Privacy Policy
This agreement applies only to the online services (hereinafter referred to as "Services") provided by AseanBiz Your Business Gateway (hereinafter referred to as "we") to AseanBiz Your Business Gateway users (hereinafter referred to as "you"), including information display, commodity transactions, etc.
Release Date: 2023-04-07.
Effective Date: 2023-04-07.
This policy will help you understand the following content:
1. How We Collect and Use Your Personal Information
2. How We Use Cookies and Similar Technologies
3. How We Share, Transfer, and Publicly Disclose Your Personal Information
4. How We Protect Your Personal Information
5. Your Rights
6. How Your Personal Information is Transferred Globally
7. How This Policy is Updated
8. How to Contact Us

We deeply understand the importance of personal information to you and will do our best to protect the security and reliability of your personal information. We are committed to maintaining your trust in us and adhere to the following principles to protect your personal information: principle of consistent rights and responsibilities, principle of clear purpose, principle of choice and consent, principle of minimum sufficiency, principle of ensuring security, principle of subject participation, principle of openness and transparency. At the same time, we promise to take corresponding security protection measures to protect your personal information according to industry mature security standards.
Please read and understand this "Privacy Policy" carefully before using our products (or services).
1. How We Collect and Use Your Information
Personal information refers to various information recorded electronically or by other means that can identify a specific natural person's identity alone or in combination with other information, or reflect the activities of a specific natural person.
We will only collect and use your personal information for the following purposes stated in this policy. When you close or stop using related functions or services, we will stop collecting your personal information.

The following information you provide will continue to authorize us to use during your use of this service. When you cancel your account, we will stop using and delete the above information. The above information will be stored within the territory of the People's Republic of China. If cross-border transmission is required, we will separately obtain your authorization and consent.

To achieve the purposes stated in this policy and provide you with better customer service and user experience, we may integrate third-party SDK services. When you use these services, your information may also be collected. When you close or stop using related functions or services, we will stop collecting your personal information.
(1) Providing Account Services for You
To complete account services, you need to provide the following information: your mobile phone number, email, name, and created password, etc. If you cannot provide the above information, you may not be able to register an account or use this system.

(2) Device Security Management
To ensure the stable operation of the services we provide to you and prevent your personal information from being obtained by illegal elements, with your consent we will collect your device model, operating system, geographic location, unique device identifier, login IP address, network access method, type and status, network quality data, operation logs, service failure information. This information is necessary for security purposes. If you do not agree to our collection of this information, it may not be possible to complete hardware binding and reinforcement purposes.

(3) ID Card Scanning and Facial Recognition Services
To protect your account information security and ensure it is operated by yourself, in functional scenarios such as real-name authentication and survival authentication, it is necessary to obtain your biometric information (facial information, fingerprint information) and collect corresponding records generated during your use of our services. At the same time, to verify the accuracy of the information, we will verify your information, such as ID number, biometric information (facial information, fingerprint information) with institutions that legally hold your information (government agencies, institutions, commercial institutions); we will verify the legality of the information sources provided by these verification institutions. Clicking "Authenticate or Agree" is deemed as your consent and authorization for us to obtain and use your above information for this service, and authorize us to use it for identity verification functions.

(4) Providing Service Status Notification and Query Services
To comply with laws, regulations, and regulatory requirements, and to facilitate your query of transaction status or historical records, we will archive your identity information, transaction information, and behavior information when using website services, and strictly keep this information properly according to legal and regulatory requirements.
When we want to use information for other purposes not stated in this policy, we will seek your consent in advance.
When we want to use information collected for specific purposes for other purposes, we will seek your consent in advance.

(5) Device Permission Calls
To provide you with convenient and high-quality services, we may call your device storage permissions, album permissions, camera permissions, etc. Storage permissions are used for you to download and save interesting pictures or videos, album permissions are used for you to upload pictures or videos when publishing information, camera permissions are used for scenarios such as taking pictures, recording videos, scanning QR codes, etc. You have the right to choose to close the authorization of the above permissions at any time, but it may affect your normal use of some or all functions of our website.

2. How We Use Cookies and Similar Technologies
(1) Cookies
To ensure normal operation of the service, we will store small data files called Cookies on your mobile device. Cookies usually contain login status, access records and other data. With the help of Cookies, the service can store your membership status.
We will not use Cookies for any purposes other than those stated in this policy. You can manage or delete Cookies according to your preferences. You can clear all Cookies saved on your mobile device, but if you do so, you will need to log in again or set up each time you visit our website.

