WeWork Greater China Personal Information Processing Policy
Effective Date: July 24, 2024
Welcome to use products and services of WeWork GC (as defined below). We know the importance of personal information to you, and we appreciate your trust that we will do so carefully and sensibly. We are committed to protect your Personal Information in accordance with the requirements of the laws and regulations and with reference to market practices. Therefore, WeWork GC (or “We”) formulate this Personal Information Processing Policy (“Policy” or “Personal Information Processing Policy”) to help you understand during your usage of products and services of WeWork GC (“WeWork GC Service(s)”, “Service(s)”or “Our Service(s)”), how we collect, use, share, store and protect your Personal Information, and how you will manage your Personal Information. If you have any question, doubt and complaint about WeWork GC, please contact the Personal Information team in the following way and we will reply within reasonable time period.
Before you start to use Our Services, please read carefully and understand this Policy. We kindly remind you to pay extra attention to these terms in bold/bold underline to ensure that you fully understand and agree to it before you start using it. By using Our Services, you are consenting to the practices described in this Personal Information Processing Policy. For the professional terms in this Policy, we try our best to explain it to you in a concise and common way to facilitate your understanding.
This Policy does not apply to products and services provided to you by other third parties, nor does it apply to products and services for which WeWork has independently set up statements and personal information processing policies. When you use third party products or services through the Services provided by WeWork GC, your information may be used according to the third parties’ policies. We strongly recommend that you read and understand the third party’s privacy policy before you accept their service (especially services related to Personal Information). If you use WeWork product and service out of PRC, please refer to WeWork Global Personal Information Processing Policy.
This Personal Information Processing Policy will help you understand the following information:
1. Definitions
2. How We Collect and Use Your Information?
3. How We Use Cookie and Similar Technologies?
4. How We Share, Transmit and Disclose Your Personal Information?
5. How We Protect and Retain Your Information?
6. How Will You Manage Your Information?
7. How We Process Information of Children?
8. Changes to This Policy in The Future
9. Suggestions and Complaints
10. How to Contact with us?
Appendix:
1. Instructions for Connecting Third-Party SDK to WeWork GC App
2. WeWork GC Vendor Personal Information Processing Policy
1. Definitions
WeWork GC: refers to website of www.wework.tw (“WeWork GC Official Site”, domain name: www. wework.tw) and WeWork GC App (“WeWork GC App”).
WeWork GC Service Providers: include
1) WeWork GC Official Site and WeWork GC App Service Provider: WeWork Commercial Service (Shanghai) Co., Ltd.;
2) Office building service providers: Red Snapper Co-Work Space Management (Shanghai) Co., Ltd. and other affiliated company in charge of office management, operation, maintenance and other service.
In order to provide WeWork GC Services to you, the foregoing WeWork GC Service Providers share and jointly process your information. Please note that your Personal Information will not be shared and jointly processed by all workspace service providers. Subject to the purpose specified herein, we will share with necessary and limited affiliated companies in order to provide workspace service to you.
Affiliated company: Affiliated company refers to any company, organization, and the legal successors of the aforementioned company or organization that WeWork GC service provider currently or will control, controlled, or under common control with. Control means (1) directly or indirectly holding more than half of the voting rights; or (2) directly or indirectly enjoying more than half of the distributable profits; or (3) directly or indirectly controlling the composition of more than half of the board of directors; or (4) directly or indirectly hold half of the registered capital.
Personal Information. “Personal Information” is data that relates to you and can — either on its own or in combination with other information — identify you as an individual. Personal Information does not include data that has been aggregated or made anonymous such that you can no longer be identified using means reasonably available to us.
Sensitive Personal Information. “Sensitive Personal Information” includes the email address and contents of message (when using Services), personal telephone number, facial photograph, identity certificate or certificates issued by the government, property information (including bank account information), your track, premise geolocation information and accommodation information, online identification information, account, password, and answers to password protection questions; and website browse record and personal information of minors and children below 14 years old (“Children”).
References to “you.” In this Policy, “you” means anyone who uses our websites, applications, or other Services. If you are an employee or applicant, the WeWork Privacy Policy for People Data explains how we use Personal Information in the context of our employment relationship with you. If you are an employee or applicant that uses our Services, this Policy explains how we treat your Personal Information in the context of your use of our Services.
