范围
上海蓝云网络科技有限公司(北京世纪互联宽带数据中心有限公司的关联公司,下称“世纪互联”或“我们”)运营的在线服务包括:(1)Microsoft Azure;(2)Microsoft Office 365;(3)Microsoft Dynamics 365; (4) Microsoft Power Platform 以及 (5) Microsoft Intune(下称“在线服务”)。世纪互联运营的在线服务是基于微软技术的云服务,由位于中华人民共和国(不包括香港特别行政区、澳门特别行政区以及台湾地区,以下简称“中国”) 的世纪互联数据中心运营并销售。本隐私声明适用于上述在线服务以及显示或链接至本隐私声明的任何其它的世纪互联服务。关于特定功能的更多信息,请参阅服务说明或服务文件。
通过在线服务,您可以购买、订阅或使用世纪互联或具有不同隐私实践的第三方提供的产品和服务。您使用其他产品和服务以及您提供给第三方的任何信息将适用该第三方的隐私声明和政策。
终端用户须知:本隐私声明适用于世纪互联所提供在线服务的客户和潜在客户。本隐私声明中所有提到的“您”或“您的”均指世纪互联的客户。这些客户可能使用在线服务以开发并向其终端用户提供自有服务。世纪互联在此类情形下收集或处理的任何信息均由我们基于我们客户的利益代为处理,该信息的收集和使用由客户控制。终端用户应将与隐私相关的请求直接提交给向其提供服务的实体。如果终端用户使用其所在组织(如雇主或学校)提供的电子邮件地址访问在线服务,与该电子邮件地址相关的域的所有者可能:(1)对终端用户的服务账户具有控制权和管理权;且(2)可访问和处理终端用户数据,包括终端用户通信和文件的内容。终端用户使用在线服务可能受其所在组织的政策(如有)约束。我们仅在与客户约定范围内对客户的隐私相关实践承担责任。
我们如何收集和使用您的数据
个人信息的定义
“个人信息”是指以电子或其他方式记录的能够单独或与其他信息结合识别特定自然人身份或反映特定自然人活动的各种信息。在本隐私声明中,个人信息可能包括您在管理员入口中指定的账户管理员的管理员数据、实名认证数据,包含姓名、支付工具的账号、账单地址的付款数据、您在我们的网站、营销活动、及任何调查或问卷中提交的注册数据、以及包含联系方式与认证信息的支持数据等。
“个人敏感信息”是指一旦泄露、非法提供或滥用,容易导致个人声誉、身心健康受到损害、歧视性待遇或可能危害人身和财产安全的个人信息。在本隐私声明中,个人敏感信息可能包括管理员数据、实名认证数据、付款数据、包含个人电话号码、电子邮件地址、身份证件和支付工具的账号、安全码和交易记录的注册数据、以及包含联系方式与认证信息的支持数据等。
我们会在下述场景中收集和使用您的数据,其中可能会涉及个人信息。如果我们收集您的个人信息超出下述声明的范围,或使用您的个人信息超出与收集时所声称的目的具有直接或合理关联的范围,我们将于收集或使用您的个人信息前,再次通知您并征得您的明示同意。
客户数据
客户数据是指您通过使用在线服务向我们提供或以您的名义向我们提供的所有数据,包括所有文本、音频、软件或图像文件。例如,客户数据包括您在在线服务中上传的供存储或处理的数据以及您或您的终端用户在在线服务中上传的供托管的应用程序。这不包括配置、技术设置或服务记录信息,或下述管理员数据、实名认证数据和付款数据。
我们仅为提供在线服务或与之相兼容的目的使用客户数据。这可能包括改进底层技术、预防性地排除故障、监测或修复影响在线服务运行的问题、以及改进监测和防范对用户的新生或衍生威胁(如恶意软件或垃圾邮件)的功能等。
我们仅将客户数据存储在位于中国的数据中心。在有限的情形下,当有必要对客户支持事故进行故障排查或解决技术问题时,世纪互联可能根据可适用的法律法规授权其位于中国境外的某一关联方、供应商、或分包商访问客户数据。世纪互联将根据可适用的法律法规监督此类访问,并在解决问题后终止此类访问。
管理员数据
管理员数据是指在注册、购买或管理在线服务时提供的有关管理员(包括账户联系人和订阅管理员)的信息,包括姓名、地址、电话号码和电子邮件地址。
我们使用管理员数据以完成您要求的交易、管理您的账户、改善在线服务以及监测并防止欺诈行为。
我们可能会联系您,以提供关于新订阅、账单和重要在线服务更新的信息(包括安全或其他技术问题的信息)。根据您客户协议中的描述,在收到第三方关于您使用服务的询问时,我们也可能联系您。在使用在线服务中或服务后的合理期限内,您将无法退订这些消息。根据您的联系方式偏好,我们也可能通过电话或电子邮件联系您,以提供有关其他产品和服务的信息和要约,或者请求您提供反馈。您可以在适用的在线服务账户信息中管理您的联系方式偏好或退订此类消息。
实名认证数据
