Privacy Policy (Applicable to MAXHUB VI Product)
Last updated on November [*] 2022
Guangzhou Shirui Electronics Co., Ltd. (hereinafter called “Shirui” or “We”) is the controller of your Personal Data. Our registration address is 192 Kezhu Road, Science Park, Huangpu District, Guangzhou City, Guangdong Province P.R.China. We are committed to protecting and respecting your privacy. In this regard, we develop this Privacy Policy (hereinafter “the Privacy Policy”) to explain how we collect, use, disclose, transfer and store your Personal Data when you use our MAXHUB VI Product, preinstalled software or other functions (hereinafter “MAXHUB Products”). Before using our MAXHUB Products and submitting your Personal Data, please read the Privacy Policy carefully to understand our approach to customer privacy.
This Policy will help you understand the followings:
I. Definitions
II. How We Collect Your Personal Data
III. How We Use Your Personal Data
IV. How We Share, Transfer and Publicly Disclose Your Personal Data
V. How We Protect Your Personal Data
VI. Your Rights
VII. How We Process Children’s Personal Data
VIII. How Your Personal Data Transferred Globally
IX. How This Privacy Policy is Updated
I. Definition
“Affiliated Company” refers to a company that is related to Shirui due to joint ownership or control.
“Third Parties” refer to companies or persons who do not have a related relationship arising out of joint ownership or control with Shirui (i.e., a non-Affiliated Company) or other non-related persons. Third parties can be financial or non-financial companies, or persons other than you and Shirui.
“Personal Data” refers to data that is related to identified or identifiable natural person.
II. How We Collect Your Personal Data
Shirui collects information for more efficient operations and provides you with the best product experience. Our channels for collecting Personal Data include: (1) information directly provided by you; (2) data recorded by us about how you interact with our products.
The information we collect depends on the environment in which you interact with Shirui, the choices you make, including your privacy settings and the functions you use.
1. Personal Data that we collect
(1) Information directly provided by you
Some of the services we provide to you will require you to provide us with information directly. For instance,
a) If you use our email services, you need to bind your email address for the MAXHUB device previously. Please note that the MAXHUB device do not automatically clear the email accounts you provide, and are usually public devices of their located companies. In order to protect your privacy, we suggest that you use a public email account as the email address of the sender and the receiver. If email address you bind on this MAXHUB device is other than your own, please ensure that you have obtained the owner's explicit consent. You shall be solely responsible for all liabilities caused by the disclosure of your email account and setting information saved.
b) We will collect other information generated when you use software preinstalled in the MAXHUB Products and store it locally. However, if you further transfer them to your own mobile device (such as your cellphone, pad) by scanning a QR code, this information will be further transferred to our cloud via internet. For instance:
• When you use lightapp-photo/CameraService/MaxhubCameraDss/lightapp-capture screen/MaxhubSingle screen recorder which involved camera and screen capture function, we will collect photos, videos and screenshots generated herein.
• When you use lightapp-vote, we will collect the voting results.
• When you use lightapp-presentation, we will collect the files and documents you upload and display.
c) We will collect your calendar-related information containing your email address, profile, nickname, and meeting schedule and display them on the MAXHUB Products when you use lightapp-launcher/DSSLauncher. Since the aforementioned information will be displayed to all users who use this MAXHUB device, please promptly quit or unsubscribe from this function when no longer needed.
(2) Product usage information
In addition to information you provide, in the process of using MAXHUB Products, we may collect data including your device information, log information and behavior information via event tracking and other technical methods, which is adopted for device performance detecting, user behavior analysis and subsequent product optimization.
Please note that we DO NOT collect the information described in this section unless you initiate participating in our User Experience Plan, and your decision of rejecting to our collection DOES NOT interrupt the normal operation of this MAXHUB Product. You can click here to know more regarding MAXHUB Product’s’ User Experience Plan.
2. How We Use your Personal Data
We process your Personal Data for purposes described in this Privacy Policy based on your prior consent and our legitimate interests. We also process your Personal Data pursuant to legal obligations imposed on us or to perform contracts between Shiui and you such as User Agreement. Shirui will strictly comply with the Privacy Policy and its updates to use your Personal Data. If your Personal Data is used for other purposes that is not stipulated in the Privacy Policy, we will additionally obtain your specific consent or other legal basis. Examples of our processing activities are as follows:
a) Provide our products and services. The Personal Data we collect will be used to provide you with MAXHUB Products, fulfill the contract between you and Shirui to ensure the functionality and safety of MAXHUB products and services, and to prevent and investigate fraud or other improper use.
b) Customer support. We use data to diagnose product problems, maintain MAXHUB Products, and render other services like customer care and customer support.
c) Product improvement. We use data collected to analyze product usage condition so as to constantly create, develop, and improve our products, analyze business operation efficiency, and include new features and functions. For instance, we will use the data from event tracking for product optimization and development, and furnish user profile construction with data basis.