2. How We Collect and Use Your Information?
When you use Our Services, the scenarios in which you need to/may choose to authorize us to collect and use Personal Information include:
(1) In order to provide you with basic functions of Our Services, you need to authorize us to collect and use necessary information. If you refuse to provide foregoing necessary information, you cannot normally use Our Services;
(2) In order to provide you with the extended functions of Our Services, you may choose to authorize us to collect and use the information. If you refuse to provide the foregoing information, you will be unable to use relevant extended functions or unable to realize the intended results of functions, but it will not affect your usage of basic functions of Our Services.
I. Scenarios in which you need to authorize us to collect and use Personal Information
We will comply with the principle of properness, lawfulness, necessity, transparency and quality in connection with collection and usage of your Personal Information for the purposes specified below.
i. Help you become our user
In order to comply with laws and regulations and provide Services, when you register to become user of WeWork GC, you at least need to provide mobile phone number to create WeWork GC account and perfect relevant online identification information (such as avatar, nickname or name and login password). If you are an individual member of WeWork, you need to provide us with your email address so that we may connect you and your company which is a member to WeWork and you may use the company account to purchase relevant Services. If you only need to use the browse and search functions, you may visit WeWork GC Official Site and do not need to register as our user to obtain foregoing information.
When providing account information, if you are willing to additionally supplement the following information, it will help us provide you with service: information including your gender, title, personal profile, social media account (facebook, twitter, linkedin, wechat) and skills. If you do not provide such information, it will not affect your usage of basic functions of WeWork GC Service.
ii. Complete the registration of WeWork workspace access
If you need to bind the account with access card and use access card to access our workspace, in order to maintain the safety of our workspace and comply with applicable laws and regulations, you need to provide a facial photo and identity certificate number for real-name verification. We will not store your identity certificate number. In order to provide you with a better workspace access experience, we have provided a facial recognition door opening feature in some applicable workspace. If you choose to use the facial recognition door opening function according to your wishes, we will collect, store and use your facial image data, including your uploaded and submitted facial images, and facial images obtained from image collection devices within the WeWork workspace to verify your identity.
iii. Provide you with Services based on geolocation
(1) Location information
In order to provide you with the functions of reservation of meeting room and office desk and access control and enhance the flexibility of your office and improve performance, efficiency and function of our Services, upon your authorization we will collect relevant information generated during your usage of our Services, including geolocation information.
When you enable GPS function of mobile device and use Services based on geolocation through system authorization, we will collect and use your location information in order to provide you with meeting room, office desk reservation and access control functions. (For example, you do not need to manually switch the geolocation of your place to position you to main community or you do not need to take the access card with you to open the door.) Where your mobile device permits, you may also reserve meeting room and office desk by manually switching frequently visited community.
We will use relevant technologies to obtain your geolocation information (the accuracy will be different), which include IP address, GPS and WLAN (such as Wi-Fi) access point, Bluetooth and BTS that can provide relevant information. The information provided during your usage of Services may include corresponding geolocation information, for example the area set up in your account materials or the geography markup language (GML) in the pictures and videos uploaded by you. You may disable GPS service in the system of mobile device to stop our collection of your geolocation, but it is possible that your will be unable to use our Services based on geolocation or unable to achieve the intended result of relevant Service.
(2) Log information
When you use the services provided by us, we will collect your browse, search, click, collection, like, communication, follow, share, post information and store such information as relevant web log, which includes your IP address, type of browser, the language used, version of OS, device model, date and time of visit, ISP and web request.
iv. Provide you with automatically activated access control Service
In order to enhance our Service efficiency and safeguard our Service, GC members may automatically activate access control Service through WeWork GC App. If you use this Service, you need to provide identity card information of PRC residents.
v. Provide you with visitor registration Service
In order to comply with relevant laws and regulations and safeguard our community, be able to contact the visitor invited by you in emergency and provide the visitor invited by you with the location and path of our community to optimize our service experience, if you invite visitor to our community, you need to provide us with relevant information of your visitor, including name, email address and mobile phone number so that the community staff may take in such visitor, on the premise that you ensure to obtain prior authorization from relevant persons.
vi. Provide you with WeWork Pass Service
Currently we establish the functions of WeWork Pass services through Wechat Mini Program. If you choose to authorize login with Wechat account, we will obtain the account information shared by you from Wechat (such as avatar, nickname, region, gender) and bind with your WeWork GC account as shortcut to log in. We will use your Personal Information in accordance with the agreement with third parties subject to compliance with relevant laws and regulations.