我们会依据可适用的法律法规进行实名制管理。实名认证数据是指您在实名认证时提供的企业营业执照、管理员手机号码或身份证扫描件。如您不提供上述信息,将无法完成实名认证,因而可能无法使用在线服务。
为了验证实名认证数据的准确性和完整性,我们可能将您提供的信息与合法存有您信息的机构进行验证核对。
付款数据
当您在线采购时,您将被要求提供付款信息,其中包括您的支付工具账号,您的姓名和账单地址,以及与您支付工具有关的安全码和其他金融数据(“付款数据”)。
我们除使用付款数据完成交易外,也将使用付款数据监测并防止欺诈行为。
当您使用经认证的付款数据时,我们将保存该数据以帮助您在将来完成交易时不必再次提供该信息。但是,我们不会以此方式保存与您支付工具有关的安全码。
支持数据
支持数据是我们在您提交支持请求或运行自动故障检测器时收集的信息,包括有关硬件、软件的信息以及与支持事故相关的其他详细信息,例如:联系方式或认证信息、聊天会话个性化设置、出错及诊断期间有关机器和应用程序状况的信息、有关软件安装和硬件配置的系统和注册数据以及错误追踪文件。
我们将通过电话、电子邮件或在线聊天提供支持服务。经您允许,我们可能会通过远程访问临时操作您的机器。由专业支持人员进行的通话、在线聊天或远程访问可能会被记录和/或监控。对于远程访问,您还可在操作结束后查看记录。您可以在任何时间选择终止即时聊天或远程访问。我们按照本隐私声明中的规定使用支持数据。此外也将其用于解决您的支持事故和培训用途。
支持服务结束后,我们可能会向您发送有关您的体验和服务内容的调查问卷。如果您不愿接受调查问卷,可以通过电子邮件页脚链接退订或通过世纪互联提供的其他通讯方式联系支持部门退订。
我们如何使用 Cookies 和类似技术
一些在线服务网站会使用 Cookies。Cookies 是由网络服务器存储在设备硬盘上的小文本文件。我们可能会使用Cookies 和类似技术(如网站信标)来存储用户的偏好和设置以防止欺诈行为、认证用户以及收集有关在线服务的操作信息。除在您访问我们网站时世纪互联可能设置的 Cookies 以外,为我们提供一定服务(例如站点分析)的第三方也可能在您访问世纪互联站点时在您硬盘上设置一定的 Cookies。
您可以通过改变浏览器的设置拒绝或管理 Cookies。请您注意,如果停用 Cookies,您可能无法享受到最佳的在线服务体验,某些在线服务也可能无法正常使用。
本地软件
在线服务的一些功能可能允许或要求您安装或运行本地软件(例如,代理、Azure Stack 软件等)。这些软件可能会从您的本地环境中收集数据以提供您需要的在线服务。本地代理还可能收集诊断数据并发送给我们(包括我们的关联方、境内或境外的供应商或分包商),以运行和改善在线服务。关于代理的更多信息,请参阅相关服务文件。
我们如何存储您的个人信息
您的个人信息将存储在中国境内。如有必要,您的个人信息可能会依据您的授权或可适用的法律法规被传输至境外。
在您使用在线服务期间,我们持续存储您提供的个人信息。您注销账号后,我们将根据相关法律法规的要求保留您的个人信息,但我们不会在此期间使用或处理您的信息;上述保留期满后,我们将立即对您的信息进行删除或匿名化处理。
当我们终止某项在线服务或停止运营时,我们将通过电子邮件或公告通知您,并在终止该项在线服务或停止运营后对您的相关个人信息进行删除或匿名化处理。
我们如何共享、转让和公开披露您的信息
除非经您指示,或根据与您签署的客户协议或本隐私声明中的描述,或根据可适用的法律法规,我们不会向世纪互联及其关联方以外的任何第三方公开披露、转让或共享客户数据、管理员数据、实名认证数据、付款数据、或任何其它个人信息(“您的信息”)。
我们会不时委托中国境内或境外的其他公司为我们提供技术支持或服务(如客户支持)。我们可能允许这些公司在其开展工作的必要范围内获取您的信息。这些信息主要包括为提供技术支持或服务的各种技术信息,仅在极少数情况下涉及到您的个人信息。如确有必要由境外的供应商或分包商获取您的个人信息,我们的客户支持人员将向您说明相关情况,并事先征得您的同意。我们要求这些接收您个人信息的公司必须对您的信息保密,并禁止将其用于为世纪互联提供服务之外的其他目的。
如必须向第三方披露客户数据,除非法律禁止,我们将采取商业上合理的努力事先告知您相关披露情况。如果第三方就您使用在线服务的行为向我们投诉(例如声称关于您或您的终端用户有侵权行为),我们可能会要求该第三方直接与您联系,并可能会向该第三方提供您的基本联系方式。
为防止欺诈行为或为进行付款交易,世纪互联可能会与中国境内或境外的第三方共享管理员数据或付款数据。目前,此类境外分包商的数据存储在美国等其他国家或地区。我们要求此类第三方对您的信息保密,并不得将您的信息用于其他目的。我们要求此类第三方采取充分的安全措施,以确保您的个人信息得到不低于在中国境内的保护。
