Welcome to the website of ARG Auto Glass System and the CARG APP service (collectively referred to as the "ARG System") provided by Fuyao Glass Industry Group Co., Ltd. (Registered Address: Fuyao Industrial Village, Fuqing City; hereinafter referred to as "we", "us" or "Fuyao"). We fully understand the importance of your personal information and will strictly comply with applicable laws and regulations to provide you with safer and more reliable services.
This Privacy Policy is intended to explain how the ARG System collects, uses and stores your personal information, as well as your corresponding rights, so as to better protect your legitimate rights and interests.
Special Reminder
Before using the ARG System, please carefully read and fully understand this Privacy Policy, especially the content marked in bold or underlined. If you have any questions during reading, you may obtain assistance through the contact information disclosed in Chapter VII. Once you check to agree to this Privacy Policy and continue to use the ARG System, it shall be deemed that you fully understand and consent to our collection, use, storage, sharing, transfer and disclosure of your relevant personal information in accordance with this Privacy Policy.
This Privacy Policy applies to the acts of collecting, using, storing and providing your personal information within the territory of the People's Republic of China (excluding Hong Kong and Taiwan regions for the purpose of this Privacy Policy).
This Privacy Policy will help you understand the following contents:
1. Collection and Use of Personal Information
2. Security Management of Personal Information
3. Sharing, Transfer and Public Disclosure of Personal Information
4. Protection and Response of User Rights
5. Protection of Minors' Personal Information
6. Updates to This Privacy Policy
7. Contact Us
8. Miscellaneous
9. Appendix
1. Collection and Use of Personal Information
In the process of your using the ARG System, we will collect and use the information you actively provide or generated due to the use of services in the following manner:
Business Scenario: Account Application
Collection Method: Provided voluntarily by you
Information Type:
User Information: Name, mobile phone number, email address, address and other fields in the database
Customer Information: Name of company person in charge, contact number, address, company name on business license, taxpayer identification number
Instructions for Use: To realize the basic functions of providing our system and/or services to you, you must authorize us to collect and use necessary information. If you refuse to provide relevant information, you will not be able to normally use our system and/or services.
To ensure you have a smoother and easier user experience, our ARG System uses the following cookies:
- Necessary Cookies: Necessary cookies enable us to provide you with the best possible experience when you access and browse our website and use its functions. For example, by collecting JSESSIONID (Session ID), we can recognize that you have created and logged into an account.
- Functional Cookies: Functional cookies allow us to operate the website according to your preferences. For instance, we will recognize your website language (login_locale) and provide the corresponding language version of the website.
- Analytical Cookies: Analytical cookies enable us to collect aggregated statistical data on how you use this website, and such cookies do not contain your personal information.
If you wish to restrict or block cookies set by our website, you may do so through your browser settings. Alternatively, you may visit www.internetcookies.com, which contains comprehensive guidance on how to manage cookies on various browsers and devices.
In addition, in accordance with relevant laws, regulations and national standards, we may process your relevant personal information without obtaining your authorization and consent under the following circumstances:
1. It is necessary for the personal information processor to perform statutory obligations or duties;
2. It is necessary for concluding and performing a contract to which you are a party;
3. It is necessary to respond to public health emergencies or protect the life, health and property safety of natural persons in emergency situations;
4. Processing your personal information that you have made public or otherwise legally disclosed within a reasonable scope in accordance with the law;
5. Other circumstances stipulated by laws and administrative regulations.
2. Security Management of Personal Information
2.1 Information Storage
Storage Location
Personal information collected and generated in our operations within the People's Republic of China shall be stored within China.
Based on the needs of our global operations and service provision, personal information collected in other countries may be transferred to our headquarters in China for storage and processing, and we will ensure such transfer complies with applicable laws and regulations. By accepting the terms of this Privacy Policy, you acknowledge, agree and approve the transfer and processing of personal information to servers outside your country of residence.
For the transfer of personal information collected within the European Union to China, we have signed the Standard Contractual Clauses approved by the EU.
Storage Period
We retain your personal information only for the period necessary to provide you with the ARG System services and within the retention period stipulated by laws and regulations. As such requirements may vary, the actual retention period may differ greatly. Upon the expiration of the above retention period, we will delete or anonymize your personal information.