vii. Help you complete your payment
When you pay for the order placed with WeWork GC, you can choose the third-party cooperative institutions of WeWork GC to provide service for your payment. We need to collect your order information, payment information and other necessary information required by laws and share with these cooperative institutions to confirm your payment instruction and help you complete your payment. If you refuse to provide order information or payment information, we would not be able to complete your online order.
viii. Provide you with customer service and after-sale service
When you contact our customer service staff, our system may record the communication between you and our customer service and use your account information to verify your identity; when you need us to provide customer service in relation to your order, we may inquire about your relevant order information in order to provide you with appropriate assistance and treatment; when you need customer service staff to assist you in changing relevant information (such as delivery address, and contact details), you may also need to provide other information than foregoing information to complete the change.
ix. Provide you with security
In order to safeguard you account, transaction and system operation and satisfy relevant requirements of laws and regulations and rules specified in our agreements, during your usage of our services, upon authorization from you we will obtain your device information, including the property of device used by you, connection and status information, for example model of equipment, equipment ID (such as IMEI/androidID/IDFA/OPENUDID/GUID/OAID, SIM card IMSI, ICCID information), equipment MAC address, software list, ISP and other software and hardware characteristics.
In order to enhance the security of the Service provided by us and more accurately prevent phishing site fraud and Trojan horse virus, we may use or integrate your Personal Information and the information shared by our affiliates and cooperative partners upon authorization from your or as required by laws, comprehensively determine risks in connection with your account and transaction based on your habits and frequently used software, including verification of identity, prevent, discover, investigate potential fraud, web virus, cyber attack and other safety risks and violation of agreements, policies or rules of ours or our affiliates to protect the legitimate interests of yours, other users, ours or our affiliates and record some links which we deem as risky (“URL”).
x. Provide you with safe workspace
If you visit the buildings and facilities of WeWork GC, the buildings and facilities of WeWork GC have CCTV system to maintain the legitimate business interests of protecting the employees, members and visitors of WeWork GC and their properties. These videos are accessible by WeWork GC. In accordance with relevant laws and regulations, WeWork GC may also be requested to provide CCTV video footage to members and other third parties authorized by WeWork GC such as competent authority. Generally these video will be retained for limited period, but it will be retained longer when deemed appropriate by WeWork GC or relevant members (for example in connection with investigation) or as requested by competent authority.
xi. Verify identity for security of account
For the purpose of completing identity verification, safeguarding the account, confirming transaction status and providing you with after-sale and dispute resolution service, as authorized by you we may obtain your Personal Information from third parties (for example, to collect the information on your transaction, payment, and reservation through the transaction counterparty selected by you and third party information system, payment institution, intermediary institution directly involved in the transaction so that we may handle your order and guarantee the completion of service or we may better prevent fraud, fake orders and other malicious acts). We will obtain your relevant information from affiliates and cooperative partners of WeWork GC as authorized by you in accordance with laws and regulations and agreement with third parties and confirm the legitimacy of their information source before using such information of yours so that you may participate in our cooperative project.
xi. Participate in cooperative projects
If you participate in cooperative projects such as intermediary cooperative projects and event cooperation through our website, in order to complete verification of identity, we will ask you to provide your name, email address, mobile phone number and other information so that we may contact you. If you intend to provide Personal Information of others to us, please also ensure you have obtained proper authorization from others and have provided him/her with relevant link to this Personal Information Processing Policy.
xii. Download and save Service bills
In order for you to download and save WeWork's service bills, we will ask you for storage rights for your mobile device. If you refuse to provide storage rights for your mobile device, you will not be able to download or save service bills through the WeWork GC App, but you can still obtain service bills by receiving emails from WeWork with billing information or by contacting the WeWork community.
II. Scenarios in which you need to authorize us to collect and use Personal Information
In order to provide you with more service, you may choose to use the extended functions provided by us. We will collect and use the following information in compliance with laws and regulations and based on your specific authorization. Such information will be collected in the specific function and business scenarios chosen by you. If you do not provide such information, your usage of basic functions of WeWork GC will not be affected.
i. Extended functions based on camera authorization
You may choose to enable system authority for camera and authorize WeWork GC to have access to your camera by taking photo, video, scanning QR code and other functions so that you may post contents by taking photo or recording video. If you need to record and post audio video, you also need to enable authority for microphone. We will collect the foregoing information uploaded and posted by you. This function can be disabled in the system authority. Once disabled, you will possibly not be able to realize the function of scanning QR code or not be able to comment or interact by taking photo and recording video, but your usage of basic functions of WeWork GC Services will not be affected.
