Reminders:
Your trust is of great importance to us. We deeply understand the importance of personal information to you, and will take corresponding security measures in accordance with laws and regulations and strive to protect your personal information to keep it secure and under control. NOW, THEREFORE, We provides DingTalk products and services under Alibaba Group (“we” or “us”) and formulates this Privacy Policy (the “Policy”, which term includes any applicable country specific addendums) by reminding you that:
This Policy is applicable to DingTalk products and services, including DingTalk official website (dingtalk.com), DingTalk Open Platform (open.dingtalk.com), DingTalk APP Center (appcenter.dingtalk.com) ,DingTalk DRP platform (open-drp.dingtalk.com), DingTalk Community(club.dingding.xin), together with DingTalk App, DingTalk web version (im.dingtalk.com) and DingTalk smart hardware (such as DingTalk M2 Smart Receptionist, DingTalk M1 Smart Attendance Machine, DingTalk C1/C1B Smart Communication Center, DingTalk P1 Printer Box) and other third party service and/or hardware that integrating of certain DingTalk features/services (Collectively the “DingTalk Service” as then provided by DingTalk). If our Affiliates (refer to the Definition hereunder) use products or services provided by DingTalk for their own products or services but no separate privacy policy has been formulated, this Policy shall also apply to such products or It should be especially noted that, this Policy shall not apply to the services provided directly by other third parties through the foregoing DingTalk Services platform(collectively referred to as "Third Party Service"), such as the third party application service that you choose and use through the DingTalk APP Center, the AliPay service for payment, transfer, red envelopes and other related payment functions that you use through DingTalk Clients , the AliTranslation you choose to open translation function within the IM, etc. are the services delivered by third parties. Before choosing to use the Third Party Services, You should read and fully understand the Third Party Services’ product function, service agreement and privacy policy before choose and use the Third Party Services and you are also binding with the third party user agreements if there are any.services.
Please note that depending on the country where you are located while using the DingTalk products, there may be certain country specific addendums that may apply to you that form an integral part of this Privacy Policy.
Prior to the use of DingTalk products or services, please carefully read and thoroughly understand this Policy and confirm that you have fully understood and agreed to this Policy before using relevant products or services. Your use of DingTalk products or services shall be deemed as you have fully understood and agreed to this Policy.
If you have any questions, comments or suggestions on the content of this Policy, you may contact us via [DingTalk APP-Me-Customer Services-Online Consultation] or [7*12 hours customer service hotline (+86-0571-88157808)].
Part 1 Definitions
1. DingTalk Service Providers: means DingTalk (China) Information Technology Co., Ltd., DingTalk (Singapore) Private Limited and DingTalk Technology Co., Ltd. who conduct research over, develop and provide DingTalk products and services, collectively named as "DingTalk Company”, “DingTalk or “us”.
2. Affiliate mean any affiliate of DingTalk Service Providers as disclosed by Alibaba Group Holding Limited in its latest annual report. For details please visit http://www.alibabagroup.com/cn/ir/secfilings.
Affiliate:mean any affiliate of DingTalk Service Providers as disclosed by Alibaba Group Holding Limited in its latest annual report. For details, please click here or visit http://www.alibabagroup.com/cn/ir/secfilings.
3. DingTalk Enterprise/Organization User: It refers to the register, management and use of DingTalk Service on behalf of an enterprise/organization by its legal representative or its appointed or authorized administrator and to establish an organizational structure through DingTalk management platform. DingTalk enterprises/organization users are include but are not limited to legal persons, government agencies, other organizations, partnerships or individual businesses.
4. DingTalk Enterprise/Organizational Administrator: means individual DingTalk Users who are authorized or designated by the DingTalk Enterprise/Organizational User and have the operational authority on behalf of the DingTalk Enterprise/ Organizational User to open, manage and use of the DingTalk Service.
5. DingTalk Personal User: refers to the individual DingTak user who registers a DingTalk account, which including DingTalk Enterprise/Organizational Administrator and who does not have the operational authority on behalf of DingTalk enterprise/organizational users hereinafter referred to as "You".
6. Personal Information: means all information electronically or otherwise recorded that can be used to identify a natural person or reflect his/her activities, whether on its own or in combination with other information.
