ChinaCache

Contact Us

Privacy Policy

 

ChinaCache North America, Inc., and  its parent and affiliates, including, but not limited to, ChinaCache International Holdings Ltd., ChinaCache Networks (UK) Limited, ChinaCache Networks (Hong Kong) Limited and Beijing Blue I.T. Technologies Co., Ltd.  (collectively, "ChinaCache," the "Company," "we," "us," or "our"), are committed to safeguarding the privacy of visitors to our website, contacts for our customers and prospective customers (“Customers”), contacts for suppliers of goods and services to the Company, candidates for employment or engagement, and any other individuals about whom the Company obtains personal information (each, "you"). This Privacy Policy, which sets out the principles and practices governing the Company’s use of personal information that we may obtain about you, will help you understand how the Company collects, uses, and otherwise processes your personal information as well as the rights that you have in relation to our processing of that information. In this Privacy Policy, “personal information” means information that (either in isolation or in combination with other information held by the Company) enables you to be identified or recognized.

ChinaCache is the data controller in relation to any personal information that the Company processes about you and is responsible for ensuring that such processing complies with applicable data protection laws, including the European Union General Data Protection Regulation (the “GDPR”), the California Online Privacy Protection Act, the California Consumer Privacy Act and China Cybersecurity Law. Your privacy is important to us. Please be aware that Company personnel are required to comply with the Company's data privacy practices as set out in this Privacy Policy and other data privacy-related Company policies.

Please click on the link below for the contact details of ChinaCache offices and affiliated entities in your jurisdiction: https://en.chinacache.com/contact/.

Questions and Data Protection Officer Contact

If you have any comments or questions in connection with this Privacy Policy, would like to correct or request (in accordance with applicable law) information that we hold relating to you, or would like further information on our processing activities and your rights in relation to your personal information, please contact us as follows:

In the European Economic Area (“EEA”)—

By post: Data Protection Officer, ChinaCache Networks (UK) Limited, WeWork, 2 Eastbourne Terrace, London, England, W2 6LG

By e-mail: emea@chinacache.com

By phone: +44 (20) 3728 1161

Outside of the EEA—

By post: ChinaCache North America, Inc., Attn: Legal Department, 21700 Copley Drive, Suite 300, Diamond Bar, CA 91765, United States

By e-mail:  ccna-legal@chinacacheglobal.com

By phone: (toll free) 1-866-998-3399

Information Collection

Although you are not required to provide any personal information on the public areas of our website, you may choose to do so by completing our “Contact Us” and other online communication forms. Should you do so, we may, for example, keep a record of your name, email address, and any other information you voluntarily provide to us.

Additionally, we may collect the following categories of personal information from you in the course of business, including through your use of the website, when you contact or request information from us, when we provide services to Customers for which you are a representative, or when we receive goods and services from suppliers for which you are a representative:

  • Identification data, such as name, gender, title, job title, or address.
  • Contact information, including your phone number(s) and your email address and perhaps social media account information where applicable.
  • Job applicant data, such as identification data and contact information, resumé and other data provided by you or third parties (e.g. recruiters) via email on our website, online recruitment portal (where applicable) or offline in connection with job openings, which may be subject to additional local requirements based on the country for which the position is advertised.
  • Legal and regulatory compliance data as required for purposes such as, to the extent applicable to us, know your customer, anti-money laundering, and market abuse regulations requirements, or as part of our Customer onboarding process, which may include detailed due diligence data.
  • Other service data, such as personal information relevant to the provision or receipt of services, in relation to any of your employees, Customers or suppliers, and Customer feedback.
  • Cookie and device data, such as information about your visit of our website, IP address, device identifier, browser type and version, operating system and network, location and time zone setting.

We may supplement the information that you provide to us with information that we receive or obtain from other sources, such as from our staff or personnel, Customers, professional advisers, partners, and agents of ChinaCache, third parties with whom we interact, and publicly available sources.