您可以通过在线服务购买、订阅或使用世纪互联以外的其他公司的服务、软件和内容(“第三方产品”)。如果您选择购买、订阅或使用第三方产品,我们可能会向第三方提供您的管理员数据或付款数据以使第三方能够向您提供其产品(并根据您的联系方式偏好,向您发送促销信息)。上述信息及您对第三方产品的使用将适用第三方所适用的隐私声明和政策。
除法律法规另有规定外,在没有您事先书面指令的情况下,我们不会对您终端用户所提出的数据保护和隐私要求做出实质回应。
当发生收购、兼并、重组等类似交易时,如涉及到个人信息的转让,我们会向您告知有关情况。持有您个人信息的承继公司将继续履行本隐私声明项下的责任和义务。如果该公司变更使用您个人信息的目的,则其应当就该变更再次取得您的明示同意。
在共享、转让或公开披露您的个人信息时,我们会征得您的同意,以下情形除外:
- 与国家安全和国防直接相关的;
- 与公共安全、公共卫生、重大公共利益直接相关的;
- 与刑事侦查、起诉、审判、判决执行等直接相关的;
- 出于维护您或他人的生命、财产等重大合法权益但又很难得到本人同意的;
- 您自行向社会公众公开的个人信息;以及
- 从合法公开披露的信息中收集个人信息的,如合法的新闻报道或者政府公开的信息。
我们如何保护您的个人信息
我们致力于保护您的个人信息安全。我们使用各种安全技术和流程来帮助保护您的个人信息,使其免遭未经授权的访问、使用或泄露。例如,我们将您的个人信息存储在位于受控场所的计算机系统中,并限制这些系统的访问。在存储和传输您的个人信息时,我们将采取加密等相应的安全措施。
如发生个人信息安全事件,世纪互联将按照法律法规的要求以推送通知或公告等形式及时通知您,向您告知安全事件的基本情况和可能的影响、我们已采取或将要采取的处理措施、您可自主防范和降低风险的建议、对您的补救措施等。
如发生网络安全事件,我们会按照网络安全事件应急预案采取相应的补救措施,并按照相关法律法规向有关主管部门报告。
您如何管理您的个人信息
我们为您提供了管理个人信息的方法。您可以在您的管理员入口的账户信息中查询、管理您的管理员数据、实名认证数据及付款数据。但出于安全性和身份识别的考虑或根据法律法规的规定,您可能无法修改注册时提供的初始注册信息,如实名认证数据。
如您对于管理个人信息有其他疑问或者需求,请联系客户支持人员。如果您选择删除您的个人信息或改变授权的范围,可能导致我们无法为您提供某些在线服务。例如,删除付款数据或联系方式的详细信息,您将难以完成支付和接受相应的在线服务。
除非法律法规另有规定,如果我们决定响应您的删除请求,我们也会通知从我们这里获得您的个人信息的供应商或分包商,要求其及时删除。
为保障安全,在响应您根据本部分管理个人信息的请求时,我们可能会先验证您的身份。我们会在验证您的身份后,及时响应您的上述请求,并于三十天内或法律法规规定的期限内做出答复及合理解释,或者告知您解决纠纷的外部途径。
尽管有上述约定,但根据法律法规,在以下情形我们可能无需响应您提出的上述请求,包括但不限于:
1) 与个人信息控制者履行法律法规规定的义务相关的;
2) 与国家安全、国防安全直接相关的;
3) 与公共安全、公共卫生、重大公共利益直接相关的;
4) 与犯罪侦查、起诉、审判和执行判决等直接相关的;
5) 个人信息控制者有充分证据表明个人信息主体存在主观恶意或滥用权利的;
6) 出于维护个人信息主体或其他个人的生命、财产等重大合法权益但又很难得到本人同意的;
7) 响应个人信息主体的请求将导致个人信息主体或其他个人、组织的合法权益受到严重损害的;
8) 涉及商业秘密的。
遵守法律
您知晓,根据中国法规:
• 互联网信息服务提供者不得制作、复制、发布或散播含有以下内容(“禁止内容”)的信息。以下内容属禁止内容:
o 反对宪法所确定的基本原则的;
o 危害国家安全,泄露国家秘密,颠覆国家政权,破坏国家统一的;
o 损害国家荣誉和利益的;
o 煽动民族仇恨、民族歧视,破坏民族团结的;
o 破坏国家宗教政策,宣扬邪教和封建迷信的;
o 散布谣言,扰乱社会秩序,破坏社会稳定的;
o 散布淫秽、色情、赌博、暴力、凶杀、恐怖或者教唆犯罪的;
o 侮辱或者诽谤他人,侵害他人合法权益的;
o 含有法律、行政法规禁止的其他内容的。
• 若互联网信息服务提供者发现其网站传输的信息属于禁止性内容的,应当立即停止传输,保存有关记录,并向国家有关机关报告。
您进一步同意:
• 若您使用在线服务开展业务或运营组织须经相关政府机构许可或批准,您应当取得该等相关许可或批准,包括但不限于:
o 若您的网站提供非经营性互联网信息服务,您应当在政府机构办理非经营性网站的备案;
o 若您的网站提供经营性互联网信息服务,您应当从政府机构取得经营性网站的 VAT 许可证。
• 若您为一家使用在线服务的互联网信息服务提供商,您应当记录提供的信息及其发布时间、互联网地址或域名,并在相关政府机构依法调查时,协助提供上述信息。
• 您在注册在线服务时必须提供您的真实身份和联系方式,如信息发生变更的,应立即在管理员入口进行更新。我们将通过上述信息联系到您,详见本隐私声明中的规定。您保证您所提供的信息是真实、完整和有效的,否则您将承担全部后果。
试用期
试用是为了在购买前检测在线服务而提供的。在试用期结束后,世纪互联可以暂时保留在试用在线服务期间所收集的信息,以便在您日后决定购买在线服务时改善您的客户体验。但是,在试用期结束后,您的信息可能随时从在线服务中删除。
预览发行
预览版、测试版或其他预发行服务(“预览”)是世纪互联提供的为了在正式发行前获得用户反馈的选择性评估版本的在线服务。本部分描述了针对预览的不同或附加的条款:
安全:我们会尽最大努力在预览中为您的个人信息提供安全措施,但这些安全措施与目前典型线上服务中的安全措施相比可能会有不同之处。
未成年人保护
如您是18岁以下的未成年人,请务必要求您的监护人仔细阅读本隐私声明,并请您在征得您的监护人同意的前提下使用我们的在线服务或向我们提供您的信息。
本隐私声明的更改
我们将不时更新我们的隐私声明以响应的法律法规要求、用户反馈以及我们在线服务的变化。当我们发布更改的隐私声明时,我们将修订隐私声明顶部“最后更新”的日期。如果本隐私声明或世纪互联使用您的信息的方式有实质性变更,我们将在该等变更生效前通过发布该等变更的通知或直接向您发送通知告知您。我们鼓励您定期审阅您使用的产品和服务的隐私声明以了解世纪互联会如何保护您的信息。
如何联系我们
世纪互联欢迎您的评论。如果您认为世纪互联未遵守其隐私或安全承诺,或者您需要我们的更多帮助,请通过客户服务热线(大红鹰795388mmo)联系我们。
我们设立了个人信息保护专员。
我们的邮寄地址为:
中华人民共和国,北京市朝阳区酒仙桥路6号院电子城·国际电子总部6号楼12-13层 100015
上海蓝云网络科技有限公司(北京世纪互联宽带数据中心有限公司的关联公司)
我们将在验证您的身份后30天内予以回复。
Privacy Statement for Online Services Operated by 21Vianet
Updated: December 1, 2020
Scope
Online services operated by Shanghai Blue Cloud Technology Co., Ltd. (“21Vianet”, “we”, or “us”), an affiliate of Beijing 21Vianet Broadband Data Center Co., Ltd., include (1) Microsoft Azure; (2) Microsoft Office 365 ; (3) Microsoft Dynamics 365; (4) Microsoft Power Platform; and (5) Microsoft Intune(“Online Services”). The Online Services operated by 21Vianet are cloud services based on Microsoft’s technology but operated and sold by 21Vianet from data centers located in the People’s Republic of China (excluding Hong Kong and Macau Special Administrative Regions and Taiwan, referred to below as “China”). This Privacy Statement applies to the use of the Online Services and any other 21Vianet services that display or link to this Privacy Statement. For more information about the functionality of particular features, please review the service description or service documentation.