7. Sensitive Personal Information: refers to the personal information that may endanger personal and property safety, easily lead to personal reputation, physical and mental health damage or discriminatory treatment once it is leaked, illegally provided or abused. Personal sensitive information of DingTalk Service includes without limitation personal ID number, mobile phone number, personal biometric information, bank account number, financial situation, whereabouts, transaction information, and personal information of children under 14 years, etc..
8. Personal Information Deletion: means the removal of Personal Information from the systems as involved in daily business operations so as to keep such information irretrievable and inaccessible.
9. Personal information anonymity: means the process of processing personal information, which makes the subject of personal information unrecognizable and the processed information unrecognizable.
10. Personal Information Controller: An organization or individual with the right to determine the purpose, manner, etc. of personal information processing. Some of the personal information controllers in this agreement refers to DingTalk enterprise/organization users.
Part 2 Legal Statement
I. Ownership of Rights
DingTalk logo, “钉钉”, “钉三多”, “DingTalk”, “Ding” and other texts, graphs and combination thereof, other marks and symbols of DingTalk and DingTalk service names are the registered trademarks of DingTalk and its Affiliates in China and other countries. Without the written authorization of DingTalk, no one may display, use or otherwise process (including without limitation reproduce, disseminate, show, mirror, upload and download) any of the said trademarks in any way or represent to others that he/she/it has the right to display, use or otherwise process any of the said trademarks.
The intellectual property rights in all of DingTalk’s products, services, technologies and all applications or their components/features/name (“Technical Services”) shall vest in DingTalk Company or their right owners.
Unless otherwise stated by DingTalk, all rights (including but not limited to copyright, trademark right, patent right, trade secret and any other related rights) in, of and to all documents and other information (including but not limited to texts, graphs, pictures, photos, audios, videos, icons, colors, layout and electronic documents) published by DingTalk on websites are vested in DingTalk Company. Without the permission of DingTalk, no one may use the said information (including but not limited to monitor, reproduce, rebroadcast, display, mirror, upload and download any contents in Aliyun.com via programs or devices). Where any one is authorized to browse, reproduce, print or disseminate the information relating to DingTalk products and services, such information shall not be used for commercial purposes and this statement of rights must be included in use of all information or any portion thereof.
II. Limitation of Liability
Where DingTalk users upload, provide or publish relevant information on or in DingTalk App, DingTalk official website, forums, communities and open platforms, including but not limited to user name, company name, contact person and contact details, relevant pictures and information, such information shall be provided by DingTalk users on their own and DingTalk users must legally assume all liabilities for any information they provide.
DingTalk reposts works (including contents on forums) for the purpose of distributing information and better service DingTalk individual users and enterprise/organization users, which does not mean that DingTalk agrees with the viewpoints in the works or confirms the authenticity of the contents of the works.
DingTalk hereby reminds you that you shall abide by laws of the People’s Republic of China and all other applicable domestic laws in the countries in using DingTalk’s products and services, and you shall not endanger cyber security or utilize DingTalk products and services to engage in activities that infringe upon others’ reputation right, privacy, intellectual property rights or other legitimate interests. Notwithstanding such reminders, DingTalk will assume no liability for your purposes of using DingTalk products and services.
III. Protection of Intellectual Property
We respect intellectual property rights and oppose and combat any infringement upon intellectual property rights. If any organization or individual deems that each and any product, service, content delivered by DingTalk Service and/or Third Party Service may infringe upon its/his/her legitimate interests, such organization or individual may issue a written notice of claims with preliminary supporting documents and in either of the following ways and DingTalk will deal with the same as soon as possible in accordance with laws after receipt of applicable notice from the intellectual property right owner:
Attention: DingTalk User Operation Center
Address: Building No.5, DingTalk Park, 959 Gao Jiao Road, Wuchang Street, Yuhang
District, Hangzhou, China, 311100
Email: dingtalkteam@alibaba-inc.com
Part 3 Privacy Policy
This part will help you understand the followings:
- How we collect and use your Personal Information
- How we use Cookie or the like
- How we share, transfer and disclose your Personal Information
- How we protect your Personal Information
- How we process Personal Information of minors
- How we store and transfer Personal Information outside your country
- How we update this Policy
- How to contact us
I. How we collect and use your Personal Information
(I) How we collect your information
In order to provide DingTalk Service to You and DingTalk Enterprise/organization Users, to maintain the normal operation of DingTalk Service, improve and optimize our service experience and ensure your account security, we will collect information that you actively provide, authorize or provide based on the requirements of your company/organization, together with information generated when You use DingTalk Service and based on the following purposes and methods of this Policy:
1. Register as a DingTalk user
To register as a DingTalk user so that we are able to provide you with DingTalk basic services such as instant messaging, video conference, VOIP , DING Message and creation of organizational structure as a DingTalk enterprise/organization user with other functions for communication,You are required to provide your cellphone number together with the message authentication code to create a DingTalk account, and with your name, profile photo, nick name, gender, date of birth, the place of you job, company email and other basic information. You are not required to register to be our member or provide the above information if you only use such basic services as browsing and searching the DingTalk official website and DingTalk open platform for services and the introduction thereof.
