Qingdao Onelap Technology Co.,Ltd Global Privacy Policy

Effective Date: June 22, 2020

Last Updated: January 13, 2021

Qingdao Onelap Technology Co.,Ltd (referred to herein as “Onelap”, “we”, “our”, or “us”) and its affiliates, recognizes the importance of protecting the personal information we may collect from visitors and any other individual or entity (“Users”, “you”, or “your”). This Privacy Policy applies to data collection and privacy practices of Onelap and when we collect personal information through your use of the website, www.onelap.com, and other Onelap-related sites, software and applications accessible on or by any top-level Onelap domain owned by us (each, a “Site” and collectively the “Sites”), through our social media pages that we control, and through email messages that we may send to you (collectively, the “Services”).  Please note that this Privacy Policy excludes services that state that they are offered under a different privacy policy.

 

Our Privacy Policy explains: (1) what information we collect; (2) why we collect it; (3) how we use that information; (4) how we may share it; (5) the choices we offer, including how to access and update information; (6) and the measures we take to keep your information safe. Specifically, our Privacy Policy covers the following topics:

1. When This Privacy Policy Applies
2. Terms of Use
3. Information We Collect
4. Information Collected Related to California Residents
5. How We Use Personal Data We Collect
6. Our Legal Basis for Collecting Personal Data
7. Your Failure to Provide Personal Data
8. Our Retention of Your Personal Data
9. Sharing Personal Data
10. Sale of Personal Data
11. Your Rights and Choices
    1. Rights Specific to Californians
    2. Rights Specific to European Union Residents
    3. Rights Specific to Hong Kong Residents
12. Our Opt-in/Opt-out Policy
13. Third Party Links
14. International Transfer
15. How We Protect Personal Data
16. Children’s Privacy
17. Direct Marketing and “Do Not Track” Signals
18. Changes to this Privacy Policy
19. How to Contact Us

Please familiarize yourself with our privacy practices. By using the Sites or Services, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Sites or Services.

Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the People’s Republic of China, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage and use of your information in the People’s Republic of China, and any other country where we operate, please do not use the Sites or Services.

If you have any questions or comments about this Privacy Policy, please submit a request to privacy@onelap.com.

When this Privacy Policy Applies

 

Our Privacy Policy applies to all of the Services offered by Onelap or use our Sites, but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.

 

Our Privacy Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you, or other sites linked from our Sites or Services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our Services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.

 

Terms of Use

 

By accessing or using the Sites in any manner, you also agree to be bound by Onelap’s Terms of Use[A1] (the “Agreement”). Please read the Agreement carefully. If you do not accept all of the terms and conditions contained in or incorporated by reference into the Agreement, please do not use the Sites.

 

Information We Collect

 

We collect information, including personal data, to provide better services to all our Users. We use the term “Personal Data” or to refer to any information that identifies or can be used to identify you. Common examples of Personal Data include: full name, email address, digital identity, such as a login name or handle, information about your device, and certain metadata.

 

“Sensitive Personal Data” refers to a smaller subset of Personal Data which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation.

 

When you use our Services, we collect Personal Data in the following ways:

1. Information You Give to Us

• Website

As you evaluate whether Onelap is the right solution for you, you may choose to provide us with Personal Data about yourself, including your name and email address by completing forms on our Site, or when creating and signing into your account. You may also choose to provide us with employment and education information when you apply for a job at Onelap via our Site. We will also collect financial data such as payment card details and bank account numbers in order to process transactions for certain services.

 

In some instances, you may elect to provide us with location and address information. You may also provide us with Personal Data about yourself when you report a problem or have a question about our services.

 

The Sites offer interactive and social features that permit you to submit content and communicate with us. You may provide Personal Data to us when you post information in these interactive and social features. Please note that your postings in these areas of the Sites may be publicly accessible or accessible to other Users.

• Mobile Application

Certain information is required when creating an account to use our Services on the mobile application, such as your name, email address, gender, date of birth, height, weight, user name and password. 

 

In addition, in order to improve your experience with the Services, you may choose to provide additional information such as your gender, birth date, height, weight, location, country, FTP, physical activity, heart rate, power, cadence and eating habits.  You can choose not to provide certain information, but then you may not be able to register for the Onelap or take advantage of some features of the Services.