ii. Extended functions based on authorization for photo album
You may choose to enable system authority for photo album (In some model, the storage permission is required)and authorize us to have access to your photo album by initiatively uploading photo and video so that you may post contents by uploading photo or video. We will collect foregoing information uploaded and posted by you. This function can be disabled by you in the system authority. Once disabled, you will possibly not be able to replace avatar, post trends or demands with photo by uploading photo and video, but your usage of basic functions of WeWork GC Services will not be affected.
iii. Extended function based on authorization for microphone
You may choose to enable system authority for microphone and use voice technology to realize chat and other voice interaction functions. We will collect the voice information recorded during your usage of smart voice technology for machine recognition and online interaction and satisfy your demands for search. This function can be disabled by you in the system authority. Once disabled, you will possibly not be able to realize the function of online voice interaction, but your usage of basic functions of WeWork GC Services will not be affected.
iv. Extended function based on authorization for directory
You may authorize WeWork to obtain your directory and publicly available information (avatar and nickname) in your mobile phone, so that you may quickly complete visitor registration without manually imputing the information. This function can be disabled by you in the system authority. Once disabled, you will possibly not be able to realize the interactive function based on directory, but your usage of basic functions of WeWork GC Services will not be affected.
v. Extended function based on authorization for calendar
You may enable system authority for calendar and use adding calendar and other functions to integrate with your calendar or enterprise mailbox. We will collect foregoing information to display to you or set alarm for you. This function can be disabled by you in system authority. Once disabled, you will possibly be unable to enjoy calendar record or alarm functions, but your usage of basic functions of WeWork GC Service will not be affected.
vi. WeWork Mall
You may choose to use the shopping mall service and enterprise wallet service (collectively referred to as “Mall”) in WeWork GC.
1) Commodity order/management
When you are ready to settle the commodities, the Mall will generate the order for you to purchase such commodity. If the commodities need to be delivered, you need to at least fill in the name, address and mobile phone number of the recipient. At the same time, such order will specify the order number, the commodity or service you purchase, the amount payable and payment method. You may order commodity and/or service for others. In this case, you need to provide the foregoing Personal Information of the actual buyer. If any Personal Information of Children is involved, you need to obtain consent from their guardian before providing their information. All the foregoing information constitute your “order information” and we will use your order information for identity verification, confirmation of transaction, payment and settlement, completion of delivery, enquiry about order for you and provision of customer service consultancy and after-sale service. We will also use your order information to determine whether your transaction has abnormality so that we may protect your transaction safety.
2) Payment for transaction
After you place the order, you may choose payment service provided by third-party payment institutions cooperative with the Mall. The payment function itself will not collect your Personal Information, but we need to share your order number and transaction amount with these Payment Institutions to realize confirmation of your payment instruction and complete payment.
3) Delivery of commodity/service
After you place an order and complete the payment online, if the corresponding goods and/or services are provided by third-party merchants, we will provide the merchants with the necessary information related to the order, and they will provide you with the goods and/or services, and at the same time, we will disclose the order-related delivery information to the supply chain companies that provide logistics information systems and services for the Mall and the merchants in the Mall, and synchronize the relevant delivery information with the corresponding logistics and distribution entities according to the designation of the commodity provider. You know and agree that the above relevant personnel will use your order information during the delivery process to ensure the safe delivery of the goods you order.
III. Other rules on collection and usage of Personal Information
i. If the information provided by you includes Personal Information of other users, before providing such Personal Information to WeWork GC, you shall ensure to have obtained lawful authorization.
ii. If we use the information for other purpose not specified herein, or use the information collected for specific purpose for other purpose, we shall obtain prior consent from you.
iii. If we indirectly obtain your information from any third party, we will expressly request such third party in writing to explain the source of the Personal Information before collection of such information and whether such third party has obtained your lawful authorization for its collection and processing and provision of your Personal Information to us. Unless expressly permitted by laws, we will only collect your Personal Information from third party after we confirm such third party has obtained your authorization. If the scope of authorization for such third party cannot cover our purpose of processing and usage, we will on our own or require such third party to seek consent from you before processing your Personal Information. At the same time, our professional security team will strengthen the security of Personal Information (including filing of sensitive information, encrypted storage of sensitive information and access control). We will use the protective means and measures no less than those used by us to protect Personal Information of users to protect the Personal Information obtained indirectly.
iv. Exceptions to obtaining authorization and consent
As provided in relevant laws and regulations, we may collect and use your Personal Information without your authorization and consent under the following circumstances:
1) In connection with performance of obligation provided in laws and regulations;
2) Directly involves national security or national defense security;
3) Directly relevant with public safety, public health or major public interest;
4) Directly relevant with criminal investigation, prosecution, judgment or enforcement of judgment and other judicial or administrative enforcement actions.
