Therefore, we strongly recommend that you take positive measures to protect the security of your personal information.
We have emergency response plans, and will immediately launch emergency response plans in case of information security incidents. We will strive to prevent the impact and consequences of any security incidents from expanding. Once an information security incident (leakage, loss, etc.) occurs, we will, in accordance with the requirements of applicable laws and regulations, timely inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take. We will timely inform you of the incident in the form of notification, email, letter, SMS and other forms. If it is unrealistic to inform all the impacted users one by one, we will take reasonable and effective ways to make announcements. At the same time, we will also report the security incidents to the competent authorities in accordance with the applicable laws and regulations.
We would like to remind you or your end users that the personal information protection measures provided in this Policy only apply to related services provided by us and our affiliates/partners. We do not have the ability or obligation to protect any personal information submitted by you or your end users in applications or websites other than the relevant services. No matter whether you or your end users log in or browsethe software or websites based on our links or guidance, we do not assume any legal responsibility for this.
You can exercise any of the rights described in this section consistent with applicable laws. You may exercise your rights by making a request to us via contact information provided in this Policy. We may ask you to verify your identity and request before taking further action on your request.
8.1 Managing your information
You can access and update some of your personal information through your account settings. You are responsible for keeping your personal information up to date.
8.2 Data access and portability
In some jurisdictions, applicable laws may entitle you to request certain copies of your personal information or information about how we handle your personal information, request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format, and/or request that we transmit this information to another service provider (where technically feasible).10
8.3 Data erasure or authorization revocation
In some jurisdictions, you can request that your personal information be deleted or that your authorization be revoked or partly revoked. Please note that if you request deletion of your personal information or revocation of your prior authorization, or if your account is suspended, terminated, or voluntarily closed:
● We may retain your personal information as necessary for our legitimate business interests, such as prevention of money laundering, fraud detection and prevention, and enhancing safety. For example, if we suspend an account for fraud or safety reasons, we may retain information from that account to prevent that user from opening a new account in the future.
● We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, we may keep information for tax, legal reporting, and auditing obligations.
● Because we take measures to protect data from accidental or malicious loss and destruction, residual copies of your personal information may not be removed from our backup systems for a limited period of time.
8.4 How to exercise your rights
If you or your end users need to modify (update or correct), delete or terminate any or all of the authorized information, you or your end users may contact us at service@TrustDecision.com and submit a written application to us.
Please understand that for security purposes, we may require you or your end user to provide appropriate identification and will process the request within a reasonable period of time after verifying the applicant’s identity.
The deletion or correction of personal information, or revocation of prior authorization will not affect the previous personal information processing that has been carried out authorization based on your or your end users’ original authorization or consent.
In the meanwhile, we may not be able to respond to your or your end users’ requests to exercise the aforesaid rights under any of the following circumstances:
● The requests or the information are related to national security and national defense security;
● The requests or the information are related to public security, public health or major public interests;
● The requests or the information are related to criminal investigation, prosecution, trial and execution of judgment;
● There is sufficient evidence that you or your end users have subjective malice or abuse of rights;
● The legitimate rights and interests of you or other inpiduals or organizations will be seriously damaged by responding to relevant requests;
● The requests or the information involving commercial secrets; and
● Other circumstances stipulated by applicable laws and regulations.
We take the protection of minors' personal information very seriously. If you or your end users are minors under applicable laws, you or your end users should read and agree to this Policy under the supervision and guidance of your or your end users’ legal custodians jointly before engaging services provided by us.
We protect the personal information of minors in accordance with applicable laws and regulations. We will only collect, use or disclose the personal information of minors when permitted by applicable laws, with the express and explicit consent of parents or other custodians of the minors, or when necessary to protect the minors. You and your custodian shall be responsible for the authenticity of the information provided by you or your end users. If we cannot determine that you or your end users are minors or not from the information obtained, we shall not assume the responsibility of protecting the privacy of minors. If you are the custodian of a minor and you have questions about the personalinformation of the minor under your custody, please contact us through the contact information set forth in Article 11.
10.Changes to the Policy
We reserve the right to modify this Policy at any time in accordance with applicable law. If we do so, we will post the revised Policy and update the “Last Updated” date. In case of material changes, we will also provide you with notice of the modification by email at least thirty (30) days before the effective date. If you disagree with the revised Policy, you can cancel your account, stop using our services and stopvisiting our website. If you do not do so before the date the revised Policy becomes effective, your continued access to or use of our services will be subject to the revised Policy.
11.1 Taking effect
This policy takes effect when you or your end users voluntarily provide registration and login information to us, or when you or your end users use the services provided by us.
11.2 Title and headings
Title and headings in this Policy are for convenience only and do not affect the meaning or interpretation of any provisions in this Policy.
We and our affiliates shall independently and not jointly assume the obligations and liabilities set forth in this Policy.
11.4 Feedbacks and help
We have set up a special feedback channel for personal information protection. You or your end users can contact us through the following ways: service@TrustDecision.com.
We will reply to your request and try our best to solve it within 15 days after verifying your identity. If you are not satisfied with our answers, especially if you think that our processing of personal information has harmed your legitimate rights and interests, you can negotiate with us to solve the problem. If the negotiation fails, you may also file a lawsuit with the competent courts in Yuhang District, Hangzhou, Zhejiang, China, where we reside.
11.5 Reservation of rights
The copyright of this Policy is owned by Trusted Decision. To the extent permitted by law, we reserve the right of final interpretation and modification of this Policy.