 

When your device syncs with Onelap’s application, certain data recorded on your device is transferred from your device to our servers.

2. Information We Obtain from Your Use of Our Services

We collect certain information automatically, such as your operating system version, browser type, and internet service provider. We also collect information about your interaction with the Services, such as creating or logging into your account, or opening or interacting with the Services on Your mobile device. When you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; Internet protocol address; cookies that uniquely identify your browser, the referring web page and pages visited.  We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties.

• Location Data

If you grant us access to your location, Onelap may collect information about your location when you use our Sites and Services. Your location can be determined by: IP address, and information about things near your device, such as Wi-Fi access points and cell towers.  When you use our Services via a wireless device, we may solicit your permission to collect your location data. Some features within our application may only function upon confirmation of your location, and therefore such features will not be available if you choose not to provide your location data to us. The specificity of the location data collected may depend on a number of factors, including the device you are using (e.g. laptop, smartphone or tablet) and how you are connected to the Internet (e.g., via cable broadband connection, WiFi). If you enable location services for our mobile application, we may collect location data periodically as you use or leave open our mobile application. We may associate such location data with Personal Data you provide to us. Depending on the platform you use to access our mobile application (e.g., Apple’s iOS, Google’s Android), you may be able to control whether location data is collected from within “Settings” or other controls on your wireless device or the mobile application.

• Device ID

When using our Services, we or our service provider may collect your unique device ID. We may use such information for internal purposes and to provide you a better experience, such as to troubleshoot application problems you may experience. We may associate device ID with personal information you provide to us.

3. Health and Other Special Categories of Personal Data

Under a federal law called the Health Insurance Portability and Accountability Act (“HIPAA”), some demographic, health and/or health-related information that Onelap collects as part of providing the Services may be considered “Protected Health Information” or “PHI.” HIPAA provides specific protections for the privacy and security of PHI and restricts how PHI is used and disclosed. Onelap handles all PHI in strict accordance with applicable laws and regulations. All Protected Health Information that Onelap processes is used and disclosed by us as a Business Associate (as defined by HIPAA) according to the terms of a Business Associate Agreement between us and that healthcare provider.

To the extent that information we collect is health data or another special category of Personal Data subject to the European Union’s General Data Protection Regulation, we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data. You can send us an email at privacy@onelap.com to withdraw your consent at any time.

4. Social Networking

When using our Services or when using certain third party social networking services (for example, Facebook or Twitter) (each a “Social Network”), you may have the option to connect your Onelap information or activity with that Social Network and its users, and to access certain of your Social Network information, as disclosed to you at the time you consent to the connection. Information we may share with a Social Network may include, but is not limited to, technical information about your Onelap activity.  Information we may access about you, with your consent, from a Social Network, may include, but is not limited to, your basic Social Network information, your location data, your lists of contacts, friends and followers, and certain information about your activities on the Social Network. If you permit a connection between a Social Network and Onelap, we and that Social Network may be able to identify you and to associate information received pursuant to that connection with information we already have about you. We recommend that you familiarize yourself with the privacy policy and privacy control options of any Social Network with which you choose to share information or to connect a Onelap Service.

5. Cookies and Similar Technologies

We and our partners use various technologies to collect and store information when you visit one of our services, and this may include using cookies or similar technologies to identify your browser or device.

 

The technologies we use for this automatic data collection may include:

 

Cookies. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our services.  For more information about our use of cookies, including details on how to opt-out of certain cookies, please see our Cookie Policy[A2].

 

Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count Users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

 

Clickstream Data. Clickstream data is information collected by our computers when you request Web pages from the Sites. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Sites.

 

Information Collected Related to California Residents

 

During the last twelve (12) months, we have collected the following categories of personal information from consumers.

