Protecting the personal privacy of every customer, vendor, and employee is a crucial part of gaining and keeping your trust in Haier. As a global operating organization, we strive to provide a high level of privacy protection across all our businesses and services.

This Privacy Notice(“Notice”) does not apply to third-party applications, products, services, websites, or social media features that may be accessed through links that we provide on our Apps. Accessing those links may result in the collection of information about you by a third party. We do not control or endorse those third-party websites or their privacy practices. We encourage you to review the privacy policies of such third parties before interacting with them.

Please read this Notice carefully. When using our services that link to or reference this Notice, you agree to be bound by the terms and conditions of this Notice.

1. Your personal data – what is it?

Collection of Data by Haier may fall under the following two categories:

a. Personal data means data about or relating to a natural person who is directly or indirectly identifiable, having regard to any characteristic, trait, attribute, or any other feature of the identity of such natural person, or any combination of such features, or any combination of such features with any other information.

b. Sensitive personal data or information of a person means such personal information which consists of information relating to: (i) password; (ii) financial information such as bank account or credit card or debit card or other payment instrument details; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) biometric information; (vii) any detail relating to the above clauses as provided to body corporate for providing service; and (viii )any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.

The processing of your personal data and sensitive personal data is governed by applicable privacy laws.

What roles do we play in processing your data?

We process your “personal data” only when there is a legal basis for doing so or when your consent has been given in this regard to us including but not limited to your consent while accessing any features of the application. We are the data controller, data controller means a person or a juristic person having the power and duties to make decisions regarding the collection, use, or disclosure of the personal data. This means that we decide how your personal data is processed and for what purposes. We know that you care how data about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly.

When are your personal data collected?

We may obtain your personal data from the following sources including but not limited to

 Information obtained directly from you through various means such as campaigns, forms, business cards, purchase of products and services；

 Information obtained from other legitimate sources such as databases and third parties;

 whenever you register to use our online services and become our customer;

 whenever you use our services and products;

 whenever you contact us via the various channels we offer you.

Our collection of personal data

We have collected and will collect your personal data to be processed by us and/or on your behalf in the course of your present or future dealing with us,. Your personal data enables us to achieve the “Purpose” herein that is in connection with our business.

The data that we collect include:

a.Name;

b.Identity card no;

c.Nationality

d.Age;

e.Date of Birth;

f.Residential Address;

g.Gender;

h.Email address;

i.Mobile Number;

j.Passport No;

k.Photo;

l.Nick Name;

m. Credit Debit Bank Account Number

n.Device information: hardware device address, device information, device type, preference;

o.Other personal information: device usage information, problem feedback, location.

We may also receive data about your location and your mobile device when you download our apps. This includes a unique identifier for your device. We may use this data to provide you with location-based personalized services . You can turn off location services on your device.

System permission calls


Permissions of the device	The purpose	Inquiring about Permissibility
Camera	Upload profile pictures and photos, scan bar codes and two-dimensional codes	The first time you use it
Local file read and write	Read local images, upload profile pictures, photos, save download files	The first time you use it
Vibrate	Qr code scanning success reminder	No
COARSE_LOCATION	Get the user's current geographic location	The first time you use it
Read phone state	Get the phone's serial number for statistics	No
Notify	Push and message alerts	The first time you use it
Network	linked network	No
Network state	Determine the cellular network connection status	No
WIFI status	Determine the WIFI connection status	No
Monitoring of phone startup	Understand the mobile phone boot event for message push	No
Foreground service authority	Foreground service authority	No

How do we process your personal data?

We comply with our obligations under applicable privacy laws by keeping personal data up to date, by storing and destroying it securely, by collecting and retaining only the necessary data that we need to service you, by protecting personal data from loss, misuse, unauthorized access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

The processing operations we perform on your data cover automated and non-automated means of collecting, recording, organizing, structuring, storing, altering, retrieving, using, transmitting, disseminating or otherwise making available, aligning or combining, restricting, and/or erasing your data.

We use your personal data for the following purposes:

To design and deliver our services, product and activities to you.
To operate our Apps to provide you access to and use of our services.
To provide services and products requested by you as described when we collect the information.
To provide latest promotion, campaigns, and marketing materials to you from time to time.
To contact you to conduct research about your opinions of current services and products or of potential new services and products that may be offered by us.
To share your contact details with our affiliate offices around the world within our group companies, for the purposes of internal administration and back-office support, to ensure our network security, and to prevent fraud.
To maintain the integrity and safety of our data technology systems which store and process your personal data.

To provide anonymous reporting for internal and external customers.
To provide you with location based personalized services.
To enforce or defend our policies or contract with you.
To detect and investigate data breaches, illegal activities, and fraud.
For legal compliance purpose.

Upon subscribing to our services or register with our Apps, you will be receiving marketing and/or promotional emails from us, which includes promotions and information on future events. If you do not wish to receive any promotional news, please click the “unsubscribe” link at the bottom of the email and you will be excluded from our newsletters.

What is our lawful basis for processing your personal data?

