GENERAL DATA PROTECTION REGULATION (GDPR)

GENERAL DATA PROTECTION REGULATION (GDPR)

The SICloud IT HK CO., Ltd (“SICloud” “SiliCloud” “We” “Us”) holds the belief that it is vital that you have a full understanding of the way we collects, keep, shares and uses information and data from and about our website visitors, subscribers, customers and vendors.

Legal notices including this EU/UK GDPR Privacy Notice (“Notice”), our cookie policy and other legal notices of our website www.sicloud.hk / www.silicloud.com (“Website” “Site”), explain the details of our collection, use and disclosure of personal data:

(i) collected through the website, or

(ii) when you become a subscriber or a user of our online services (“Services”), or

(iii) when our business activities is conducted elsewhere, whenever we are in control of that data and when its processing is subject to EU GDPR or the UK GDPR (Collectively referred to as the “GDPR”).

The information collected, stored, shared, or distributed by any person or entity besides us does not abide by this policy. We will periodically renew this policy.

In terms of applicable data protection law, SICloud is the controller and administrator of the personal data collected from you through the website and the services for the purpose of conducting or developing our business with customers and vendors. In terms of this notice, personal data refer toinformation concerning an identified or identifiable person.

1. INFORMATION WE COLLECT AUTOMATICALLY

We will collect information automatically when you visit our website, or use our services. The information include but not limited to the following:

your domain;

your IP address;

your operating system;

the date, time and time span of your visit;

the type of your internet browser;

the pages you visit;

information from third parties;

other information about your computer or any device you use when using our services;

Internet traffic.

This information above can be compiled and therefore constitutes personal data. This automatically collected information will not be used to identify you by name, and we do not associate it with the information you provide spontaneously, as detailed below.

2. INFORMATION YOU PROVIDE

For the purpose of acquiring access or use certain parts of the website or services, or enjoying the optimum of the website or services, or otherwise conducting business with us or seeking to start a business relationship with us, you may be required to provide certain personal data to us in the following ways:

Subscribers of our services will be require to provide their name, their address, their e-mail, their phone number, and any other necessary billing information.

Persons sign up for membership on our website by completing registration forms will be required to provide their e-mail address.

Site visitors, and expected and current suppliers and subscribers, may provide personal data when filling in forms (for example, a “Contact us” form) on our website or at an expo or anywhere else we conduct business; by downloading documentation from our website; by subscribing to newsletters or other communications; by contacting us by phone, e-mail or otherwise providing contact information. Under the aforesaid circumstances, the personal information you give us may typically include name, business affiliation, business address, telephone number, and email address, and any personal details required to solve any questions or complaints.

This personal data is required for entering into an agreement with you (such as preparatory supply agreement, or to learn about our services) or to perform a contract with you (such as to provide our services). Any failure to provide any information may hinder us from providing requested services or products.

3. INFORAMTION FROM OTHER SOURCES

We may also acquire fraud & risk scoring data about you from third parties, namely MaxMind and Kount.

4. COOKIES

Cookies are used on our website. Please check our cookie policy https://www.sicloud.hk/legal/cookie_policy/ for more details.

5. USE OF PERSONAL DATA

The following is a synopsis about why we use your information and data. More details about how we process your personal information and data may be sent to you in a separate notice or contract.

All processing and use of your personal data can be justified by certain ground for processing. In most of the cases, processing will be justified on the basis that:

we necessarily need to process the data in order to perform a contract with you (e.g. when you become a subscriber of our services) or on our way of entering into a contract at your request (such as to fill an order), or to present you the product information you have requested;

we necessarily need to process the data to abide by a relevant legal obligation, (e.g. keeping accounting records);

It’s within our legitimate interest to process it, which are not overridden by your interests and fundamental rights. Our legitimate interests are to use subscriber, website user, supplier and customer data to operate and develop our business activities with them and with others while limiting the use of their personal data within the extent of supporting the conduct and development of our business; or you have already showed consent to the processing.

We use the personal data we collect to:

provide you with services you have subscribed for, or otherwise requested;

provide you with files or communications which you have requested;

administer and manage performance of the business contract with our business partners;

provide after-sales services;

stay in contact with users to solve their questions or complaints;

promote our services to persons whose services have expired or otherwise been cancelled;

keep you update with events, promotions, the website and SICloud’s products and services;

process, evaluate and finish certain transactions involving the Site, and more generally transactions involving SICloud’s products and services;

operate, evaluate, maintain, improve and develop the website through tracking and analysing trends, access to, and use of the website out of advertising and marketing purposes;

to increase the user experience base on tracked interests, to analyze and target potential new markets, and for other promoting purposes;

protect and ensure safety of the website, our confidential and proprietary information, and our employees;

manage, investigate and eliminate fraud, risk exposure, claims and other liabilities, including but not limited to violation of our contract terms, laws, regulations or any other legal obligation;

We also use non-personal data and aggregated information, such as the automatically-collected information, to tailor our marketing efforts or to tailor the user experience of our site for an aggregate group of customers.

SICloud will not sell or rent your personal data to third parties.

6. DISCLOSURE OF PERSONAL INFORMATION AND DATA

We may disclose personal information and data about website visitors, users of our online servies, our suppliers or customers if, in our sole reasonable discretion, we believe that it is reasonable to do so, including:

To comply with any laws, regulations, governmental or legal requests or legally-compulsive requests for such data;

Under circumstances where it is necessary to identify, contact, or bring legal action against someone who may be violating our Acceptable Use Policy or other user policies;

To ensure the safety of ourselves, our subscribers, and the general public. We may, when it is appropriate or required, disclose information (including personal information and data) to law enforcement when there is a committed or suspected crime. We may also disclose when we are forced to do so by any lawful process, discovery requests, subpoenas, court orders, writs, or reasonable request of authorities or persons with the reasonable power to lead and conduct such process;

To collaborate with law enforcement authorities, private-party litigants, and others requesting information about our end-users to the extent required by applicable law. Examples of such cooperation include lawful process including those in criminal, civil and administrative areas, discovery requests, subpoenas, court orders, writs, or reasonable request of authorities or persons with the reasonable power to lead and conduct such process;

Share your personal data with third parties regarding potential or actual transactions of our company or any of our assets, or those of any affiliated company, in which case personal data stored by us about our users may be one of the targeted assets;

7. TRANSFER OF PERSONAL DATA

If you are located in the UK or the European Economic Area (“EEA”) (including the European Union (“EU”)) and your personal information and data is transferred out of the UK or out of the EEA (as applicable) to other SICloud affiliates or to third party service providers, we will make efforts to ensure that your personal data remains the same level of protection as if it stored and kept within the UK or EEA (as applicable).

If we transfer UK data to the EEA, this is covered by the UK’s decision that EEA countries provide adequate protection for personal data.

If we transfer EEA data to the UK, this is covered by the EC’s decision that the UK provides adequate protection for personal data.

If we transfer UK or EEA data to other countries (including the United States of America), not base on an equivalent legally-adequate decision, we will make efforts to ensure your personal data remains in the same degree of protection. This may contain entering into data transfer agreements using any applicable, valid standard contractual clauses (“SCCs”) with our business partners and taking any appropriate supplementary safeguards. We currently rely on SCCs for our transfers to the USA(including to our group companies).

You reserve a right to acquire details of the mechanism under which your personal data is transferred out of the EEA or UK by contacting [email protected].

SICloud reserves the right to share any information that you provide which is not considered s personal data or is not otherwise subject to contractual restrictions.

8. CHILDREN

The website is not designed for children under the age of 16 years and SICloud does not and will not purposely or knowingly collect, store, share or use the personal data of children under 16. If you fall under that age, please do not provide any personal information to us, even if prompted by the website to do so. If you are under the age of 16 and you have already provided your personal information, please ask your parent(s) or guardian(s) to notify SICloud and SICloud will delete all such personal data with a timely manner.

9. MARKETING EMAILS

When it is legal, and subject to your consent, we may contact with you by e-mail to update you with our products and services. If you wish to opt out of such promotion activities, please use the “unsubscribe” link provided in our emails.

If you are a subscriber to our services, we may send you periodical reports about our ongoing and new programs. You may opt out of these reports by filling in the form at https://www.sicloud.hk/unsubscribe/ or by clicking the opt-out link at the bottom of these emails. You may still receive system notices and other information that is specifically relevant your subscription account, even if you opt out of these marketing emails, y.

10. SECURITY

We use different methods, including data encryption, to protect the transmission of all sensitive end-user information and data. Reasonable efforts are made to ensure the integrity and security of our network and systems. Notwithstanding, we cannot guarantee that our security measures will prevent malignant third parties from illegally obtaining this information. We take all reasonable measures to prevent such sabotage of security, but considering the resourcefulness of cyber-criminals we are unable to guarantee that our security is 100% breach-proof. The risk of such breaches to the extent that they occur despite our reasonable security measures are assumed by you.

11. RETENTION OF YOUR PERSONAL DATA

The principle of our retention of data is to fulfil the purposes for which it was collected. Generally, we keep your personal data for a period of time corresponding to a statute of limitation, for example, to maintain an accurate record of your dealings with us. Nevertheless, in some circumstances we may retain personal data for other lengths of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity or person having authority to make the request, for so long as required.

Regarding marketing, we keep your personal data for 18 months after your last use of our service or other contact you initiate.

12. EXTERNAL LINKS

Our website may contain links to third party websites. Since SICloud is not in control of nor is responsible for the privacy practices of those external websites, we encourage you to check the privacy policies of these third party sites. This Notice only applies to personal data collected by ou rwebsite or in the course of our business activities.

13. YOUR RIGHTS

Right to rescind your consent - you have the right to rescind from your consent where applicable anytime. For instance, if you wish to opt out of receiving electronic marketing communications, you can go to “settings” in your account on the website, use the “unsubscribe” link in our emails or otherwise contact us directly and we will stop sending you such information

Right of access, correction and erasure - you have the right to request access to and obtain a copy of any of your personal data that we may keep and in control of, to request correction of any inaccuracy about your information and to request the erasure of your personal data under certain circumstances. You can help yourself to check and renew most of your data online, or contact us directly at https://www.sicloud.hk/contact/

Data portability - where we are relying (as the legal basis for processing) on your consent, or the fact that the processing is necessary to perform a contract in which you are party or to on our way to enter a contract at your request, and the personal data is processed by automatic means, you can request to receive all such personal data you have provided to us in a organized, commonly used and machine-recognizable format, and also to require us to transmit it to another controller where this is technically feasible.

Right to restriction of processing - you have the right to restrict our processing of your personal data (i.e. only allow us to store it) where:

The accuracy of the personal data is questioned by you, until we have taken sufficient steps to improve its accuracy to the extent it is correct;

where the processing is unlawful but you wish the data is still kept;

where for the purposes of the processing your data is not needed by us, but you need such personal data for the establishment, exercise or defence of legal claims; or

where you have objected to processing justified on legitimate interest grounds (see below), and the verification regarding whether we have compelling legitimate grounds to keep processing.

We will not process your personal data without your consent or for the establishment, exercise or defence of legal claims where your personal data is subject to restriction

You also have the right to submit a complaint with the supervisory authority of your frequently dwelling place, place of work or place of alleged infringement, if you consider that the processing of your personal data infringes applicable law within the aforementioned jurisdiction.

You can object to processing (including profiling) based on legitimate interest grounds. while we are relying upon legitimate interests to process personal data, you have the right to object to that processing. If you submit such objection, we must stop that processing until we compelling legitimate grounds for the processing that override your interests, rights and freedoms is showed, or we need to process the personal data for the establishment, exercise or defence of legal claims. However, we believe that we can demonstrate such compelling legitimate grounds can be proved where we rely upon legitimate interest as a basis for processing, but we will seriously review each objection on an individual basis.

you have the right to object to our use of your personal data (including profiling) for direct marketing purposes, e.g. we may use your personal data to introduce certain event we think you might be fond of to you.

If you wish to exercise any of your aforesaid rights, or if you have any questions or complaints regarding the processing of your personal data, please do not hesitate to contact us as indicated in Contact Information https://www.sicloud.hk/contact/

14. CHANGES TO THIS NOTICE

We reserve the right to revise, update, or modify this notice and our other policies and agreements at any time and in any manner. You should periodically open this page, click the

“refresh” button and check for any renewals of this notice

Please note the date of latest revision to this notice, which is right at the top of this notice.

If the “last modified” date remains unchanged after you have refresh, you may presume that no updates have been made since your last reading of the notice. Otherwise, a changed “last modified” dates indicates that this notice has been updated or at least edited, and the updated or edited version overrules the previous versions immediately upon posting.

15. CONTACT INFORMATION

If you have any inquiries in relation to this notice or you wish to exercise any of your rights, please contact us at:

https://www.sicloud.hk/contact/