Collection, Use, and Storage of Personal Data
1.1 Definition of personal data.
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); An identifiable natural person is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as name, identification number, location data. Personal data does not include data that has been irreversibly atomized or aggregated so that it can no longer enable us, whether in combination with other information or otherwise, to identify you.
1.2 What Personal Data We Collect
What type of data we will collect depends on your activity and interaction on kibiy.com.
The data you provided When you create an account to use our products and services or other interactions with us, your name, address, email address (street, number, city, zip/postal code, state, territory, territory of residence), telephone number, communication language, and user name or social media handle.
Device identifiers Such as information about your devices, like your MAC address, IP address, or other online identifiers.
Physical characteristics such as your hair type and color, skin type, and eye color.
Commercial information Such as the products or services you have purchased, returned, or considered, and your product preferences.
Payment information such as your method of payment and payment card information (including payment card number, expiration date, delivery address, and billing address).
Identity verification information, such as loyalty member ID and other authentication information, like passwords.
Purchase data We collect personal data related to the purchase. This data includes your purchase data, such as your mail of PayPal, user name, shipping address, and other authentication information, as well as billing, shipping, and contact details.
Data for improving services and products of kibiy When you visit kibiy.com, we may collect data about the type of Internet browser you use, usage information, diagnostic information, and location information from or about the computers, phones, or other devices on which you install or access our products or services. Where available, our services may use GPS, your IP address, and other technologies to determine a device’s approximate location to allow us to improve our products and services.
Data from your terminal equipment Photos/ Media/ File
Files or data stored on your device If you want to prevent our app from accessing your phone data, you can reset your permission on your phone. After obtaining your permission, Photos/Media/Files access may include the ability to: ① Read the contents of your USB storage (such as SD card). ② Add contents to your USB storage ③ Format external storage ④ Mount or unmount external storage
Local storage We may collect and store information (including personal data) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches. Camera You can upload photos when you comment by online services. So, we should collect images and other information from your device’s camera and photos. For example, you cannot upload photos from your camera roll unless we can access your camera or photos with your permission. Unique application numbers. Certain services include a unique application number. This number and information about your installation (for example, the operating system type and application version number) may be sent to the website when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates. Data about the purchase.
1.3 How We Use Your Personal Data
KIBIY INC determines and controls how to process your data for the following purposes:
Communicating with You-Subject to your prior express consent We may use personal data to send you marketing communications about our products and services, communicate with you about your account or transactions, and inform you about our policies and terms. If you no longer wish to receive email communications for direct marketing purposes, please contact us to opt out. We also may use your data to process and respond to your requests when you contact us. If you no longer wish to agree above services we provide, please contact us to opt out.
Offering and Measuring Targeted Advertisements and Services Subject to your prior express consent, we may use your personal data to personalize your experience with our products and services and on third-party websites and applications and determine the effectiveness of our promotional campaigns. You are free to choose whether to receive promotion information or not. If you no longer wish to agree above services we provide, please send an e-mail to us to opt-out or choose ”unsubscribe” to opt-out in those e-mails.
Promoting safety and security Subject to your prior express consent We may use some technology measures to protect your personal data for helping verify accounts and user normal activities, as well as to promote data safety and security, such as by monitoring fraud and investigating suspicious or potentially illegal activity or violations of our terms or policies. Such processing is based on our legitimate interest in helping to ensure the safety of our products and services.
1.4 How We Store Your Personal Data
We may take technology measures to make sure your personal data record is complete and accurate, such as cookies and similar technologies. And subject to your prior express consent, we may store our processing record of your personal data for 10 years.
You can remove or reject cookies using your browser or device settings, but in some cases, doing so may affect your ability to use our products and services.
2.1 Definition of “Cookies”
Cookies are small pieces of text used to store information on web browsers. Cookies are widely used to store and receive identifiers and other information on computers, phones, and other devices. These types of files do some different jobs, such as remembering your preferences and chosen items, assisting you to improve your site experience and trying to ensure that the adverts or offers you see online are more relevant to you. These “cookies” can be divided into 4 types, each of which is outlined below.
2.2 Types of Cookies
Strictly Necessary Cookies Providing you with fundamental services of our website, such as visiting our website or making a purchase, these cookies are essential. If you disable these cookies, we will not be able to fulfill your request.
Performance Cookies These cookies collect anonymous information on how people use the site, and the data will merge with other users to help us improve the way the site works. For example, we utilize Google Analytics cookies to help us understand how customers arrive at our site, browse or use our site, and highlight areas where we can improve areas such as navigation, shopping experience, and marketing campaigns. The data stored by these cookies never shows personal details from which your individual identity can be established. If you disable or opt-out of these cookies, you may not be able to use certain features of our websites and services, and it may reduce the support or information that we can provide you.