Information we process as described in this Policy may also include information about third parties such as your spouse or co-worker, for example, whose details you supply to us.

A Special Note Regarding Our Customer's Content

Our primary Services enable our Customers to deliver digital content to individuals and entities who desire to access such content (our “Customers' Customers”). For example, if you access a news video from one of our media Customers’ websites, that video content is delivered across our content-neutral transitory network to you as our Customer's Customer. The scope of our Services is subject to the contractual agreements that we enter into with our Customers. Each of our Customers fully controls and is responsible for the content that it permits to be delivered using our network. We have no control over our Customer’s content that is delivered over our network, and we have no direct relationships with the individuals whose personal information our Customers may process through our network. We are merely a conduit by which our Customer delivers content to our Customer's Customers for consumption, and as such, we may “process” (in our case, allowing such data to transit our network without our collection, handling, management or interference with such data) our Customers’ content in accordance with instructions and permissions given to us by our Customers. An individual who seeks access to, or who seeks to correct, amend, or delete inaccurate data controlled by our Customer should direct this inquiry to our Customer. If the Customer then requests us to remove copies of the data from our network, we will respond to their request within 30 business days.

Systems Used to Process Data

We gather information directly from you and also via our websites and other technical systems. These may include, for example, our:

  • computer networks and connections
  • communications systems
  • email and instant messaging systems
  • intranet and Internet facilities
  • telephones, voicemail, mobile phone records
  • other relevant systems and other hardware and software owned, used or provided by or on behalf of us.

Information Usage/Processing

We may use your personal information for the following purposes and, for each purpose, based on the following legal grounds:

  • Administration of Customer and supplier relationships – we use identification data, contact details, and other service data, including for the processing of invoices, the updating of Customer records, and the management of our supplier relationships. This processing is necessary to perform our contracts with our Customers and suppliers.
  • Addressing Customer, prospective Customer and supplier inquiries/feedback – we use identification data, contact details, and other service data for this purpose. This process is necessary to perform our contract with our Customers and suppliers. It may also be necessary for our legitimate interests to establish or maintain a relationship with our Customers and suppliers; it is also in your interest to receive a response from us when you contact us.
  • Sending relevant marketing messages and inviting you to events/seminars – we use identification data, contact details, cookie and device data, and mailing list data to communicate with our Customers through their representatives by way of email alerts and other communications to provide our Customers with information about our Services that may be of interest. This processing is necessary for our legitimate interest to send our Customers tailored marketing messages and Customer information.
  • Improving our website – we use cookie and device data and statistical analysis to improve the functionality and user-friendliness of our website. This processing is necessary for our legitimate interests to constantly monitor and improve our online presence and Services to you.
  • Keeping our website and IT systems and processes safe – we use identification data, contact details, cookie and device data, and other service data. This processing is necessary to perform our contract with our Customers and suppliers and to ensure the security and confidentiality of your data. It is also necessary for our legitimate interests to prevent illegal activities, including fraud and unauthorized access, which could harm you and us.
  • Complying with legal or regulatory inquiries/requests – we may use identification data, contact details, cookie and device data, for legal and regulatory compliance purposes (gathering information, for example, as part of investigations by regulatory bodies or in connection with legal proceedings or requests), including for (a) anti-money laundering or fraud detection purposes, (b) completion of statutory returns, (c) fulfillment of the Company's contractual obligations, (d) ensuring business policies are adhered to, (e) operational reasons, such as recording transactions, training and quality control, (f) ensuring the confidentiality of commercially sensitive information, (g) security vetting, (h) credit scoring, and (i) checking investigating claims, complaints and allegations of criminal offenses. This processing is necessary for the purpose of complying with legal requirements that apply to the Company.
  • Recruitment – personal information about job applicants is collected and processed for purposes of screening, identifying, and evaluating candidates for positions; record-keeping related to hiring processes; analyzing the hiring process and outcomes; and conducting background checks, where and to the extent permitted by applicable law, which may also be subject to relevant local recruitment privacy policy. If you are hired by the Company, this data will be transferred to our employee record files for the purpose of your employment. This processing is necessary in order to take steps at the request of the job applicant in the context of recruitment prior to entering into a contract. In addition, job applicant data and legal and regulatory compliance data may be used as necessary to comply with legal, regulatory, and corporate governance requirements.
  • Publishing of testimonials from you as a representative of one of our satisfied Customers - we may use Customer-provided information or information that you provide to enable us to display personal testimonials of individual representatives of satisfied Customers on our website or other media. This processing is necessary for our legitimate interest to substantiate the usefulness of our Services to prospective Customers.

