User Privacy Policy

Effective Date: January，2022

Welcome to ESIGN SG HOLDING PTE. LTD.'s electronic signature platform ("eSign" or "we"), this privacy policy applies to the products and services we provide, including electronic signature products, depository services This Privacy Policy applies to the products and services we provide, including electronic signature products, depository services, legal services, etc.

We respect and protect your privacy. When you use eSign's services, we will collect, use, store, share, transfer, publicly disclose, and delete your personal information in accordance with this Privacy Policy. Also, we will explain to you through this Privacy Policy how we provide you with access to, change, delete and protect this information. We recommend that you read and understand this Privacy Policy carefully before using the eSign service, and that you use our products or services only after you have confirmed that you fully understand and agree to it. By using or continuing to use eSign's products or services after we update this Privacy Policy, you agree to the contents of this Privacy Policy (including the updated version) and consent to our collection, use, storage, sharing, transfer, public disclosure and deletion of your information in accordance with this Privacy Policy. If you have any questions, comments or suggestions about the content of this Privacy Policy, you may contact us through the various contact methods provided in this Privacy Policy.

This Privacy Policy will help you understand the following.

I. How we collect your personal information.

ii. how we use your personal information.

III. how we share, transfer, and publicly disclose your personal information.

IV. how we use COOKIES technology.

V. How we store your personal information.

VI. how we protect your personal information.

vii. your right to manage your personal information.

VIII. Protection of personal information of minors.

ix. disclaimers of liability.

X. How to update this privacy policy.

XI. How to contact us.

I. How we collect your personal information

We collect the information needed to achieve the function of the product according to the principle of lawfulness, legitimacy and necessity, and will collect the information for reasonable use.

We will collect the following personal or business information.

(i) Information provided by you during registration and real name authentication

1.1 You are required to provide your email address as your account login name when you register for your eSign account. If you do not provide the aforementioned information, you will not be able to register your eSign account or use the eSign services.

1.2 If you choose to use the real name authentication service, eSign will obtain the following information about your identity through your authorization on the Singpass website.

Personal information: name, cell phone number, ID number.

(a) Enterprise information: enterprise name, enterprise document number, enterprise operation status.

(ii) Information you provide in the course of your use

We may collect materials that you actively upload to us, including original contracts, hashes or other written materials, which documents or materials may involve your private information or trade secrets. We will maintain the above information in secure storage. We do not actively collect or analyze this information unless you voluntarily submit it for contract review services.

If you provide information about another person, including personal information such as name, telephone number, ID number, recipient address, email address, etc., you must confirm that you have the authorization of the other party and ensure that the other party also knows and agrees to be bound by this privacy agreement, and you will be responsible for any damage caused to others by the information you provide. At the same time, we will delete the information if the other party makes a contrary opinion or expressly does not want to be bound by this privacy agreement.

In addition, in order to ensure the availability and continuity of our services and the security of your account, we may collect the following information from you.

2.1 Device Information: Device model, operating system version, unique device identifier, and IP address information.

2.2 Software information: software version number, browser type. We may collect information about the mobile applications and other software you use to ensure the security of your operating environment or as necessary to provide the Services (interfacing with the Sinpass website for authentication services).

2.3 Service Log Information. Information about the way, type and status of your access to the network, login time, operation logs, service logs and other logs related to the "eSign" service when you use our service.

2.4 IP and location information. For example, we may obtain your geographic location information through IP address, GPS, WiFi or base station. You can choose to turn on or off the authorization of geolocation information. If you turn off the authorization, the functions related to geolocation may not be available and the relevant verification may not be completed.

(iii) Other Information

The content of this Privacy Agreement does not provide a complete list and cover all possible future functions and business scenarios, we will collect your information for other specific purposes not stated in this Privacy Policy, but we will seek your consent in advance.

(iv) Exceptions to the Authorized Consent

According to the relevant laws and regulations, your authorized consent is not required for the collection of your personal information in the following cases.

4.1 In connection with the performance of the obligations of the controller of personal information as stipulated in laws and regulations

4.2 directly related to national security or national defense security

4.3 directly related to public safety, public health, and significant public interests

4.4 directly related to criminal investigation, prosecution, trial and execution of judgments, etc.