(2) Web Beacons
Our website may also contain some electronic images (hereinafter referred to as "web beacons"). Using web beacons can help the website calculate users browsing web pages or access certain cookies. We will collect information about your browsing activities through web beacons, such as the page address you visited, the location of the referring page you previously visited, your browsing environment and display settings.

(3) Network Proxy
If you access third-party services through our website or client, we cannot guarantee that these third parties will take protective measures as required by us. To try our best to ensure the security of your account, we may use dedicated network protocols and proxy technology (called "dedicated network channels" "network proxies"). In this way, we can help you identify known high-risk sites, reduce the risks of phishing and account leakage caused thereby, and at the same time be more conducive to protecting your common interests with third parties.

(4) About SDK Services
1. To achieve the purposes stated in this policy and provide you with better customer service and user experience, we may integrate third-party SDK services. When you use these services, your information may also be collected. When you close or stop using related functions or services, we will stop collecting your personal information.
2. The aforementioned "information" includes your identity information, account information, credit information, transaction information, travel trajectory information, electronic device information, electronic device operation log information.
3. To ensure the security of your information, we have a confidentiality obligation for the above information and will make our best efforts to take various measures to ensure information security.
4. This clause takes effect when you sign it, has independent legal effect, and is not affected by the establishment of the contract or agreement to which this clause belongs and changes in the validity status.

Third-party SDKs:
Currently integrated third-party SDK services include WeChat authorization login. This service is to obtain your verification status during user registration and login business. If users refuse our collection of relevant information, they can click "Disallow" or "Cancel" on the relevant authorization interface, and we will not collect relevant information.

3. How We Share, Transfer, and Publicly Disclose Your Personal Information

(1) Sharing
We will not share your personal information with any company, organization or individual, except in the following cases:
1. Sharing with explicit consent: After obtaining your explicit consent, we will share your personal information with other parties.
2. We may share your personal information externally according to legal and regulatory requirements, or mandatory requirements of government authorities.
3. Relevant judicial or government departments. According to laws and regulations or mandatory government regulations, user personal information must be provided to relevant judicial or government departments.
4. Sharing with authorized partners: Only to achieve the purposes stated in this policy, some of our services will be provided by authorized partners. We may share certain user information with partners to provide better customer service and user experience. We will only share your user information for legal, legitimate, necessary, specific, and clear purposes, and will only share user information necessary to provide services. To better operate and improve technology and services, you agree that we and authorized partners can use the collected information for other services and purposes while complying with relevant laws and regulations.

For companies, organizations and individuals with whom we share personal information, we will sign strict confidentiality agreements with them, requiring them to process personal information according to our instructions, this privacy policy and any other relevant confidentiality and security measures.

(2) Transfer
We will not transfer your personal information to any company, organization or individual, except in the following cases:
1. Transfer with explicit consent: After obtaining your explicit consent, we will transfer your personal information to other parties;
2. In case of merger, acquisition or bankruptcy liquidation, if personal information transfer is involved, we will require the new company or organization holding your personal information to continue to be bound by this privacy policy, otherwise we will require the company or organization to seek your authorization and consent again.

(3) Public Disclosure
We will only publicly disclose your personal information in the following cases:
1. After obtaining your explicit consent;
2. Disclosure based on law: Under circumstances of law, legal procedures, litigation or mandatory requirements of government authorities, we may publicly disclose your personal information.

4. How We Protect Your Personal Information
(1) We have used security protection measures that comply with industry standards to protect the personal information you provide, preventing data from unauthorized access, public disclosure, use, modification, damage or loss. We will take all reasonably feasible measures to protect your personal information. We will use encryption technology to ensure data confidentiality; we will use trusted protection mechanisms to prevent data from malicious attacks; we will deploy access control mechanisms to ensure that only authorized personnel can access personal information; and we will hold security and privacy protection training courses to strengthen employees' awareness of the importance of protecting personal information.

(2) The Internet environment is not 100% secure, and we will strive to ensure or guarantee the security of any information you send to us. If our physical, technical, or management protection facilities are breached, resulting in unauthorized access, public disclosure, alteration, or destruction of information, causing damage to your legitimate rights and interests, we will bear corresponding legal responsibilities.

(3) After the unfortunate occurrence of a personal information security incident, we will inform you in a timely manner according to legal requirements: the basic situation and possible impact of the security incident, the measures we have taken or will take, suggestions for you to independently prevent and reduce risks, remedial measures for you, etc. We will inform you of the relevant situation of the incident in a timely manner by email, letter, phone, push notification, etc. When it is difficult to inform each personal information subject individually, we will issue announcements in a reasonable and effective manner.