Category	Type of Identifiers We Collect	Collected
A. Identifiers.	First and last name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address.	YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, physical characteristics or description, address, telephone number, credit card number, debit card number, or any other financial information, medical information.	YES
C. Protected classification characteristics under California or federal law.	Age, medical condition, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions).	YES
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	YES
E. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application logs, device data and registration, social media account information or advertisement.	YES
F. Biometric information.	Physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, heart rate, height, weight , gait, or other physical patterns, and sleep, health, or exercise data.	YES
G. Geolocation Data	Physical location or movements	YES
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	YES

We obtain the categories of Personal Data listed above from the following categories of sources:

• Directly from our customers or their agents.
• Indirectly from our customers or their agents. For example, through information we collect from our clients in the course of providing Services to them.
• Directly and indirectly from activity on our website (www.onelap.com). For example, from website usage details that are collected automatically. In addition, like many companies, we use “cookies” which are small text files a website can use to recognize repeat users, facilitate the user’s ongoing access to and use of the site and to track usage behavior of, for example, the webpages you visit.
• From social media websites, such as Facebook, Twitter, LinkedIn, YouTube, Instagram, and Pinterest.
• From third parties that assist us in providing certain transactions and services, even though it appears that you may not have left our Site.

How We Use Personal Data We Collect

Upon obtaining your consent, we use your Personal Data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:

• To present, operate or improve the Site and Services, including analysis of Site activity;
• To inform you about Services and products available from Onelap;
• To authorize access to our Sites and Services;
• To validate your identity or verify communications from you;
• To offer and administer programs;
• To customize or tailor your experience of the Services;
• To communicate about, and administer your participation in, special programs, surveys, contests, online campaigns, online programs, sweepstakes, prize draws and other offers or promotions, and to deliver pertinent emails;
• To send you confirmations, updates, security alerts, and support and administrative messages and otherwise facilitate your use of, and our administration and operation of, the Services;
• For marketing purposes, including but not limited to, facilitating interest-based advertising, creating custom audiences to target online and mobile advertising, sending integrated marketing messages across channels and devices, personalizing email marketing that we send to you, sending you other promotional materials, and notifying you about special promotions, offers, events or opportunities that may be of interest to you;
• To improve our customer service, conduct customer satisfaction, market research, and quality assurance reviews;
• To respond to and support users regarding their use of the Sites and Services;
• To process applications for employment that you submit through the Sites;
• To administer general recordkeeping;
• To comply with all applicable legal requirements;
• To perform data analysis and testing;
• To use statistical information that we collect in any way permitted by law, including from third parties in connection with their commercial and marketing efforts;
• To enforce our Terms of Use and other agreements;
• To investigate possible fraud or other violations of our Terms of Use or this Privacy Policy and/or attempts to harm our Users;
• To resolve disputes;
• To otherwise fulfill the purpose for which the information was provided. 

We and our service providers may use IP addresses to understand the locations from which our Users are accessing the Services.  Except where prohibited by applicable law or regulation, we may combine information collected through one source with information obtained through other resources. We also may supplement the information we collect with information obtained from third parties. We will treat any information that we combine with your personal information as Personal Data pursuant to this Privacy Policy.

We use information collected from cookies and other technologies, to improve your User experience and the overall quality of our services. We may use your Personal Data to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it.  We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.

We will ask for your consent before using information for a purpose other than those set out in this Privacy Policy.

Our Legal Basis for Collecting Personal Data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

 

Purpose/Activity	Type of data	Lawful basis for processing including basis of legitimate interest
To register you as a new customer	Identity Contact	Performance of a contract with you
To process financial data Manage payments, fees and charges Collect and recover money owed to us	Identity Contact Financial Transaction Marketing and Communications	Performance of a contract with you Necessary for our legitimate interests
To provide you with analytical information about your workout through the use of our apps	Identity Biometric data	Performance of a contract with you Consent
To manage our relationship with you which will include: Notifying you about changes to our terms or privacy notice Asking you to leave a review or take a survey	Identity Contact Profile Marketing and Communications	Performance of a contract with you Necessary to comply with a legal obligation Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To enable you to partake in an event, prize draw, competition or complete a survey	Identity Contact Profile Usage Marketing and Communications	Performance of a contract with you Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business) Consent
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	Identity Contact Technical	Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you	Identity Contact Profile Usage Marketing and Communications Technical	Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences	Technical Usage	Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you	Identity Contact Technical Usage Profile	Necessary for our legitimate interests (to develop our products/services and grow our business) Consent
To manage our after-sales relationship with you, including: Assisting you with warranty issues Contacting you in relation to product recall	Identity Contact Profile Transaction	Performance of contract with you Necessary to comply with a legal obligation Necessary for our legitimate interests (to keep our records updated)

Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.