4.5 for the purpose of safeguarding the life, property and other significant legitimate rights and interests of the subject of personal information or other individuals but for which it is difficult to obtain your own authorized consent

4.6 where the personal information collected is disclosed by you to the public at your own discretion

4.7 necessary for the conclusion and performance of a contract at the request of the subject of personal information

4.8 where personal information is collected from information that is lawfully and publicly disclosed, such as lawful news reports, government information disclosure and other channels

4.9 that is necessary to enter into a contract at your request or that has been otherwise agreed by the parties in the contract.

4.10 necessary for maintaining the safe and stable operation of the products or services provided, such as the detection and disposal of product or service failures.

4.11 necessary for academic research institutions to conduct statistical or academic research in the public interest and to de-identify the personal information contained in the results when providing the results of academic research or descriptions to the public.

II. How we use your personal information

We will strictly comply with the laws and regulations and the agreement with you, the information collected will be used as follows.

(a) To help you register as our user.

(2) Provide products and services to you, including the reasonable use of services such as real-name authentication completed by relying on third parties.

(iii) Product development and service optimization.

(d) Other Uses: We will seek your prior consent when we want to use information for other purposes not set forth in this Privacy Policy or when we want to use information collected for a specific purpose for other purposes.

III. How we share, transfer, and publicly disclose your personal information

We will not share your personal information with any company, organization or individual, except for the following circumstances.

(i) Sharing

1.1 We may share your personal information to the public in accordance with the provisions of laws and regulations, the need for litigation dispute resolution, or in accordance with the mandatory requirements imposed by administrative or judicial authorities in accordance with the law.

1.2 Your personally identifiable information and signed information shall be transferred to Ant Blockchain for use and storage based on the purpose of handling cases. We will only share your personal information for lawful, legitimate and necessary purposes, and only as much personal information as is necessary to provide the services.

If you find that our authorized partner organization has violated the law during the process of use, you can contact us through the contact information provided in this privacy policy, and we will verify and promptly suspend the cooperation with the third party to protect your personal data and private information from infringement as much as possible.

1.3 In order to provide you with a better experience, to improve our services or for other purposes with your consent, we may use the information collected through certain services for our other services, subject to relevant laws and regulations. For example, information about your use of one of our services will be used for services such as user research analysis and statistics.

1.4 To ensure the security of the Services and to help us better understand the operation of our applications, we may record relevant information or use the information collected for big data analysis, for example, frequency of your application, failure information, overall usage, performance data or analysis to form city heat maps or industry insight reports that do not contain any personal information. We may disclose to the public and share statistically processed, non-identifiable information with our partners for the purpose of understanding how users use our Services or to inform the public about general usage trends on our Services.

(ii) Transfers

We will not transfer your personal information to any other company, organization or individual, except for the following cases.

2.1 As the business of "eSign" develops, we and our affiliates may engage in mergers, acquisitions, asset transfers or other similar transactions. If the relevant transaction involves the transfer of your personal information, we will require the company, organization and individual holding your personal information to continue to be bound by this policy, otherwise we will require the company, organization and individual to obtain your authorized consent again.

2.2 In the case of a transfer with your express consent, we will transfer your personal information that we have obtained to other parties.

(iii) Public Disclosure

We will only disclose your personal information publicly if we

3.1 Have obtained your express consent.

3.2 We may disclose your personal information publicly if we are compelled to do so by law, legal process, litigation or government authorities.

3.3 Other cases stipulated by laws and regulations.

IV. How we use COOKIE technology

When you use our products or services, our platform will automatically receive and record information on your browser and computer, including your IP address, your generated electronic signature, information on hardware and software features, and records of your demanded web pages, information in COOKIE, etc. To ensure the proper functioning of our website, we may store small data files called cookies on your computer or mobile device. In the event that you do not reject the COOKIE, the COOKIE will be sent to your browser and stored on your computer's hard drive. We use the COOKIE to store data about your visit to our website so that we can identify you when you visit or revisit our website and provide you with better and more services by analyzing the data. You have the right to choose to accept or reject COOKIE, you can modify your browser settings to reject COOKIE, but we need to remind you that because you reject COOKIE, you may not be able to use some of the functions that depend on COOKIE.

