首页 / 新闻中心 / 新闻详情

User Privacy Policy

   products and services we provide, including electronic signature products, depository services, legal services, etc.   We respect and protect your privacy.

 Update date: 5 August 2021

Effective date: 5 August 2021

 

Welcome to the electronic signature platform of Hangzhou Tiangu Information Technology Co.,Ltd (hereinafter referred to as "eSign" or "we"). This Privacy Policy applies to the products and services we provide, including electronic signature products, depository services, legal services, etc.

 

We respect and protect your privacy. When you use the eSign Services, we will collect, use, store, share, transfer, publicly disclose, or delete your personal information in accordance with this Privacy Policy. We will also explain to you through this Privacy Policy how we provide you with access to, change, delete and protect this information. We recommend that you read and understand this Privacy Policy carefully before using the eSign Services, and that you use our products or services only after you have confirmed that you fully understand and agree to it. By using or continuing to use our products or services after we have updated this Privacy Policy, you agree to the contents of this Privacy Policy (including the updated versions) and consent to the collection, use, storage, sharing and transfer of information about you in accordance with this Privacy Policy. If you have any questions, comments or suggestions about the content of this Privacy Policy, you may contact us through the various contact methods provided in this Privacy Policy.

 

This Privacy Policy will help you understand the following:

I. How we collect your personal information

II. How we use your personal information

III. How we share, transfer and publicly disclose your personal information

IV. How we use Cookies technology

V. How we store your personal information

VI. How we protect your personal information

VII. Your rights to manage personal information

VIII. The protection of personal information of minors

IX. Disclaimers

X. How this Privacy Policy is updated

XI. How to contact us

I. How we collect your personal information

We collect the information we need to achieve the functions of our products in accordance with the principles of legality, legitimacy and necessity, and we use the information we collect appropriately.

We may collect the following information on individuals or enterprises:

(i) Information provided by you during registration and real name verification

1.1 You are required to provide your mobile phone number or email address as your account login name when you register for an eSign account. If you do not provide the aforementioned information, you will not be able to register for an eSign account or use the eSign Services (mobile phone number or email address may not be required in the case of login through a third party platform, subject to the agreement between the third party platform and us. You may contact us via the various contact details set out in this Agreement for advice).

1.2 If you choose to undergo identity authentication services, you will be required to provide your real name, ID card/passport and other identification, face recognition video, facial photo, bank card information, mobile phone number, personal handwritten signature or other authentication information provided by you in accordance with your chosen method of identity authentication. This information is collected to meet the real name requirements of relevant laws and regulations. If you do not provide such information, you will not be able to complete your identity authentication and issue documents in your real name.

If you are a legal entity, we may also collect your company business licence information or organization code certificate information, the name and valid ID number of your legal representative or a photo of the front and back of your ID card, your company domicile, your company telephone number or your company public bank account information.

(ii) Information you provide in the course of your use

We may collect material that you voluntarily upload to us, including original contracts, hashes or other written material, which may relate to your private information or trade secrets. We will store the above information securely. We do not actively collect or analyse this information unless you submit it for contract review as a service. If you provide information about another person, including personal information such as name, telephone number, ID number, recipient address, email address, etc., you must confirm that you are authorized to do so and that the other person is aware of and agrees to be bound by this Privacy Policy, and that you will be responsible for any damage caused to the other person by the information you provide. Also, if someone else makes a contrary comment or expressly states to us that they do not wish to be bound by this Privacy Policy, we will delete the relevant information.

In addition, to ensure the continuity of our services and the security of your account, we may collect the following information from you.

2.1 Device information: device model, operating system version, unique device identifier, IP address information.

2.2 Software information: version number of the software, browser type. We may collect information about the mobile applications and other software you use in order to ensure the security of the operating environment or as necessary to provide services (calling other apps for authentication services).

2.3 Certain device permissions: We may obtain certain device permissions based on your permission, including address book permissions, which are used to allow you to select contacts in your address book as signatories when signing and to send relevant signing notifications. We will not store your address book information for other uses; camera access, for certain service scenarios such as face recognition; and photos access, for certain service scenarios where you select the images you want to upload to your albums.

