Privacy Policy
Last updated: October 26, 2022 Effective date: October 26, 2022 1. Special Tips
Welcome to RootData ! RootData service providers
(“we) understand the importance of personal
information to you and will do our best to protect the security and
reliability of your personal information. We are committed to maintaining
your trust in us and handling your personal information in accordance with
the principles of lawfulness, propriety, necessity and good faith.
Therefore, we have created this Privacy Policy (“
Policy”) so that you are fully aware of how we collect,
use, store, share and transfer such information when you use
RootData, and the ways in which we provide you with access to,
update, delete and protect such information.
Before you use RootData , please make sure you read this Policy
carefully and fully understand the content of each clause, and you can
make the choices you deem as appropriate in accordance with the
guidelines of this Privacy Policy. The relevant terms covered in this
Privacy Policy are stated as concisely as possible, and links to further
explanations are provided for your better understanding. If you have any
questions, you are welcomed to contact us. This policy will help you understand the following: 1.1. How we collect and use your personal information 1.2. How we use COOKIES or similar technologies 1.3. How we share, transfer, and publicly disclose your personal
information 1.4. How we protect your personal information 1.5. How you manage your personal information 1.6. How we handle personal information of minors 1.7. How this Privacy Policy is updated 1.8. How to contact us 2. How we collect and use your personal information
2.1. Personal information is all kinds of information
related to identified or identifiable natural persons recorded by
electronic or other means, excluding information after anonymization
processing. Sensitive personal information is personal
information that, once leaked or illegally used, may easily lead to the
infringement of a natural person’s human dignity or endanger the
safety of his or her body or property, including biometric, religious
beliefs, specific identity, medical and health care, financial accounts,
trajectory and other information, as well as the personal information of
minors under 14 years of age.
2.2. We will collect and use the personal information you voluntarily
provide in the course of using RootData or as a result of using
RootData, as well as obtain your personal information from third
parties, in accordance with the principles of legitimacy, legality and
necessity, for the purposes described in this Policy.
If we want to use your personal information for other purposes not
described in this Policy, or use the information collected for a
specific purpose for other purposes, we will inform you in a reasonable
manner and obtain your consent again before using it. When you cancel
your account, we will stop using and delete the aforementioned
information.
2.3. Circumstances in which you must authorize us to collect and use your
personal information
-
2.3.1. Our RootData includes some core functions, and we may
collect, store and use the following information about you in order to
implement these functions. If you do not provide the relevant information,
you will not be able to enjoy the products and services provided by us.
These features include:
- 2.3.1.1. Account registration, login and verification
-
When you register for a RootData account, you will need to provide
us with at least the
account name, password, and email address you intend to
use, and we will verify the validity of your identity information by
sending an email verification code.
- 2.3.1.2. Safety and security functions
-
In order to improve the security of your use of our products and services,
to protect your or other users’ personal and property safety from
infringement, to better prevent phishing sites, fraud, network
vulnerabilities, computer viruses and other security risks, and to more
accurately identify violations of laws and regulations, we may collect,
use or integrate your account information, transaction information, and
device information to comprehensively determine your account and
transaction risks, conduct identity verification, detection and prevention
of security events, and take necessary records, audits, analyses and
disposal measures in accordance with the law.
- 2.3.1.3 Network Services
-
RootData automatically receives and records the data on your browser and
computer when you use RootData network services or visit RootData platform
web pages, including but not limited to your IP address, type of browser,
language used, date and time of access, information on hardware and
software characteristics and records of web pages you demand.
2.4. Circumstances when you can choose to provide the personal information
-
2.4.1. In order to make your use of RootData more convenient or
enjoyable, and thus enhance your experience when using it, the following
extensions of our functions may be use your personal information.
If you do not provide such personal information, you can still use the
core functions of RootData, but you may not be able to use the
extensions we provide for you or you may need to fill in some
information repeatedly.
These extensions include:
- 2.4.1.1. Login with a third-party account
-
When you use a third party account (e.g. Twitter, Google) to log into
RootData , you need to authorize to read and share your public
information (including one or more of nickname, profile, region, gender,
contact email) published and recorded on the third party platform, subject
to relevant laws and regulations, in order to bind your third party
account to your RootData account and to remark your login identity
as our user.
- 2.4.1.2. Additional account information
-
After you have registered for an account, you may continue to fill in your
information in the profile part, including your birthday, gender,
and work organization. Your failure to provide this information will not
affect your use of specific technical services.
- 2.4.1.3. Change the account password
-
When you need to change your account password, please enter the new
password to complete the resetting. You need to provide your email account
and the SMS verification code we sent to you for verification.