Your Failure to Provide Personal Data

 

Your provision of Personal Data is required in order to use certain Services and programs.  In some instances, if you fail to provide such Personal Data, you may not be able to access and use our Services, or parts of our Services. 

 

Our Retention of Your Personal Data

 

We use and retain your Personal Data for as long as necessary to fulfill the purpose for which it is being processed, to carry out legitimate business interests, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).

 

After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.

 

Sharing Personal Data

 

Onelap may disclose your Personal Data to commercial providers for a business purpose, which include verifying your identity when making a payment. When we disclose Personal Data for these reasons, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Data confidential and not use it for any purpose except for the purposes set forth in the contract.

In the preceding twelve (12) months, we have disclosed the following categories of Personal Data for one or more business purposes:

• Identifiers;
• California Customer Records Personal Information categories;
• Protected classification characteristics under California or federal law;
• Commercial information;
• Internet or other network activity information;
• Biometric Information;
• Geolocation Data;
• Sensory Data.

We disclose your Personal Data for a business purpose to the following categories of third parties:

• Our affiliates;
• Service providers and other third parties we use to support our business, including without limitation those performing core services (such as billing, credit card processing, customer support services, customer relationship management, accounting, auditing, administering sweepstakes, surveys, advertising and marketing, analytics, email and mailing services, data storage, and security) related to the operation of our business and/or the Services, and making certain functionalities to our Users;
• Commercial providers;
• Enterprise accounts, such as your employer;
• Third parties to whom you or your agents authorize us to disclose your Personal Data in connection with the services we provide to you.

We may disclose your Personal Data for legal reasons. Specifically, we will share Personal Data with companies, organizations or individuals outside of Onelap if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:

• Fulfill any purpose for which you provide it;
• Meet any applicable law, regulation, legal process or enforceable governmental request;
• Enforce applicable Terms of Use, including investigation of potential violations;
• Detect, prevent, or otherwise address fraud, security or technical issues;
• Protect against harm to the rights, property, assets or safety of Onelap, our Users or the public, content found on the Services, or to protect the Services from unauthorized use or misuse, as required or permitted by law;
• Facilitate a business transfer, such as to a buyer or other successor in the event of merger, acquisition, consolidation, divestiture, change in control, dissolution or other sale or transfer of some or all of Onelap's assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Data held by Onelap about its Users will be among the assets to be transferred, and any such successor may use your information for the same purposes set forth in the Privacy Policy.
• For any other purpose disclosed when you provide the information; and,
• When we obtain your consent to do so.

We attempt to notify you about legal demands for your Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

• Entrustment of Processing Personal Data

Onelap complies with the Personal Information Protection Act  and Act on Promotion of Information and Communications Network Utilization and Information Protection (IT Network Act when we entrust a third party with the processing of Personal Data. Onelap may disclose Personal Data to service providers to act under Onelap’s instructions regarding the processing of such data. Any third party entrusted with processing personal data will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the Personal Data. 

Entrusted Third Party	Entrusted Assigned Task
Google Analytics	Google Analytics is an ad management and ad serving technology. Google Analytics places cookies on the Onelap Sites so that Onelap can record how many signups and leads originated from its marketing activity.
Google Search Console	Google Search Console is used by Onelap for advertising.
Facebook	Facebook is used by Onelap for advertising, display ads and retargeting.
LinkedIn	LinkedIn is used by Onelap for advertising, display ads and retargeting.
Twitter	Twitter is used by Onelap for advertising, display ads and retargeting.
Instagram	Instagram is used by Onelap for advertising, display ads and retargeting.
YouTube	YouTube is used by Onelap for advertising, display ads and retargeting.
Mapbox	View your uploaded outdoor workouts map track on onelap
Strava	Voluntarily share your workouts to strava.
Trainingpeaks	Voluntarily share your workouts to trainingpeaks.

