個人私隱政策 Personal privacy policy
介紹
歡迎來到 Arte Party Limited 的隱私權政策。
Arte Party Limited 特尊重您的隱私並致力於保護您的個人資料。 本隱私權政策將告知您當您造訪我們的網站(無論您從何處訪問)時我們如何處理您的個人數據,並告訴您您的隱私權以及法律如何保護您。
本隱私權政策以分層格式提供,因此您可以瀏覽到下面列出的特定區域。 另請使用術語表來理解本隱私權政策中使用的一些術語的含義。
[重要資訊與我們是誰] [我們收集的有關您的資料] [您的個人資料是如何收集的?] [我們如何使用您的個人資料] [您的個人資料的揭露] [國際轉帳] [資料安全] [資料保留] [您的合法權利] [詞彙表]
重要資訊以及我們是誰
本隱私權政策的目的與聲明
本隱私權政策旨在向您提供有關 Arte Party Limited 如何透過您使用本網站收集和處理您的個人資料的信息,包括您在註冊我們的時事通訊、購買產品或服務或參與活動時可能透過本網站提供的任何數據 Arte Party Limited 舉辦的其他活動。
本網站不適合兒童,我們不會刻意收集與兒童有關的資料。
請務必閱讀本隱私權政策以及我們在收集或處理有關您的個人資料時在特定情況下可能提供的任何其他隱私權政策或公平處理政策,以便您充分了解我們如何以及為何使用您的資料。 本隱私權政策是其他通知和隱私權政策的補充,但無意取代它們。
除非司法機構認為其他司法管轄區的法律較適合,否則香港法律適用於本隱私權政策。
控股人
Arte Party Limited 是您的個人資料的控制者並負責(在本隱私權政策中也稱為「本公司」、「我們」或「我們的」)。
如果您對本隱私權政策有任何疑問,包括任何行使您合法權利的請求,請使用下面列出的詳細資訊聯絡資料隱私經理。
聯絡方式
如果您對本隱私權政策或我們的隱私權慣例有任何疑問,請透過以下方式聯絡我們的資料隱私經理:
電子郵件地址:artepartymkt@gmail.com
郵寄地址:[九龍長沙灣醫局街555號怡高工業中心2樓]
[電話號碼:[2360 3870]
隱私權政策的變更以及您通知我們變更的責任
我們定期檢視我們的隱私權政策。
我們持有的有關您的個人資料必須準確且最新,這一點非常重要。 如果您的個人資料在您與我們的關係期間發生變化,請隨時通知我們。
第三方鏈接
本網站可能包含第三方網站、外掛程式和應用程式的連結。 按一下這些連結或啟用這些連線可能會允許第三方收集或分享有關您的資料。 我們不控制這些第三方網站,也不對其隱私權聲明負責。 當您離開我們的網站時,我們鼓勵您閱讀您造訪的每個網站的隱私權政策。
我們收集的有關您的數據
個人資料或個人資訊是指可以識別個人身份的任何資訊。 它不包括已刪除身份的資料(匿名資料)。
我們可能會收集、使用、儲存和傳輸有關您的不同類型的個人數據,我們將這些數據分組如下: 身分資料包括名字、姓氏、使用者名稱或類似識別碼、頭銜、身分證號碼、出生日期和性別。 聯絡資料包括帳單地址、送貨地址、電子郵件地址和電話號碼。 財務數據包括銀行帳戶和支付卡詳細資訊。 交易數據包括有關您的付款詳細資訊以及您從我們這裡購買的產品和服務的其他詳細資訊。 技術資料包括網際網路通訊協定 (IP) 位址、您的登入資料、瀏覽器類型和版本、時區設定和位置、瀏覽器外掛程式類型和版本、作業系統和平台、WiFi 以及您用於存取的裝置上的其他技術這個網站。 個人資料資料包括您的使用者名稱和密碼、您進行的購買或訂單、您的興趣、偏好、回饋和調查回應。 使用數據包括有關您如何使用我們的網站、產品和服務的資訊。 行銷和通訊資料包括[您從我們和我們的第三方接收行銷訊息的偏好以及您的通訊偏好]。
位置數據包括您使用本網站時產生的基於 GPS 的位置資訊。我們也出於任何目的收集、使用和共享匯總數據,例如統計或人口統計數據。 匯總數據可能源自您的個人數據,但在法律上不被視為個人數據,因為這些數據不會直接或間接透露您的身分。 例如,我們可能會匯總您的使用資料來計算存取特定網站功能的使用者百分比。 但是,如果我們將匯總資料與您的個人資料合併或連接,以便直接或間接識別您的身份,我們會將合併後的資料視為個人數據,並根據本隱私權政策使用。
我們不會收集有關您的任何特殊類別的個人資料/敏感個人資訊(這包括但不限於種族或出身、宗教或哲學信仰、個人意識形態、社會地位、犯罪記錄、醫療記錄或工會會員資格、遺傳數據、生物辨識資訊、健康資訊、有關性生活或性取向的資訊)。 我們也不收集任何有關刑事定罪和犯罪的資訊。
如果您未能提供個人數據
如果我們需要依法或根據我們與您簽訂的合約條款收集個人數據,而您未能按要求提供該數據,我們可能無法履行我們已經或試圖與您簽訂的合約您(例如,向您提供商品或服務)。 在這種情況下,我們可能必須取消您向我們提供的產品或服務,但如果當時發生這種情況,我們會通知您。
您的個人資料是如何收集的?