Please be aware that you can choose to enable/disable the above permissions via your device's application permissions. We can only obtain the above permissions if you allow/enable the permissions for contacts, camera, access to photos.

2.4 Service log information. Log information relating to the eSign Services, such as the way, type and status of your network access, login time, operation logs, service logs, etc. when using our service.

2.5 IP and location information. For example, we may obtain your geographical location information through IP address, GPS, WiFi or base station. You can choose to turn on or off the authorization of location information. If you turn off the authorization, location-related functions may not be available and you may not be able to complete the risk verification.

2.6 If you use our customer service system or contact us, we may collect and store your mobile phone number, email address, mailing address and your feedback for the purpose of contacting you and resolving problems.

(iii) Information provided to us by third parties for the purpose of contracting

With your express consent, we may share your personal information with eSign's partner. For example, you authorize the eSign's partner to share your name, ID number, mobile phone number, email address and signed electronic documents to the eSign platform, and you can view and download the information or documents on the platform.

(iv) Other Information

This Privacy Policy is not a complete list and does not cover all possible future features and business scenarios. We may collect information from you for other specific purposes not set out in this Privacy Policy, but we will seek your consent in advance.

(v) Exceptions with authorized consent

In accordance with the relevant laws and regulations, your authorized consent is not required for the collection of your personal information in the following circumstances.

5.1 in connection with the fulfillment of the obligations of the personal information controller under the laws and regulations;

5.2 directly related to national security or defence security;

5.3 directly related to public safety, public health, or vital public interests;

5.4 directly related to criminal investigation, prosecution, trial and execution of judgments, etc.;

5.5 for the purpose of safeguarding the life, property and other significant legitimate rights and interests of the subject of the personal information or other individuals but where it is difficult to obtain your own authorized consent;

5.6 where the personal information collected is disclosed by you to the public at your own discretion;

5.7 necessary for the conclusion and performance of contracts according to the requirements of the subject of personal information;

5.8 where personal information is collected from information that is lawfully and publicly disclosed, such as lawful news reports, government information disclosure and other sources;

5.9 necessary to enter into a contract at your request or as otherwise agreed by the parties in the contract;

5.10 necessary for maintaining the safe and stable operation of the products or services provided, such as detecting and disposing of faults in the products or services;

5.11 necessary for academic research institutions to carry out statistical or academic research in the public interest and to de-identify the personal information contained in the results when providing the results of academic research or descriptions to the public.

II. How we use your personal information

We will use the information we collect in strict accordance with the laws and regulations and our agreement with you as follows:

(i) to help you become our member;

(ii) providing products and services to you, including the fair use of services such as identity authentication, will authentication and deposition completed by relying on third parties;

(iii) product development and service optimization;

(iv) to make it more convenient for you to view contracts, authorizing the Alipay Contract Manager applet to provide functions such as viewing of your signed contracts;

(v) other uses: We will seek your prior consent when we want to use information for other purposes not set out in this Privacy Policy or when we want to use information collected for a specific purpose for other purposes.

Your information will be stored on eSign's servers. We may use information collected through certain services for other purposes in order to provide you with a better experience, to improve our services or for other purposes to which you have consented, subject to relevant laws and regulations. For example, to use information about your use of one of our services for services such as user research analysis and statistics, but we will not combine the information we store in our analytics software with the personally identifiable information you provide in the application.

III. How we share, transfer and publicly disclose your personal information

We do not share your personal information with any companies, organizations and individuals except for the following.
(i) Sharing

1.1 We may share your personal information with the public in accordance with the provisions of laws and regulations, the need for litigation dispute resolution, or in accordance with mandatory requirements imposed by administrative or judicial authorities under the law.

1.2 Sharing with partner organizations: Some of our services will be provided jointly by us and partner organizations for the purposes of this electronic signature or service. We may share certain of your personal information with our partners in accordance with laws and regulations.

(a) Your personally identifiable information and contract information will be transferred to an electronic certification service provider (CA, Certificate Authority), notary public, judicial appraisal centre, blockchain, internet court, arbitration commission, third-party identification agency, and will be used and stored by the above authorities for purposes such as issuing the appropriate certification documents or processing cases. We will only share your personal information for lawful, legitimate and necessary purposes, and only as much personal information as is necessary to provide the services.