V. How we store your personal information

(a) You know and agree that we will take appropriate measures to ensure that your personal information provided in the course of using our platform products or services will be strictly protected in accordance with the law and in accordance with the provisions of this Privacy Policy. We will ensure that your personal information is adequately protected, such as anonymization, secure storage, etc.

(b) We will only store your personal information for as long as is necessary for the purposes of this Privacy Policy and for as long as is required by law or regulation.

(c) However, we may change the period of storage of personal information due to the need to comply with legal requirements in the following cases.

3.1 To comply with applicable laws and regulations and other relevant regulations.

3.2 To comply with the provisions of a court judgment, ruling or other legal process.

3.3 In order to comply with the requirements of the relevant governmental authorities or legally authorized organizations.

3.4 in order to comply with relevant provisions such as laws and regulations that we are reasonably satisfied are required

3.5 for purposes reasonably necessary to enforce the relevant service agreement or this Privacy Policy, to protect the public interest, and to protect the personal and property safety or other legitimate rights and interests of our customers, our or our affiliates', other users or employees.

(d) If we cease to operate our products or services, we will promptly stop collecting your personal information, notify you of the cessation of operations by delivering a notice or announcement, and delete or anonymize the personal information we have stored.

VI. How we protect your personal information

(a) We have used security measures in accordance with industry standards to protect the personal information you provide against unauthorized access, public disclosure, use, modification, damage or loss of data. We will take all reasonably practicable steps to protect your personal information. Our application services use https transmission protocols throughout the site to ensure the confidentiality and integrity of your personal information and data during transmission. We require all employees to sign a Non-Disclosure Agreement and regularly conduct a series of trainings on information security and privacy protection to continuously raise employees' awareness of information security and privacy protection. Employees' internal systems are uniformly deployed with DLP data leakage prevention system to monitor, track and audit the outgoing, printing and copying of sensitive and private data, etc.

(2) We have obtained the following certifications: ISO/IEC 27701 Privacy Information Management System Certification, ISO/IEC 27001 Information Security Management System Certification, ISO/IEC 27018 Public Cloud Personal Information Protection Certification, Trusted Cloud Service Certification, Ministry of Public Security Information Security Level Protection Level 3 Certification and other international and domestic authoritative certifications. We actively benchmark with domestic and international laws and regulations related to information security and privacy protection, continuously improve our information security and privacy protection standards through high-strength certification and high-security encryption protection, and continuously improve our products and services.

(iii) We promise that we will make information security protection reach the industry-leading security level. To protect your information, we are committed to using various security technologies and supporting management systems to minimize the risk of disclosure, destruction, misuse, unauthorized access, unauthorized disclosure and alteration of your information. Examples include: secure transmission via network security software (SSL), secure storage of information, and strictly limited access to data centers. When transferring and storing sensitive personal information (including personal biometric information), we will use security, permission control, de-identification and other security measures. We also adopt backup and recovery technologies for data, and promptly recover in the event of data loss.

(d) For companies, organizations and individuals with whom we share personal information, we will sign strict data protection terms with them, requiring them to handle personal information in accordance with our instructions, this Privacy Policy and any other relevant confidentiality and security measures.

(e) In order to protect the security of your information, after we collect your information, we will take various measures necessary to protect your information in isolation. We will store de-identified information separately from information that can be used to re-identify individuals to ensure that individuals are not re-identified in the subsequent processing of de-identified information.

(f) After the unfortunate occurrence of user information security events (leakage, loss, etc.), we will, in accordance with the requirements of laws and regulations, promptly inform you of: the basic situation and possible impact of the security event, the disposal measures we have taken or will take, suggestions for your independent prevention and risk reduction, remedial measures for you, etc. We will promptly inform you of the event-related situation by email, letter, telephone, push notification, etc. When it is difficult to inform the user information subjects one by one, we will take reasonable and effective ways to issue announcements.

At the same time, we will also take the initiative to report the disposal of personal information security incidents in accordance with the requirements of the regulatory authorities.

VII. Your right to manage personal information

(i) Access to your personal information

You have the right to access your personal information, except for the exceptions provided by laws and regulations. You can access www.esign.cn to query, edit the profile information in your account, change your password, and add security information.

If you are unable to access your personal information in the above ways, you may contact us at any time by calling our customer service at +86-400-087-8198 or +86-0571-85785223.

We will reply to your access request within 15 days.