我們使用不同的方法來收集您的數據以及有關您的數據,包括通過:
直接互動。 您可以透過填寫表格或透過郵寄、電話、電子郵件或其他方式與我們聯繫,向我們提供您的身分、聯絡資訊和財務資料。 這包括您在以下情況下提供的個人資料: 購買我們的產品或服務; 在我們的網站上建立一個帳戶; 訂閱我們的會員資格或新聞通訊; 請求向您發送行銷訊息; 參加競賽、促銷或調查; 或者 給我們回饋或聯絡我們。 自動化技術或互動。 當您與我們的網站互動時,我們將自動收集有關您的裝置、瀏覽操作和模式的技術資料。 我們透過使用 cookie、伺服器日誌和其他類似技術來收集這些個人資料。 如果您造訪使用我們 cookie 的其他網站,我們也可能會收到有關您的技術資料。 第三方或公開來源。 我們可能會從各種第三方和公共來源接收有關您的個人數據,例如:
您的個人資料是如何收集的?
我們使用不同的方法來收集您的數據以及有關您的數據,包括通過:
直接互動。 您可以透過填寫表格或透過郵寄、電話、電子郵件或其他方式與我們聯繫,向我們提供您的身分、聯絡資訊和財務資料。 這包括您在以下情況下提供的個人資料: 購買我們的產品或服務; 在我們的網站上建立一個帳戶; 訂閱我們的會員資格或新聞通訊; 請求向您發送行銷訊息; 參加競賽、促銷或調查; 或者 給我們回饋或聯絡我們。 自動化技術或互動。 當您與我們的網站互動時,我們將自動收集有關您的裝置、瀏覽操作和模式的技術資料。 我們透過使用 cookie、伺服器日誌和其他類似技術來收集這些個人資料。 如果您造訪使用我們 cookie 的其他網站,我們也可能會收到有關您的技術資料。 第三方或公開來源。 我們可能會從各種第三方和公共來源接收有關您的個人數據,例如:
來自以下各方的技術資料:
分析提供者[例如歐盟以外的Google];
廣告網路; 和
搜尋資訊提供者。
來自技術、支付和交付服務提供者的聯絡資訊、財務和交易資料。 來自公開來源的身份和聯繫資料[例如歐盟內部的公司之家和選舉登記冊]。 我們如何使用您的個人數據 我們只會在法律允許的情況下使用您的個人資料。 最常見的是,我們會在以下情況下使用您的個人資料:
當我們需要履行我們即將與您簽訂或已經與您簽訂的合約時。 為了我們或第三方的合法利益(例如預防詐欺、IT 安全、客戶或員工資料的使用)而有必要,並且您的利益和基本權利不會凌駕於這些利益之上。 我們承諾資料使用對使用者來說是適當且公平的。 當我們基於法律義務需要遵守行政或司法機關的要求。 根據您與我們分享的偏好,向您提供與我們的產品或服務相關的資訊或廣告。
一般來說,我們不會依賴同意作為處理您的個人資料的法律依據,儘管我們會在透過電子郵件或簡訊向您發送第三方直接行銷訊息之前獲得您的同意。 您有權隨時聯絡我們撤回對行銷的同意。
行銷
我們努力為您提供有關某些個人資料使用的選擇,特別是在行銷和廣告方面。
我們的促銷優惠
我們可能會使用您的身分、聯絡資訊、技術、使用情況和個人資料資料來了解我們認為您可能想要或需要的內容,或您可能感興趣的內容。 這就是我們決定哪些產品、服務和優惠可能與您相關的方式(我們稱之為行銷)。
如果您向我們索取資訊或向我們購買[商品或服務],且您未選擇不接收該行銷訊息,您將收到我們發送的行銷訊息。
第三方行銷