After registered as a DingTalk user, you may modify your Personal Information such as nickname, phone number, date of birth and region via [DingTalk APP-Me-click name or profile picture].
When your enterprise/organization deregister its DingTalk Enterprise/organizational account, we will anonymize or delete your Personal Information relating to the enterprise/organization while your Personal Information as a separate individual DingTalk user will be maintained in case you are still using DingTalk; otherwise, should you deregister your individual DingTalk account, We will anonymize or delete your Personal Information pursuant to applicable laws and regulations.
You may refer to the latest version of DingTalk APP for deregistration of DingTalk account within DingTalk clients via [DingTalk APP-Me-Settings-Account and Security-Delete DingTalk Account] and its further process therewith.
2. Collect information in the process of using DingTalk Service
When You are using DingTalk Service, in order to provide You with more and better compatible hardware and/or software services, interactive design, search results and to identification of account abnormal status, maintain the normal operation of DingTalk Service, improve and optimize your experience of DingTalk Service and ensure your account security, we will collect your information and may connect these information:
1)Use information:We will collect the information you submitted or generated when using DingTalk Service as an individual DingTalk user and as an end user of a DingTalk enterprise/organization user. For example, If you need us recommend your friends and colleagues who has registered DingTalk account from your mobile phone contacts so that you can add DingTalk friends or colleagues easily, you need to authorize us to access and collect your mobile phone contacts information; if you choose to open the DingTalk job hunter service, you need to provide further information about your school roll information (name of school, highest degree, major), personal email, personal photos, etc.), video resume and other information and You agree us to verify your information through a third party certification service; if you want to use the DingTalk stream video function as a host, you need to provide your ID number or complete the real person authentication by the means face scanning.
2)Device information: On the basis of the specific authorizations granted by you in installation and use of the software, we will receive and record information relating to the device used by you (e.g., device model, operating system version, device settings, unique device identifier and other information of software and hardware features) and the location of such device (e.g., IP address, GPS/Beidou location infomation, and any Wi-Fi access point, Bluetooth, base station and other sensor information).
3)Log information: When you use products or services provided by our website or client, we will automatically collect detailed information relating to your use of our services and save them as network logs, such as your searches, IP addresses, types of browsers, telecommunication service providers, languages, visit dates and times, web pages visited by you, and status of the call by applying Dingtalk conference call and/or Voice message, etc.
Please note that the device information or log information alone is not sufficient to identify a certain natural person. If we combine such non-Personal Information with other information to identify certain natural person, or use the same in combination with Personal Information, then such non-Personal Information will be deemed as Personal Information during such combination, and we will anonymize and de-identify such Personal Information unless with your authorization or it is otherwise provided by laws and regulations.
If you choose to open and manage the DingTalk Service as the administrator of the enterprise/organizational user, we will collect the information and data submitted or generated by You upon the management by your enterprise/organization in the process of using DingTalk functions/applications (hereinafter referred to as "Enterprise Control Data"). The enterprise control data may include:
1) The position, subordinate department, main business, office mailbox account, office telephone and other information assigned to you by your organization, as well as the fingerprint map and feature, face recognition feature, face photo and geographical location and other personal information that you are required to provide or produce in order to complete the daily operation and management of the enterprise/organization, together with attendance information, approval records, journal information, calendar information, file information stored in the DingTalk Disk, etc.
2) Your transaction information when using DingTalk Service or choose and purchase third-party application service so as to show you and facilitate your order management. For example, we will collect your transaction information if You as an DingTalk administrator in the APP Center, to buy third-party applications service.