(b) Sharing via SDK (App login users only): Some products and services may be provided by our authorized partners and we may provide the products or services to you via an SDK. In the process, our authorized partners may collect, use and store data or information about you, and We have listed specific authorized partners and provided a link to the privacy policy of that third party, which we recommend you read.These include: As a push technology service provider, Zhejiang Merit Interactive Network Technology Co., Ltd. (Getui) may provide some of your device information, etc., for the purpose of providing you with push technology services, details of which are listed below. Godsend Data may collect information about you through the SDK for data analysis to improve our products and services, and we list the details of the information it collects below. If you are using our app version 3.10.5 (and earlier) to access our products, please visit our website for the relevant shared privacy information..

 

Getui iOS

Name

Explanation

Category

Necessity statement

wifi

wifi related information

network info

for regional push, contextual push and continuous and stable push service

ip

client ip address

network info

establishing a connection with the Getui server

model

device model

device info

for providing push services

mac

device mac address

device info

used to generate a unique push target ID

idfa

identifier for advertising

device info

used to generate a unique push target ID

rom

rom

device info

used to provide push services and determine if vendor pushes meet push   conditions

deviceToken

ios push

device info

for push, offline push to Apple servers

allowNotification

notification status

device info

for push, check if the notification can be displayed

Getui Android

Name

Explanation

Category

Necessity statement

imei

international mobile equipment identity

device info

The imei and mac are used to generate a unique push target ID to ensure   accurate delivery of the message

imsi

international mobile subscriber identity

device info

Supplementary to generating a unique push target ID when the imei is not   available under Android 10 to ensure accurate delivery of the message

iccid

integrate circuit card identity

device info

When the imei is not available for Android 10 or above, it is used as a   supplement to generate a unique push target ID to ensure accurate delivery of   the message

android id

android device id

device info

When the imei is not available overseas, it is used as a supplement to   generate a unique push target ID to ensure accurate delivery of the message

android ad id

android advertisement id

device info

When the imei is not available overseas, it is used as a supplement to   generate a unique push target ID to ensure accurate delivery of the message

oaid

anonymous device identifier

device info

When the imei is not available for Android 10 or above, it is used as a   supplement to generate a unique push target ID to ensure accurate delivery of   the message

SN

serial number

device info

Supplementary to generating a unique push target ID when the imei is not   available under Android 10 to ensure accurate delivery of the message

mac

device mac address

device info

The imei and mac are used to generate a unique push target ID to ensure   accurate delivery of the message

os

platform asandroid/ios

device info

used to differentiate the user's system when providing push services and   thus select the channel for message delivery

brand

device brand

device info

used to differentiate the brand of the user's device when providing push   services, so as to select the channel through which messages are delivered

model

device information

device info

used to differentiate the brand of the user's device when providing push   services, so as to select the channel through which messages are delivered

rom

rom

device info

used to provide push services, determine whether the vendor push meets   the push conditions, such as xm can be used in Redmi Black Shark

system version

android system version

device info

for providing push services, hashtag push, etc.

notification status

notification status

app list info

to obtain the on/off status of notification permissions for apps on the   device, in order to perform statistics on the number of notifications turned   off, the arrival of push messages and the number of displays

wifi

wifi related information

network info

(i) used to obtain the   user's network status in order to achieve continuous and stable push services
  (ii) for refining the user's scenario information and improving the accuracy   of the scenario in order to achieve regional push and contextual push

ip

client ip address

network info

establish a network connection with the Getui server and check the   network status