- 2.4.1.4. Access to third-party applications
-
When you use the third-party applications that you access in
RootData, we may obtain necessary personal information from the
developers of such third-party applications and their technical service
providers, such as device information and operation behavior log
information, for the purpose of providing technical support and other
purposes. If your sensitive personal information is involved, we will
request separate authorization from you. If you refuse to allow us to
collect such personal information, all or part of the functions of the
third-party application may not be available, but it will not affect your
access to other functions of RootData.
The developers of such
third-party applications and technical service providers may collect and
use your personal information directly in accordance with the privacy
policies they provide, but we do not have access to such personal
information. We recommend that you read and confirm that you understand
these privacy policies before accepting the relevant services and
providing personal information.
2.5. You are fully aware that we do not require your authorized consent
for the collection and use of personal information in the following cases:
-
2.5.1. Disclosure to third parties or administrative or judicial bodies in
accordance with the relevant provisions of the law, or the requirements of
administrative or judicial bodies.
-
2.5.2. It is necessary to share your personal information with third
parties in order to provide the products and services you have requested
-
2.5.3. The personal information collected is disclosed to the public by
the subject of the personal information or the guardian himself/herself.
-
2.5.4. When your personal information is collected from lawful public
disclosures, such as lawful news reports, government information
disclosure and other sources.
- 2.5.5. Necessary to enter into a contract at your request.
-
2.5.6. Necessary for the maintenance of the safe and stable operation of
the products and/or services provided, such as the detection and disposal
of product and/or service failures.
-
2.5.7. When it is necessary for academic research institutions to conduct
statistical or academic research in the public interest, and where the
results of academic research or descriptions are made available to the
public, the personal information contained in the results is
de-identified.
2.6. Situations when we obtain your personal information from third
parties
-
2.6.1. We may obtain personal information from third parties that you have
authorized to share, and we will use such personal information in
accordance with the agreement with the third party and after confirming
the legality of the source of the personal information, and in compliance
with relevant laws and regulations.
3. How we use COOKIES or similar technologies
3.1. We may obtain and use your information through the use of COOKIES or
similar technologies and store that information as log information.
3.2. By using COOKIES, we provide users with an easy-to-use and
personalized web experience. A COOKIE is a small amount of data that is
sent from a web server to your browser and stored on your computer's hard
drive. We use COOKIES so that users can benefit from them. For example, to
make the RootData login process faster, you can choose to store
your username in a COOKIES. COOKIES helps us to determine which pages and
content you are connecting to, how much time you spend on specific
RootData services and which RootData service you have
selected.
3.3. COOKIES enables us to serve you better and faster and to personalize
your experience with the RootData service. You may refuse or manage
COOKIES or similar technologies through your browser or user selection
mechanism. However, please note that if you disable COOKIES or similar
technologies, we may not be able to provide you with the best service
experience and some services may not work properly.
3.4. We use our own COOKIES or equivalent technologies, which may be used
for the following purposes:
- 3.4.1. Remember who you are.
- 3.4.2. Analyze your use of our services.
- 3.4.3. Advertising optimization.
3.5. If you wish to disable COOKIES, you can configure your browser:
select “Reject COOKIES” or “Notify you when websites
send COOKIES”. Since our services are provided through the support
of COOKIES, your access to our services may be affected or you may not be
able to fully access our services after you complete the process of
disabling COOKIES. When you do not disable COOKIES, you may be prompted,
for example, whether to retain user information the next time you access
this site in order to simplify the login process (e.g., automatic login).
4. How we share, transfer or publicly disclose your personal information
4.1. Entrusted processing
-
4.1.1. If we entrust a third party to handle your personal information, we
will agree with the trustee on the purpose of the entrusted handling,
duration, handling method, types of personal information, protection
measures, and the rights and obligations of both parties, and supervise
the trustee’s handling activities of personal information handling.
4.2. Sharing
-
4.2.1. We will share your personal information in accordance with the
principles of “lawfulness and legitimacy, minimum necessity, and
clarity of purpose”. At the same time, we will conduct a personal
information protection impact assessment of personal information sharing
activities in advance and take effective technical protection measures for
the form of output, circulation and use. At the level of cooperation
agreements, we strictly require the information protection obligations and
responsibilities of our partners, and sign protection agreements on data
security with our business partners before cooperation.
We have
developed the Third Party Sharing List to provide you with a clear and
concise introduction of our main sharing of your personal information.
-
4.2.2. We will not share your information with any third party outside of
us, except for the following:
- (1) Obtain your prior clear consent or authorization.
-
(2) Share your information externally in accordance with applicable laws
and regulations, the requirements of legal process, and mandatory
administrative or judicial requirements.
-
(3) Only by sharing your personal information can we achieve the core
functions of our products and services or provide the services you need.
-
(4)
We may share your personal information with our affiliates for the
purpose of providing you with relevant products or services based on our
offerings,
showing you content that may be of interest to you, protecting the
security of your account and transactions, etc.