 

Sale of Personal Data

In the preceding twelve (12) months, we have not sold any Personal Data.

Your Rights and Choices

You may have certain rights relating to your Personal Data, subject to local data protection law. Whenever you use our services, we aim to provide you with choices about how we use your Personal Data. Subject to applicable law, you may obtain a copy of Personal Data we maintain about you. In addition, if you believe that Personal Data we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the “How to Contact Us” section below. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information.

• Privacy Rights Specific to California Residents

Under the California Consumer Privacy Act, California residents have specific rights regarding their personal information. This section describes Californians’ rights and explains how California residents can exercise those rights.

Below we further outline specific rights which California residents may have under the California Consumer Privacy Act.

• Right to Access Your Data. You have the right to request that we disclose certain information to you about our collection, use and disclosure of your Personal Data over the past twelve (12) months. Any disclosures we provide will only cover the 12-month period preceding the receipt of your request.  The response we provide will also explain the reasons we cannot comply with a request, if applicable.  
• Right to Data Portability. You have the right to a “portable” copy of your Personal Data that you have submitted to us.  Generally, this means you have a right to request that we move, copy or transmit your Personal Data stored on our servers or information technology environment to another service provider’s servers or information technology environment.
• Right to Delete Your Data. You have the right to request that we delete any of your Personal Data that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Data from our records, unless an exception applies.
• Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for exercising your privacy rights conferred by the California Consumer Privacy Act.

 

• Exercising Your Rights

If you are a California resident who chooses to exercise your rights, you can submit a request via email to privacy@onelap.com.

You may also designate an agent to exercise your privacy rights on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification.

 

• Our Response to Your Request

Upon receiving your request, we will confirm receipt of your request by sending you an email. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. In some instances, such as a request to delete personal information, we may first separately confirm that you would like for us to in fact delete your personal information before acting on your request.

We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing.  If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Data for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

1. Complete the transaction for which we collected the Personal Data, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
3. Debug products to identify and repair errors that impair existing intended functionality;
4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent;
7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
8. Comply with a legal obligation; or
9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

• Privacy Rights Specific to European Union Residents

The European Union’s General Data Protection Regulation (“GDPR”), and corresponding legislation in the United Kingdom and Switzerland, provide European, Switzerland and United Kingdom residents with certain rights in connection with Personal Data you have shared with us. If you are resident in the European Economic Area, you may have the following rights:

 

• The right to be informed. You are entitled to be informed of the use of your Personal Data.  This Privacy Policy provides such information to you.
• The right of access. You have the right to request a copy of your Personal Data which we hold about you.
• The right of correction. You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date. 
• The right to withdraw consent. You have the right to withdraw a previously given consent for processing your Personal Data for a specific purpose.
• The right to be forgotten. You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data.  Note, however, that deletion of your Personal Data will likely impact your ability to use our services.
• The right to object (opt-out). You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time. 
• The right to data portability. You have the right to a “portable” copy of your Personal Data that you have submitted to us.  Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers or information technology environment to another service provider’s servers or information technology environment.
• The right to refuse to be subjected to automated decision making, including profiling. You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
• The right to lodge a complaint with a supervisory authority. You have the right to lodge complaints about our data processing activities by filing a complaint with us or with the relevant Supervisory Authority. A list of Supervisory Authorities is available here:  http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. 

 

You may exercise any of the rights described in this section by sending an email to via email to privacy@onelap.com. All customers or their legal representatives may update or correct information about yourself by making changes to your profile or submitting a request via email to privacy@onelap.com. Please note that we may ask you to verify your identity and request before taking further action on your request. We may respond to your request by letter, email, telephone or any other suitable method. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.

 

• Rights Specific to Hong Kong Residents

 

Onelap is required to comply with the Hong Kong law in respect of its operations there. Onelap seeks to comply with the requirements of Hong Kong’s Personal Data (Privacy) Ordinance (“PDPO”).