3) If the administrator of your enterprise chooses to open, manage and use the DingTalk unified contacts function by uploading organizational Structure, DingTalk smart work service and other digital networking service, you may need to provide your personal information of information assign by you company/organization as required by your company/organization, such as your identity information (name, identity card information, etc.), enterprise position information (department, position, grade), and the status letter of labor contract, your business and personal contact information (mobile phone, fixed telephone, mailbox), business and personal contact address (home address, office address), educational background information (school, profession, education), payroll bank card information, emergency contact information and/or external business contact card information, etc.
4) Other data submitted by enterprise/organization users that contains your personal information, such as organization contacts (including job information, contact information, personal identity information of end users to an enterprise/organization, etc.)
You understand and agree that the enterprise/organization user are the date controller and/ or personal information controller of the above-mentioned Enterprise Control Data. The DingTalk Company only opens, manages and uses the DingTalk Services to process your personal information/data according to the choice of the enterprise/organization administrator on behalf of the DingTalk enterprise/organization user. Before uploading organization contacts, requiring end user to submit personal information and external business contact information, the enterprise/organization user and its administrator shall ensure that they have obtained explicit consent of individual users in advance, and only collect the necessary end-user information for the purpose of enterprise/organization operation and management, and have been fully informed the purpose, scope and usage of end-user related data as collected.
3 Information provided by you
When you contact us, we might keep the history and content of your communication/call or contact information given by you so as to contact you or help you solve problems, and might record solutions and results of relevant problems.
In the process of using DingTalk Service, you may actively contact us to give feedback on the experience of DingTalk products and services, help us better understand your experience and needs of using and improving our products or services, and we may record your contact information, your question and suggestion, etc. so that we may get back to you with our further feedbacks.
You can provide or order services for others through DingTalk Service and thus information of relevant personnel may be collected. Such as if you submit the enterprise/organization user for DingTalk enterprise/organization authentication process, in addition to submitting organizational documents such as enterprise name and business license certificate, you also need to submit the name and identity information of administrator and legal representative. You understand and agree that you need to ensure that you have obtained the authorization of the person concerned before providing us with the aforementioned personal information. If the aforementioned individual does not agree, we will not be held liable to the infringement of that personal information if any.
4. Information collected when using customized services
In order to provide you with better, more customized services, such as providing more customized services but with consistent experience in different service terminals or devices, and with input recommendations, customers service reception or information push that better meet your needs, and to understand product fitness, and identify abnormalities of accounts, such as DingTalk Streamline Mode service or to explore latest DingTalk services, we will collect information relating to your use of services, including device information, log, service use information. When you make certain operations (e.g., adding friends to your groups/organization) by using DingTalk services, we might send notices to you or others.
5. Information provided by third parties to us
We will collect your personal information when any other user makes any operation related to you, and from DingTalk’s Affiliates, partners or other lawful channels. For example, in order to protect your legitimate rights and interests, to guard against fraud, gambling and other risks and maintain DingTalk Services and pay related functions of safe and stable operation, we need to obtain the user identification information of the payment account you actually use from the third party payment institution.
If you are using iPhone or iPad, when you enable DingTalk Sport, you agree that we will request and receive your step information from Apple's HealthKit via DingTalk, otherwise you will not be able to use DingTalk Sport. Without your consent, we will not share your step information DingTalk received from Apple's HealthKit with any third party, including any advertisers and any other agents, and will not use HealthKit information for marketing, advertising and similar companies.
6. Provide safeguards for you
To prevent, identify and investigate in any fraud, infringement, dangerous act, illegal act or act in violation of our or our Affiliates’ agreements, policies or rules, we may collect or integrate your personal information, service use information, device information, log information and information shared by our Affiliates, information by partners with your authorization or shared information in accordance with laws and regulations.
7. Information collected with other purposes
When we collect your information for any other specific purpose not specified herein, we will obtain your consent in advance.
You understand and agree that the functionality and service scenarios we provide to you are constantly updated iteratively. If we do not specify the personal information we need to collect in the above scenarios, we will show you the content, scope and purpose of the information collection separately through page prompts, interaction design and so on and to obtain your explicit consent.
The purpose for DingTalk to collect and use the aforesaid information is to better operate the DingTalk products and services (including but not limited to provide customized service to you), and we will notify you with a notice on DingTalk Official website, via email, by phone call or short message or otherwise. However we will not view or use your business data while you are applying the Dingtalk Service, such as cloud storage, Dingtalk email Dingtalk phone call and/or IM function, etc.