在我們出於行銷目的與任何第三方共享您的個人資料之前,我們將獲得您的明確選擇同意。
選擇退出
您可以隨時要求我們或第三方停止向您發送行銷訊息。
如果您選擇不接收這些行銷訊息,這不適用於因購買產品/服務、保固註冊、產品/服務體驗或其他交易而向我們提供的個人資料。
Cookie
Cookie 是網路伺服器儲存在電腦或行動裝置上的文字文件,Cookie 的內容只能由建立 Cookie 的伺服器擷取和讀取。 Cookie 是您所使用的瀏覽器或行動應用程式所獨有的。 Cookie 中的文字通常由識別碼、網站名稱以及一些數字和字元組成。
有時,我們會出於改善使用者體驗的目的在電腦或行動裝置上儲存 Cookie,包括以下場景:
• 確保官網頁面正常運作。 這些cookies是您瀏覽和使用官方網站頁面功能所必需的。 如果沒有這些cookie,您可能無法正常使用和造訪官方網站頁面。 例如,這些cookie可以記錄您輸入的資訊。 下次造訪時,無需再次輸入。
• 分析官方網站頁面的使用情況,以衡量和改善頁面的效能。 此類cookie會收集您造訪官方網站時的行為訊息,例如您經常造訪的頁面以及您是否收到錯誤通知。 透過這些訊息,我們可以改進官方網站的結構、導航和內容,為您提供更好的訪問體驗。
如果您對我們使用cookies或其他類似技術有任何疑問,您也可以透過聯絡方式與我們聯絡。 我們不會將 cookie 用於上述目的以外的目的。
您可以將瀏覽器設定為拒絕全部或部分瀏覽器 cookie,或在網站設定或造訪 cookie 時提醒您。 如果您停用或拒絕 cookie,請注意,本網站的某些部分可能無法存取或無法正常運作。
目的改變
我們只會將您的個人資料用於我們收集該數據的目的,除非我們合理地認為我們需要出於其他原因使用您的個人數據,並且該原因與原始目的一致。 如果您希望獲得有關新目的的處理如何與原始目的相容的解釋,請與我們聯絡。
如果我們需要將您的個人資料用於不相關的目的,我們將通知您,並解釋允許我們這樣做的法律依據。
請注意,在法律要求或允許的情況下,我們可能會在您不知情或同意的情況下按照上述規則處理您的個人資料。
揭露您的個人數據
為上文第 4 段表格中規定的目的,我們可能必須與下列各方分享您的個人資料。
• 術語表中列出的內部第三方。
• 術語表中所列的外部第三方。
• 我們可能選擇向其出售、轉讓或合併我們的部分業務或資產的第三方。 或者,我們可能會尋求收購其他企業或與它們合併。 如果我們的業務發生變化,那麼新所有者可以按照本隱私權政策中規定的相同方式使用您的個人資料。
我們要求所有第三方尊重您個人資料的安全並依法處理。 我們不允許我們的第三方服務提供者將您的個人資料用於其自身目的,僅允許他們出於指定目的並按照我們的指示處理您的個人資料。
資料安全
我們已採取適當的安全措施,以防止您的個人資料意外遺失、以未經授權的方式使用或存取、變更或揭露。 此外,我們將您的個人資料的存取權限限制為那些有業務需要了解的員工、代理商、承包商和其他第三方。 他們只會按照我們的指示處理您的個人數據,並且有保密義務。
我們已製定程序來處理任何可疑的個人資料外洩行為,並將在法律要求的情況下向您和任何適用的監管機構通報外洩情況。
資料保留
您將使用我的個人資料多長時間?