 

Onelap’s Privacy Policy shall apply to its operations in Hong Kong, and this section should be read along with the Privacy Policy, including Section III, “Information We Collect” and Section V, “How We Use Personal Data We Collect.”

 

Use of Personal Data for Direct Marketing in Hong Kong

 

As in other jurisdictions, Onelap intends to use Personal Data collected from Hong Kong residents to send them marketing communications offering or advertising the availability of our Services (“Direct Marketing”). Under the PDPO, we may not use such Personal Data for Direct Marketing unless we have received consent from these individuals for that intended use.

 

1. Types of Personal Data

 

We may use your name, email address, mailing address and phone number and information about your preferences for Direct Marketing. These preferences may relate to both the business lines which you prefer for receiving Direct Marketing from us and the types of Services in which you are interested.

 

2. Classes of Marketing Subjects

 

Your Personal Data may be used for Direct Marketing in relation to the following:

• News and information;
• Services offered by Onelap.

 

3. Communication of Your Consent

 

You may communicate your consent to our use of your Personal Data for Direct Marketing when:

• Providing us with your Personal Data through our website, clicking on the button indicating your consent;
• Providing us with your Personal Data through a form, signing the form to indicate your consent;
• Following the instructions in the document on which you are providing your Personal Data to us.

 

If you do not agree to the use of your Personal Data for Direct Marketing, you may opt-out from receiving marketing communications from us at any time by following the opt-out instructions found in Section 8(b) of Onelap’s Privacy Policy. 

 

Your Rights and Choices Under PDPO

 

The PDPO Hong Kong residents with specific rights regarding their Personal Data. This section describes PDPO rights and explains how to exercise those rights if they apply to you.

1. Right to Access Your Data. You have the right to request that we disclose certain information to you about our collection and use of your Personal Data.  We have 40 days to produce this information. The response we provide will also explain the reasons we cannot comply with a request, if applicable.  
2. The right to rectification: If the individual discovers that the information we hold on them is inaccurate or incomplete, they can request that it be updated. As with the right to access, we have 40 days to do this, and the same exceptions apply.

 

Exercising PDPO Rights

 

To exercise your rights, please submit your request to privacy@onelap.com or by using the contact information provided above and we will consider your request in accordance with applicable law. For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file.  If we no longer need to process Personal Data about you in order to provide our Services or our Site, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.

 

We endeavor to respond to a verifiable consumer request within forty (40) days of its receipt consistent with applicable law.

 

We may charge a reasonable administrative fee to process or respond to your verifiable consumer request. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

Our Opt-in/Opt-out Policy

 

By providing an email address on the Onelap Sites or Services, you agree that we may contact you in the event of a change in this Privacy Policy, to provide you with any Service related notices, or to provide you with information about our events, invitations, or related educational information.

For purposes of this Privacy Policy, “opt-in” is generally defined as any affirmative action by a User to submit or receive information, as the case may be.

We currently provide the following opt-out opportunities:

1.      At any time, you can follow a link provided in offers, newsletters or other email messages (except for e-commerce confirmation or service notice emails) received from us to unsubscribe from the service.    

2.      At any time, you can contact us through privacy@onelap.com or the address or telephone number provided below to unsubscribe from the service and opt-out of our right per your consent under the terms of this Privacy Policy to share your Personal Data. 

Notwithstanding anything else in this Privacy Policy, please note that we always reserve the right to contact you in the event of a change in this Privacy Policy, or to provide you with any service related notices.

Third Party Links

The Sites may contain links to webpages operated by parties other than Onelap. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to the User to take precautions to ensure that whatever links the User selects or software the User downloads (whether from this Site or other websites) is free of such items as viruses, worms, trojan horses, defects and other items of a destructive nature. These websites and services may have their own privacy policies, which the User will be subject to upon linking to the third party's website. Onelap strongly recommends that each User review the third party's terms and policies.

International Transfer

 

Onelap is based in the People’s Republic of China. We may collect, process, store and transfer the Personal Data we collect in the People’s Republic of China or in another country outside your own, in accordance with applicable privacy laws. By submitting your Personal Data or engaging with our Sites, you consent to the transfer, collection, storage or processing of your Personal Data.

We may, directly or indirectly through third-party entities around the world, process, store, and transfer the information you provide, including your Personal Data, as described in this Privacy Policy. Specifically, the information and Personal Data that we collect may be transferred to, and stored at, a location outside of your jurisdiction. It may also be processed by staff operating outside of your jurisdiction who work for us or for one of the organizations outlined in this Privacy Policy in connection with the activities outlined in this Privacy Policy. By submitting your information and Personal Data using the Sites, you agree to this transfer, storing or processing. We will take all steps necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy. We have put in place commercially reasonable technical and organizational procedures to safeguard the information and Personal Data we collect on the Sites.

How We Protect Personal Data

 

Onelap maintains administrative, technical and physical safeguards designed to protect the user's Personal Data and other information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use in compliance with China Cybersecurity Law of 2017. For example, we and/or our service providers use commercially reasonable security measures such as encryption, firewalls, and 2048-bit Secure Socket Layer software (SSL) or hypertext transfer protocol secure (HTTPS) to protect Personal Data. 

 

Although we take reasonable steps designed to protect your Personal Data, please be advised that no security system or means of transmitting data over the Internet can be guaranteed to be entirely secure (including without limitation with respect to computer viruses, malicious software and hacker attacks). We cannot and do not guarantee or warrant the security of your Personal Data or any information you disclose or transmit to us. We are not responsible for the acts of those who gain unauthorized access, and we make no warranty, express, implied or otherwise, that we will prevent such access, and we are not responsible for any damages or liabilities relating to any such incidents to the fullest extent permitted by law. Where required under law, we will notify you of any such loss, misuse or alteration of Personal Data that may affect you so that you can take the appropriate actions.

 

For your own privacy protection, we urge you to keep all passwords confidential. We also recommend that you do not include sensitive information such as passwords, social security numbers or payment information, in any emails that you send to us. If you become aware of any breach of the terms of this Privacy Policy or of the security of the Services, please notify us by email at privacy@onelap.com.

Children’s Privacy

The Sites and Services are not designed or intended to be used by anyone under the age of 18. If you are under the age of 18 (or a minor in the jurisdiction in which you are accessing our Sites or Services), do not use the Services, or make purchases via the Services, use any interactive features of the Services, or post any Personal Data to our Sites or submit any Personal Data via the Services. We do not knowingly or intentionally gather Personal Data about children who are under the age of 18.  If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under age 18 in the applicable jurisdiction, please contact us privacy@onelap.com. If we learn that we have inadvertently collected the Personal Data of a child under 18, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible and cease the use of that information in accordance with applicable law. 

Direct Marketing and “Do Not Track” Signals

Onelap does not track its users over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.

California residents are entitled to contact us to request information about whether we have disclosed Personal Data to third parties for the third parties’ direct marketing purposes. Under the California “Shine the Light” law, California residents may opt-out of our disclosure of Personal Data to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your Personal Data with third parties for marketing purposes. To make such a request you should send (a) an email to privacy@onelap.com with the subject heading “California Privacy Rights,” or (b) a letter addressed to 207 Room No. 2 Building, 130 JiuShui Dong Road, Qingdao International Innovation Zone, LiCang District, Qingdao, Shandong, China, Attention: Privacy Inquiry.  In your request, please attest to the fact that you are a California resident and provide a current California address for our response. Please be aware that not all information sharing is covered by the California privacy rights requirements and only information on covered sharing will be included in our response.  We reserve our right not to respond to requests submitted to addresses other than the addresses specified in this paragraph.

Changes to this Privacy Policy

Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services or programs, email notification or privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.

How to Contact Us

Our appointed privacy representative is Heqing Dong and can be contacted at privacy@onelap.com:

If you have any questions, comments or concerns about this Privacy Policy, or if you would like to exercise the choices discussed above, please contact us:

 

Via e-mail: privacy@onelap.com

 

By writing to us:

 

Qingdao Onelap Technology Co.,Ltd.

Attn: Privacy Policy Inquiry

Room 201, Building 33, Yingshiwenhua Street, No.59 Dongchuan Road, LiCang District, Qingdao, Shandong, China

+86 0532-80928696