Last Updated: April 27, 2020
Effective Date:May 9, 2020
Welcome to Check In (hereinafter referred to as this “Software”) and its services. This Software provides information services like check-in, statistics of check-in location distribution and so forth for all kinds of companies, enterprises and other entities (hereinafter referred to as “Entity”). This Software is provided or controlled by Beijing Feishu Technology Co., Ltd. (hereinafter referred to as “We” or “Feishu Technology”).
(2) When you use your [Feishu] account to log in or use this Software and its services, we will be authorized by you to collect your public information of registering/loging in [Feishu] (including but not limited to employee name, avatar, department organizational structure and so forth ) at the time of your first login, which allows you to directly use your [Feishu] account to log in and use this Software and relevant services. For those Personal Data that we require but [Feishu] can not provide, we will also ask them from you. If you refuse to provide us with such data, you may not be able to use this Software and relevant services.
(4) In order to provide you with the service, this Software needs you to provide some Personal Data. If you choose not to provide the data required by this Software or some functions, you will be unable to use this Software or such function. Likewise, if we need to collect Personal Data according to relevant laws and you do not provide such data, then we may have to suspend or cancel your right to use. We will notify you if the aforesaid situations occur.
(5) Geographical location, camera, and photo album (storage) permissions will not be turned on by default, and will only be used to implement specific functions or services with your express authorization. You can also change the scope of your consent or withdraw the authorization through the device operating system. After your withdrawal of the authorization, we will no longer collect the information related to these permissions. In particular, even if we have obtained these sensitive permissions with your authorization, we will not collect your information when it is not needed by the relevant functions or services.
After obtaining authorized consent from you and your employer, we will collect your Personal Data through [Feishu] or your employer, or also collect from you directly and process the same (e.g. during your use of this Software).
(II) Personal Data related to you provided to [Feishu] by your employer. When your employer opens an account for your use of [Feishu], your employer will provide [Feishu] with certain Personal Data related to you, including your user account name, avatar, your supervisor and so forth. Your employer may provide us with your additional Personal Data, or update your Personal Data provided to us during your use of this Software.
You agree and understand that, according to your employer’s representations and warranties, your employer has obtained your prior express authorization before providing your Personal Data to us, your Personal Data collected by your employer are limited to a scope that is necessary for achieving the purpose of this Agreement or any other agreement executed by and between your employer and us, and your employer has fully informed you of the purpose and scope of collecting your Personal Data and the intended use of your Personal Data collected by your employer. If you can not confirm the contents of the present clause, you shall stop using this service immediately and confirm with your employer the aforementioned matters. We will process your Personal Data as a data processor only as required by your employer and we may assume no legal liability for the collection or use by your employer of your Personal Data.
(III) Information we collect during your use of this Software. When you use this Software, we will automatically collect your IP address, unique identifier of device, Cookies (as defined below) and other tracking technologies, browsing records, time zone, area and language settings, model and settings of hardware, server log (including the access date and time), devices, operation system and application functions, App crashes as well as information of other system activities.
(IV) Check-in and information release. When you use this Software, we will ask you to authorize geographical location permissions and collect location information related to this Software. We will use such information to provide you with the location-based check-in and information publishing services. If you refuse to authorize the provision of accurate geographical location information, you will not be able to use the Software. When you use the function of uploading pictures to publish check-in details, we will ask you to authorize cameras and photo albums (storage) permissions; if you refuse to authorize the provision, you will not be able to use this function, but it will not affect your normal use of other functions of check-in service.
Although the majority of web browsers automatically accept Cookies, whether or not to accept specifically is up to you. You have the choice to accept or disable Cookies via consent. However, even without your consent, we may also store absolutely necessary Cookies which are required for the operation of this Software, including the Cookies enable you to log into the safe area of this Software. Cookies stored by us will expire upon your termination of the website session or after fifteen (15) days. Storage of the aforementioned absolutely necessary Cookies is an absolutely necessary condition for providing core services by this Software. If you do not consent to the relevant authorization, you will be unable to use any service of this Software.
We will use your information for the following purposes:
Check-in and information release based on geographical location
Geographical location (e.g., GPS information)
Add a member as an administrator, verify the accuracy of information and display of information
Name, avatar, department organizational structure and so forth
Provide basic functions and services of this Software and ensure the normal operation
Model of hardware, operation system and application functions, IP address, server log and so forth
Improve the communication efficiency and further communicate with you about your feedback related issues when you submit an issue through user feedback function
Contact number, email address
We will take reasonable and feasible measures to avoid collection of the Personal Data unrelated to the scope of purposes stated herein. To use your Personal Data beyond the scope of purposes stated herein and the directly or reasonably related scope, we will notify you and obtain your express consent in advance.
(I) Sharing and Transfer of Personal Data
1. We will not share with or transfer to any third party your Personal Data, unless we have obtained your prior authorization or consent, or the Personal Data to be shared or transferred are de-identified data and such third party is unable to re-identify the subject of such data.
2. The principles of sharing
We will follow the following principles when sharing your Personal Data:
Authorized Consent Principle: We will not share your Personal Data without your consent unless such Personal Data shared is de-identified and the third party acquiring such Personal Data is unable to re-identify its natural person subject. If the third party uses the Personal Data for a purpose beyond the scope of the original authorized consent, they need to re-obtain your consent.