Information Sharing

We may share your personal information with the following categories of recipients:

  • amongst the group of ChinaCache entities in order to provide our Services to our Customers;
  • our suppliers that will process your personal information on our behalf and under our written instructions to carry out their services during the course of our business, such as IT service providers, customer relationship management databases and other cloud-based solutions, third party companies providing us with business analytics and statistics to assist with our marketing campaigns, and third party venues in which we may host events. We contract with such suppliers to ensure that they process your personal information only under our instructions and ensure the security and confidentiality of your personal information by implementing the appropriate technical and organizational measures for such processing;
  • any law enforcement, regulatory, or government agency requesting personal information in connection with any inquiry, subpoena, court order, or other legal or regulatory procedures, with which we would need to comply. We may also share personal information to establish or protect the Company's legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims;
  • any third party connected with business transfers; we may transfer your personal information to third parties in connection with a reorganization, restructuring, merger, acquisition, or transfer of assets of the Company, provided that the receiving party agrees to treat your personal information in a manner consistent with this Privacy Policy; and
  • with members of the public who visit our website in the case of our display of personal testimonials of individual representatives of satisfied Customers on our website or other media.

Please note that the Privacy Policy covers the ChinaCache website only. We are not responsible for the data policies or procedures or content of any linked websites. We recommend that you check the privacy and security policies of each website you visit.

Marketing Choices

We may send you direct marketing messages including by way of email alerts provided that we have a lawful ground to do so. If you no longer wish to receive our email marketing or general information communications, to be part of a mailing list, or to receive any marketing communications, you can opt-out of such communications at any time by clicking on the unsubscribe link in the relevant communication or contacting us in the EEA at emea@chinacache.com and outside of the EEA at ccna-legal@chinacacheglobal.com.

Your Rights

EEA

If you are in the EEA, you have the following rights, which can be exercised free of charge:

  • Access. You have the right to request a copy of the personal information that we are processing about you. If you require additional copies, we may need to charge a reasonable fee;
  • Rectification. You have the right to require the correction of any mistake in the personal information, whether incomplete or inaccurate, that we hold about you;
  • Deletion. You have the right to require the erasure of personal information concerning you in certain situations, such as where we no longer need it or if you withdraw your consent (where applicable);
  • Portability. You have the right to receive the personal information concerning you that you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit that data to a third party in certain situations;
  • Objection. You have the right to (i) object at any time to the processing of your personal information for direct marketing purposes and (ii) object to our processing of your personal information where the legal ground of such processing is necessary for legitimate interests pursued by us or by a third party. We will then abide by your request unless we can demonstrate compelling legal grounds for the processing;
  • Restriction. You have the right to request that we restrict our processing of your personal information in certain circumstances, such as when you contest the accuracy of that personal information;
  • Withdrawal of consent. If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time. "Explicit consent" would be required if the Company relies on consent as the condition to lawfully process "special categories of personal data," as defined in the GDPR.

If you are in the UK and would like to receive further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

If you are in the EEA, you also have the right to lodge a complaint with the local data protection authority, such as the Information Commissioner's Office ("ICO") in the UK or la Commission Nationale de l'Informatique et des Libertés ("CNIL") in France, if you believe that we have not complied with applicable data protection laws, including the GDPR. Please click here for a list of local data protection authorities in the EEA countries.

