HAS respects the privacy of every customer and promises to protect their personal information.This privacy statement will inform customers when they visit the site (wherever they are), how we properly handle each and every customer’s data, as well as the privacy rights they enjoy and how they are protected by law.
In this privacy statement, “HAS”, “we” or “our” means:
Shanghai Has international trade co. LTD
You also have the right to lodge a complaint with the competent regulatory authority at any time.
We collect personal data about our users
Personal data is any information that can be used to identify a person, but does not include data whose identity has been deleted (anonymous data).
We may collect, use, store and transfer a variety of personal data that we classify and combine as follows:
• Contact data Include name, address, email address and phone number.
• Technical Specifications This includes Internet protocol (IP) addresses, the customer’s browser category and version, time zone Settings and locations, browser plug-in types and versions, operating systems and platforms, and other technologies that the customer USES as a device to connect to the site.
• Usage Data Including information about how customers use our website.
How do we collect customers’ personal data?
We use the following different methods to collect customers’ personal data:
• Direct interaction,Customers can provide us with their identity, contact information and marketing and communications data by filling out forms or by mail, phone, email or other means.
We use customer personal data for our purposes
We describe below in table form all the ways we plan to use customer personal data.
We also identify our legal interests (if applicable).
Please note that we value the use of customer data for purposes and handle customer personal data on a legal basis.
Please contact us when we process customer’s personal data on a legal basis in the table below and the customer needs specific details about the legal basis.
Purpose/Activity /Notify customers of changes to our privacy statement
Data Category / (a) Identity (b) Contact (c) Marketing and Communications
The legal basis of data processing, including the basis of legitimate rights and interests / (a) Perform contracts with customers (b) Compliance with legal obligations (c) matters that are required by our legitimate interests (to update our records)
Retention Period / 12 Months
Purpose/Activity / Manage and safeguard our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and data loading)
Data Category / (a) Identity (b) Contact (c) Technology
The legal basis of data processing, including the basis of legitimate rights and interests / (a) What our legitimate interests require (activities to carry on our business, provide administrative and data technology services, cyber security, prevent fraud and business restructuring or group restructuring)(b) Must comply with legal responsibility
Retention period / 12 months
Purpose/Activity / Use data analysis to improve our website, products/services, marketing, customer relations and experience
Data Category / (a) Technology (b) Service condition
The legal basis of data processing, including the basis of legitimate rights and interests / What our legitimate interests require (categorizing the types of customers who use our goods and services, keeping our website up to date and up to date, growing our business and informing us of our marketing strategy)
Retention period / 25 months
Purpose/Activity / Provide marketing communications and information to customers about the company and its products
Data category / (a) Identity (b) Contact (c) Marketing and communications
The legal basis of data processing, including the basis of legitimate rights and interests / (a) Our lawful rights and interests(Develop our goods/services and expand our business) (b) Consent
Retention period / Until the notification is received that the data subject no longer wishes to receive the marketing communications
We will only use customer’s personal information for the purposes for which it is collected unless we believe that there is a reasonable need to use it for other purposes that are compatible with the original purpose.If the customer wants to know how the process for the new use is compatible with the original purpose, please contact us.
If we need to use customer’s personal information for unrelated purposes, we will notify the customer and explain to the customer the legal basis allowing us to take relevant action.
Please note that where required or permitted by law, we may process customer personal information without the customer’s knowledge or consent.
We will retain customer personal information only as reasonably necessary for the purposes for which we collect such information, including to comply with any legal, regulatory, tax, accounting or reporting requirements.If there is a complaint or we have reasonable reason to believe that our relationship with the customer may be litigated, we may retain the customer’s personal information for a long time.
In order to determine the appropriate retention period of personal information, we will consider the amount of personal information, nature and sensitivity, unauthorized use or disclosure of the potential risk of customer personal information, we deal with the purpose of the customer information and whether we can through other ways to achieve these goals, and applicable laws, regulations, tax, accounting or other requirements.
The above table gives details of the retention period of customer’s personal information in different aspects.
Disclosure of customer personal data
Subject to customer consent, we may share customer personal data with internal and external third parties.
In all cases, we require all third parties to safeguard the personal data of our customers and to process the data in accordance with applicable laws. We do not allow our third party service providers to use customer personal data for their own purposes and only allow them to process customer personal data for the specific purposes we instruct.