The Online Services may enable you to purchase, subscribe or use other products and services from 21Vianet or third parties with different privacy practices. Your use of other products and services, and any data you provide to a third party is governed by their privacy statements and policies.
Notice to End Users: This Privacy Statement is written for customers and potential customers of the Online Services operated by 21Vianet (collectively referred to as our “Customers”). All references to “you” or “your” in this privacy statement are to 21Vianet customers, who, in turn, may use the Online Services to develop and host their own services for their end users. Any data 21Vianet collects or handles in such circumstances is processed by us on behalf of our customer, who controls the collection and use of the data. End users should direct privacy-related requests to the entity providing them with service. If an end user accesses the Online Services using an email address provided by his or her organization (e.g., employer or school), the owner of the domain associated with the email address may: (i) have control and power of administration over the end user’s service account; and (ii) access and process end-user data, including the content of end-user’s communications and files. The end user’s use of the Online Services may be subject to the organization’s policies (if any). We are only responsible for the Customer’s privacy-related practices within the scope agreed with the Customer.
How We Collect and Use Your Data
Definition of Personal Data
Personal Data refers to all kinds of data recorded via electronic means or otherwise that can be used to identify a particular natural person or to reflect the particular natural person’s activities, whether on its own or combined with other data. For the purpose of this Privacy Statement, Personal Data may include the administrator data of the account administrator you specify in the administrator portal, Real-Name Authentication Data, the name, the number of the payment instrument, the billing address in the Payment Data, the registration data you submit on our website, in our marketing events, or for any survey or questionnaire, as well as the contact and verification information in support data, etc.
Sensitive Personal Data is a subset of Personal Data that can easily lead to damage of personal reputation, physical and mental health, or discriminatory treatment, and may endanger the safety of people and property if it is revealed, illegally provided, or abused. For the purpose of this Privacy Statement, Sensitive Personal Data may include Administrator Data, Real-Name Authentication Data, Payment Data, registration data which includes personal phone number, e-mail address, identification and payment instrument account numbers, security code, transaction record, support data which includes contact and verification information, etc.
We collect and use your data in the following scenarios, which may involve Personal Data. If we collect your Personal Data beyond the scope of the following statement, or use your Personal Data beyond the scope directly or reasonably associated with the stated purpose at the time of collection, we will inform you again and obtain your express consent before collecting or using your Personal Data.
Customer Data
Customer Data is all the data, including all text, sound, software or image files that you provide, or are provided on your behalf, to us through your use of the Online Services. For example, Customer Data includes data that you upload for storage or processing in the Online Services and applications that you or your end users upload for hosting in the Online Services. It does not include configuration, technical settings, or support ticket information, or Administrator Data, Real-Name Authentication Data, and Payment Data indicated below.
We only use Customer Data to provide the Online Services and for purposes compatible with providing the Online Services. This may include improvement of underlying technology, troubleshooting aimed at preventing, detecting and repairing problems affecting the operation of the Online Services and the improvement of features that involve the detection of, and protection against, emerging and evolving threats to the user (such as malware or spam).
Customer Data will only be stored in data centers located in China. In limited circumstances, when it is necessary to troubleshoot customer support incidents or solve technical problems, 21Vianet may authorize an affiliate, supplier, or subcontractor located outside the territory of China to access the Customer Data according to applicable laws and regulations. 21Vianet will supervise such access and terminate such access when the problem is resolved in accordance with applicable laws and regulations.
Administrator Data
Administrator Data is the data about administrators (including account contact and subscription administrators) provided during sign-up, purchase, or administration of the Online Services, such as name, address, phone number, and e-mail address.