If our products or services cease operation, we will notify you via push notifications, announcements and other forms, and delete or anonymize your personal information within a reasonable period.
2.2 Information Protection
We strive to safeguard the security of your personal information to prevent loss, improper use, tampering, unauthorized access or disclosure.
We adopt various security protection measures within a reasonable security level to protect information security. For example, we use encryption technology, de-identification, anonymization and other means to protect your personal information.
We continuously upgrade technical measures to prevent the leakage of your personal information. For instance, to prevent illegal acts such as fraud, account theft and impersonation, and conduct security inspections, we may analyze data such as unique device identifiers, login IP addresses, operation logs and location information to take security measures or send security reminders.
We have established dedicated management systems, operating procedures and organizations to ensure information security. We strictly restrict the scope of personnel authorized to access information, require them to abide by confidentiality obligations, and conduct audits.
In the event of a personal information security incident, we will activate the emergency response plan, take corresponding remedial measures, trace the cause and reduce losses in the shortest possible time. In accordance with legal requirements, we will promptly inform you of the basic situation and possible impacts of the security incident, the measures taken or to be taken, suggestions for you to independently prevent and reduce risks, and remedial measures for you. Meanwhile, we will report the handling of personal information security incidents to regulatory authorities as required.
At present, Fuyao has met the requirements of international authoritative certification standards such as ISO27001 in terms of information security and has obtained corresponding certifications.
Security Reminder: Although we have adopted the above effective security measures, fully implemented the standards required by laws and regulations, and tried our best to protect your personal information, please understand that no security measure can be absolutely secure. Therefore, we strongly recommend you to always use the ARG System in a standardized manner and take active measures to protect personal information security, including but not limited to setting passwords with high complexity and not disclosing personal account passwords and sensitive information to others.
3. Sharing, Transfer and Public Disclosure of Personal Information
3.1 Sharing
We may provide your personal information to competent government authorities in accordance with laws and regulations or mandatory official requirements.
We may provide your personal information to the following partners:
- Our Service Providers and Business Partners
We may provide your personal information to service providers and business partners that support our operational functions, including infrastructure technical services, payment services and data processing services.
- Affiliated Companies
We may provide your personal information to our affiliated companies, and we guarantee that our affiliated companies will adopt the same level of personal information protection policies as us.
For companies and organizations to which we provide personal information, we will sign strict data processing agreements with them, requiring them to process personal information in accordance with our instructions, this Privacy Policy and other relevant agreements. We also require such companies and organizations to provide explanations of data security capabilities and information security qualifications (such as Grade Protection Evaluation and Information Security Management System certification).
3.2 Transfer
We will not transfer your personal information to any company, organization or individual other than the information recipients, except under the following circumstances:
1. Transfer with prior explicit consent: We will transfer your personal information to other parties after obtaining your explicit consent;
2. Complying with the requirements of laws and regulations, legal procedures, mandatory government requirements or judicial rulings;
3. In case of merger, acquisition or bankruptcy liquidation involving the transfer of personal information, we will require the new company or organization holding your personal information to continue to be bound by this Privacy Policy; otherwise, we will require such company or organization to obtain your authorization and consent again.
3.3 Public Disclosure
We may publicly disclose your personal information when necessary based on the legal basis stipulated by laws and regulations. If public disclosure is required, we will inform you of the purpose of disclosure, types of personal information to be disclosed and categories of sensitive personal information involved, and obtain your separate consent.
3.4 Third-Party SDK
To realize certain independent functions and enable you to use more services and functions, we embed third-party SDKs in the application and will carefully evaluate the purpose of using such SDKs. The third-party SDK services adopted by the ARG System include:
1. Amap
Third-Party Entity: Amap Software Co., Ltd.
Shared Information: GPS location information
Purpose and Scenario: Location access and positioning when using the CARG APP
3. Mobile SMS
Third-Party Entity: China Mobile Group Co., Ltd.
Shared Information: User contact information, SMS content, sending status and logs, user account information, user device information
Purpose and Scenario: Sending verification codes for CARG APP user registration, login and password retrieval; sending marketing activity notifications and event registration notifications to users
4. AixCloud Disk
Third-Party Entity: Shanghai Aix Information Technology Co., Ltd.