Legitimacy and Minimum Necessity Principle: The shared Personal Data must have a legitimate purpose and must be limited to that necessary to achieve the purpose.
Security Prudence Principle: We will carefully assess the purpose of the third parties’ use of the shared Personal Data, conduct a comprehensive assessment of the security capabilities of these partners and require them to follow the cooperation legal agreements. We will carry out strict security monitoring of the software tool development package (SDK) and application program interface (API) of the partners for obtaining information to protect data security.
3. Share with authorized partners
In order to provide you with better, high-quality products and services, some of our services will be provided by authorized partners. We may share some of your Personal Data with our partners to provide better customer service and user experience. We will only share your Personal Data for legitimate, proper, necessary, specific and express purposes, and the scope of sharing will be limited to the Personal Data necessary to provide the service. At the same time, we will enter into strict confidentiality obligations with our partners and require them to process your Personal Data in accordance with our instructions, this Agreement and any other relevant confidentiality and security measures. Our partners do not have the right to use such shared Personal Data for any other purposes. If you refuse our partner to collect the Personal Data necessary to provide the service when providing the service, it may result in you being unable to use such third-party service.
4. Transfer of Personal Data in the case of merger, acquisition, or asset transfer
(II) Public Disclosure of Personal Data
(I) Location of storage
We will abide by the laws and regulations to store your Personal Data collected and generated during the operation within the People’s Republic of China (hereinafter referred to as “China”) in the territory of China. If we need to transfer any of such Personal Data overseas, we will follow the relevant laws and regulations or to obtain your consent.
(II) Period of retention
We will only preserve your Personal Data for a period as necessary for providing you with this Software and our services or as provided by relevant laws and regulations. Beyond such necessary period, we will delete or anonymize your Personal Data, unless otherwise stipulated by laws or regulations.
(I) We attach great importance to the security of your Personal Data. We have set up data security rules and regulations and implemented safety technical measures, so as to prevent your Personal Data from being accessed or modified without authorization, avoiding damage or loss of data. We adopt encryption techniques, such as Transport Layer Security Protocol and the like, for our network services, so as to ensure the security of your data in the process of network transmission.
(II) We adopt strict control over the data processing authority to avoid illegal use of data; we strengthen the security of Personal Data in the process of use by data desensitization means such as de-identification with mosaics and so forth; we store your Personal Data in an encrypted manner using the encryption techniques adopted widely in the industry, and isolate your Personal Data by data isolation techniques. For example, we have encrypted all data and information stored in our servers or on your terminal devices. We have been adopting and implementing such technical measures and organization and management methods all the while, and we may modify and improve the same from time to time so as to improve the overall security of the system.
(III) Although we have taken the abovementioned reasonable measures, and have abided by the standards required by relevant laws and regulations, you understand that, due to technical limitation and various potential malicious methods, it is impossible to maintain completely secure all the time in the internet industry even though one's ability is exhausted to enhance security measures. We will try our best to ensure the security of your Personal Data provided by you to us. You know and understand that any problem may occur in the system or communications network used by your access to our services due to any factor beyond our control. Therefore, we strongly suggest you take active measures, including but not limited to using complicated password, regularly changing the password, and avoiding disclosure of your Personal Data such as your account password and so forth to any other person, so as to protect the security of your Personal Data.
(IV) In case of any incident endangering network security, we will take corresponding remedial measures according to emergency response plan for internet security incident. If our physical facilities or technical safeguard measures are damaged, thus your Personal Data are disclosed, provided illegally, or misused, causing damage to your lawful rights and interests, we will bear corresponding liabilities in strict accordance with provisions of laws.
(V) After we know or are informed of any security incident of Personal Data in which your Personal Data is disclosed, provided illegally, or misused, we will notify you of the following within [ten (10)] days as required by laws and regulations: basic information about the security incident, possible influence of the security incident, the measures we have taken or will take, our suggestions on your possible preventive measures and risk reduction, and the remedial measures we may take for you and so forth. Relevant situations about the security incident will be sent to you by push notification at this Software. If it is difficult to notify each subject of Personal Data of relevant situations about the security incident, we will publish an announcement in reasonable and effective manner. In addition, we will report our treatment of the security incident of Personal Data to the competent regulatory authorities as required thereby.
Inform You of Your Rights When we Stop Operating
If we stop operating the services of this Software, we will promptly stop collecting your Personal Data and notify you of such cessation personally or by announcement. We will also delete or anonymize your Personal Data possessed by us according to applicable laws.
We will protect minors’ Personal Data according to relevant laws and regulations of the State, and will collect, use, store, share, transfer, or disclose a minor’s Personal Data only to the extent permitted by law or agreed expressly by a parent or any other guardian of such minor or where it is necessary to protect such minor. If we find that we have collected a minor’s Personal Data without the verifiable prior consent of such minor’s parent, we will try to delete relevant data as soon as possible.
In the event that you wish to object to, or make a complaint about, how we process your Personal Data, please contact us in first time at [email@example.com] and we will endeavour to deal with your request within  business day(s).
(II) The headings herein are inserted for convenience and ease of reading only, and shall in no way affect the meaning or interpretation of any provision hereof.
(III) Definitions of following terms used herein