5) To protect the life, property and other important legal rights of yours or other persons, and obtaining your consent will cause unreasonable burdens;
6) You have publicly disclosed or otherwise lawfully disclosed relevant Personal Information;
7) Personal Information collected from lawfully and publicly disclosed information, such as lawful news story, government information disclosure and other channels or as required by other laws;
8) Required by relevant agreement or other written documents executed and performed by you;
9) Required for maintaining the safe and stable operation of provided product/services, for example to discover and dispose the breakdown of product/services;
10) To cope with emergent public health event or to protect life, health and safety of property of natural persons in emergency;
11) Other circumstances required or permitted by applicable laws.
Please note that in accordance with applicable laws, if we take technical and other necessary measures to process Personal Information to make the receiver of data unable to recognize specific individuals and unable to restore the information, or we carry out de-identification research, statistical analysis and prediction based on collected information to improve the contents and layout of WeWork GC website and App, provide support for business decision-making in terms of products or services and improve our products and services (including using anonymous data for machine learning or training for model algorithm), the usage of such processed data will be carried out without notice to you or seeking your consent.
v. If we stop operating the products or services of WeWork GC, we will timely stop collecting your Personal Information, notify you of termination of operation with notice delivered to each user or announcement and delete or anonymize the Personal Information held by us in relation to the terminated business. If Personal Information of Children is involved, we will timely notify the guardian of the Children of termination of operation.
3. How We Use Cookie and Similar Technologies?
(1) Usage of Cookie
In order to ensure normal operation of website, provide you with more smother experience when you visit the site, we will store Cookie, Flash Cookie or other local storage generally including identifier, name of site and some numbers and character provided by the browser (or affiliated application) (collectively referred to as “Cookies”). With Cookies, the website can store your preference or commodity in the shopping cart and other data.
Where your browser or additional service of browser permits, you may change your acceptance of Cookie or refuse our Cookie. But if you implement the operation stated in this clause, under some circumstance it may affect your safe visit to our website, and you may need to change the user settings each time you visit our website.
(2) Usage of technologies similar to Cookie
Apart from Cookie, we will also use web beacons, pixel tags, ETag and other similar technologies.
For example, the email sent from us to you may contain address links to our website contents. If you click on such links, we will follow this click to help us understand your preference for products or services so that we may take the initiative to improve customer service experience. Web beacons are usually transparent images embedded into website or email. With pixel tags in email, we know whether the email has been opened. If you do not want your activities be tracked in this way, you may unsubscribe from our mailing list at any time.
ETag is the header of HTTP agreement transmitted between Internet browser and Internet server and it may replace Cookie. ETag can help us avoid unnecessary load on server, improve service efficiency and save resource and energy. At the same time, we can record your identity through ETag so that we may understand more deeply and improve our services. Most browsers provide the users with the function of clearing browser cache and you may clear corresponding data in function settings of browser. But please note if you disable ETag, you will possible be unable to enjoy better experience in relation to service.
(3) Usage of SDK
In order to ensure the stable operation and realization of functions of our client so that you can enjoy and use more services and functions, our app will be embedded with SDK of authorized partners or other similar application. Please refer to the appendix for details of SDK of our authorized partners.
We will perform strict safety test on application programming interface (API) and software development kit (SDK) through which authorized partners obtain relevant information, agree with authorized partners on strict data protection measures and ask them to process Personal Information in accordance with this Policy and any other relevant confidentiality and safety measures.
4. How We Share, Transmit and Disclose Your Personal Information?
(1) Share
We will not share your Personal Information with any company, organization or individual other than WeWork GC service provider, unless:
1) Sharing as required by laws: we may share your Personal Information as required by laws and regulations or as required in litigation or dispute resolution or as duly requested by administrative or judicial authority.
2) Sharing with express consent: With your express content, we will share your Personal Information with others.