我們只會在實現我們收集資料的目的(包括滿足任何法律、監管、稅務、會計或報告要求)所需的合理時間內保留您的個人資料。 如果發生投訴或我們有理由相信我們與您的關係可能會提起訴訟,我們可能會保留您的個人資料更長的時間。 為了確定個人資料的適當保留期限,我們會考慮個人資料的數量、性質和敏感性、未經授權使用或披露您的個人資料造成損害的潛在風險、我們處理您個人資料的目的以及我們是否會處理您的個人資料。可以透過其他方式以及適用的法律、法規、稅務、會計或其他要求來實現這些目的。
只要我們有持續的合法業務需求、向您提供服務或產品,或根據適用法律的要求或允許,我們就會保留您的個人資訊。 當我們沒有持續的合法業務需要處理您的個人資訊時,我們將刪除或匿名化它,或者如果這是不可能的(例如,因為您的個人資訊已儲存在備份檔案中),那麼我們將安全地儲存您的資訊個人資訊,並將其與任何進一步處理隔離,直到可以刪除為止。 您的資料保留多長時間也取決於您如何使用我們的網站(例如,您是否以會員身分登入或以訪客身分造訪我們的網站)以及您提供給我們的資訊的用途。 例如,如果您是註冊會員,某些資料將在您的帳戶終止或刪除後保留一段時間,以便遵守適用的法律[(例如,如果收到有關您帳戶的法院命令,當帳戶被刪除時,我們會將您的帳戶資料保留的時間長於通常的保留期限)]或出現爭議時。 在其他情況下,保留期限可能會根據您在平台上的活動或遵守特定仲裁期限/解決爭議來確定。
您的合法權利
在某些情況下,您根據資料保護法享有與您的個人資料相關的權利。 出於以下目的,請聯絡 artepartymkt@gmail.com :
請求存取您的個人資料。
請求更正您的個人資料。
請求刪除您的個人資料。
反對處理您的個人資料。
請求限制處理您的個人資料。
請求傳輸您的個人資料。
撤回同意的權利。
通常不需要付費
您無需支付費用即可存取您的個人資料(或行使任何其他權利)。 但是,如果您的要求明顯毫無根據、重複或過多,我們可能會收取合理的費用。 或者,在這種情況下,我們可以拒絕遵守您的要求。
我們可能需要您提供什麼
我們可能需要向您要求特定訊息,以幫助我們確認您的身分並確保您有權存取您的個人資料(或行使您的任何其他權利)。 這是一項安全措施,旨在確保個人資料不會洩露給任何無權接收個人資料的人。 我們也可能與您聯繫,要求您提供與您的請求相關的更多信息,以加快我們的回應速度。
回覆時間限制
我們會回應希望根據適用的資料保護法行使其資料主體權利的個人提出的所有請求。 收到您的要求後,我們將要求您提供與您的帳戶或您最近與我們互動相關的資訊來驗證該請求。 我們會盡快處理並回應所有合法請求。
要求關閉您的帳戶並刪除您的個人訊息
您可以透過聯絡 artepartymkt@gmail.com 向我們提交永久關閉您的泡泡瑪特帳號並刪除您的個人資訊的請求。
注意:一旦您的帳戶被關閉,您將無法再在全球任何 Pop Mart 網站上使用透過您的帳戶存取的所有產品和服務。
帳戶成功關閉後,確認通知將發送至與您的帳戶關聯的電子郵件地址或透過簡訊發送。
注意:一旦您的帳戶被關閉,您或其他任何人都無法再存取該帳戶,並且無法恢復。 如果您稍後決定再次開始向我們訂購,或者您想使用需要帳戶的網站功能,則需要建立新帳戶。
術語表
合法依據
合法利益是指我們開展和管理業務的利益,使我們能夠為您提供最好的服務/產品以及最好、最安全的體驗。 在為了我們的合法利益處理您的個人資料之前,我們確保考慮並平衡對您和您的權利的任何潛在影響(正面和負面)。 我們不會將您的個人資料用於對您的影響高於我們利益的活動(除非我們得到您的同意或法律另有要求或允許)。 您可以聯絡我們,進一步了解我們如何評估我們的合法利益以及特定活動對您的潛在影響。
履行合約是指在履行您作為一方的合約所必需的情況下處理您的數據,或在簽訂此類合約之前根據您的要求採取措施。
遵守法律義務是指在有必要遵守我們應遵守的法律義務的情況下處理您的個人資料。
第三方
內部第三方
泡泡瑪特集團中的其他公司則充當共同控制者或處理者(並提供[IT 和系統管理服務並承擔領導報告])。
外部第三方
外部第三方的範例包括:
服務供應商; 專業顧問; 稅務機關、監管機構和作為處理者或聯合控制者的其他機關,在某些情況下要求報告處理活動。 您的合法權利
您有權:
請求存取您的個人資料(通常稱為「資料主體存取請求」)。 這使您能夠收到我們持有的有關您的個人資料的副本,並檢查我們是否合法處理這些資料。
請求更正我們持有的有關您的個人資料。 這使您能夠更正我們持有的有關您的任何不完整或不準確的數據,儘管我們可能需要驗證您向我們提供的新數據的準確性。 請求刪除您的個人資料。 這使您可以在我們沒有充分理由繼續處理個人資料的情況下要求我們刪除或移除個人資料。 如果您已成功行使反對處理的權利(請參閱下文)、我們可能非法處理您的資訊或我們被要求刪除您的個人資料以遵守當地法律。 但請注意,出於特定的法律原因,我們可能無法始終滿足您的刪除請求,我們將在您提出請求時通知您(如果適用)。
反對在我們依賴合法利益(或第三方利益)的情況下處理您的個人數據,並且您的具體情況使您想要反對以此為由進行處理,因為您認為這會影響您的基本利益權利和自由。 您也有權反對我們出於直接行銷目的處理您的個人資料。 在某些情況下,我們可能會證明我們有令人信服的合法理由來處理您的訊息,這會凌駕於您的權利和自由之上。
請求限制處理您的個人資料。 這使您可以在以下情況下要求我們暫停處理您的個人資料:
如果您希望我們確定數據的準確性。 我們對資料的使用是非法的,但您不希望我們刪除它。 當您需要我們保存數據時,即使我們不再需要這些數據,因為您需要這些數據來提出、行使或捍衛法律主張。 您反對我們使用您的數據,但我們需要驗證我們是否有壓倒性的合法理由來使用您的數據。
請求將您的個人資料傳輸給您或第三方。 我們將以結構化、常用、機器可讀的格式向您或您選擇的第三方提供您的個人資料。 請注意,此權利僅適用於您最初同意我們使用的自動訊息,或我們使用該資訊來履行與您簽訂的合約的情況。
如果我們依賴您的同意來處理您的個人數據,請隨時撤回同意。 但是,這不會影響您撤回同意之前進行的任何處理的合法性。 如果您撤回同意,我們可能無法向您提供某些產品或服務。 如果您撤回同意時發生這種情況,我們會通知您。
Introduction
Welcome to the Arte Party Limited's privacy policy.