(B) Delete your personal information

You can apply for deletion of your personal information by calling our customer service number +86-400-087-8198 or +86-0571-85785223.

You have the right to request "eSign" to delete your personal information when the following circumstances occur.

2.1 We have collected your personal information without your explicit consent.

2.2 We have processed your personal information in violation of legal and regulatory requirements.

2.3 We have violated our agreement with you to use and process your personal information.

2.4 You no longer use our products or services, or cancel your eSign account.

2.5 We cease to provide services to you.

For business reasons and to protect the interests of all parties involved in the transaction, we will retain your personal information directly related to the real name authentication and signing business in the case of paragraph 2.4 of this article.

If you still want to delete this part of information, you need to authorize and agree with all parties related to the business, and we will delete your personal information involved in the business after receiving the deletion instruction jointly from you and all parties related to the business.

You may contact us to delete your personal information with reasonable notice, but this may result in your inability to use eSign products or services properly. We may retain, use, disclose and process your data for any of the purposes set out herein, as permitted by applicable law.

When you or we assist you in deleting the relevant information, we may not be able to immediately delete the corresponding information from our backup systems because of applicable laws and security technology, and we will store your personal information securely and avoid any further processing until the backup can be cleared or anonymity is achieved.

(iii) Correction of your personal information

When you discover an error in the personal information we have processed about you, you have the right to ask us to make a correction. You can do so at www.esign.cn.

If you are unable to correct your personal information by the above means, you may contact us at any time by calling customer service at +86-400-087-8198 or +86-0571-85785223, and we will respond to your request for access within 15 days.

(D) Cancellation

If you no longer need to use our products or services, you can contact us to apply for cancellation of your account, we promise to complete the processing within 15 days.

Please be aware that if you cancel your account, you will no longer be able to log in and use our products and services with this account, and we will cease to provide electronic signature product services, depository services, legal services, etc. for this account. The account cancellation will be completed and cannot be restored.

VIII. Protection of Minors' Personal Information

We do not provide products or services for minors. At the time you agree to accept this Privacy Policy, you are an adult under the laws of Singapore. We protect the personal information of minors in accordance with the law and will only collect, use, share or disclose the personal information of minors as permitted by law, with the express consent of their parents or other guardians or as necessary to protect them; if we discover that a minor has provided us with personal information without the consent of their parents or other guardians, their parents or guardians should contact us to promptly delete such personal We will attempt to delete the information as soon as possible.

If you are the guardian of a minor, please contact us at the contact information listed in this Privacy Policy if you have questions about the personal information of a minor in your custody.

9. Disclaimers

(a) eSign contains links to other websites, and we may add business partners or co-branded websites whenever necessary. "eSign is not responsible for the privacy of other websites that you link to through eSign.

(2) If your account password is leaked due to your personal reasons, eSign is not responsible for any leakage of personal information, but we will actively cooperate with you to retrieve your password or change it.

X. How to update this privacy policy

(a) We may revise the content of this Privacy Policy from time to time. We will post any changes to this Privacy Policy on this page.

(b) For material changes, we will also provide more prominent notice (we will provide specific changes to this Privacy Policy via email or prominent notice on the pages we visit). Material changes within the meaning of this Privacy Policy include, but are not limited to.

2.1 Significant changes to our service model. For example, the purpose of processing personal information, the type of personal information processed, and the way personal information is used.

2.2 Significant changes in our ownership structure, organizational structure, etc. Such as change of ownership caused by business restructuring, bankruptcy and merger, etc.

2.3 There is a change in the primary recipients of personal information sharing, transfer or public disclosure.

2.4 When there is a change in our department responsible for handling personal information security, contact information and complaint channels.

2.5 When the personal information security impact assessment report indicates that there is a high risk.

(3) If our products' business functions are updated and involve an increase in the scope of personal information collected, we will inform you immediately through the privacy policy update. If you reject the changed privacy policy, we will continue to provide services to you within the scope of the original business, except for the new business functions that have information collection authority in the changed privacy policy instead of the original business functions.

XI. How to contact us

If you have any questions, comments, suggestions or complaints about our privacy policy and the handling of your personal information, you can give us feedback through our customer service telephone number +86-400-087-8198 or +86-0571-85785223, and we provide 7*24 hours hotline service.