We use Administrator Data to complete the transactions you request, administer your account, improve the Online Services, and detect and prevent fraud.
We may contact you to provide information about new subscriptions, billing and important updates about the Online Services, including information about security or other technical issues. We may also contact you regarding third-party inquiries we receive regarding your use of the Online Services, as described in your customer agreement. You will not be able to unsubscribe from these communications during the reasonable period within or after the Online Services. Subject to your contact preferences, you may also be contacted, by phone or e-mail, regarding information and offers about other products and services or to request your feedback. You may manage your contact preferences or unsubscribe such communications in your account profile for the applicable Online Service.
Real-Name Authentication Data
We implement real-name management in accordance with applicable laws and regulations. Real-Name Authentication Data refers to your business license, administrator’s mobile phone number, or the scanned copy of ID card provided by you during real-name authentication. If you do not provide the above data, you will not be able to complete the real name authentication and may not be able to use the Online Services.
In order to verify the accuracy and completeness of the Real-Name Authentication Data, we may verify the data provided by you with agencies that legally store your data.
Payment Data
When you make online purchases, you will be asked to provide payment data, which includes your payment instrument number, your name and billing address, and the security code associated with your payment instrument and other financial data (“Payment Data”).
We use Payment Data to complete transactions, as well as for the detection and prevention of fraud.
When you use authenticated Payment Data, we will store that data to help you complete future transactions without your having to provide the data again. We do not, however, retain the security code associated with your payment instrument in this manner.
Support Data
Support Data is the data we collect when you submit a support request or run an automated fault detector, including data about hardware and software, and other details related to support incidents, such as contact or verification information, chat session personalization, data about the conditions of the device and application during the period of error and diagnostics, system and registration data regarding software installation and hardware configuration, and error tracking files.
Support services can be provided by phone, email or online chat. With your permission, we may temporarily manipulate your machine through Remote Access. Calls, live chat, or Remote Access by professional support staff may be recorded and/or monitored. For Remote Access, you can also view the record after the operation has ended. You can choose to terminate live chat or Remote Access at any time. We use Support Data in accordance with this Privacy Statement, and we also use it to resolve your support issues and for training purposes.
After the support experience is over, we may send you a questionnaire about your experience and service content. If you are unwilling to participate in the survey, you may unsubscribe through the footer link in the email or contact the support department through other communication methods provided by 21Vianet to unsubscribe.
How We Use Cookies and Similar Technologies
Some Online Services’ websites use “Cookies”, which are small text files placed on a device’s hard drive by a web server. We may use Cookies and similar technologies such as web beacons for storing users’ preferences and settings, to prevent fraud, authenticate users and collect operational data about the Online Services. In addition to the Cookies we may set when you visit our websites, third parties that provide certain services on our behalf, such as site analytics, may also set certain Cookies on your hard drive when you visit our sites.
You may object or manage Cookies by changing the settings on your browser. However, please note that if you stop using Cookies, you may not enjoy the best service experience, and some of our Online Services may not function properly.
Local Software
Some features of the Online Services may enable or require that you install or run local software (e.g., agents, Azure Stack software, etc.). Such software may collect data from your local environment in order to provide the Online Services that you have requested. Local agents may also collect diagnostic data that will be sent to us (including our affiliates, and domestic or overseas suppliers or subcontractors) for operating and improving the Online Services. For more information about agents, please consult the relevant service documentation.
How We Store Your Personal Data
Your Personal Data will be stored in China. If necessary, your Personal Data may be transferred overseas upon your authorization or in accordance with applicable laws and regulations.
During your use of the Online Services, we retain the Personal Data you provided. After you close your account, in accordance with relevant laws and regulations, we will retain your Personal Data, but we will not use or process your Personal Data during this period; upon expiry of the aforementioned retention period, we will immediately delete or anonymize your data.
When we terminate an Online Service or operation, we will notify you by e-mail or announcement, and delete or anonymize your relevant Personal Data upon such termination.
How We Share, Transfer, and Disclose Your Data
We will not disclose or transfer Customer Data, Administrator Data, Real-Name Authentication Data, Payment Data, or any other Personal Data (“your data”) to, or share your data with, any third party apart from 21Vianet and its affiliates except as you direct, or as described in your customer agreement or this Privacy Statement, or pursuant to applicable laws and regulations.