Arte Party Limited respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.
This privacy policy is provided in a layered format so you can browse through to the specific areas set out below. Please also use the Glossary to understand the meaning of some of the terms used in this privacy policy.
[IMPORTANT INFORMATION AND WHO WE ARE] [THE DATA WE COLLECT ABOUT YOU] [HOW IS YOUR PERSONAL DATA COLLECTED?] [HOW WE USE YOUR PERSONAL DATA] [DISCLOSURES OF YOUR PERSONAL DATA] [INTERNATIONAL TRANSFERS] [DATA SECURITY] [DATA RETENTION] [YOUR LEGAL RIGHTS] [GLOSSARY] Important information and who we are Purpose and Declaration of this privacy policy
This privacy policy aims to give you information on how Arte Party Limited collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, purchase a product or service or take part in other activities that are held by Arte Party Limited.
This website is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.
Hong Kong law shall apply to this privacy policy unless the judiciary finds laws in other jurisdiction are more suitable.
Controller
Arte Party Limited is the controllers and responsible for your personal data (also referred to as "COMPANY", "we", "us" or "our" in this privacy policy).
We have appointed Mao Jianxin who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.
Contact details
If you have any questions about this privacy policy or our privacy practices, please contact our data privacy manager in the following ways:
Email address: artepartymkt@gmail.com
Postal address: [2/F, Yee Kuk Industrial Centre, 555 Yee Kuk Street, Cheung Sha Wan, Kowloon, Hong Kong]
[Telephone number: [2360 3870]
Changes to the privacy policy and your duty to inform us of changes
We keep our privacy policy under regular review.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Third-party links
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
The data we collect about you
Personal data, or personal information includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
Identity Data includes first name, last name, username or similar identifier, title, identification number, date of birth and gender. Contact Data includes billing address, delivery address, email address and telephone numbers. Financial Data includes bank account and payment card details. Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us. Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, wifi, and other technology on the devices you use to access this website. Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses. Usage Data includes information about how you use our website, products and services. Marketing and Communications Data includes [your preferences in receiving marketing from us and our third parties and your communication preferences].