We may provide additional information on our practice on Personal Data through product manual, supplementary privacy statement or notice. Some of our websites or functions may have independent privacy statements that specifically describe their way of Personal Data processing. If there is conflict between notices provided when collecting information or privacy statements of particular website or function and this Privacy Policy, the notice or supplementary statement shall prevail.
III. How We Store Your Personal Data
We use cloud servers deployed in Singapore to store the part of your Personal data you transfer via scanning the QR code and store users’ Product usage information described in session II of this Policy on cloud servers within the territory of Germany. Except for the aforementioned conditions, we only retain your Personal Data in the MAXHUB device by default.
We will strictly abide by the internal retention policy to store your Personal Data. The retention period for Personal Data is the minimum time necessary to achieve the collection purposes, except a longer period required by applicable laws and regulations or your explicit consent. We will delete or anonymize Personal Data exceeding the above retention period upon expiration.
Storage position and retention period of your personal data are as follows:
| Personal Data | Storage Position | Retention Period | Disposition Method |
|---|---|---|---|
| Email address | Local-storage on the MAXHUB device | Until the user take the initiative to delete | Deletion |
| Calendar information | Local-storage on the MAXHUB device | Until the user take the initiative to delete | Deletion |
| Screenshots and related videos/photos | Local-storage on the MAXHUB device | Until the user take the initiative to delete | Deletion |
| Voting results | Local-storage on the MAXHUB device | Until the user take the initiative to delete | Deletion |
| Files and documents you sent by scanning the QR code | Singaporean Cloud Servers | Limited to the shortest duration needed for the functions. (the QR Code generated expires in 7 days) | Anonymization or deletion |
IV. How We Share, Transfer and Publicly Disclose Your Personal Data
We have entrusted Amazon Web Services (AWS) and Microsoft Azure (both are well-known worldwide cloud storage service providers) to store your Personal Data as listed in Chapter III of the Privacy Policy. We have entered into data processing agreements to ensure that appropriate technical and organizational measures are adopted to protect your rights and interests regarding Personal Data.
In other conditions, we do not share your Personal Data with any other third party such as our affiliated companies or partners. However, if a merger, acquisition or bankruptcy liquidation takes place and a transfer of Personal Data is involved, we will request the new company or organization which obtains your Personal Data to be subject to this Privacy Policy.
Besides, we will only publicly disclose your Personal Data if it is mandatorily required by laws, such as in compliance with subpoena, legal proceedings, legal actions or compulsory request by supervisory department of government agencies. In addition, if we sincerely believe that disclosure is necessary to protect our rights, ensure your or others’ safety, investigate fraud or respond to government, we may publicly disclose your Personal Data.
V. How We Protect Your Personal Data
We have taken safeguarding measures in accordance with industry standards to protect the Personal Data you provided and prevent data from unauthorized access, public disclose, use, modification, damage or loss. In particular:
a) We adopt encryption measures. For instance, we will ensure the channels and means of Personal Data transferred is strictly encrypted. We periodically review practices regarding information collection, storage and possessing (including physical security measures) to prevent your Personal Data from unauthorized access.
b) We use computer system that has limited access and merely allow Shirui employees who need to know Personal Data in order to help us process it or authorized staff from service companies to access Personal Data. These people are required to comply with strict contractual confidentiality obligations. Failure to comply with the obligations will lead to legal liabilities or termination of contract with Shirui.
However, please be attention, even if we undertake reasonable measures to protect your data, there is no website, internet transmission, computer system or wireless connection that are definitely safe. In case of Personal Data security incident where it is likely to result in a high risk to the rights and freedoms of you, we shall communicate the personal data breach to you in accordance with the requirements of laws and regulations such as basic situations and possible influence of the security incident, response measures we have taken or will take, suggestions for you regarding self-prevention and risk reduction, remedial measures for you, etc.
We will inform you in a timely manner by email, mail, telephone, push notification, etc., regarding the relevant situations of the incident. When it is difficult to notify each Personal Data subject individually, we will issue a notice in a reasonable and effective manner. In the meantime, we will take the initiative to report on the handling of Personal Data security incident in accordance with regulatory department’s requirements.