Godsend   Data

Name

Explanation

Category

Necessity statement

android id

android device identification

device info

as a unique identification device

os

platform asandroid/ios

device info

data analysis for compatibility   adaptation

os_version

system version

device info

data analysis for compatibility   adaptation

brand

device brand

device info

data analysis for compatibility   adaptation

manufacturer

device manufacturer

device info

data analysis for compatibility   adaptation

model

device model

device info

data analysis for compatibility   adaptation

screen_height

screen height

device info

data analysis for compatibility   adaptation

screen_width

screen width

device info

data analysis for compatibility   adaptation

wifi

wifi related information

network info

data analysis for compatibility   adaptation

carrier

device operator information

network info

data analysis for compatibility   adaptation

network_type

network type

network info

data analysis for compatibility   adaptation

screen_orientation

screen orientation

device info

data analysis for compatibility   adaptation

 

Please be aware that we will only share your personal information for lawful, legitimate and necessary purposes, and only as much personal information as is necessary to provide our services. We will conduct personal information security impact assessments of authorized partner organizations, analyse the reasonableness of the personal information they collect or the permissions they need to authorize to obtain, regularly assess and monitor their service and security capabilities, and enter into relevant agreements with them to explicitly agree on strict data protection measures, requiring them to comply with relevant laws and regulations and handle your personal information in strict accordance with our standards, this Privacy Policy and any other relevant confidentiality and security measures to handle your personal information. If you discover that our authorized partner organizations are acting in breach of the law during the course of your use, you can contact us via the contact details provided in this Privacy Policy and we will verify and promptly suspend our cooperation with that third party to protect your personal data and privacy information as far as possible.

1.3 In order to provide you with a better experience, improve our services or for other purposes with your consent, we may use the information collected through certain services for our other services, subject to relevant laws and regulations. For example, information about your use of one of our services may be used for services such as user research analysis and statistics.

1.4 To ensure the security of our services and to help us better understand how our applications work, we may record relevant information or use the information collected for big data analysis, for example, frequency of your applications, fault information, overall usage, performance data or analysis to form city heat maps or industry insight reports that do not contain any personal information. We may disclose and share statistically processed, non-identifiable information with our partners for the purpose of understanding how users use our services or to inform the public about general usage trends of our services.

(ii) Transfer

We will not transfer your personal information to any other company, organization or individual except in the following circumstances.

2.1 As our business develops, we and our affiliated companies may enter into mergers, acquisitions, asset transfers or other similar transactions. If the transaction involves the transfer of your personal information, we will require the new company, organization or individual holding your personal information to continue to be bound by this policy, or we will require that company, organization or individual to obtain your authorized consent again.

2.2 Where we have your express consent to the transfer, we will transfer your personal information that we have obtained to other parties.

(iii) Public Disclosure

We will only disclose your personal information publicly if we:

3.1 Your express consent has been obtained.

3.2 We may disclose your personal information publicly if we are compelled to do so by law, legal process, litigation or government authorities.

3.3 In other circumstances as required by law or regulation.

IV. How we use Cookie technology

When you use our products or services, our platform automatically receives and records information on your browser and computer, including your IP address, your generated electronic signature, information on hardware and software characteristics, and records of web pages you request, information in Cookie, etc. To ensure that the website works properly, we may store small data files called cookies on your computer or mobile device. If you do not refuse to accept the cookie, it will be sent to your browser and stored on your computer's hard drive. We use the Cookie to store data about your visit to our website so that we can identify you when you visit or revisit our website and provide you with better and more services by analysing the data. You have the right to choose to accept or reject Cookie, and you can reject Cookie by modifying your browser settings, but we would like to remind you that by rejecting Cookie you may not be able to use some of the features that depend on Cookie.

V. How we store your personal information

(i) Personal information collected and generated within the People's Republic of China will be stored in the People's Republic of China. If it is necessary to transfer relevant personal information collected within the territory to overseas organizations for the purpose of processing cross-border business, we will do so in accordance with the laws, administrative regulations and relevant regulatory authorities. We will ensure that your personal information is adequately protected, such as anonymisation, safe storage, etc.

(ii) We will only store your personal information for as long as is necessary for the purposes to which this Privacy Policy relates and for as long as is required by law or regulation, and we will keep your personal information for at least five years in accordance with the Electronic Signatures Act.

(iii) However, we may change the period of storage of personal information due to the need to comply with legal requirements in the following circumstances.