Shared Information: Pictures uploaded by users
Purpose and Scenario: Storage of pictures uploaded by users via the CARG APP
6. WeChat Sharing
Third-Party Entity: Tencent Holdings Limited
Shared Information: User account information, shared content
Purpose and Scenario: Sharing CARG APP content to WeChat
7. Foxmail Email
Third-Party Entity: Tencent Holdings Limited
Shared Information: Corporate email account
Purpose and Scenario: Receiving notification emails from the ARG System
4. Protection and Response of User Rights
In accordance with the Personal Information Protection Law of the People's Republic of China and other applicable laws and regulations, we will guarantee your exercise of statutory rights over your personal information. You have the right to exercise the following rights over your personal information:
4.1 Access and Query Your Personal Information
You may access and query your personal information via "My - Avatar" in the CARG APP, or contact us through the contact information disclosed in Chapter VII, except for exceptions stipulated by laws and regulations.
4.2 Correct Your Personal Information
If you find any error in your personal information processed by us, you have the right to request correction. You may submit a correction request through the contact information disclosed in Chapter VII.
4.3 Transfer Your Personal Information
If you have a demand for personal information transfer and meet the requirements of relevant laws and regulations, you have the right to request us to provide transfer channels and submit specific transfer demands through the contact information disclosed in Chapter VII.
4.4 Delete Your Personal Information
You may submit a deletion request through the contact information disclosed in Chapter VII under the following circumstances, unless otherwise stipulated by laws and regulations:
1. We process your personal information without your consent or in violation of our agreement with you;
2. Our processing of personal information violates laws and regulations;
3. You no longer use our products or services, cancel your account, or the personal information retention period expires;
4. The purpose of processing your personal information has been achieved, cannot be achieved, or is no longer necessary, and we will inform you in a timely manner;
5. You withdraw your authorization and consent.
4.5 Withdraw the Scope of Your Authorization and Consent
You may submit a request through the contact information disclosed in Chapter VII to withdraw your consent. Please note that each business function requires basic personal information to operate. After you withdraw consent or authorization, we will no longer provide corresponding services or process your relevant personal information. However, your withdrawal will not affect previous personal information processing conducted based on your prior authorization.
4.6 Cancel Your Account
If you meet the agreed account cancellation conditions, you may submit an account cancellation request through the contact information disclosed in Chapter VII. After account cancellation, we will stop providing you with website and services.
4.7 Obtain a Copy of Your Personal Information
You have the right to obtain copies of your personal information. You may obtain confirmed copies through the contact information disclosed in Chapter VII. We will provide readable texts in standard format of your personal information where technically feasible.
4.8 Restrict the Use of Automated Decision-Making
In certain business functions, we may make decisions solely through non-manual automated decision mechanisms including information systems and algorithms. If such decisions significantly affect your legitimate rights and interests, you have the right to request an explanation or require us to disable the automated decision mechanism.
4.9 Response to Your Requests
You may submit any inquiries, suggestions, opinions and complaints through the contact information disclosed in Chapter VII. For security purposes, we will process your request after necessary identity verification. Unless otherwise stipulated by laws and regulations, we will complete the processing within 15 working days.
We do not charge fees for reasonable requests in principle, but may charge reasonable costs for repeated and excessive requests. We may reject requests that are unreasonably repetitive, require excessive technical resources, harm the legitimate rights and interests of others, or are impractical.
We may not respond to your requests under the following circumstances as required by laws and regulations:
1. Related to our performance of statutory obligations;
2. Directly related to national security and national defense security;
3. Directly related to public safety, public health and major public interests;
4. Directly related to criminal investigation, prosecution, trial and judgment enforcement;
5. We have sufficient evidence that you act in subjective bad faith or abuse your rights;
6. Necessary to safeguard major legitimate rights and interests of you or others but difficult to obtain personal consent;
7. Responding to your request will seriously damage the legitimate rights and interests of other individuals or organizations;
8. Involving trade secrets.
5. Protection of Minors' Personal Information
Our website and services are intended for adults only. Minors shall not register user accounts without the consent of their parents or guardians.
For personal information of minors collected with parental or guardian consent, we will only use, share, transfer or disclose such information within the scope permitted by laws and regulations, explicit consent of guardians or necessary for minor protection.