3) Necessary sharing for providing the goods and/or services you need: When you purchase goods or service through WeWork Mall or WeWork platform, based on your choice, we will share necessary information relevant with transaction in your order information with provider of relevant goods or service to realize the transaction, delivery and after-sale service for you.
4) Sharing with Affiliated Companies: To facilitate our provision of products and services and ensure the safety of our community, based on you geolocation and actual usage, your Personal Information, including sensitive personal information (name, contact details and photo) may be shared with our Affiliated Companies.
5) Sharing with authorized partners: We may entrust authorized partners to provide certain service or represent us to perform duties. We will only share your information for the lawful, proper, necessary, specific and express purpose specified herein. Authorized partners only have access to the information required for performing their duty and we will provide in the agreement that they shall not use such information for any other purpose.
6) Sharing with product provider: Our certain products are provided by third party provider. Therefore, when it is necessary and with your separate consent only, we will share your contact details, number of identity card and other necessary information with them.
Currently, our authorized partners include the following types:
1) Authorized partners performing advertisement and analysis service. We will entrust these partners to process information relevant with advertisement coverage and efficiency. However, without your consent, we will not share your Personal Information with partners providing advertisement and analysis service or we will perform de-identification on such information so that the authorized partner cannot identify you. Such partners may integrate foregoing information with other data obtained by them lawfully to implement the advertisement service entrusted by us or suggestion on decision-making.
2) Vendor, service provider and other partners. We will send information to vendor, service provider and other partners which support our business. Such support includes providing technical infrastructure service, analyzing the method to use our service, providing customer service, providing convenience for payment or carrying out academic research and investigation as entrusted by us.
(2) Transmission
We will not transmit your Personal Information to any company, organization or individual, unless:
1) Transmission with express consent: With your express consent, we will transmit your Personal Information to others;
2) In case of merger, acquisition or bankruptcy liquidation of WeWork GC service provider or other circumstances involving merger, acquisition or bankruptcy liquidation, if transmission of Personal Information is involved, we will request the new company or organization holding your Personal Information to continue to be bound by this Policy, otherwise we will request such company, organization and individual to seek your authorization and consent again.
(3) Public disclosure
We will publicly disclose your Personal Information under the following circumstances only:
1) With your express consent or based on your initiative choice, we may disclose your Personal Information;
2) If we confirm you have violated laws and regulations or seriously breached the member agreement of WeWork GC and other relevant agreement and rules, or to protect the body and properties of WeWork members or the public from damage, we may disclose your Personal Information in accordance with laws and regulations or with your consent.
(4) Exceptions to seeking authorization and consent when sharing, transmitting and disclosing Personal Information
In accordance with laws and regulations, under the following circumstances, we do not need to seek your prior authorization and consent when sharing, transmitting or disclosing your Personal Information:
1) In connection with performance of obligation provided in laws and regulations;
2) Directly involves national security or national defense security;
3) Directly relevant with public safety, public health or major public interest; or
4) Directly relevant with criminal investigation, prosecution, judgment or enforcement of judgment and other judicial or administrative enforcement actions.
5) To protect the life, property and other important legal rights of yours or other persons, and obtaining your consent will cause unreasonable burdens;
6) You have publicly disclosed or otherwise lawfully disclosed relevant Personal Information;
7) Personal Information collected from lawfully and publicly disclosed information, such as lawful news story, government information disclosure and other channels or as required by other laws;
8) Required by relevant agreement or other written documents executed and performed by you;
9) Required for maintaining the safe and stable operation of provided services, for example to discover and dispose the products and/or services;
10) To cope with emergent public health event or to protect the safety of life, health and property of natural persons in emergency;
11) Other circumstances required or permitted by applicable laws.
Please note that in accordance with applicable laws, if we take technical and other necessary measures to process Personal Information to make the receiver of data unable to recognize specific individuals and unable to restore the information, the sharing, transmission, disclosure after such processing will be carried out without further notice to you or seeking your consent.
5. How We Protect and Retain Your Information?
(1) Retention Region
The Personal Information collected and generated during operation in China will be retained in China. Under the following circumstances, after we perform the obligations provided in laws, we will provide your Personal Information to overseas entities:
1) As expressly provided in applicable laws;
2) With your express authorization;
3) For your cross-border transaction through Internet and other personal initiative acts.
Under foregoing circumstances, through contracts and other means we will ensure to protect your Personal Information no less than the degree specified herein.