3.1 In order to comply with applicable laws and regulations and other relevant regulations.

3.2 In order to comply with the provisions of a court judgment, ruling or other legal process.

3.3 In order to comply with the requirements of the relevant governmental authority or legally authorized organization.

3.4 In order to comply with relevant provisions such as laws and regulations which we are reasonably satisfied are required.

3.5 For purposes reasonably necessary to enforce the relevant service agreement or this Privacy Policy, to protect the public interest, to protect the personal and property safety or other legitimate rights and interests of our customers, our or our affiliated companies, other users or employees.

(iv) If we cease to operate our products or services, we will promptly cease any further collection of your personal information, notify you of the cessation of operations on a case-by-case basis or by public announcement, and delete or anonymize the personal information we have stored.

VI. How we protect your personal information

(i) We have used security measures in line with industry standards to protect the personal information you provide against unauthorized access, public disclosure, use, modification, damage or loss of data. We will take all reasonably practicable steps to protect your personal information. Our application services use the https transmission protocol throughout the site and encrypted transmission using TLS/SSL certificates issued by authoritative CAs to ensure the confidentiality and integrity of your personal information and data during transmission. We require all staff to sign a Non-Disclosure Agreement and conduct a series of regular training on information security and privacy protection to continuously raise staff awareness of information security and privacy protection. DLP data leakage prevention system is uniformly deployed in staff internal systems to monitor, track and audit the outgoing, printing and copying of sensitive and private data, etc.

 

(ii) We have obtained the following certifications: ISO/IEC 27701 Privacy Information Management System Certification, ISO/IEC 27001 Information Security Management System Certification, ISO/IEC 27018 Public Cloud Personal Information Protection Certification, Trusted Cloud Service Certification, Ministry of Public Security Information Security Level 3 Certification and other international and domestic authoritative certifications. We actively benchmark ourselves against domestic and international laws and regulations related to information security and privacy protection, continuously improve our information security and privacy protection standards through high-strength certification and high-security encryption protection, and continuously improve our products and services.

 

(iii) We are committed to achieving industry-leading levels of security in information security protection. To safeguard your information, we are committed to using a variety of security technologies and accompanying management systems to minimize the risk of disclosure, destruction, misuse, unauthorized access, unauthorized disclosure and alteration of your information. Examples include: secure transmission via network security software (SSL), secure storage of information, and strictly limited access to data centres. When transferring and storing sensitive personal information (including personal biometric information), we use security, permission control, de-identification and other security measures. We also adopt backup and recovery technology for data to promptly recover in the event of data loss.

 

(iv) For companies, organizations and individuals with whom we share personal information, we will sign strict data protection clauses with them requiring them to handle personal information in accordance with our instructions, this Privacy Policy and any other relevant confidentiality and security measures.

 

(v) In order to protect the security of your information, we will take various measures to protect your information once we have collected it and isolated it as necessary. We will store de-identified information separately from information that can be used to re-identify individuals to ensure that individuals are not re-identified in the subsequent processing of de-identified information.

 

(vi) After the unfortunate occurrence of a user information security incident (leakage, loss, etc.), we will, in accordance with the requirements of laws and regulations, promptly inform you of: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, the suggestions you can independently prevent and reduce the risk, and the remedial measures for you, etc. We will promptly inform you of the situation related to the incident by email, letter, telephone, push notification, etc. When it is difficult to inform users of the subject of the information individually, we will make announcements in a reasonable and effective manner.

At the same time, we will also take the initiative to report on the disposal of personal information security incidents in accordance with the requirements of the regulatory authorities.


VII. Your right to manage personal information

(i) Access to your personal information

You have the right to access your personal information, subject to any exceptions provided by law or regulation. You can access and edit your profile information in your account, change your password and add security information by visiting www.esign.cn.

If you are unable to access your personal information in any of the above ways, you can  contact us by calling Customer Service on 400-087-8198 or 0571-85785223 anytime.

We will respond to your request for access within 30 days.

(ii) Delete your personal information

You can request the deletion of your personal information by calling our Customer Service at 400-087-8198 or 0571-85785223.

You have the right to request eSign to delete your personal information if:

2.1 We have collected your personal information without your express consent.

2.2 we have processed your personal information in breach of legal or regulatory requirements.