In general, the lawful bases for us to process your personal data for the various types of processing performed on your data (please refer to “How do we process your personal data?” section of this Notice) is, as applicable, processing based on your consent, as necessary for us to enter into and to perform our contract with you, or as necessary to pursue the legitimate interest of our company or of third parties.

We will collect, process and use the personal data supplied by you only for the purposes communicated to you and will not disclose your data to third parties except under the circumstances of data disclosure described in the “Sharing your personal data” section below.

Where we talk about our legitimate interest or that of third parties, such legitimate interest can include:

Implementation and operation of a group-wide organizational structure and group-wide information sharing;
Right to freedom of expression or information, including in the media and the arts;
Prevention of fraud, misuse of company IT systems, money laundering or any other activities required by the competent authorities;
Operation of a whistleblowing scheme;
Physical security, IT and network security;
Internal investigations; and
Proposed mergers and acquisitions

Necessity to provide us data

It is necessary for us to collect and to retain your personal data. Therefore, it is also obligatory for you to supply personal to us in the most accurate manner. If you do not provide us with personal data, we are unable to, process personal data on your behalf, for the purpose stated above or effectively render our services to you, and all relationship created or to be created between us shall be terminated and ceased to be in effect. If you would like to obtain more detail about this, please contact us following the instructions in the “Whom should I contact” section below.

Sharing your personal data

Your personal data will be treated as strictly confidential, and will be shared only with the categories of data recipients listed below. We will only share your data with third parties outside of our company with your consent, and you will have an opportunity to choose for us not to share your data.

We may disclose your personal data to:

our affiliated entities within our global group of companies worldwide and authorized employee to provide you services such as facilitating order processing and shipping, for internal administration purposes, to detect and deal with data breaches, illegal activities, and fraud, and to maintain the integrity of our information technology systems.
third party service providers whom we sub-contract to work on our behalf or for us and therefore may have access to your data only for purposes of performing these tasks on our behalf and under obligations similar to those described in this Notice, who perform functions such as data processing, auditing, order fulfillment, managing and enhancing customer data, providing customer service, conducting customer research or satisfaction surveys, logistics support, marketing support, payment processing and invoice collection support, informational systems technical support, to help us provide, analyze, and improve our services such as data storage, maintenance services, database management, web analytics, improvement of our service features, and to assist us in detecting and dealing with data breaches, illegal activities, and fraud. We will use the mpaas push function provided by Alibaba Cloud Computing Co., Ltd. for message push and use its mpaas mobile performance monitoring function for analysis, all of which require the use of your device identification and device type information, and the privacy protection instructions of this third party are as follows: https://www.alibabacloud.com/help/en/doc-detail/421025.htm?spm=a3c0i.23458820.2359477120.165.7e1c7d3f0FWzLN
governments and/or government-affiliated institutions, courts, or law enforcement agencies, to comply with our obligations under relevant laws and regulations, enforce or defend our policies or contract with you, respond to claims, or in response to a verified request relating to a government or criminal investigation or suspected fraud or illegal activity that may expose us, you, or any other of our customers to legal liability; provided that, if any law enforcement agency requests your data, we will attempt to redirect the law enforcement agency to request that data directly from you, and in such event, we may provide your basic contact information to the law enforcement agency.
third parties involved in a legal proceeding, if they provide us with a court order or substantially similar legal procedure requiring us to do so.

We may provide you with opportunities to connect with third party applications or services. If you choose to use any such third party applications or services, we may facilitate sharing of your information with your consent. However, we do not control the applications or services of those third parties or how they use your information, and your use of such applications and services is not governed by this Notice. Please review the terms and the privacy policies of those third parties before using their applications or services.

We will display your personal data and account activity in your profile page and elsewhere on our service portals according to the preferences you set in your account. You can review and revise your profile information at any time. Please consider carefully what information you disclose in your profile page and your desired level of anonymity. In your profile page, we will also display your device information as well as provide the network connection information for the devices to the applications that connect to your devices.

The cookies used by the website or Apps are solely associated to anonymous users and their computer or device and do not provide personal data on users. Some cookies are used by third parties to provide us with data on the effectiveness of its engagements and promotion. In addition, cookies are of a temporary nature, used solely to improve the efficiency of the last transmission. Users may configure their browser to notify them of the reception of cookies and to prevent installation on their computer or device.

How long do we keep your personal data?

We keep your personal data for no longer than reasonably necessary for the given purpose for which your data is processed. If you will provide us, or have provided us, consent for us to process your data, we will process your data for no longer than your consent is effective. Notwithstanding the above, we may retain your personal data as required by applicable laws and regulations, as necessary to assist with any government and judicial investigations, to initiate or defend legal claims or for the purpose of civil, criminal or administrative proceedings. If none of the above grounds for us to keep your data apply, we will delete and dispose of your data in a secure manner according to our data protection policy.