We will share your personal information with our affiliates in
accordance with this Privacy Policy, but we will only share personal
information that is necessary and subject to the purposes stated in this
Privacy Policy. If our affiliates wish to change the purposes for which
personal information is processed, they will again seek your authorized
consent.
-
(5) We may share your information with third parties, such
as partners, to ensure that the services
provided to you are completed successfully. However, we will only share
your personal information for lawful, legitimate, necessary, specific,
and explicit purposes, and only as much personal information as is
necessary to provide the services. Our partners are not authorized to
use the shared personal information for any other purpose.
- (6) Provide based on academic research.
-
(7) Provide in accordance with the individual service agreement or other
legal documents signed with you.
- 4.3. Transfer
-
4.3.1. Transfer is the process of transferring control of personal
information to other companies, organizations or individuals.
-
4.3.2. We will not transfer your personal information to any third party
outside of the Company, except for the following:
- (1) Obtain your prior clear consent or authorization.
-
(2) As our business continues to grow, in the
event of a merger, acquisition or bankruptcy liquidation, your
information may be transferred as part of such a transaction. If a
transfer of personal information is involved, we will require the new
company, organization, or individual holding your personal information
to continue to be bound by this Policy, or we will require that company,
organization, or individual to seek your authorized consent
again.
4.4. Public Disclosure
-
4.4.1. We will not publicly disclose your personal information with any
third party outside of the Company, except in the following circumstances:
-
(1) We may disclose your personal information publicly in accordance with
laws and regulations, litigation, dispute resolution, or as required by
law by administrative or judicial authorities.
-
(2) Disclose information specified by you in accordance with your needs
and in a manner that you have expressly agreed to disclose.
5. How we protect your personal information
5.1. We have always attached great importance to protecting the security
of our users’ personal information, and to this end we have adopted
industry-standard security technologies and organizational and management
protection measures to minimize the risk of disclosure, destruction,
misuse, unauthorized access, unauthorized disclosure and alteration of
your information.
- 5.1.1. Technical measures for data security
-
5.1.1.1. We will adopt security measures in accordance with industry
standards, including the establishment of reasonable systems, security
technologies to prevent unauthorized access to your personal information,
use, modification, and avoid damages or losses of data.
-
5.1.1.2. Our web services adopt encryption technologies such as transport
layer security protocols and provide browsing services via https and other
means to ensure the security of user data during transmission.
-
5.1.1.3. We adopt encryption technology to encrypt and store users’
personal information, and isolate it by isolation technology.
-
5.1.1.4. In the use of personal information, such as the display of
personal information and the calculation of the association of personal
information, we will use a variety of data desensitization techniques,
including content replacement, to enhance the security of personal
information in use.
-
5.1.1.5. We use strict data access rights control and multiple identity
authentication technologies to protect personal information and avoid
unauthorized use of data.
-
5.1.1.6. We use automatic code security checks and data access log
analysis techniques for personal information security audits.
5.1.2. Other security measures we have taken to protect personal
information
-
5.1.2.1. We manage to regulate the storage and use of personal information
by establishing a data classification and grading system, data security
management specifications, and data security development specifications.
-
5.1.2.2. We maintain full security control over data through
confidentiality agreements signed by people reach data, and monitoring and
auditing mechanisms.
-
5.1.2.3. We establish a data security committee and set up a special
department for information protection and a data security emergency
response organization to promote and secure personal information.
-
5.1.2.4. We hold security and privacy training courses to enhance
employees’ security awareness and knowledge of personal information
protection policies and related procedures.
5.2. Please be aware that while we will endeavour to ensure the
security of any information you send us. However, the Internet
environment is not 100% secure and we cannot be held liable for any
risks or losses arising from or in connection with it. 5.3. After the unfortunate occurrence of a personal information
security incident, we will inform you in a timely manner in accordance
with the requirements of laws and regulations: the basic situation of
the security incident and the possible impact, the measures we have
taken or will take, the suggestions for you to independently prevent and
reduce the risk, the remedial measures for you, etc. We will promptly
inform you of the procedures related to the incident by email, letter,
telephone, push notification, etc. When it is difficult to inform the
subject of personal information one by one, we will take reasonable and
effective ways to issue announcements. At the same time, we will also
report how we handle the personal information security incidents in
accordance with the requirements of regulatory authorities. 6. How you manage your personal information
6.1. We take the management of your personal information very seriously
and make every effort to protect your access, correction, deletion,
withdrawal of consent and other legal rights with respect to personal
information so that you have full ability to maintain your privacy and the
security of your personal information.
6.2. Access and correction of your personal information
-
6.2.1. Except as provided by law or regulation, you have the right to
access and correct your personal information at any time, which
specifically include:
- (1) Account information.
- (2) Attention to information.
-
6.2.2. Please contact us at any time if you need access to or correction
of any other personal information generated in the course of using our
products and services. We will respond to your request in the manner and
within the time period set forth in this Privacy Policy.