(2) Retention Period
We will only retain your Personal Information as long as it is necessary to achieve the purpose stated herein. We consider the following factors to determine the retention period of Personal Information:
(3) Technical Measures for Data Protection
We have adopted reasonable and feasible security protection measures that comply with industry standards to protect your information and prevent unauthorized access, public disclosure, use, modification, damage or loss of Personal Information. For example, we will use encryption technology to improve the security of Personal Information. When data is exchanged between your browser and server, it is protected by SSL protocol encryption. We also provide HTTPS protocol for secure browsing of the website; we will use trusted protection mechanism that prevents Personal Information from being maliciously attacked; we will deploy an access control mechanism to try our best to ensure that only authorized personnel can access Personal Information.
(4) Management Measures for Data Protection
We formulate internal management systems and operating procedures, implement hierarchical and classified management of Personal Information, adopt corresponding encryption, de-identification and other security technical measures, and internally determine reasonable Personal Information processing operating rights for Personal Information contacts, and regularly conduct safety education and training for employees. In addition, we also formulate and organize the implementation of emergency plans for Personal Information security incidents and other measures required by laws and administrative regulations.
(5) Security Reminder
The security of all Personal Information provided to WeWork GC is important to us. We take reasonable steps endeavoring to use appropriate technical or organizational measures to protect your Personal Information, including against unauthorized or unlawful processing and accidental loss, destruction, or damage. Unfortunately, no data transmission over the Internet or storage of information can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Information, we cannot ensure or warrant the security of any information that you transmit to us, and you do so at your own risk. As such, we ask that you help us be safer together by implementing your own security controls, such as a strong password, not sharing your credentials or badge with others, logging out when you leave your desk, and other security best practices.
(6) Security Emergency Plan
If a security incident occurs, we will notify you and report to the competent regulatory authority in accordance with applicable laws.
6. How Will You Manage Your Information?
We value your attention to your data and do our best to protect your rights to Personal Information, so that you could have an effective ability to protect your Personal Information and security. You have the right to (i) access and seek correction of inaccurate, untrue, or incomplete Personal Information; (ii) receive an electronic copy of Personal Information held by us or upon satisfaction of conditions specified in applicable laws, you have the right to ask us to cooperate with you under commercially reasonable circumstances to transmit Personal Information to the third party designated by you; (iii)withdraw your consent; (iv) delete your Personal Information; (v) cancel your account (if you have created your website account);(vi) request us to explain this Policy and the rights that you are entitled to in accordance with applicable laws. If you would like to exercise any of these rights. WeWork member please login WeWork GC App, click Help Center for assistance. To protect your Personal Information, we will verify your identification before responding to your request. We will process your request within a reasonable time (in any case within 15 days.)
We also provide a means to unsubscribe in our marketing-related email communications. Note that we will continue to send you certain communications regarding operation and administration of the Services, and you will not be able to opt out of those communications, e.g., communications regarding updates to our Terms of Use or this Policy. If you no longer desire to be contacted by us, you must terminate your relationship with WeWork GC and can no longer use our Services.
7. How We Process Information of Children?
Generally, Our Services are not directed to children. If you are a child, we ask you to invite your parents or other guardians to carefully read this Policy and use our service or provide us with information after seeking consent from your parent or other guardians. If we become aware that a child has provided us with Personal Information, we will delete such information from our files or obtain parental consent in accordance with applicable law.
8. Changes to This Policy in The Future
Any information that is collected via the Services is covered by the Policy in effect at the time such information is collected. We reserve the right to change, modify, add, or remove portions of this Policy at any time and at our sole discretion.
If we make any material changes to this Policy, we will notify you of those changes by posting them on the Services or by sending you an email or other notification, as required by applicable law, and we will update the “Effective Date” below to indicate when those changes will become effective.
We encourage you to review this Policy periodically to remain informed of how we use and protect your information, and to be aware of any policy changes. Your continued relationship with us after the posting or notice of any amended Policy shall constitute your agreement to be bound by any such changes. Any changes to this Policy take effect immediately after being posted or otherwise provided by WeWork GC.
9. Suggestion or Complaint
You have the right to raise any question, suggestion or compliant against this Policy or our Personal Information processing practice, or you may bring up litigation before people’s court with jurisdiction over our domicile (Xuhui District, Shanghai).
