SHOPLINE PRIVACY POLICY
Updated and Effective as of 06 January, 2023
This Privacy Policy page will help you understand the following:
1. What we collect and how we use personal information
(1) Authorization and consent of customers
You hereby acknowledge and authorize us to collect, store and process personal information from your customers for you to use the Platform and SHOPLINE services, and hereby undertake to us that you have obtained sufficient and necessary authorization, consent and permission from your customers for us to directly collect and use their personal information required to perform relevant services. When you provide us with personal information of any third parties (including your customers) for our further process, you shall ensure that you have obtained sufficient and necessary authorization, consent and permission from such third parties for us to process such personal information for the purpose as requested by you. Nonetheless, we reserve the right to reject your request due to legal or regulatory requirements or restraints.
(2) Exceptions to the authorization or consent requirements
According to applicable laws and regulations, the consent of the Personal Data Subject is not required for collection and use of their personal information under the following circumstances:
(1) Related to the performance of obligations under laws and regulations;
(2) Directly related to national security or national defense security;
(3) Directly related to public safety, public health and major public interests;
(4) Directly related to criminal investigation, prosecution, trials and enforcement;
(5) For the purpose of safeguarding the life, property and other major legitimate rights and interests of the Personal Data Subject or any other person, but it is difficult to obtain the authorization and consent of that person;
(6) The personal information involved is disclosed to the public by the Personal Data Subject;
(7) Necessary for signing and performing the contract as required by the Personal Data Subject;
(8) Collection from lawfully and publicly disclosed information;
(9) Maintenance as necessary for the safe and stable operation of the Platform, such as troubleshooting;
(10) Other circumstances as stipulated by laws and regulations.
2. How we use “cookies” and other similar tracking technologies
(1) How“cookies” are used
On SHOPLINE website, with the help of cookies and other similar technologies, we can identify whether a Personal Data Subject is our user or the user’s customers each time the Personal Data Subject uses the Platform, SHOPLINE services or the store empowered by SHOPLINE, without having to re-login and authenticate on each page.
(2) How to manage “cookies”
In addition to the controls we provide, a Personal Data Subject may choose to enable or disable cookies in their Internet browsers. Most Internet browsers also allow Personal Data Subject to choose whether to disable all cookies or only third-party cookies. By default, most Internet browsers accept cookies, but this can be changed. For more information, see the Help menu in your Internet browser or the documentation of your device.
If the Personal Data Subject uses any other browser, please refer to the documentation provided by the browsers.
On SHOPLINE website, a Personal Data Subject may delete existing tracking technologies by clearing the cache.
When a Personal Data Subject browses a webpage without logging in, we will collect cookies necessary to realize the browsing feature in order to provide relevant services to the Personal Data Subject.
Please note that if a Personal Data Subject refuses to use or remove the existing tracking technologies, it is necessary to personally change the user settings at each visit, and we may not be able to provide a quality user experience to the Personal Data Subject, and some feature may not be able to function properly.
3. How we process, share, transfer and disclose personal information
(1) Process
Certain features of the Platform may be provided by our third-party partners, and we may entrust partners (including technical service providers) with the processing of certain personal information of the Personal Data Subjects. For example, when you use auto-payments feature, we may ask third-party payments companies to process your credit card information so that to charge you relevant services fee as directed by you; when you use SHOPLINE Payments, we may ask third-party services providers which can facilitate us in “Know Your Client” and transaction monitoring and risk management, to process your and your customers’ personal information. We will sign confidentiality agreements with the third-party services providers to govern purposes of data processing, process period, and the responsibilities of both parties, and will ask the partners to process data in accordance with our requirements and this Privacy Policy. If you do not agree the partners to collect personal information necessary for the provision of relevant services, you or your customers may not be able to use the relevant services.
(2) Sharing
We do not share personal information with any third parties unless one or more of the following circumstances exist:
(3) Transfer
In principle, we will not transfer control of personal information to any third parties, except in the following circumstances:
(4) Public disclosure
In principle, we will not disclose your personal information to the public or undefined groups, except that we may disclose your personal information based on our agreement with you or according to applicable laws and regulations.
4. How you exercise right over your personal information
(1) Access and amend personal information
You are entitled to access your SHOPLINE account at any time to view your personal information. If you find that the personal information we collect, store, use, or disclose is incorrect or incomplete, or in other circumstances stipulated by laws and regulations, you can log in to SHOPLINE administrative panel and enter the "Personal Center" to amend or supplement your personal information.
If you want to access or amend your other personal information, or encounter any difficulty in exercising the above right, you can contact us and we will promptly respond to your request after verifying your identity, except as otherwise provided by law or regulation or otherwise agreed in this Privacy Policy.
(2) Delete personal information
Under the following circumstances, you can contact us to delete your personal information, except that the data has been anonymized or as otherwise provided by law or regulation:
(3) Account termination
You may terminate your SHOPLINE account in accordance with SHOPLINE Terms. You acknowledge and understand that you no longer have access to your SHOPLINE accounts and data relating to your SHOPLINE account once you terminate your SHOPLINE accounts. We will terminate your accounts after verifying your identity and agreeing with you on disposal of assets in your account. After termination, we will promptly delete your personal information or anonymize it unless it is necessary to retain your personal information according to any laws or regulations.
The account termination is irreversible. Once your account is terminated, we will no longer collect your personal information and will no longer provide you with our products and/or services. Therefore, please exercise caution before you terminate your account.
How we retain and protect personal information
(1) Retention period
When you use the Platform and any SHOPLINE products and/or services, we will retain your and your customers’ personal information on behalf of you. We undertake that, we will only retain your and your customers’ personal information for such period as necessary to achieve the purposes as authorized by you and your customers hereunder, unless otherwise provided by law or regulation or otherwise authorized by the Personal Data Subjects.