VI. Your Rights
We respect your rights to Personal Data. Below is a list of your legal rights and the way we protect them. Please note, in case of safety, we may ask to verify your identity before processing your request.
a) Right to Know: We publishes the Privacy Policy to inform you of how we handle your Personal Data. We are committed to the transparency of the use of your information.
b) Access Right: If you are to exercise your access right to visit data such as device series number, model, stored conference information, etc.
c) Right of Rectification: If you find there is a mistake with your Personal Data we process, you are entitled to ask us to make rectifications. When your identity is confirmed, we will rectify accordingly.
d) Right to Delete: If we do not have legal reasons to continue the possession and processing your information, you can request us to delete or anonymize your Personal Data.
e) Right to Restrict Processing: You are entitled to request Shirui to restrict processing of your Personal Data. This means we can store your Personal Data but cannot process it. We only retain data needed for future response.
f) Right of Data Portability: Within scope permitted laws and regulations, you are entitled to obtain your Personal Data in a structured, commonly used, and machine readable format. For instance, if you decide to change the service provider, this right enables you to reliably and safely move, copy or easily transfer your Personal Data between IT systems without affecting its use.
g) Right of Refusal: Even if the processing of your data is based on our legitimate interest, exercise of public right, direct marketing (including data aggregation) and statistics, you have right to refuse our processing for these purposes.
h) Right to Withdraw Consent: If you agrees to our processing of your Personal Data but later changes mind, you can withdraw your consent at any time and we must stop processing.
i) Right to Refuse Automated Decision: You have rights not to be bound by automatic decisions (if any), including user profiling. If these decisions will significantly affect your legitimate rights, you can refuse to be subject to automated decisions. We will respond to your request and take appropriate measures when necessary.
j) Right to Complaint: You are entitled to file a complaint with the data protection authority of your country about our processing of your Personal Data.
You can get in touch with us and assert your aforesaid right by sending email to maxhubsupport@cvte.com. Upon receipt of your email, we will respond and reply to you as soon as possible. Generally, we will reply to you within one month upon receipt of your request (If necessary, we may extend it by an additional two months as permitted by law. We will inform you the reason for the extension within the aforementioned 30-day period, such as the request is too complicated or too much in volume). If you are not satisfied with the response you received, you can refer the complaint to the relevant regulatory authority in your jurisdiction.
VII. How We Process Children’s Personal Data
MAXHUB Products are not child-oriented. Nevertheless, we highly care about children’s Personal Data protection. If you are a children’s parent or guardian, and you reasonably believe that we have collected your child’s personal information, please feel free to contact us via the contact details we disclose in the Privacy Policy and show initial evidence or materials to us. If we find that a child’s Personal Data is collected, we will endeavor to delete relevant data immediately.
VIII. How Your Personal Data Transferred Globally
As a company headquartered in China and based on global operations, we provide MAXHUB Products and relevant services through resources and servers all over the world. In this case, upon your authorization and consent, your Personal Data may be transferred to Singapore or Germany where the cloud server is located. Also, your Personal Data may be accessed by Shirui from China for the necessary purpose of MAXHUB Products maintenance.
The types of data that may need to be transmitted to Singapore or Germany are these listed in the Chapter III. We will take corresponding protective measures according to the requirements of applicable laws to ensure data security.
Besides, when Personal Data is generated in the European Economic Area (“EEA”) is transferred to countries outside EEA, we will ensure that proper protective measures are taken to comply with General Data Protection Regulation (“GDPR”). For example: to sign the Standard Clauses Contract (“SCC”) approved by the European Commission according to Article 47 of GDPR.
For more information on protection measures on Personal Data in scenario of cross border data transfer, please contact us via: maxhubsupport@cvte.com.
IX. How This Privacy Policy is Updated
We reserve the right to update or modify the Privacy Policy from time to time. We will send you update notices through different channels. For significant changes to the Privacy Policy, if you provides us your email address, we will send notifications to you before such changes take effect, nonetheless we will post the notification on our website or push notifications through our device.
The Privacy Policy allows adjustments, but we will not diminish your rights under this Privacy Policy without your express consent. If you have any concerns or doubt over our Privacy Policy or our practices, please contact us via following channels:
● Address: 246 Shenzhou Road, Huangpu District, Guangzhou City, Guangdong Province P.R.China
● E-mail: maxhubsupport@cvte.com
● DPO: DPO@cvte.com