If we stop operating DingTalk Services and any function thereof, we will timely stop collecting your Personal Information, and send you a 30 days prior notice of that and delete or anonymize your personal information held by us in accordance with applicable laws and regulations.
(II) How we use your information
We collect your information for the purpose of providing you with services and improving the service quality. Therefore, we will use your information for the following purposes:
- Provide you with DingTalk Services you intend to use, and maintain, improve and optimize these services and experience with these services;
- To prevent, identify and investigate in any fraud, infringement, dangerous act, illegal act or act in violation of our or our Affiliates’ agreements, policies or rules, and protect your, our, our Affiliates’, the others’ or the public’s lawful interests, we may use or integrate your user information, service use information, device information, log information and information shared by our Affiliates or partners with your authorization or as required by laws, in order to comprehensively assess the risks faced by your account and in your transaction, carry out authentication of your identity, monitor and prevent security event and take necessary recording, audit, analysis and handling measures according to laws;
- We may process your information or combine your information with information from other services in order to provide more customized service to you, such as to recommend you any contents which you may be interested in, including but not limited to send product, service and commercial activity information to you, or display personalized third-party promotional information to you through the system, or subject to your consent, share information with our partners so that they may send information about their products and services to you;
- Any other purpose as permitted by you.
II. How we use Cookie or the like
To provide you with better user experience, when you use DingTalk products or services, we may collect and store data relevant with your visit to DingTalk service by employing various technologies. In this way, when you visit or revisit DingTalk service, we will be able to identify you and provide better and more services to you through analyzing the data. This will include verifying your identity through small data files, so that we will be able to understand your habits and help you avoid repeated input of account information or help assess the security of your account. These data files may be Cookie, Flash Cookie or other local storage provided by your browser or relevant applications (collectively, “Cookie”).
Please understand that some of our services are only available through use of “Cookie”. If permitted by your browser or additional browser services, you may change your acceptance level to Cookie or reject Cookie of DingTalk, but under certain circumstances, such rejection may render you unable to use certain functions of DingTalk which rely on Cookie.
Some electronic images (“Single Pixel GIF” or “Web Beacon") are sometimes included in web pages, which may help a website to calculate the number of users who browse the web pages or access certain Cookies. We will use Web Beacon to collect information on your browsing of web pages, such as the web page address you are visiting, the reference page address you previously visited, the duration of your stay on a web page, your browsing environment and display settings.
III. How we share, transfer and disclose your Personal Information
(I) Share
We will not share your Personal Information with companies, organizations or individuals other than DingTalk Service Providers, except in the following circumstances:
- Sharing with explicit consent: We will share your Personal Information with other parties with your explicit consent;
- Sharing as required by laws: We may share your Personal Information as required by laws, regulations, litigation, dispute resolution, or by administrative or judicial authority in accordance with laws;
- The products and services you request may only be provided with disclosure of your information, For example:
1) when you apply the Alipay function within DingTalk Service by wallet, money payment, receiving and transfer. You understand and agree that we may provide your personal basic information (UserID, profile photo, nickname, etc.) and identity information (name) for opening or binding Alipay account; you also agree DingTalk to obtain the Alipay account information (including nickname, head and account name) bound by DingTalk account, otherwise you will not be able to use payment, transfer, red envelopes and other related functions. When you use Alipay's payment related services, you need to read and abide by the Alipay service agreement, Alipay privacy policy and other agreements and rules thereof.
2) if you use the Ali Translation function in IM chat, you agree that the translation service provider to obtain your IM chat content and use it only limit to the realization of service so that the translation service can be realized according to the language you choose. When you use Ali Translation services, except for abiding this Policy, you need to read and abide by the Ali Translation User Agreement and other agreements and rules if any.
3) if you choose to open, manage and use third-party application services through the DingTalk APP Center as an administrator user, you agree to provide the third-party application service provider with the basic personal information (UserID, avatar, nickname, etc.) and basic rights of end-users of your enterprise/ organization, otherwise you cannot use third-party application services. Before choose and using the third-party application services, You need to read and fully understand and comply with the product functions, service agreement and privacy policies.