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the personal information or where data may be exempt from disclosure due to professional secrecy obligations.

If you are in the EEA and would like to exercise any of those rights, please:

  • Email us at emea@chinacache.com;
  • Provide enough information to identify yourself (e.g., name, email address, etc.);
  • Provide proof of your identity and address (a copy of your driver’s license or passport and a recent utility or credit card bill); and
  • Provide the information to which your request relates.

EEA Standard Contractual Clauses

ChinaCache offers a Data Protection Addendum (to be added to agreements executed with Customers and/or suppliers) based on the European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data. A copy of our standard Data Processing Addendum, incorporating Model Clauses, is available here. Please contact us at emea@chinacache.com for a copy of information regarding our current subprocessors in the EEA.

Disclosures and Exchange of Information and Transfers Outside the EEA

We may disclose and exchange information amongst our affiliate companies and to our credit reference agencies, service providers, representatives and agents, as well as with law enforcement agencies and regulatory bodies for the above described reasons.

Information may be held at our offices and those of our group companies, and third party credit reference agencies, service providers, representatives and agents as described above. Information may be transferred internationally to China and other countries around the world, including those without data protection laws equivalent to those in the EEA, the UK, or the US for the reasons described above. We have security measures in place to seek to ensure that there is appropriate security for information we hold, including those measures detailed in our information security and data protection policies, which are available on request. International data transfers outside the European Economic Area are protected by Standard Contractual Clauses, as per GDPR article 46(2).

If you would like further information please contact our Data Protection Manager (see above). We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.

Notice to California Residents

In compliance with the California Civil Code Section 1798.83, residents of California are hereby notified that our website, our services and the appertaining personal data are safeguarded by us. Our users can obtain certain information about the personal data we may have access to, including disclosure thereof with third parties for direct marketing purposes (e.g. names and addresses of those third parties, types of services or products marketed thereby) (if we ever engage in such marketing).  We note that we do not currently provide any information regarding our Customer contacts to any third parties for the purposes of direct marketing. If you wish to request a copy of your information disclosure, please contact us via email at ccna-legal@chinacacheglobal.com.

California Online Privacy Protection Act

In compliance with CalOPPA, we have hereby posted this conspicuous Privacy Policy to the public, indicating the personal data being collected and the manner in which it may be disclosed and with whom. Accordingly, our users may visit our website using anonymous browsing, including anonymous browsing of this Privacy Policy as linked in our home page. We also comply with Privacy Policy change notification to our users, and provide mechanisms that allow our users to manage their personal data personal information.

The California Consumer Privacy Act (CCPA) of 2018 (Effective January 1, 2020)

The CCPA applies to us because we have annual revenues in excess of $25 million.  We do not sell or lease personal information to any party, and we do not provide personal information to any parties except as specifically detailed in this Privacy Policy.  Although we do not sell personal information, because the CCPA applies to us, we have included a “Right to Say No to Sale of Personal Information” link on the home page of our website that will direct you, if you are a California resident, to a web page enabling you, or someone you authorize, to opt out of the sale of your personal information (Cal. Civ. Code § 1798.102).

California residents may submit a data access request to us via email to ccna-legal@chinacacheglobal.com, or by contacting us at our toll free phone number: (866) 998-3399  (Cal. Civ. Code § 1798.130(a).

If you are a California resident, you may request that we delete any personal information about you that we have collected from you.  If you have not given us any personal information about you, there is no reason for you to contact us to request that we delete such information.  If you request that we delete such information about you, we will comply with applicable requirements regarding the deletion of such information. However, if you are a representative of one of our Customers or suppliers, you may need to provide us with the contact information of another representative of our Customer, or supplier as applicable, in order that we can perform our contractual commitments to our Customer, or supplier as applicable, and otherwise perform our Services and the functions detailed in this Policy.