2.3 We have used and processed your personal information in breach of our agreement with you.

2.4 You cease to use our products or services, or cancel your eSign account.

2.5 We cease to provide services to you.

For business reasons and in order to protect the interests of all parties to the transaction, we will retain your personal information directly related to the identity authentication, will authentication and signing of the business in the case of paragraph 2.4 of this article.

If you still want to delete this part of the information, you need to authorize and agree with all parties involved in the business, and we will delete your personal information involved in the business after receiving the deletion instructions jointly from you and all parties involved in the business.

Once you or we have assisted you in deleting the relevant information, we may not be able to immediately delete the corresponding information from our backup systems due to applicable laws and security technology, and we will store your personal information securely and avoid any further processing until the backup can be erased or anonymisation is achieved.

(iii) Correction of your personal information

When you discover an error in the personal information we have processed about you, you have the right to request that we correct it. You can do this by going to www.esign.cn or contact customer service for corrections.

If you are unable to correct your personal information by the above means, you may contact us at any time by calling Customer Service on 400-087-8198 or 0571-85785223.

We will respond to your request for access within 30 days.

 

(iv) Cancellation

If you no longer need to use our products or services, you can contact us at www.esign.cn request to cancel your account. We promise to complete the verification and processing within 15 working days.

Please note that if you cancel your eSign account, you will no longer be able to log in and use our products and services with this account, and we will cease to provide electronic signature products, depository services and legal services for this account. You will not be able to recover your account once you have cancelled it. However, we would like to remind you that in order to comply with the relevant laws and regulations, the personal information and data provided or generated by you during the use of our products and services will still be stored for at least five years in accordance with the requirements of the Electronic Signature Law.


VIII. Protection of personal information of minors

If you are a minor under the age of 18, you should jointly read and agree to this Privacy Policy under the supervision and guidance of your parents or other guardians before using our products and related services.

We protect the personal information of minors in accordance with relevant national laws and regulations and will only collect, use, share or disclose the personal information of minors as permitted by law, with the express consent of their parents or other guardians or as necessary to protect them; if we become aware that personal information of minors has been collected without prior verifiable parental or other guardian consent, we will seek to delete the information as soon as possible.

If you are the guardian of a minor, please contact us at the contact information listed in this Privacy Policy if you have questions about the personal information of a minor in your care.

IX. Disclaimers

(i) eSign contains links to other websites and we may add business partners or co-branded websites whenever necessary. eSign is not responsible for the privacy of any other websites you link to through eSign.

(ii) If your password is compromised for your own personal reasons, eSign will not be responsible for any leakage of your personal information, but we will actively work with you to retrieve or change your password.

X. How this Privacy Policy is updated

(i) We may revise the content of this Privacy Policy from time to time. We will post any changes to this Privacy Policy on this page.

(ii) For material changes, we will also provide more prominent notice (we will explain specific changes to this Privacy Policy by email or by prominently displaying them on the pages you visit). Material changes within the meaning of this Privacy Policy include, but are not limited to:

2.1 Significant changes to our service model. For example, the purposes for which personal information is processed, the types of personal information processed, how personal information is used, etc.

2.2 Significant changes in our ownership structure, organizational structure, etc. Such as change of ownership caused by business restructuring, bankruptcy and merger, etc.

2.3 There is a change in the primary recipients of personal information shared, transferred or publicly disclosed.

2.4 When there is a change in our department responsible for handling personal information security, contact information and complaint channels.

2.5 When the personal information security impact assessment report indicates that there is a high risk.

 

XI. How to contact us

If you have any questions, comments, suggestions or complaints about our privacy policy and the handling of your personal information, you can give us feedback through our Customer Service by 400-087-8198 or 0571-85785223, we provide 7*24 hours hotline service.

 


上一篇:Identity Authentication Service Agreement 下一篇:eSign Service Agreement
专业咨询顾问,为您提供1对1专属服务
免费试用

完善信息立即免费体验!

提交成功!

我们的顾问会在1个工作日内与您取得联系

继续浏览
在线客服

在线客服

在线客服 电话咨询