6.3. Deleting your personal information
-
6.3.1. You may make a request to us to delete personal information in the
manner set out in this Policy in the following circumstances.
-
(1) If we handle personal information in violation of laws and
regulations.
-
(2) If you no longer use our products and services, or if you cancel your
account.
-
(3) If we stop providing products and services, or if the retention period
has expired.
- (4) If you withdraw your consent.
-
(5) If the purpose for which we process personal information has been
achieved, cannot be achieved, or is no longer necessary.
6.4. Changing or withdrawing your consent
- 6.4.1. You may change the scope of your authorization for us to
continue to collect personal information or withdraw your authorization
by deleting information, turning off device features, making privacy
settings on the RootData website or in the software, etc. You may also
withdraw your
authorization for us to continue to collect your personal information in
its entirety by canceling your account.
-
6.4.2. Please understand that RootData may need to collect the
necessary personal information to provide you with services.
If you withdraw your consent, we will not be able to continue to provide
you with the services for which you have withdrawn your consent, but
this will not affect the personal information processing services
previously carried out on the basis of your authorization.
6.5. Cancellation of your account
-
6.5.1. You may cancel your previously registered account at any time by:
- (1) Cancellation of accounts
- (2) Contacting us
- 6.5.2. After you cancel your account, the content, information, data
and records under the account will be deleted or anonymized (except when
otherwise provided by laws and regulations or required by regulatory
authorities). At the same time, once account cancellation is completed,
it can not be restored.
6.6. Respond to your request above
-
6.6.1. If you are unable to exercise your rights in the manner described
above, you may contact us using the contact information set forth in this
Policy. To protect the security of your account, when you make a request
to us as described above, we may ask you to verify your identity before
processing your request.
- 6.6.2. In principle, we do not charge a fee on your reasonable
requests, but we will charge a cost fee for repeated requests that
exceed reasonable limits as appropriate. We may reject requests that are
repeated for no reason, require excessive technical means, pose a risk
to the legal rights of others, or are very impractical.
- 6.6.3. Exceptions to the response situation
-
We will not be able to respond to your request in the following cases:
-
(1) In connection with the performance of our obligations under laws and
regulations.
-
(2) Directly related to national security and national defense security.
-
(3) Directly related to public safety, public health, and significant
public interest.
-
(4) Directly related to criminal investigation, prosecution, trial and
execution of judgments, etc.
-
(5) If we have sufficient evidence of subjective malice or abuse of rights
by the subject of personal information.
-
(6) For the purpose of safeguarding the life, property and other
significant legitimate rights and interests of the subject of personal
information or other individuals, while it is difficult to obtain the
consent of the individual.
-
(7) Responding to the request of the subject of personal information will
result in serious damage to the legitimate rights and interests of the
subject of personal information or other individuals or organizations.
- (8) Involve trade secrets.
7. How we handle personal information of minors
Our products, website and services are primarily intended for adults.
Children are not permitted to create their own user accounts without the
consent of their parents or guardians.
In the case of personal information collected from children with parental
consent, we will use or publicly disclose this information only as
permitted by law, with the clear consent of the parent or guardian,
or as necessary to protect the children.
Although local laws and customs define children differently, our company
considers anyone under the age of 18 as a child.
If we find that we have collected personal information from children
without prior verifiable parental consent, we will seek to delete the
relevant data as soon as possible.
8. How this Privacy Policy is updated
8.1. Our privacy policy may change from time to time. We will post any
changes to this Privacy Policy on
the name of the Populated Platform. For material changes, we will
provide more prominent notice of the specific changes to our Privacy
Policy, such as through a special notice on the viewing page. We
will not reduce your rights under this Privacy Policy without your express
consent.
8.2. Material changes within the meaning of this Privacy Policy include,
but are not limited to:
- 8.2.1. Significant changes in our service model.
-
8.2.2. There is a change in the main target of personal information
sharing, transfer or public disclosure.
-
8.2.3. Significant changes in your rights to participate in the processing
of personal information and how they are exercised.
- 8.2.4. Our contact information and complaint channels have changed.
-
8.2.5. When the personal information security impact assessment report
indicates a high risk.
8.3. We will keep an older version of this Privacy Policy on file for your
review.
9. How to contact us
9.1. If you have questions regarding privacy protection, policy
implementation or website operation, please send your suggestions or
questions to us at contact@rootdata.com
9.2. In general, we will reply within fifteen working days. If you
are not satisfied with our reply, especially if our personal information
processing behavior has harmed your legitimate rights and interests, you
can also file a complaint or report to the supervisory departments of
network information, telecommunications, public security and industry and
commerce, or seek a solution by filing a lawsuit to the court with
jurisdiction in the domicile of Beijing Shouyi Information Technology Co.