If we find that we have collected minor personal information without verifiable guardian consent, we will delete relevant data as soon as possible. If guardians find we have collected minor personal information without prior consent, please contact us and submit relevant identity verification materials, and we will review and delete relevant data as soon as possible.
6. Updates to This Privacy Policy
We may revise this Privacy Policy from time to time. After revision, we will publish the latest version on the system and website and update the "Last Updated" date at the top of the Policy. If we make material changes, we will send you change notifications (including website announcements). If you disagree with the changes after receiving the notification, you shall stop using the ARG System. Your continued use of the services shall be deemed acceptance of the revised Policy.
Material changes include but are not limited to:
1. Significant changes to our service model, such as the purpose, types and usage of personal information processing;
2. Significant changes to our ownership structure and organizational structure caused by business adjustment, bankruptcy, merger and acquisition;
3. Major changes to the main recipients of personal information sharing, transfer and public disclosure;
4. Changes to your rights in personal information processing and the way to exercise such rights;
5. Changes to the responsible department, contact method and complaint channel for personal information security;
6. High risks identified in personal information security impact assessment reports;
7. Other changes that may significantly affect your personal information rights and interests.
7. Contact Us
If you have any complaints, suggestions or questions regarding personal information protection, please contact us via the following method:
Email: security.isms@fuyaogroup.com
We will review your inquiry and reply within thirty days after verifying your identity.
8. Miscellaneous
Our website may contain links to third-party websites. This Privacy Policy only applies to our own website. When you click links to third-party websites, you shall refer to their respective privacy policies.
9. Appendix
Special terms and key definitions involved in this Policy:
1. Personal Information: Various information recorded electronically or in other forms related to identified or identifiable natural persons, excluding anonymized information.
2. Sensitive Personal Information: Personal information that may easily infringe upon personal dignity or endanger personal and property safety once leaked or illegally used, including biometric identification, religious belief, specific identity, medical and health information, financial account information, location tracking information, and personal information of minors under the age of fourteen.
3. Affiliated Companies:
Tianjin Hongde Auto Glass Co., Ltd.
Zhengzhou Fuyao Glass Co., Ltd.
Fujian Wanda Automotive Glass Industry Co., Ltd.
Fuyao Glass (Hubei) Co., Ltd.
Shanghai Fuyao Passenger Car Glass Co., Ltd.
Chongqing Wansheng Fuyao Glass Co., Ltd.
Fuyao Glass (Chongqing) Co., Ltd.
Fuyao Group (Shanghai) Automotive Glass Co., Ltd.
Guangzhou Fuyao Glass Co., Ltd.
Fuyao Group (Shenyang) Automotive Glass Co., Ltd.
Fuyao Group Changchun Co., Ltd.
Fuyao Group Beijing Futong Safety Glass Co., Ltd.
Benxi Fuyao Float Glass Co., Ltd.
Fuyao Group (Tongliao) Co., Ltd.
Chongqing Wansheng Float Glass Co., Ltd.
Fuyao Glass (Suzhou) Co., Ltd.
Fuyao Group (Hong Kong) Limited
Xupu Fuyao Silica Sand Co., Ltd.
Fuyao Group (Fujian) Machinery Manufacturing Co., Ltd.
Hainan Wenchang Fuyao Silica Sand Co., Ltd.
Fujian Sanfeng Auto Service Co., Ltd.
Fujian Fuyao Auto Parts Co., Ltd.
Fuzhou Fuyao Mold Technology Co., Ltd.
Fuyao (Xiamen) Precision Manufacturing Co., Ltd.
Fuyao (Tongliao) Precision Aluminum Co., Ltd.
Fuyao Auto Aluminum Parts (Fujian) Co., Ltd.
4. Legal Basis: The legal basis for all personal information processing activities under this Policy refers to the circumstances specified in Article 13 of the Personal Information Protection Law of the People's Republic of China.
5. Automated Decision-Making: Activities that automatically analyze and evaluate personal behavioral habits, hobbies, economic status, health status, credit status and make decisions through computer programs.
6. De-identification: The process of processing personal information so that a specific natural person cannot be identified without additional information.
7. SDK: Software Development Kit, an embedded technical tool that provides interfaces or collects information for specific functions.
8. Cookies: A technical tool that records user ID, browsing information and stay duration.