Location Data includes GPS-based location information from your use of this website. We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
We do not collect any Sensitive Personal information about you (this includesracial or origin, religious or philosophical beliefs, or union membership, genetic data, biometric information, health information, information about sex life or sexual orientation, etc.). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
The data we collect about you
Personal data, or personal information includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
Identity Data includes first name, last name, username or similar identifier, title, identification number, date of birth and gender. Contact Data includes billing address, delivery address, email address and telephone numbers. Financial Data includes bank account and payment card details. Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us. Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, wifi, and other technology on the devices you use to access this website. Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses. Usage Data includes information about how you use our website, products and services. Marketing and Communications Data includes [your preferences in receiving marketing from us and our third parties and your communication preferences].
Location Data includes GPS-based location information from your use of this website. We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
We do not collect any Sensitive Personal information about you (this includesracial or origin, religious or philosophical beliefs, or union membership, genetic data, biometric information, health information, information about sex life or sexual orientation, etc.). Nor do we collect any information about criminal convictions and offences.
How is your personal data collected?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: purchase our products or services; create an account on our website; subscribe to our membership or newsletter; request marketing to be sent to you; enter a competition, promotion or survey; or give us feedback or contact us. Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources, such as the following:
Technical Data from the following parties:
analytics providers [such as Google based outside the EU];
advertising networks; and
search information providers.
Contact, Financial and Transaction Data from providers of technical, payment and delivery services. Identity and Contact Data from publicly available sources [such as Companies House and the Electoral Register based inside the EU].
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you. Where it is necessary for our legitimate interests or those of a third party (such as Fraud prevention; IT security; Use of client or employee data) and your interests and fundamental rights do not override those interests. We promise that the data usage is proportionate and fair to the user. When we need to comply with administrative or judicial authorities' requires based on our legal obligations Where in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
Marketing
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
Promotional offers from us
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased [goods or services] from us and you have not opted out of receiving that marketing.
Third-party marketing
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
Opting out
You can ask us or third parties to stop sending you marketing messages at any time.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Cookies
A cookie is a text file stored by a web server on a computer or mobile device, and the content of a cookie can be retrieved and read only by the server that created the cookie. Cookies are unique to the browser or mobile application you are using. The text in a cookie often consists of identifiers, site names, and some numbers and characters.
Sometimes, we store cookies on computers or mobile devices for the purpose of improving user experience, including the following scenarios:
• Ensure the normal operation of the official website page. These cookies are necessary for you to browse and use the functions of official website page. Without these cookies, you may not be able to use and access the official website page normally. For example, these cookies can record the information you have entered. When you visit next time, you do not need to enter it again.
• Analyze the usage of official website pages to measure and improve the performance of the pages. This kind of cookies will collect information about your behavior when you visit the official website, such as the pages you frequently visit and whether you receive error notification. Through this information, we can improve the structure, navigation and content of the official website to provide you with a better access experience.
If you have any questions about our use of cookies or other similar technologies, you can also contact us through the contact information.
We will not use cookies for purposes other than those described above.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Disclosure of your personal data
The Company is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. However,we may have to share your personal data with the parties set out below for the purposes set out in the table in paragraph 4 above.
• Internal Third Parties as set out in the Glossary.
• External Third Parties as set out in the Glossary.
• Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data retention
How long will you use my personal data for?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for [six] years after they cease being customers for [tax] purposes.
Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. please contact artepartymkt@gmail.com for the following purposes:
Request access to your personal data.
Request correction of your personal data.
Request erasure of your personal data.
Object to processing of your personal data.
Request restriction of processing your personal data.
Request transfer of your personal data.
Right to withdraw consent.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within 45 calendar days. Occasionally it could take us longer than 45 days (within 90 days) if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Request the Closure of Your Account and the Deletion of Your Personal Information
You can submit a request for us to permanently close your Pop Mart account and delete your personal information by contacting artepartymkt@gmail.com.
Note: Once your account has been closed, all of the products and services accessed through your account will no longer be available to you, across any Pop Mart sites globally.
A confirmation notification will be sent to the email address associated to your account or via text message after the account is successfully closed.
Note: Once your account is closed, it is no longer accessible by you or anyone else, and it cannot be restored. If you decide later that you want to start ordering from us again, or if you would like to use website features that require an account, you'll need to create a new account.
Glossary
LAWFUL BASIS
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.
THIRD PARTIES
Internal Third Parties
Other companies in the Pop Mart Group acting as joint controllers or processors (and provide [IT and system administration services and undertake leadership reporting]).
External Third Parties
Examples of external third parties are:
Service providers; Professional advisers; Taxation authorities, regulators and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
YOUR LEGAL RIGHTS
You have the right to:
Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
If you want us to establish the data's accuracy. Where our use of the data is unlawful but you do not want us to erase it. Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims. You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
