Personal Information Protection and Privacy Policy
This Policy only applies to BioTime products or services (hereinafter referred to BioTime),including ZKBio Time Web Server, ZKBio Time mobile APP.
Lastly updated on: March 2022
If you have any question, comment or suggestion, please contact us via the following means:
Email: product.biotime@zkteco.com
This Policy will help you to understand the following:
Personal information collection rules
How we protect your personal information
Your rights
How we handle personal information of minors
How this Policy is updated
How to contact us
Xiamen ZKTECO CO., LTD. and its affiliates (hereinafter referred to "ZKTeco", or "Company" or "We") understands the importance of personal data and will do everything possible to protect your personal information. We are committed to preserving your trust in us by protecting your personal information based on the following principles: responsibility in accordance with authority, purpose specification, informed consent, minimal necessary, security safeguard, subject participation, openness and transparency, etc. ZKTeco also commits to protect your personal information by implementing appropriate security measures in accordance with industry accepted security standards.
Before using any products (or services), please read this Policy carefully and make sure you have fully understood and agreed to this Policy. By using any products or services, you acknowledge that you have fully understood and agreed to this Policy.
■Definition
BioTime Services refers to the services provided by the BioTime team including BioTime software and BioTime mobile APP.
It refers to Xiamen ZKTECO CO., LTD. that develops and provides BioTime products and services, and its affiliates.
It refers to the user with BioTime management platform system operation authorities to manage and utilize BioTime software for and on behalf of the enterprise or organization.
It refers to personal information whose disclosure, illegal provision, or misappropriation may endanger the personal property and security, and as well as can cause injury or discrimination to their reputation, physical, or mental health. Personal sensitive information linked to BioTime includes the identity number, mobile phone number, individual biological identifying information, bank account, salary, and information about minors.
It refers to the organization or individual that has the right to determine the purpose and mode of treatment of the personal information. The personal information controller concerning BioTime service as mentioned herein refers to the enterprise or organization user of BioTime.
It refers to a company's or organization's computer or device that has BioTime items installed on it. The firm or organization distributes and authorizes access to and use of the local server, which means that the personal information and data kept on the local server is under its control.
I Personal information collection rules
(1) How we collect and use your personal information
We will provide you with BioTime device or software products, interactive displays, search results, identification of account abnormalities, maintaining the normal operation of BioTime, improvement and optimization of your BioTime experience, and safeguarding the security of your account to better satisfy your requirements, including your use of information about BioTime products and services, and connect such information to better satisfy your requirements.
Individual users' information will not be collected. The user information is submitted or generated just to support the normal use of BioTime by the organization or enterprise, and all data is stored only on the user's local server and will be updated and detected with the version management server at the time of mobile activation.
Based on the specific authority you grant during the software installation and utilization process, we will receive and record information about the device you use (such as the device model, operating system version, device configuration, unique device identifier, and other software and hardware features) and the device location (such as IP address, GPS/Beidou location, Wi-Fi access point, Bluetooth, base station, and sensors providing related information).
When you are using the software function or mobile function, the software will record your products usage and saves it as a software log on the user’s local server, including your operation, IP address, type of browsers, date and time of access, approval log and attendance log information.
Note: That single device information and log information could not be used to identify the identity of the specific natural person.
(2) How we use Cookies and similar technologies
Cookies and similar technologies are widely used in the Internet. To ensure the smooth operation of our website, we will store a small data file named Cookie in your computer or mobile device. A Cookie typically contains identifiers, site names, and some numbers and characters. With the Cookie, our website can store your preference and other data. We will not use Cookies for any other purpose than that specified in this Policy. You may manage the Cookie according to your own preference or delete it. You may choose to delete all Cookies saved in your computer, and most of the web browsers have a feature to block the Cookies. But if you do this, you will need to change the user settings each time you visit our website.
In addition to Cookies, we will also use other similar technologies such as website beacons and pixel tags on our website to help us understand your preference for products or services and improve our customer service.
(3) How we share, transfer and disclose your personal information
1. Share
Without your explicit consent, we will not share your personal information with any other company, organization or individual.
Your enterprise/organization may share your personal information with an external institution if required by laws and regulations or government authorities.
2. Transfer
We will not transfer your personal information to any other company, organization or individual, except under the following circumstances:
We will transfer with your explicit consent: Your enterprise or organization may transfer your personal information to others with your approval in the event of a merger, acquisition, or dissolution of your business.
3. Public disclosure
We will not disclose your personal information, except for those disclosed by your enterprise or organization under the following circumstances:
a) With your explicit consent.
b) Law-based disclosure: We may disclose your personal information in cases where such disclosure is required by laws, legal proceedings, litigation, or government authorities, including in cases:
Related to personal information controller’s performance of obligations prescribed by laws and regulations;
Directly related to national security or national defense security;
Directly related to public safety, public health or vital public interests;
Directly related to crime investigation, prosecution, trial, and judgment execution;
Where such disclosure is necessary for protecting the vital legitimate interests such as life and property of the subject of personal information or any other individual while it is difficult to obtain the consent therefrom;
Where the personal information involved is disclosed to the public by the subject itself;
Where such disclosure is necessary for signing and performing the contract concerned according to the requirements of the subject of personal information;
Where the personal information is collected from legally and publicly disclosed information, such as legal news reports and publicized government information;
Where such disclosure is necessary for maintaining safe and stable operation of the products/services provided, such as identification or disposal of failures of products/services;
Where the personal information controller is a news agency and such disclosure is necessary for legal news reporting;
Where the personal information controller is an academic research institute, and such disclosure is necessary for statistics or academic research in the public interest, and the personal information contained in the results of academic research or description provided externally is de-identified.