- We contract with other companies within or outside China from time to time to provide technical support or services (such as customer support) on our behalf. We may provide these companies with access to your data where necessary for their engagement. This data mainly includes various technical data for providing technical support or services, and in rare cases involves your Personal Data. If it is really necessary to have your Personal Data accessed by an overseas supplier or subcontractor, our customer support personnel will explain the relevant information to you and obtain your prior consent. These companies are required to maintain the confidentiality of your data and are prohibited from using it for any purpose other than that for which they are engaged by 21Vianet.
- If it is strictly necessary to disclose Customer Data to a third party, we will use commercially reasonable efforts to notify you in advance of the disclosure unless legally prohibited. Should a third party contact us with a complaint about your use of the Online Services (for example, allegation of infringement by you or your end user), we may ask the third party to contact you directly and may provide your basic contact data to the third party.
- 21Vianet may share Administrator Data or Payment Data with third parties within or outside China for the purpose of fraud prevention or to process payment transactions. Currently, the data of such overseas subcontractors are stored in the US and other countries or regions. The third parties are required to keep your data confidential and are prohibited from using it for other purposes. They are required to take adequate security measures to ensure that your Personal Data receives the level of protection no less than that in China.
- The Online Services enable you to purchase, subscribe to, or use services, software, and contents from companies other than 21Vianet (“Third Party Offerings”). If you choose to purchase, subscribe to, or use a Third Party Offering, we may provide the third party with your Administrator Data or Payment Data to enable the third party to provide its offering to you (and subject to your contact preferences, send you promotional communications). That data and your use of a Third Party Offering will be governed by the privacy statement and policies applicable to the third party.
- We will not substantively respond to data protection and privacy requests from your end users without your prior written instruction, unless required by applicable laws and regulations.
- If your Personal Data has to be transferred due to acquisitions, mergers, reorganizations, or similar transactions, we will notify you. The succeeding company that holds your Personal Data will continue to perform the responsibilities and obligations under this Privacy Statement. If the succeeding company modifies the purpose of using your Personal Data, it should acquire your explicit consent again with regard to such modification.
- We may not need to obtain your explicit instruction when sharing, transferring or disclosing your Personal Data under the following circumstances:
-
- circumstances directly related to national security and national defense;
- circumstances directly related to public security, public health and significant public interests;
- circumstances directly related to criminal investigation, prosecution, trial, execution of a sentence, etc.;
- for securing significant lawful interests, such as your or other person’s life, property, etc., but only where it is difficult to acquire the consent from the data subject;
- where you have already publicly disclosed your Personal Data; and
- where we collect your Personal Data from the information that is lawfully disclosed to the public, such as from legitimate news report or information published by the government.
How We Protect Your Personal Data
We are committed to protecting your Personal Data. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorized access, use, or disclosure. For example, we store your Personal Data on computer systems located in controlled locations and restrict access to these systems. When storing and transmitting your Personal Data, we will take appropriate security measures such as encryption.
In the event of Personal Data security incidents, 21Vianet will promptly notify you via push notifications or announcements in accordance with the requirements of applicable laws and regulations, informing you of the basic circumstances and possible impacts of the security incidents, the measures we have taken or will take, advice for you on self-prevention and mitigation of risks, remedial measures for you, etc.
In the event of a cyber security incident, we will follow the emergency response plan for cyber security incidents, take appropriate remedial measures, and report to the competent authorities in accordance with relevant applicable laws and regulations.
How You Can Manage Your Personal Data
We provide you with ways to manage your Personal Data. You can access and manage your Administrator Data, Real-name Authentication Data, and Payment Data in the account information of your administrator portal. However, for security and identification considerations or as required by applicable laws and regulations, you may not be able to modify the initial registration information provided at the time of registration, such as Real-Name Authentication Data.
If you have other questions or needs for managing Personal Data, please contact customer support. If you choose to delete your Personal Data or change the scope of the authorization, it may result in our failure to provide certain Online Services for you. For example, deleting Payment Data or contact details will make it difficult for you to complete payments and receive corresponding Online Services.
If we decide to respond to your request for deletion, we will also notify the supplier or subcontractor who has obtained your Personal Data from us and request them to delete your Personal Data in a timely manner, unless otherwise required by applicable laws and regulations.
To ensure security, we may ask you to verify your identity first in response to your request to manage Personal Data under this section. We will timely respond to your request above after verifying your identity, and reply or make reasonable explanations to you within 30 days or the time limit stipulated by applicable laws and regulations, or inform you about the external approaches you may choose to resolve the disputes.