Functionality Cookies These cookies may remember the operations such as your preference so that we can provide you with better services and improve our operation models. If you reject these cookies, you may not be able to use certain functions of our websites.
Targeting Cookies or Advertising Cookies These cookies collect information about your browsing habits in order to make advertising more personalized to you. These cookies may remember the websites you have visited and share them with third parties, such as advertisers. If you reject these cookies, you may not be able to use certain functions of our websites and services, and it may affect your experience.
Social Networking Cookies These cookies enable you to share pages and content on our websites and services through third-party social networking and other websites. These cookies may also be used for advertising purposes. If you reject these cookies, you may not be able to use certain functions of our website, and it may affect your experience.
2.3 Cookies Placed by Third Parties
2.4 Controlling and Opting Out of Cookies
You can change the settings on your browser to prevent cookies from being stored on your computer or mobile device without your explicit consent. Your browser “help” section will normally provide details on how to manage the cookie settings. If you choose to reject cookies, as noted above, you may not be able to use certain features of our websites and services.
2.5 Other similar technologies
DPAPI (Data Protection Application Programming Interface) is a simple cryptographic application programming interface available as a built-in component in Windows 2000 and later versions of Microsoft Windows operating systems. In theory, the Data Protection API can enable symmetric encryption of any kind of data. In practice, its primary use in the Windows operating system is to perform symmetric encryption of asymmetric private keys, using a user or system secret as a significant contribution of entropy.DPAPI can help record and store users’ personal data.
Data Cube is a simple application for record and personal data analysis.
If you choose to reject cookies, as noted above, you may not be able to use certain features of our websites and services.
We take reasonable steps to ensure your data is accurate, complete, and up to date. Based on protection for your privacy, you have the following rights:
You have the right to contact us to know whether your data is being processed, and if so, you have the right to request access to the personal data and information, including but not limited to the purposes of the processing and the categories of personal data concerned.
You have the right to contact us to correct or delete your inaccurate personal data concerning. Taking the purposes of the processing into account, you are also free to have incomplete personal data completed, including using providing a supplementary statement.
You have the right to obtain from us the erasure of personal data concerning yourself.
You have the right to contact us to set the restriction of processing, which limited our processing authorities
You have the right to receive the personal data you provide in a structured, commonly used, and machine-readable format and to transmit those data to a third party.
You have the right to contact us to make your objection on grounds relating to your particular situation, at any time to processing of personal data
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
When you need to realize this right, please contact us to offer help. To protect the privacy and the security of your personal data, we may request data from you to enable us to confirm your identity and right to access such data, as well as to search for and provide you with the personal data we maintain. There are instances where applicable laws or regulatory requirements allow or require us to refuse to provide or delete some or all of the personal data that we maintain. You may contact us to exercise your rights. We will respond to your request within 30days.
Checking Your Details
How to check my personal data You can check your personal data via entering “My Account”.
Deleting your Information Please contact us when you find it necessary to delete your information.
Personal data for providing, improving, and developing our products and services. If this type of data is deleted, your account will be close. Without this type of data, your account can not be used normally.
Personal data that we use to communicate with you. If this type of data is deleted, we cannot contact you. Please make your decisions cautiously.
Personal data to offer and measure targeted advertisements and services. If this type of data is deleted, you will not receive the latest marketing news and personalized shopping services.
Personal data relating to promoting safety and security. If this type of data is deleted, your account will be under strong threat and you may not be able to use your account properly.
If you delete your data, we have no obligation to retain your data, and we may delete any or all of your data without liability. However, we may retain data related to you if we believe it may be necessary to prevent fraud or future abuse if required by law, or for legitimate purposes, such as analysis of non-personal data, account recovery, auditing our records, and enforcing our rights and obligations under our agreements.
Please confirm that when you agree with this privacy statement, your age is at least 16 years old or you have a guardian’s authorization. Please immediately contact us if you become aware that a child under 16 has provided us with personal data.
Disclosure of Personal Data
We disclosure or may disclosure certain personal data to strategic partners that work with us to provide our products and services or help us market to customers. We will only share personal data with these companies in order to provide or improve our products, services, and advertising; it will not be shared with third parties for their own marketing purposes without your prior express consent.
4.1 Service Providers
We share personal data with companies that provide services on behalf of us, such as website hosting, email services, marketing, sponsoring of sweepstakes, contests, and other promotions, auditing, fulfilling customer orders, data analytics, providing customer service, and conducting customer research and satisfaction surveys. These companies are obligated to protect your data and may be located wherever we operate.
4.2 Corporate Affiliates and Corporate Business Transactions
We may share personal data with affiliated companies and business partners. In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer all personal data to the relevant third party.