(4) When our products or services cease operation, we will notify you by push notifications, announcements, etc., delete your personal information or make it anonymous within a reasonable period, immediately stop collecting personal information activities, and close third-party application service interfaces to avoid third-party services collecting and continuing to use personal information. At the same time, we will also actively report the handling of personal information security incidents to regulatory authorities as required.

5. Your Rights
According to relevant Chinese laws, regulations, standards, and common practices in other countries and regions, we guarantee that you can exercise the following rights regarding your personal information:

(1) Access Your Personal Information
You have the right to access your personal information, except for exceptions provided by laws and regulations. If you wish to access personal profile information in your account, you can access relevant name, account and other information by visiting "My".

(2) Correct Your Personal Information
If you wish to modify your basic personal information, you can do so by canceling this member account and re-registering.

(3) Delete Your Personal Information
In the following situations, you can request us to delete personal information:
1. If our processing of personal information violates laws and regulations;
2. If we collect and use your personal information without obtaining your consent;
3. If our processing of personal information violates our agreement with you;
4. If you no longer use our products or services, or you cancel your account;
5. If we no longer provide you with products or services.

If we decide to respond to your deletion request, we will also notify the entities that obtained your personal information from us to delete it in a timely manner, unless otherwise provided by laws and regulations, or these entities have obtained your independent authorization. When you delete information from our service, we may not immediately delete the corresponding information from the backup system, but will delete this information when the backup is updated.

(4) Change the Scope of Your Authorization and Consent
Each business function requires some basic personal information to be completed (see "1. How We Collect and Use Your Personal Information" in this policy). For the collection and use of additional personal information, you can give or withdraw your authorization and consent at any time.

When you withdraw your consent, we will no longer process the corresponding personal information. However, your decision to withdraw consent will not affect the personal information processing previously carried out based on your authorization.

(5) Personal Information Subject Cancels Account
Application for account cancellation. After canceling the account, we will stop providing you with products or services, and according to your requirements, delete your personal information or make it anonymous, unless otherwise provided by laws and regulations.

(6) Responding to Your Above Requests
For your reasonable requests, we will respond in a timely manner. For requests that are unreasonably repeated, require excessive technical means (for example, need to develop new systems or fundamentally change current practices), pose risks to the legitimate rights and interests of others, or are very unrealistic (for example, involving information stored on backup tapes), we may refuse to respond.
In the following situations, we will be unable to respond to your request:
1. Related to the personal information controller's performance of obligations stipulated by laws and regulations;
2. Directly related to national security and defense security;
3. Directly related to public security, public health, and major public interests;
4. Directly related to criminal investigation, prosecution, trial, and execution of judgments, etc.;
5. The personal information controller has sufficient evidence to show that the personal information subject has subjective malice or abuses rights;
6. For maintaining the life, property and other major legitimate rights and interests of the personal information subject or other individuals but it is difficult to obtain the consent of the person;
7. Responding to the request of the personal information subject will cause serious damage to the legitimate rights and interests of the personal information subject or other individuals and organizations;
8. Involving trade secrets.

6. How Your Personal Information is Transferred Globally
The personal information we collect and generate will be stored within the territory of the People's Republic of China and does not involve transfer abroad.

7. How This Policy is Updated
Our privacy policy may change.
Without your explicit consent, we will not reduce the rights you should enjoy according to this privacy policy. We will post any changes to this policy on this page.
For major changes, we will also provide more prominent notice (including for some services, we will send notifications explaining the specific changes to the privacy policy).
Major changes referred to in this policy include but are not limited to:
1. Major changes in our service mode. Such as the purpose of processing personal information, the type of personal information processed, the way personal information is used, etc.;
2. Major changes in our ownership structure, organizational structure, etc. Such as owner changes caused by business adjustments, bankruptcy mergers, etc.;
3. The main objects of personal information sharing, transfer or public disclosure change;
4. Your rights and their exercise methods in personal information processing undergo major changes;
5. When the responsible department, contact method and complaint channel for processing personal information security change;
6. When the personal information security impact assessment report indicates high risk.
We will also archive the old version of this policy for your reference.

8. How to Contact Us
If you have any questions, comments or suggestions about this privacy policy, contact us through the following methods:
https://www.aseanbizs.com/about/contact.html

Generally, we will reply within three working days.
If you are not satisfied with our reply, especially if our personal information processing behavior has damaged your legitimate rights and interests, you can also seek solutions through the following external channels: report to consumer rights protection departments, regulatory authorities or file a lawsuit in the court with jurisdiction.