If you terminate your SHOPLINE account or delete your information, or if we cease operation for whatever reasons, we will cease collecting your personal information and delete or anonymize personal information we have collected, in accordance with laws and regulations.
(2) Where we store personal information
As we provide the Platform and SHOPLINE products and services to users in multiple jurisdictions, you acknowledge the information and data you provided to us maybe transferred to, stored or processed outside of your country. In principle, we will store your personal information in Singapore. However, for statistical and analytical purposes, we may transfer your personal data to regions outside of Singapore. Nonetheless, we will ensure that your personal information is adequately protected as it is in the country or region where you are located and will use encryption in cross border data transfer.
(3) Protection of personal information
(a) Technical measures for data security
In order to ensure information security, we strive to take all reasonable technical measures to protect personal information, so that you and your end users' personal information will not be leaked, damaged, destroyed, or lost. We use encrypted transmission technologies such as SSL to protect the security of data transition and use appropriate protection mechanisms to prevent malicious data attacks. We adopt an encrypted storage and data permission control mechanism for personal information to prevent your and your end users' personal information from being accessed, disclosed, used or altered without authorization, or intentionally or accidentally damaged or lost.
(b) Organizational and management measures for data security
We appoint data protection officer as required by laws and regulations and set up a working group for personal information protection. We have also established relevant internal control management processes to strictly limit access to personal information to personnel to the minimum on a “need-to-know” basis.
We have established internal policies for the safe use of data and implement strict management rules for employees or contractors who may have access to your and your customers’ information, including but not limited to implementing different access controls for different roles, signing confidentiality agreements with them, and monitoring their operations.
We provide employees with trainings on security and privacy protection and require them to complete assessments, in order to enhance their awareness of the importance of personal information protection.
(c) Contractual obligations for data security
Before we collect your personal information from a third party, we will expressly require the third party in writing to obtain your explicit consent before collecting and processing your and your customers' personal information, and require the third party to guarantee the in writing legitimacy and compliance of the source of personal information. In the event of breach by the third party, we will expressly hold the third party legally liable.
Before we share your and/or your customers’ personal information with our partners, we will require our partners to hold up to their obligations and responsibilities relating to information protection. To this end, we will require our partners to sign a data processing agreement or set out the terms of data protection in a cooperation agreement signed by both parties, which stipulates that partners' confidentiality obligations, including to ensure that the custody, use and transfer of information shall satisfy our requirements and subject to our review, supervision and audit, and in the event of any breach, we will hold the counterparty legally liable.
(d) Handling of security incident
In the event of a personal information security incident, we will immediately activate the emergency plan, take remedial measures, record the incident, and report it in time in accordance with the applicable laws and regulations. If the security incident may cause serious damage to the legitimate rights and interests of you and/or your customers, such as the disclosure of sensitive personal information, we will inform you of situation of the security incident and its possible impact, the measures we have taken or are about to take, risk prevention and mitigation we recommend for you, the remedies we provide to you and/or your customers, and our contact. We will promptly inform you of the above by email, letter, telephone or notification. When it is difficult to inform the Personal Information Subject one by one, we will issue a warning notice in a reasonable and effective way.
6. How do we update this Privacy Policy
We may update the terms of this Privacy Policy from time to time, and such update shall form part of this Privacy Policy.
In the event of significant or material changes, we will notify you in a prominent manner as appropriate.
Significant or material changes include but are not limited to the following circumstances:
7. How to contact us
If you have any questions, opinions or suggestion to this Privacy Policy, you may contact us as follows:
Customer service email:support@shoplineapp.com
Data protection/security email:security@shoplineapp.com
8. Definitions
You: the registered seller user who uses SHOPLINE/its employees/developers/other persons authorized to operate the Platform.
Personal information: all kinds of information recorded electronically or otherwise that can be used alone or in combination with other information to identify a specific natural person or reflect the activities of a specific natural person. Personal information under this Privacy Policy includes name, date of birth, ID number, personal biometric information, address, contact information, communication record and content, password, finance information, transaction information, etc.
Sensitive personal information: personal information that, once leaked, illegally provided or misused, may cause damage to personal or property safety, and easily lead to damage to personal reputation, physical and mental health or discriminatory treatment, including ID card number, personal biometric information, bank account, finance information, credit information, whereabouts, health and physiological information, and transaction information.
Deletion: the act of removing personal information from the system involved in the realization of routine service functions, so that it cannot be retrieved or accessed.
Anonymization: the process of technically processing personal information in an unrecoverable way that results in information that cannot identify or be associated with you.
9. Third-party information sharing list
When you use the services provided by a third party, we will share the corresponding information after obtaining or ensuring that the third party obtains your authorization and consent, as well as other cases in compliance with laws and regulations. You can know how the third party will deal with your personal information through the relevant information listed. We will also strictly restrict the third party's access to personal information to protect the security of your personal information.
We may also access the software development kit (SDK) provided by a third party to achieve to ensure the stable operation of the platform or realize relevant functions. Our access-related third-party SDKs are also listed in the following list. You can view the data use and protection rules of third-party through the links or paths provided in the directory. Please note that the type of personal information processing of third-party SDK may change due to version upgrades, policy adjustments, and other reasons. Please follow the official instructions published by it.
SHOPLINE CONTRACTING PARTY
The “Shopline Contracting Party” is the party with which you are entering into these Terms. Your “Shopline Contracting Party”, and the governing law of these Terms and dispute resolution method for the performance of these Terms shall be determined in accordance with the following table:
