Phone:
+86-2164856633Shanghai Rock International Trading Co., Ltd.(collectively, "GOX", "us", "We" and "our") respect your privacy and take the security of your personal information very seriously. We may collect and use your personal information when you use our products and/or services based on your consent, contract relationship, legitimate interest, or other applicable legal ground.
GOX Privacy Policy (hereinafter referred to as “this Policy”) describes how we collect, use, store, share and transfer your personal information, and the ways we provide for you to access, update, delete, and protect your personal information.
Please read and understand this Policy carefully before submitting your personal information to GOX. In addition, you should access our website to get the latest update on this Policy.
This Policy applies to the processing of personal data in relation to Caltta’s websites, products, and services that display or link to this Policy.
This Policy will help you understand the following content:
1. How we collect and use your personal information.
2. How we use cookies and other similar technologies.
3. How we share, transfer and disclose your personal information.
4. How we access and manage your personal information.
5. How we protect and store your personal information.
6. How we protect children’s personal information.
7. How your personal information is transferred across borders.
8. How to update this Policy.
9. How to contact us.
Because GOX provides a variety of products and services, this Policy may not cover all possible scenarios for personal information processing. Any specific information relating to the processing of personal data in the context of GOX’s products or services may be described in the privacy policy of related products or services, or may be released in any notice that is given during the collection of data.
If you have any questions about this Policy, please send an email to diki.ding@gox-outdoor.com to contact us.
1. Collection and Use of Personal Information
“Personal Information” refers to any information relating to an identified natural person or an identifiable natural person. An identifiable natural person means a natural person that may be identified directly or indirectly through, for example, his/her name, ID card number, location data, and network identifier as well as his/her economic, cultural and social identify.
Your personal information will be collected directly or indirectly by your use of our products, services or websites, or when you interact with us, such as calling our hotline, creating a website account, participating in our brand activities, through which your personal information is directly provided to us. Moreover, by using cookie and other technologies, our websites may indirectly record your personal information.
We may collect your personal information for the following purposes:
· Fulfill a purchase order.
· Create and manage your account.
· Register you or your devices for service purpose.
· Provide the services or functions you have requested.
· Provide you with our information subscription service.
· Provide your devices with our after-sales maintenance service.
· Provide you with online consultation, recommendation, complaint, and other customer services.
· Send important security or upgrade service notices to you.
· Analyze the service access data to improve our products and services.
· Provide you with a good user experience of using our websites or products.
· View your error reports, and conduct product troubleshooting.
· Improve our loss prevention and anti-fraud plans.
· Comply with and enforce applicable legal requirements.
· Other purposes approved by you.
When using your personal information for other purposes not specified in this Policy, or for purposes are contrary to the purposes approved by you in advance, we will seek your prior consent for our products or services. For example, we will display an update by means of pop-ups or bold fonts, and you may choose to accept or deny the update. You have the right to withdraw your consent at any time in accordance with the laws and regulations, but this maybe cause the function limitation of the product or service.
You fully know and understand that under any of the following circumstances in accordance with applicable laws and regulations, we may collect and use your personal information without your prior authorization or consent:
1. Any information processing relating to national security or national defense.
2. Any information processing relating to public security, public health, or major public interests.
3. Any information processing relating to criminal investigation, prosecution, trial, enforcement of judgment, or other legal process.
4. Any information processing that is critical for protecting vital interests of the subject of personal information or other individuals.
5. Any information processing necessary for lawful news reports.
6. Any information processing necessary for us to comply with the applicable laws and regulations.
The personal information collected by us is classified into the following categories:
1) Account information
When you register a service account of GOX , you need to provide your mobile phone number or email address for authentication. You may also provide supplementary information such as your head portrait, nickname and date of birth. When you log in (you may refuse to access our products or services by this means) a GOX service platform by using a third party account (such as the account for Facebook, Twitter or WeChat), we will, after obtaining your authorization, get your authentication information from the third party servers. GOX server will keep your access tokens granted by the third party platform, and share such access tokens among various services used by you to prevent you from repeatedly logging to the third party servers.
2) Device information
If some services are designated for specific device models (such as specific mobile phone models) or applications, we will, before and after service provisioning, collect the information relating to your device, including the device model, system version, UUID, network status, active information and exception information of applications, and IP address to accurately match the services.
3) Location information
When you use the GOX terminal software with location function (such as family member location and mobile phone finder), based on your consent, we might collect and process the information relating to the specific location of you/your terminal device. However, we will not continually collect your location information to track your whereabouts.
4) Purchase order information
If you go online shopping on our websites, we need to collect the information about your address, name, phone number, postcode, and the products/services purchased by you when our system generates a purchase order.
5) After-sales information
If you require us to provide the after-sales service or report to us any problem occurred when using our products or services, we may collect the information about your name, phone number, device, and fault description necessary for the after-sales service. You may provide us with your personal information according to the services you need. For instance, if you require the mailing service from our After-sales Dept., you need to provide us with information about your name and address.
6) Service access information
We may also record the information about your behaviors by information collection function when accessing related services of GOX , including your access time, search and query entries, network ID, and IP address. In addition, to the extent permitted by law, we may obtain your personal data from lawful public and commercial sources of data.
7) Other information
For certain services of GOX , such as the cloud backup and cloud drive provided by Caltta applications, information such as your contact list, messages and photos may be stored in GOX servers. If you are unwilling to provide such information, you may reject the services, but may not be able to use the related services, or may only be able to use part of service functions. When you submit your job application to our websites, we may require you to provide your resume.
Usually, sensitive personal information refers to special personal information relating to the following aspects: race or origin of nationality, political views, religious belief, philosophical belief, membership of trade union, personal gene data, biometric data, health data, sexual life, and sexual orientation. Under certain circumstances, the sensitive personal information may include the criminal charges or judgment, accurate geographic location, financial status, bank account, social security number, driver license number, passport number, and other unique identifiers issued by governmental authorities.
If you purchase our products or services, we may collect or process the information about your bank card or other sensitive payment information. Under such circumstances, we will process your sensitive personal information in line with applicable law, or with your prior consent.
2. Cookies and Other Similar Technologies
Our websites use cookies and other similar technologies to distinguish your from other users. Therefore, when you browse our websites, we will provide you with good user experience, and keep improving our websites.
A cookie is a small file of letters and digits. If you agree, we will store the cookies in the memory or hard drive of your computer or mobile device, and then use such cookies as labels for identifying your computer or mobile device.
Cookies are often classified as “session cookies” or “persistent cookies”. Session cookies help you effectively browse our websites and track your page-to-page progress, so that you do not need to repeat the information you provide for the current visit. For instance, when you switch the web pages, your shopping cart will not be set at empty. Session cookies are stored in the temporary memory and are deleted when the browser is closed. Persistent cookies can store the user preferences that are stored on your device and are still valid when you restart your browser. For instance, we use the persistent cookies to record your selected language, country/region, font size, or the settings. With the help of cookies, you do not need to reconfigure the settings when you access our websites next time.
You may clear all cookies stored on your computer, or directly delete all cookies stored on your device. However, if you do so, you need to change the settings every time you access our websites. Most browsers have the ability to block the cookies. If you hope to manage the cookies through the browsers, you may consult the instructions of browser developers, or search the internet. For more information about cookies, please check the website AboutCookies.org.
In addition to cookies, we will use web beacons, pixel tags, and other similar technologies in our websites. For instance, we will send an account activation link to your email box. By using the aforesaid technologies to track your clicks on our websites, we can know your preferences for our products and services, and improve the service for our customers. Usually, web beacons are transparent images that are embedded in the websites or emails. With the help of pixel tags in emails, we can know whether the emails are opened or not. If you hope that your behaviors would not be tracked by this means, you can, at any time, change the setting of your email box to reject the tracking, or log in our related service websites to unsubscribe our mail service.
If you set the “Do Not Track” in your browser, our service websites will respect your choice.
In that case, we will not use cookies for the aforesaid purposes.
3. Sharing, Transfer and Disclosure of Personal Information
In order to ensure the security of your personal information, we will follow the principle of minimization when sharing, transfer or disclosing your personal information:
a. As a multinational corporation, we may share your personal information with our subsidiaries if necessary, so that we can offer timely services to you.
b. We may share the minimal and necessary information with our business partners, so that we can provide you with services relating to after-sales maintenance and transportation of goods.
c. For the transfer of your personal information during merger, acquisition, bankruptcy liquidation, asset transfer, or other similar transactions, we will require the new company or organization possessing your personal information to be bound continuously by the requirements, commitments and safeguards described in this Policy. For instance, the new company or organization should not use your personal information beyond the said purposes. Otherwise, we will require the new company or organization to reapply for corresponding authorization from you.
d. We may also disclose your personal information to the law enforcement agencies/governmental authorities if we believe that such disclosure of your personal information complies with any applicable law or responds to related legal process.
We will sign stringent data processing agreements with all companies, organizations and individuals that share your personal information. In addition, we will require them to process your personal information in strict compliance with our security standards, requirements of this Policy, and related confidentiality and security regulations. If we share, transfer or disclose your personal information in a country where there are no applicable laws enforcing the protection of personal information at the level similar to that in the country where you are located (for instance, your personal information is transferred from European Economic Area to a country that has no applicable law for the protection of personal information), we will handle the related issues according to Article 7 of this Policy to guarantee the lawful transfer and security of your personal information.
4. Access and Management of Personal Information
If you submit your personal information to us, please ensure the accuracy of such information. If your personal information has changed (for instance, your address has been changed), you are obliged to update your personal information in a timely manner.
For requirements by applicable laws, you may: (1) have access to your personal information we have held; (2) update or correct any of your inaccurate personal information; (3) refuse to allow us to use your personal information; and (4) require us to limit or delete your personal information, and (5) require us to comply with your request for data portability
When you claim the said rights, we may require you to submit a written request and may verify your identify. Usually, we do not charge anything for such processes unless your request goes beyond the limit of conventional requirements. When accessing or managing your personal information, if you have any questions, please contact us as per the contact information set out in Article 9 of this Policy.
5. Protection and Storage of Personal Information
By strengthening the physical, administrative and technical safeguards (such as the access control system, monitoring system, encryption, anonymization, pseudonymization, and security training on employees) of personal information, we will endeavor to protect your personal information from unauthorized access, use, disclosure, modification, damage, loss and any other forms of unlawful processing. With a specialized business continuity plan, we are able to guarantee continuous service for our customers. We will formulate our information security policy and procedure in strict compliance with international standards, and will review and update such policy and procedure from time to time. In addition, we will invite the third parties to inspect our security measures to meet our business demands as well as our requirements for technical change and supervision. The headquarters and some subsidiaries of GOX have passed the ISO27001 information security authentication. Therefore, we are able to guarantee the security of your personal information.
To the extent permitted by law, we will store your personal information. After accomplishing the related businesses, we will, on the precondition of not breaching the applicable laws and regulations, delete your personal information in a timely manner. For instance, when you close your account on our online shopping mall, we will delete all of your registration information. Usually, your personal information is stored in the location where the business is operated. However, your personal information may be in a location outside your country, which depends on the location of our data center. We will take efficient measures to guarantee that the personal information collected by us would be processed in line with this Policy and the laws applicable to the data storage location. To the extent permitted or required by law, we will notify you of any loss, abuse or alteration in your personal information, so that you can take appropriate measures to safeguard your rights.
6. Protection of Children’s Personal Information
Children’s personal information needs special protection. GOX will not intentionally collect the personal information from children without prior consent of their parents or guardians. For children’s personal information collected with prior consent of their parents or guardians, we will only use or disclose such information in accordance with applicable local laws and the express consent of their parents or guardians. If GOX finds any personal information of children that is collected without prior consent of their parents or guardians, we will delete such information as soon as possible.
7. Cross-border Transfer of Personal Information
GOX is a multinational corporation. Generally, we will process your personal information in the country/region where you use our products or services. However, we may transfer your personal information to other country/region that may have different laws for the protection of personal information. For instance, in order to solve a failure of product, we may transfer the log file, which contains your personal information, to the research institutes of GOX for further analysis. Wherever we transfer such personal information, we will inform you the destination, recipient and related information and take efficient measures to comply with this Policy and applicable local laws. For instance, to transfer your personal information, we will seek your prior consent or sign a necessary data transfer contract with you.
8. Update of this Policy
We may update this Policy from time to time. If this Policy is revised, we will promptly release the latest revised version of this Policy on our official website. You agree to visit these web pages regularly to check any such revisions. If there is any major change to this Policy, we will notify you of such change by means of email, text message or pop-ups. Major change to this policy refers to the reduction of user rights or obligations that are committed in this Policy and are related to the processing of personal information, change to the purposes for the processing of personal information, change to the type of sensitive personal information, or change to the ownership structure (such as acquisition, merger or bankruptcy) of the company.
9. Contact Us
If you have any question about this Policy, or have any request or query for your personal information, please send an email to diki.ding@gox-outdoor.com to contact us. We will reply within 30 days.
Recipient: Compliance Management Dept.
Address: 18F, 82Bldg, No.1198, QinzhouBei Road, Xuhui District, Shanghai
Postcode: 200233
If you are not satisfied with our reply or with the way that we process your personal information, you may file a complaint or report to any local regulatory.
· China: Cyberspace Administration of China (http://www.cac.gov.cn) or local public security bureau, or administration for industry and commerce.
· European Union: for more information about the data protection regulators in different member states, please click the following link: https://ec.europa.eu/info/strategy/justice-and-fundamental-rights/data-protection/data-protection-eu_en#dataprotectionauthorities
· In other regions, for more information about the personal information regulators, please consult the local government.