Notwithstanding the above, pursuant to applicable laws and regulations, we may not need to respond to your requests under the following circumstances, including but not limited to:
- related to the performance of the obligations specified in laws and regulations by the personal data subject;
- directly related to national security and national defense security;
- directly related to public security, public health and major public interests;
- directly related to criminal investigation, prosecution, trial and enforcement of judgments;
- personal data controller has sufficient evidence indicating that the personal data subject has subjective malicious intention or abuses his rights;
- it is for the purpose of safeguarding the major legitimate rights and interests of the personal data subject or other individuals including life and property, but it is impossible to get his consent; and
- responding to the request of personal data subject will result in serious damage to the legitimate rights and interests of personal data subject or other individuals and organizations.
Compliance with Law
You acknowledge that under Chinese regulations:
- An Internet information service provider shall not produce, reproduce, publish, or disseminate information that includes the following content (“Prohibited Content”). Prohibited Content is content that:
-
- is against the basic principles determined by the Constitution;
- impairs national security, divulges State secrets, subverts State sovereignty or jeopardizes national unity;
- damages the reputation and interests of the State;
- incites ethnic hostility and ethnic discrimination or jeopardizes unity among ethnic groups;
- damages State religious policies or that advocates sects or feudal superstitions;
- disseminates rumors, disrupts the social order or damages social stability;
- disseminates obscenity, pornography, gambling, violence, homicide and terror, or that incites crime;
- insults or slanders others or that infringes their lawful rights and interests; and
- is otherwise prohibited by laws or administrative regulations.
- If an Internet information service provider discovers that information distributed on its website falls within the scope of the Prohibited Content, it shall promptly terminate the distribution, keep relevant records, and report to relevant authorities.
You further agree that:
- If the business or organization you operate by using the Online Services is subject to permit or approval by relevant governmental authorities, you should obtain such relevant permit or approval, including but not limited to:
- if your website provides non-operational Internet information services, Customer will make the filing for the non-operational website with the governmental authority; and
- if your website provides operational Internet information services, you will obtain the VAT permit for operational website from the governmental authority.
- If you are an Internet information service provider using Online Services, you will keep records of the information provided, time of publishing and the Internet address or domain name, and assist in providing such information when inquired by related government authorities in accordance with applicable laws.
- You will provide your real identity and contact information when registering for the Online Services and promptly update that information in the administrator portal if there are any changes to the information. We will use this information to contact you, as detailed in this Privacy Statement. You warrant that the information you provide is true, complete, and valid; otherwise, you will bear all the consequences.
Trial Period
Trials are provided to examine Online Services prior to purchase. At the end of the trial period, 21Vianet can temporarily retain the data it collects during your Online Service trial to improve your customer experience when you decide to purchase the Online Services in the future. However, your data may be removed from the Online Services at any time after the trial period for the Online Service ends.
Preview Releases
Preview version, beta version, or other pre-release services (“Previews”) are optional evaluation versions of the Online Services offered by 21Vianet to obtain customer feedback prior to general release. This section describes the different or additional terms specific to Previews:
- Security: We will do our best to provide security measures for your data in the Previews, but these security measures may differ from the present security measures in typical Online Services.
Protection of Minors
If you are a minor under the age of 18, please be sure to ask your guardian to read the Privacy Statement carefully, and please use our Online Services or provide your data to us under the condition that you have obtained the consent of your guardian.
Changes to this Privacy Statement
We will update our Privacy Statement from time to time to reflect requirements of applicable laws and regulations, customer feedback and changes in our Online Services. When we post changes to the Privacy Statement, we will revise the “last updated” date at the top of the Privacy Statement. If there are substantial changes to the Privacy Statement or in how 21Vianet will use your data, we will notify you either by posting a notice or by directly sending you a notification about such changes before they take effect. We encourage you to periodically review the Privacy Statement for the products and services you use to learn about how 21Vianet protects your data.
How to Contact Us
21Vianet welcomes your comments. If you believe that 21Vianet is not adhering to its privacy or security commitments, or you need more help from us, please contact us through the customer support hotline 大红鹰795388mmo.
We have a personal data protection officer. Our mailing address is:
12-13F, Building 6, No.6, Jiuxianqiao Road, Beijing Electronics Zone, Chaoyang District, Beijing, 100015
Shanghai Blue Cloud Technology Co., Ltd, an affiliate of Beijing 21Vianet Broadband Data Center Co., Ltd.
We will respond to you within 30 days after the verification of your identity.