10. How to Contact us?
If you have any questions, concerns or complaints regarding WeWork China's personal information, please contact our personal information team below and we will respond within a reasonable time.
WeWork Commercial Service (Shanghai) Co., Ltd.
Registered Address: Unit 131, 9th Floor (8th Floor), Building 3, No. 2, Lane 838, South Huangpi Road, Huangpu District, Shanghai
Email: gccompliance@wework.cn
(The following are attachments )
Appendix 1:Instructions on Third-Party SDK Connected to WeWork GC App
We specify relevant connected third-party SDK in the content. Please note that due to version upgrade, strategy adjustment and other reasons the data processing type of third party SDK may change. Please refer to the official instructions announced by such third party.
Name of SDK
|
Company
|
Type of collected Personal Information
|
Purpose |
Link to agreement or privacy policy
|
Umeng+
|
Umeng Tongxin (Beijing) Technology Co., Ltd |
Equipment Mac address, unique equipment identifier (IMEI/Android ID/IDFA/OPENUDID/GUID,SIM card IMSI information)
|
Provide statistical analysis service, and calibrate the accuracy of statement through geolocation, provide basic anti-spam capacity |
https://developer.umeng.com/docs/147377/detail/209997
|
Wechat Pay
|
Tenpay Payment Technology Co., Ltd
|
Equipment Mac address, unique equipment identifier (IMEI/Android ID/IDFA/OPENUDID/GUID,SIM card IMSI information)
|
Wechat Pay
|
https://pay.weixin.qq.com/index.php/public/apply_sign/protocol_v2
|
Alipay
|
Alipay (China) Network Technology Co., Ltd |
Equipment identifier (BSSID/equipment series number/IMEI/MAC address/SSID/IMSI), location information, ISP, Wi-Fi address, list of applications
|
Alipay
|
https://opendocs.alipay.com/open/54
|
JPush
|
Shenzhen Hexunhuagu Information Technology Co., Ltd |
Equipment information (BSSID/equipment series number/IMEI/MAC address/SSID/IMSI), web information, geolocation information
|
Push
|
https://www.jiguang.cn/license/privacy
|
Netease_IM
|
Hangzhou NetEase Quality Cloud Technology Co., Ltd |
Unique equipment identifier (Mac address/APNS Token/IMEI), geolocation, equipment information including equipment brand and model, OS version, name, edit version information. Log information includes type and version of browser, type and status of Internet access, IM service operation log. |
SMS
|
https://netease.im/clauses?serviceType=3
|
Face ++ |
Beijing Kuangshi Technology Co., Ltd. |
Name, number of identity card and photo |
Online identification |
https://www.faceplusplus.com.cn/privacy-policy/ |
China Mobile |
China Mobile Internet Company |
Device information (IMSI, IDFV), device brand, carrier information |
ID one-click login |
http://dev.10086.cn/docInside?contentId=11039019811152 |
China Telecom |
China United Network Communications Co., Ltd |
Device information (IMSI, IDFV), device brand, carrier information |
ID one-click login |
https://e.dlife.cn/_agreements.html |
Baidu Map |
Beijing Baidu Netcom Technology Co., Ltd |
Positioning information |
Meeting room reservations, opening doors |
https://lbsyun.baidu.com/index.php?title=openprivacy |
Baidu Position |
Beijing Baidu Netcom Technology Co., Ltd |
Positioning information |
Meeting room reservations, opening doors |
Appendix 2: Rules on Processing Personal Information of WeWork GC vendors
Vendors, service providers and other suppliers (collectively referred to as “Vendors”) help us provide our Services to our members and otherwise support our business. These Rules on Processing Personal Information of Vendors describe how we use certain type of Personal Information from Vendors and prospective Vendors.
If you participate in cooperative projects such as intermediary cooperative projects and event cooperation through our website, in order to complete verification of identity, we will ask you to provide your name, email address, mobile phone number and other information so that we may contact you. If you intend to provide Personal Information of others to us, please also ensure you have obtained proper authorization from others and have provided him/her with relevant link to this Personal Information Processing Policy.
If you are our Vendor, the Personal Information that we may collect from you includes:
Identification information and contact details, including name, telephone number (including individual telephone number), contact address, email address so that we may identify you, assess and select prospective Vender, register selected Vendor and contact you, including reply and enquiry, sending notice and processing invoice.
As applicable, bank information and payment information used to process financial transaction with you (may include your personal bank information), including payment for provided goods and services.