Note: According to the law, sharing, transferring, or disclosing personal information does not include the scenario in which personal information is de-identified in such a way that the recipient of such information cannot restore the information or re-identify the subject of personal information before it is shared, transferred, or disclosed. As a result, we may store or process such information without notifying you or obtaining your consent.
II How we protect your personal information
Where you select to use BioTime as a BioTime enterprise or organization administrator, we will not collect the information about BioTime function available to the individual users under your BioTime enterprise or organization user. In case of any disclosure of the personal information, please click “Your enterprise”. Related data is collected by your enterprise or organization and stored in the software database. Date controlled by the enterprise may include:
(1) Job title, department, office email account and telephone assigned by your enterprise to organization to you as well as the fingerprint features, face features, check-in person's face photo, geographical location, and other personal information that are required for or generated from the attendance, approval, check-in, and log function opened by you to complete the daily activity of the enterprise or organization, as well as the attendance punch information, approval records, log release, agenda and documents.
(2) Other data containing your personal information as submitted by the enterprise or organization users (including job, contact methods and individual identity of the enterprise or organization user)
You understand and agree that the enterprise or organization is the aforesaid enterprise data controller; the enterprise or organization’s opening, management and utilization of the aforesaid services and treatment of your personal information and data are irrelevant to the BioTime team; and the enterprise or organization ensures that they have already obtained prior and express consent of BioTime individual users and only collects the end user information necessarily required for the enterprise business and management and has already fully informed the end user of the data collection purpose and scope and the mode of utilization.
(3) You may provide feedback about BioTime products and services experience during the process of using the products by using the information you gave to us. This will help us better understand your experience and demand for using our products or services and enhance our products or services. For this, you may take the initiative to provide your contact information, questions, or recommendations when submitting product proposals and demands, and we will record your contact information, questions, or suggestions so that we can contact you further to inform our treatment opinions.
(4) When you use the personalized custom-made services, we will collect information in order to provide you with better and more personalized products and services, such as more personalized services with the same experiences on different servers or devices, input recommendation, customer service reception or information release to better satisfy your requirements, understanding about product compatibility, and identification of account abnormality status. We will also collect information about your use of the services based on the function demand, including, but not limited to, information about device, log, and service usage. For instance, when you are implementing certain operation in the process of utilization of BioTime services, we may send a notice to you.
(5) A third party other than us or our partners (hereinafter referred to as the "third party") may send contents or website links to you. We have no control over the third party. You may choose whether to access the links, contents, products, and services provided by the third party. We have no control over the third-party privacy or data protection policies as the third party is not bound by this Policy. Before you submit personal information to the third party, please read its privacy protection policies.
III Your rights
In accordance with Chinese laws, regulations, standards, and established practices of other countries and jurisdictions, we will protect your rights to:
(1) Access your personal information
You have the right to access your personal information, unless otherwise provided by laws and regulations. You may access your personal information by: Contact your enterprise/organization administrator.
(2) Correct your personal information
Upon noticing any of your personal information your enterprise/organization processed is wrong, you have the right to request your enterprise/organization to make corrections. You may submit the request via means listed in Item "(1) Access your personal information".
(3) Delete your personal information
In the following cases, you may request your enterprise/organization in writing to delete your personal information:
In circumstances prescribed by applicable laws, you have the right to revoke your consent to your enterprise/organization’s processing of your personal data at any time. However, the cancellation will have no bearing on the legality and effectiveness of your personal data that your enterprise/organization previously processed with your consent, or other appropriate legitimacy.
(4) Respond to your request
To safeguard security, you may need to provide a request in writing or otherwise prove your identity. Your enterprise/organization may ask you to provide proof of your identity before processing your request.
Your enterprise/organization may not respond to your request in the following circumstances:
IV How we handle personal information of minors
Our products, website and services are mainly designed for adults. Without consent of parents or guardians, minors shall not create their own account. If you are a minor, it is recommended that you ask your parents or guardian to read this Policy carefully, and only use our services or information provided by us with consent of your parents or guardian.
We will only use or disclose personal information of minors collected with their parents' or guardians' consent if and to the extent that such use or disclosure is permitted by law or we have obtained their parents' or guardians' explicit consent, and such use or disclosure is for the purpose of protecting minors.
Upon noticing that we have collected personal information of minors without the prior consent from verifiable parents, we will delete such information as soon as possible.
V How this Policy is updated
Our personal information protection and privacy policy is subject to change from time to time.
Without your explicit consent, we will not cut your rights you are entitled to under this Policy. We will post any change to this Policy on our website.
For major changes, we will also provide a more prominent notification.
Major changes referred to in this Policy include, but are not limited to:
We will also archive the previous versions of this Policy for your reference.
VI How to contact us
If you have any question, comment or suggestion about this Policy, please send an email to product.biotime@zkteco.com. Normally, we will reply within 3 days. More contact information is available on our website (http://www.zkteco.com/en/).