4.3 Legal Compliance and Security
It may be necessary—by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence—for us to disclose personal data. We may also disclose personal data as we believe to be necessary for national security, law enforcement, or other issues of public importance. We may also disclose personal data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.
4.4 Legal Basis for the Processing of Personal Data from EEA Residents
It may be necessary—by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence—for us to disclose personal data. We may also disclose personal data if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. If you reside within the European Economic Area (EEA), our processing of your personal data will be justified if one of the following conditions is satisfied:
Whenever we obtain your consent;
Whenever the processing of your personal data is necessary for the performance of a contract between you and us or for taking any pre-contractual steps upon your request;
Where the processing is necessary for us to comply with a legal obligation;
Where the processing is necessary for the purposes of our legitimate interests;
Where the processing is necessary for legal and reasonable causes (under this situation, we will specifically explain the details)
Data Processing Globally The definition of Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
We provide products and services to customers around the world and your personal data may be transferred to and stored at a destination outside the European Economic Area (“EEA”). It may also be processed outside the EEA by staff who work for kibiy or one of our suppliers. Data protection laws vary among countries, with some providing more protection than others. Regardless of where your information is processed, we apply the same protections described in this policy. We also sufficiently consider certain legal frameworks relating to the processing of data.
When we provide products and services to customers under the assistance of our affiliates, business partners, and service providers, your personal data may be processed out of EEA. In such circumstances, we will enter into model contractual clauses, or rely on alternative legal bases such as the Privacy Shield, where applicable, or binding corporate rules where our partners or service providers have adopted. Appropriate or suitable safeguards, for example, encryption technology, will be provided to ensure the security of your information. Our customers have the right to obtain a copy of those data transferred to a third country. If you need to realize your rights, please contact us. As for details of data processing of the third parties that may reach your personal data, please read the following introduction of Third Party.
Data processed by Third Party
5.1Third party’s previous authorization to us
5.2 Other Third parties that may reach your information
To provide better products and services for our customers, we may mainly transfer your data to the two types of third parties, Third-party related to Advertising & Marketing——Google/Facebook/Twitter/Amazon/Pinterest/Trade tracker, etc. Information about your activities on our website, for example, what products you like to browse, may be transferred to these third parties. You may receive Communication letters on advertising and marketing in your e-mail sent by us and/or selected third parties. You have the option to opt out of receiving marketing communications from us and/or selected third parties. When you do not want to receive advertisements from us and/or selected third parties anymore, you should opt-out by contacting us (e-mail) or click on the “unsubscribe” link in any email communications which you receive.
Third-party related to Payment& Delivery—Paypal/Cybersource/Adyen/Dlocal/Stripe/Safecharge/Oceanpayment,etc. If you make a purchase from our store, your payment and delivery information will be necessary to the trade. Your information may be transferred to the third parties above and processed by them. We promise that appropriate or suitable safeguards, for example, encryption technology, will be provided to ensure the security of your information This type of personal data is so important to your purchase activities that we strongly recommend you to think twice when you want to delete or object to the processing of these data.
We use reasonable technical, administrative, and physical security measures designed to safeguard and help prevent unauthorized access to your data and to correctly use the data we collect. For example, access to your personal data is strictly limited to our data controller, data processer, data protection officer who needs access to such data to perform their assigned job duties. We have built up a recovery system to prevent your data from destruction, loss, alteration, unauthorized disclosure caused by automatic technology.
It is important that you take precautions to protect against unauthorized access to your account credentials, and computer or other devices. “personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. If you notice such a kind of personal data breach, please immediately contact us. We will investigate any complaint and notify the individual of the outcome of the investigation within a reasonable period. Kibiy has set up Data Protection Officer(DPO) to provide professional analysis about personal data processing. Whenever you need help directly from our DPO, you are free to inform us of your requirement. Please be aware that, despite our best efforts, no security system is impenetrable. In the event of a security breach, we will promptly notify you and the proper authorities if required by law.
Changes to this Privacy Statement
Thank you for supporting Kibiy Information Technology Co., Ltd.
We are always pleased to hear from our customers (even if it is a complaint). We are always grateful for any time you spend providing us with the knowledge we need to ensure our customers are completely satisfied.
Please contact us if you have any questions, comments, or complaints if you believe Kibiy has not handled your personal data properly or that it has breached its privacy obligations, your complaint may be directed at Kibiy technology service department at firstname.lastname@example.org
The Technology Service Department will investigate any complaint and notify the individual of the outcome of the investigation within a reasonable period. Kibiy has set up Data Protection Officer(DPO) to provide professional analysis about personal data processing. Whenever you need help directly from our DPO, please inform us of your requirement.
If your complaint must be solved immediately while the Technology Service Department has not made a response to you, please do not hesitate to reach the Live Support Service provided by our Customer Service Department. Your complaint will be instantly reported to the relevant department and investigated.