4) regarding facial recognition service, such as real person verification, log in with facial recognition, unlock with facial recognition, are provided by DingTalk’s affiliate of Beijing Ant Zoloz Technology Co., Ltd (“Ant Zoloz”). In order to facilitate your use of facial recognition services provided by Zorro in different scenarios and applications and to improve the accuracy and security of face recognition, Ant Zoloz will keep your facial feature information comply with Ant Financial Group privacy policy. In order to improve the accuracy of real person verification and certification, you agree Ant Zorro to compare your facial feature information with your face information connected/controlled by authorized organizations and/or government organs when necessary, otherwise you may not apply the facial recognition service.
- When a complaint is made by others against you of infringing upon intellectual property rights or other lawful interests, we need to disclose your information as necessary to the complainer for settlement of complaint;
- 5. In order to facilitate you and your friends in your address book to find each other, after you enable “matching the address book” function, the system will match the corresponding attribute code after processing the cellphone numbers in your address book with strong encryption algorithm and display matching users to you. DingTalk will not retain any identifiable information in your address book. The data of cellphone numbers in your address book used in this process will be processed with strong encryption algorithm and the match will be conducted through processed attribute code.
- Sharing with our Affiliates: In order to facilitate joint service on the basis of connected account, recommend the information that you may be interested in or protect personal and property safety of the Affiliates of DingTalk, other users or the public, your Personal Information may be shared with our Affiliates. We will only share necessary Personal Information (for example, in order to facilitate your use of the products or services of our Affiliate with your DingTalk account, we will share your necessary account information with such Affiliate) and if we intend to share your Sensitive Personal Information or the Affiliate changes the purpose of using and processing Personal Information, we will obtain your authorization and consent again.
- Sharing with authorized partners: Certain services of ours will be jointly provided together with our authorized partners solely for the purposes stated herein. We may share certain Personal Information of yours with our partners to provide better customer service and user experience.For example, when you purchase products on the website online, we have to share your Personal Information with logistics service providers to arrange delivery of such products, or we have to share your personal information to arrange with our partner to provide service. We will only share your Personal Information for lawful, proper, necessary, specific and explicit purpose to the extent required for providing the services. Our partners have no right to use the shared Personal Information for any other purpose irrelevant with products or services, except to have your explicit consent.
DingTalk services contain links to other websites. Except for otherwise stipulated by laws, DingTalk shall not be liable in any way for the privacy protection measures of those websites. We may add links to the websites of our business partners or shared brands when necessary, and the information provided shall be limited to general information and we will not disclose your personal information.
(II) Transfer
We will not transfer your Personal Information to any company, organization or individual, except in the following circumstances:
- Transfer with explicit consent: We will transfer your Personal Information to other parties with your explicit consent;
- In case of any acquisition, merger or insolvency liquidation, or other circumstances involving merger, acquisition or insolvency liquidation, of DingTalk Service Providers, if transfer of Personal Information is involved, we will require the new company, organization or individual in possession of your Personal Information to continue to be bound by this Policy, or we will require such company, organization and individual to obtain your authorization and consent again.
(III) Public disclosure
We will disclose your Personal Information to the public only under the following circumstances:
- We may disclose your Personal Information to the public with your explicit consent or at your voluntary option;
- 2. If we determine that you have violated laws and regulations, or have a material breach of the agreements with or regulations of DingTalk, or we intend to protect DingTalk’s and its Affiliates’ users or the general public from damages to their personal and property safety, we may disclose your Personal Information in accordance with laws and regulations, or the agreements with and regulations of DingTalk after obtaining your consent, including the relevant violation and measures taken by DingTalk against you.
(IV) Exceptions to obtaining prior authorization and consent for sharing, transferring and disclosing Personal Information
Unless otherwise stated in a country specific addendum, your Personal Information may be shared, transferred or disclosed to the public without your authorization and consent under the following circumstances:
- National safety and national defense security are involved;
- Public security, public health, or major public interests are involved;
- Criminal investigation, prosecution, judgment and enforcement are involved;
- For the purpose of protecting your or other individual’s life, property and other major lawful rights and interests, where it is hard to obtain your or such individual’s prior consent;
- The Personal Information is disclosed voluntarily by you to the public;;
- The Personal Information is collected from the information disclosed through lawful channels, such as lawful news reports or information disclosure by government.
Please be noted that pursuant to laws, sharing and transfer of anonymized data which cannot be recovered by the recipient to re-identify the subjects of such personal information does not constitute sharing, transfer and disclosure of personal information to the public, and therefore it may be stored and processed without notice to you and without your consent.