We have put in place appropriate security measures to prevent accidental loss, unauthorized use or access, alteration or disclosure of customers’ personal data.In addition, we restrict access to customers’ personal data only to employees, agents, contractors and other third parties with business needs.They will only handle customer personal data according to our instructions and have the responsibility to keep it confidential.
We have procedures in place to deal with any suspected breach of personal data and will notify customers and any appropriate regulatory authorities of the breach as required by law.
Cookies and third-party links
This site may contain links to third party sites, plug-ins and applications.Clicking on these links or enabling links may allow third parties to collect or share data about customers.We do not administer these third party sites and are not responsible for their privacy statements.When customers leave our site, we encourage them to read the privacy statement on each site they visit.
The legal rights of customers
In some cases, under the Data Protection Act, customers may have the following rights with respect to personal data:
• Customer inspection request Personal data (commonly referred to as the “data subject access request”).This enables the customer to receive a copy of the customer’s personal data held by us and verify that we are legally handling the customer’s personal data.
• For correction We hold personal data about our customers.This allows the customer to modify any incomplete or inaccurate data about the customer, but we may need to verify that the new data provided to us by the customer is accurate.
• Ask to delete customer Personal data.This enables customers to request that we delete or remove personal data without sufficient justification to continue processing it.The customer also has the right to request that we delete or remove any personal data that the customer has exercised the right to object to (see below) because we may have processed the customer’s information illegally or need to delete the customer’s personal data to comply with local laws.Please note, however, that we may not be able to satisfy all customer removal requirements for specific legal reasons, and we will notify the customer upon request (if applicable).
• Object to handling customer personal data.In the case of legitimate interests (or third party interests), customers object to our handling of data on this basis on the basis of specific reasons, because customers believe that this will affect their fundamental rights and freedoms.Customers also have the right to object to our handling of their personal data for direct marketing purposes.In some cases, we may demonstrate that we have a strong legal basis for dealing with customer information that overrides the rights and freedoms of the customer.
• Request restrictions on handling customers Personal data.This allows customers to request that we suspend processing their personal data when:
– If the customer asks us to establish the accuracy of the data.
– We use data illegally, but customers don’t want us to delete it.
– Customers want us to keep data, even if we no longer need it, because they need it to establish, enforce or defend their rights in litigation.
– Customers object to our use of customer data, but we need to confirm whether we have an overriding legal basis to use the data.
• Request transfer of customer’s personal data to a third party.We will provide customer personal data to customers or third parties of customers’ choice in a structured, commonly used and machine-readable format.Please note that this right applies only to automated information that the customer initially agreed with us to use or that we used to fulfill our contract with the customer.
• Withdraw consent at any time. Where we need the consent of the customer to process the customer’s personal data, the customer may withdraw the consent decision at any time.However, the legality of any data processing performed by the customer prior to the withdrawal of the consent decision will not be affected.If the customer withdraws the consent decision, we may not be able to provide the customer with certain goods or services.If this happens when the customer withdraws the consent decision, we will notify the customer.
To exercise any of the above rights, please contact the personal data monitor.
No fees are normally charged
Customer can access customer’s personal data (or exercise any other rights) without paying a fee.However, if the customer’s request is clearly unsubstantiated, repetitive or excessive, we may charge a reasonable fee.In addition, we may refuse the customer’s request in these cases.
Information we may request
We may require specific information from the customer to help us verify the customer’s identity and ensure that the customer has access to the customer’s personal data (or any other rights of the customer).This is a security measure to ensure that personal data will not be leaked to anyone who is not authorized to receive it.We may also contact the customer to ask for more information so that we can respond as soon as possible.
We will try to respond to all legitimate requests within a month.If the customer’s request is particularly complex or multiple requests are made, it may take more than a month to process.In this case, we will inform and update the customer.
Customer’s responsibility to inform us of data changes
It is important for us to have the latest personal data of our customers accurately.If customers change their personal data during the establishment of a relationship with us, please inform us as soon as possible.
If the customer HAS any questions regarding this policy, privacy practices or the connection of HAS,
Please contact us at:
Shanghai Has international trade co. LTD
Add：No.39, Yuxiu Road, Songjiang District, Shanghai / HAS international stair mechanism
HAS HAS only responded to questions about data protection.Please write in Chinese or English.
Date of this policy update: November 2019