Children's Privacy

WE DO NOT KNOWINGLY COLLECT PERSONAL INFORMATION OF CHILDREN UNDER 13. Protecting the privacy of young children is especially important. For that reason, we do not knowingly collect or maintain personally identifiable information from persons under 13 years–of–age. If we learn that personal information of persons less than 13–years–of–age has been collected on or through our website, then we will take the appropriate steps to delete this information. If you are the parent or legal guardian of a child under 13 who uses our website, then please contact us at ccna-legal@chinacacheglobal.com to have that child’s information deleted. The following are some resources that may help parents and legal guardians in monitoring and limiting their children’s access to certain types of material on the Internet. While we do not endorse these resources, we provide information about them as a public service to our community.

  • “OnGuard Online,” maintained by the Federal Trade Commission
  • WiredSafety
  • Netsmartz.org
  • The Child Safety Network
  • Control Kids
  • Cyber Sitter
  • Net Nanny

China Cybersecurity Law

In compliance with China Cybersecurity Law of 2017, you are hereby notified that we take appropriate measures to safeguard your personal information within Mainland China. We may collect and store your personal information (including, for example, your name, email address, phone numbers, and other contact related information) within the territory of the People’s Republic of China for direct marketing and communication purposes and for the purpose of providing our business services as more fully detailed in this Privacy Policy. By using our website and otherwise by contacting us, you consent to our collection and storage of your personal information for the purposes of communicating with you and of providing our business services as more fully detailed in this Privacy Policy. We hereby confirm that we do not sell or disclose your personal data to any third parties. You may request that we delete your personal data. You hereby consent to our transfer of your personal data to regions outside of China, which we may do as part of our effort to communicate with you and document your contact information among our affiliates, and provide our business services to you as more fully detailed in this Privacy Policy.

Security

We have implemented technical and organizational security measures in an effort to safeguard the personal information in our custody and control. Such measures include, for example, limiting access to personal information only to staff and authorized service providers on a need-to-know basis for the purposes described in this Privacy Policy, as well as other administrative, technical, and physical safeguards.

We endeavor to take all reasonable steps to protect your personal information, but cannot guarantee the security of any data you disclose online. Please note that email is not a secure medium and should not be used to send confidential or sensitive information. By providing information online, you accept the inherent security risks of providing information over the Internet and will not hold us responsible for any breach of security, unless it is due to our negligence or willful default.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Data Transfer

ChinaCache is an international Company comprised of multiple offices and affiliated entities in numerous jurisdictions. Details regarding our offices and affiliated entities can be found at the following link: https://en.chinacache.com/contact/. Your personal information may be transferred to or shared across our integrated computer networks with one or more of ChinaCache offices and our affiliated offices in the United States and other countries that may not be subject to data protection laws similar to those prevailing in the jurisdiction in which such information is provided to or received by us. However, all of our offices adhere to the same procedures with respect to your personal information, including this Privacy Policy.

It is necessary to transfer personal information from the United Kingdom or the EEA to a country outside the EEA (or to an international organization) in order to provide our affiliates with access to Customers' contact personal information to enable them to provide our services, wherever they are located, and for related purposes as set out in this Privacy Policy, including updates and enhancements to our records, analysis to help us manage our business, legal and regulatory compliance, the administration and management of the Company's global IT systems, and our other legitimate business interests.

While our offices in the United Kingdom are (currently) in the EEA, not all of our offices are in countries that have the same data protection laws as the United Kingdom and the EEA. When we transfer personal information from within the EEA to countries located outside the EEA (including the United Kingdom) that have not received an adequacy decision from the European Commission, including within ChinaCache offices and affiliated entities and with our service providers, we have implemented adequate safeguards to appropriately protect such transfer of personal information, including on the terms of a valid data transfer agreement incorporating the European Commission's standard contractual clauses or as permitted under applicable data protection laws. These safeguards are designed to protect your privacy rights and provide you with remedies in the unlikely event that your personal information is misused. You may ask for further information on the safeguards that we have put in place to safeguard the transfer of your personal information to countries outside of the EEA by contacting one of our Data Protection Officers as noted above.