IV. How we protect your Personal Information
We will take various precautions to protect your Personal Information so as to safeguard your Personal Information from loss, misappropriation and misuse, and from being accessed, disclosed, modified or destroyed without permission. In order to ensure the safety of your Personal Information, we have established strict information security provisions and procedures, and have a professional information security team to implement the above precautions within the company.
DingTalk has established an industry-leading data security management system which centers on data and is implemented based on data life cycle, and has made efforts to improve the security of the entire system from multiple aspects, including organizational structure, system design, personnel management and product technology. Currently, our key information system has passed various certifications such as ISO27001,ISO27018,SOC 2 Type 1 authentication and network security level III protection authentication.
We will take reasonable and practical measures to avoid collecting irrelevant Personal Information to the maximum extent. We will retain your Personal Information only for the period necessary to achieve the purposes set forth in this Policy, unless it is necessary to prolong the retention period or permitted by law.
Upon occurrence of any Personal Information security incident, we will, in accordance with the requirements of laws and regulations and within the period of 30 calendar days, notify you of the basic information and possible influence of such security incident, handling measures we have taken or will take, suggestions on how you may prevent and reduce risks on your own, and remedies to be taken for you. We will notify you of the relevant information of such incident through email, letter, phone, and push notification. If it is difficult to notify each Personal Information subject one by one, we will publish announcement in a reasonable and effective manner. In addition, we will also report the handling of Personal Information security incident according to the requirements of regulatory authorities.
Given the fact that Internet environment is not completely secure, although we have those security measures in place, please bear in mind that there is no “perfect security measure” on the Internet, and we will use our best efforts to ensure the security of your information.
V. Protection of minors
We attach great importance to the protection of information of minors. If you are a minor, we suggest that you ask your parents or guardian to read this Policy carefully, and to use our DingTalk Services with the consent of your parents or guardian or provide us your parent or guardian’s consent information. and to the collecting of minors personal information who is using DingTalk Service with the consent of his/her parents or guardian, We will only use, share, transfer or disclose that personal information subject to laws and regulations and explicit consent by his/her parents or guardians and we will protect the personal information of minors in accordance with relevant national laws and regulations and this Policy.
VI. How we store and transfer Personal Information outside your country
Your Personal Information collected by our operating of DingTalk Service within P.R.China shall be stored at DingTalk servers locate within mainland China, and your Personal Information collected from overseas DingTalk user by using DingTalk shall be transferred back to and stored at DingTalk servers locate at Singapore, your understand and consent to such transfer or otherwise you cannot use the DingTalk products and service we applied. Under this circumstance, we undertake to protect your personal information with same industry level of security.
VII. How we update this Policy
Our Policy may change from time to time. Without your explicit consent, we will not reduce and/or restrict the rights you are entitled to under this Policy. We will publish any change to this Policy on DingTalk official website at www.dingtalk.com and, if changes are significant, prominent, we will also provide a more prominent notice (including using DingTalk to collect opinions and make publicity, or by providing you notice with popup window within DingTalk official website).
Significant changes to this Policy are included but not limited to the follows:
- our service pattern changes greatly, such as the purpose of dealing with DingTalk user’s Personal Information, information processing method, etc.;
- our control and organization structure changed greatly, such as the business adjustment, bankruptcy, merger and acquisition, etc.;
- our DingTalk user’s Personal Information sharing, transfer or public disclosure main target change;
- our internal department charging the security, its contact information, and complaints channels change;
- any DingTalk user information security impact assessment indicates that there is a high risk.
VIII. How to contact us
If you have any questions or concerns about this Policy and/or data processing of DingTalk, you may contact us via [Mobile APP-Me- Customer Services-Online Consultation] or [7*12 hours customer service hotline (+86-0571-88157808)], or we can be reached within following contact:
- DingTalk (China) Information Technology Co., Ltd.
- Addressee: DingTalk Data Protection Office
- Address: No. 5 Building, DingTalk Park, No. 959 Gaojiao Road, Yuhang District, Hangzhou, Zhejiang, China, 311100.
- Email: dingtalkteam@alibaba-inc.com
Generally, we will revert to you upon the receipt of your query and verify within thirty (30) calendar day.
Should you have any complaint to our feedback, especially you thought that our collecting of your Personal Information may infringe your legitimate rights, you may bring a lawsuit against us at the jurisdiction of People’s Court of Yuhang District for disputes resolution, if any.
Last updated on:March 21, 2019