Privacy of data subjects have limited or no legal capacity

Our products and services are not targeted to persons have limited or no legal capacity. We do not knowingly collect or process personal data from persons have limited or no legal capacity. Please note that if you are limited or no legal capacity, you will need to provide us a written signed consent from your parent or guardian indicating that your parent or guardian has consented for us to process your data and send us the consent through contact information provided from the section of “Whom should I contact?”

Your rights and your personal data

Unless subject to an exemption under applicable privacy laws, you have the following rights with respect to your personal data:

The right to request for access to personal data processed by us with reasonable notice.
The right to request for correction and/or update any personal data if it is found to be inaccurate or outdated.
The right to request to erase your personal data where it is no longer necessary for us to retain such data, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
The right to withdraw your consent to the processing at any time, if and where we rely on your consent to process your data. This includes cases where you wish to opt out from marketing communications that you receive from us.
The right to restrict our processing of your personal data where you believe such data to be inaccurate, our processing is unlawful; or that we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish for us to delete it.
The right to object to us using your personal data, where the legal justification for our processing of your personal data is our legitimate interest. We will abide by your request unless we have compelling legitimate grounds for the processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defense of legal claims.
The right to lodge a complaint regarding our processing of your data, with the competent authority where you reside or in which your data is processed.

If you would like to exercise any of the above rights, please do so by providing your request to the contact window set forth in the “Whom should I contact” section.

After receiving your request, we will evaluate your request and inform you how we intend to proceed on your request. Under certain circumstances in accordance with applicable privacy laws and regulations, we may withhold access to your data, or decline to modify, erase, or restrict the processing of your data.

Please be advised that if you exercise the rights to erase data, restrict or object to our processing, or to withdraw your consent, we may not be able to continue our services to you if the necessary data is missing for processing.

Transfer, Storage, and Processing of Data Abroad

As noted in the “Sharing your personal data” section of this Notice, as a part of a globally operating company, we may share your information with our affiliate companies or third parties. Please refer to the “Sharing your personal data” section of this Notice for the recipients of your data and the reasons for our provision of your data to them. Where such entities are located in other countries and jurisdictions, we will therefore be transferring your personal data outside the country or jurisdiction where your personal data was collected and by clicking agree to this Notice, you have expressly given the consent for such transfer. In making such data transfers, we make sure to protect your personal data by applying the level of security required by applicable privacy laws. Where we transfer your data to a country or jurisdiction that cannot guarantee the required level of protection as required by applicable privacy laws, we have enhanced our IT security measures to increase the protection of your personal data.

Our products are integrated with GrowingIO SDK provided by a third party (Beijing YiDigital Technology Co., Ltd.), through which we will collect information about your device (including: operating system, device model, system version, Android ID, IMEI, IP address, pasteboard content) to statistically analyze the effect of your usage within the App and therefore improve our products and services. The private policy of this SDK is at https://accounts.growingio.com/privacy.

Further processing

If we wish to use your personal data for a new purpose not covered by this Notice, then we will provide you with a new notice explaining this new use prior to commencing such further processing for a new purpose, setting out the relevant new purpose and processing conditions. In such case, we will find a lawful basis for further processing, and whenever necessary we will seek your prior written consent to such further processing.

Security

We protect your data using technical measures to minimize the risks of misuse, unauthorized access, unauthorized disclosure, loss or theft, and loss of access. Some of the safeguards we use are data pseudonymization, data encryption, firewalls, and data access authorization controls. We take our data security very seriously. Therefore, the security mechanisms used to protect your data are checked and updated regularly to provide effective protection against abuse.

The information we collect are usually encoded. Moreover, we have put in place additional and comprehensive state-of-the-art security measures when your data are accessed via the internet. Firewalls prevent unauthorized access. Diverse encryption and identification layers protect your data from intrusion or disclosure to third parties during data transfer. Moreover, an electronic identifier is generated during data transfer to safeguard your information.

For your confidentiality and security, we use ID and password to secure your personal information. It is important for you to protect your ID, password, or any personal information. Do not disclose your personal information (especially password) to anyone. When you are finished using our services, please do not forget to log out from your account.

Despite our best efforts, however, security cannot be absolutely guaranteed against all threats. If you believe that the security of your data has been compromised, or if you would like to know more information on the measures, we use to protect your data, please contact us following the instructions in the “Whom should I contact” section below.

All the data we collect from you may be stored as log files in our server or as augmented information associated with you or your devices. These log files are used for analysis, research, auditing, and other purposes. Your data is stored in log files until the data is transferred to backup databases or related texts. We routinely back-up a copy your data to prevent loss of your data in case of a server breakdown or human error. However, all such copies of your data in our backup database will be retained only for as long as our data retention policy permits (see “How long do we keep your personal data?” below), and will in any case be deleted immediately upon your request.

Whom should I contact?

If you have any question about this Notice, or if you would like to exercise any of your rights, or if you have any complaints that you would like to discuss with us, please write to us by letter or email:

by post to

Haier Singapore Investment Holding Pte.Ltd.

9 Raffles Place

#18-02 Republic Plaza

048619

Singapore

by e-mail to qih@haiersingapore.com