Cookies

Our website uses certain tags, log files, web beacons, and similar tracking technologies from third parties (collectively, "cookies"), of which you should be aware. These mechanisms indirectly or passively collect certain information about your use and interaction with our Site and when you use our Services, as detailed below.

“Log Files”: When you visit our website, our systems automatically maintain web logs to record data about all visitors who use our website and stores this information in our database. These web logs may contain information about you including the following: IP address, type(s) of operating system(s) you use, type of device you use, date and time you visited the website, your activity and/or referring websites. We use your log information to troubleshoot problems, gather demographic information, and customize your experience when accessing our Site.

“Cookies and Other Technologies”: In addition, when you access our website or use our services, we may send one or more cookies (small text files containing a string of alphanumeric characters) to your computer. We may use both session cookies and persistent cookies to help optimize your experience or to protect video content. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Site(s). You can use your web browser “Help” file to modify your cookie settings. Our cookies may be linked to information that is considered to be PII. Our web pages contain electronic image requests (called a “single–pixel gif” or “web beacon” request) that allow us to count page views and to access cookies. Any electronic image viewed as part of a web page, including an ad banner, can act as a web beacon. Web beacons are typically 1–by–1 pixel files, but their presence can usually be seen within a browser by clicking on “View” and then on “Source.” We may also include web beacons in HTML–formatted newsletters that we send to opt–in subscribers in order to count how many newsletters have been read. Our web beacons do not collect, gather, monitor, or share any personally identifiable information about our website visitors. They are just the technique we use to compile anonymous information about website usage. Some of our business partners (e.g. analytics providers) use cookies and web beacons on our websites and for our services (collectively referred to as “tracking technologies”). We have no access to or control over these tracking technologies. This Policy covers the use of cookies by us only and does not cover the use of cookies by any third parties.  You can always configure your browser to refuse cookies and beacons. For more information, please visit www.allaboutcookies.com.

“Flash Cookies”: Flash cookies are similar to the cookies described above, and are created when you use your flash-based video player. Flash cookies are stored in your video player’s cache memory. Flash cookies may or may not be removed the same way that cookies are removed. Please review your video player’s “Help,” “Tools” and or “Options” files to learn more about the proper way to modify your Flash cookie settings. Our Flash cookies may be linked to personal information. Some of our business partners (e.g. advertisers) use Flash cookies and other tracking technologies on our site. We have no access to or control over these Flash cookies and other tracking technologies. This Policy covers the use of Flash cookies by us only, and does not cover the use of Flash cookies by any third parties. More information about Flash cookies is available on the Adobe website.

Other “Automatically Collected” Information: When you open one of our HTML emails, we may automatically record certain information from your system by using different types of tracking technology. This “automatically collected” information may include your IP address, a unique user ID, version of software installed, system type, screen resolutions, color capabilities, plug–ins, language settings, cookie preferences, search engine keywords, JavaScript enablement, the content and pages that you access on our website or through our services, and the dates and times that you visit, paths taken, and time spent on sites and pages.

Information Retention

We will only retain your personal information for as long as necessary for the purposes for which that information was collected as set out in this Privacy Policy or for longer as required under any applicable legal, regulatory, accounting, or reporting requirements. In general, your data will be stored for the duration of your relationship with us, plus 6 years.  Should you opt out or no longer wish to receive marketing messages from us, we will securely delete your personal information from the relevant mailing list(s).

Notification of Changes

We may occasionally update this Privacy Policy as our services and privacy practices change, or as required by applicable legal or regulatory requirements. Where it is practicable, we will notify you by email of any significant changes. However, the last update date is posted below, and we encourage you to review this Privacy Policy periodically to be informed of how we use your personal information.

Last updated: October 2019