SUMMARY
We collect information regarding your use and purchase of our Services and your interactions with Tencent. You also provide information when you make an enquiry on our website or register to use our Services. Examples include your name and contact details. If you are the administrator of the account, you have the ability to provide access rights to other persons by including their email address in the service console. For information that you provide to us to set up your account, and that we collect and generate in managing your Services, we act as the controller. For information that you store using the Services (for example, content that you upload to store on our servers), we act as a processor. See below at The Types of Personal Information we Collect and Process for more information. We will use the collected information to create and verify your account, enable password change, process payments, and to communicate with you. See below at How we use Your Personal Information for more information. Your information is retained so long as your account exists. After which, the information is deleted within a set time period, depending upon the type of personal information. See below at Data Retention for more information. You may have special rights over your information and how we can use it. These include how you can access the information, erasing the information, restricting how your information can be used, objecting to its use and getting a copy of your information. See below at Your Rights for more information. Dispute Resolution
If you have any concerns or complaints, please contact us at cloudlegalnotices@tencent.com. See below at Contact & Complaints for more information. How will we notify you of changes?
If there are any significant changes to this privacy policy, we will provide a notice on our website. See below at Updates & Changes for more information. Data Controller (EEA, UK and Switzerland): Tencent Cloud Europe B.V.. Address: Atrium building, 8th floor, Strawinskylaan 3127, 1077 ZX Amsterdam, the Netherlands.
Data Controller (Outside EEA, UK and Switzerland): The entity you have contracted with, as set out in the Terms of Service. Data Protection Officer: Please email cloudlegalnotices@tencent.com.
Jurisdiction-Specific Addenda
Additional provisions with respect to certain jurisdictions are included in the addenda to this privacy policy. If you are ordinarily resident in a jurisdiction listed, then the relevant terms for that jurisdiction apply to you. In the event of a conflict between an addendum and this privacy policy, the provisions of the relevant addendum will prevail with respect to the relevant territory only. Unless otherwise provided in a relevant addendum, the provisions of this privacy policy apply to such territory in addition to the specific provisions of such addendum and are not amended except as specifically stated in such addendum.
Modules
The Modules set out below in the section Modules to this privacy policy shall apply and form part of this privacy policy if you use the specific Feature (as defined in each relevant Module). You acknowledge we will collect, process, use and store your personal information, as described in the applicable Module. See below at Modules for more information. INTRODUCTION
When you use the Tencent Cloud website and cloud services (including https://tencentcloud.io and https://www.tencentcloud.com) pursuant to the Tencent Cloud Terms of Service ("Services"), you are agreeing to our rules and policies regarding your personal information and you expressly consent to us collecting, processing, using and storing your personal information, as described in this privacy policy.
If you do not agree with this privacy policy, you must not use the Services.
This privacy policy only applies to you if the Services are provided to you by the relevant Tencent entity as set out in the Terms of Service.
We hold personal information that you provide to us to set up and manage your account and the Services, and personal information generated in connection with your use of the Services ("Administrative Information"). We are the data controller of Administrative Information. This privacy policy informs you of your choices and our practices regarding your Administrative Information.
We also hold data, including personal information, that you submit, upload, transmit or display using the Services ("Content") and we store this data solely in order to provide the Services. The terms relating to our storage of Content are set out in our Terms of Service and Data Processing and Security Addendum. You are the data controller of Content and questions about data handling processes from your users or third parties regarding Content should in the first instance be addressed to you. At all times, we act as a service provider to you, and process data on your behalf. You can extract your Content at any time. If you are located in the European Economic Area or Switzerland, the data controller of your personal information for the purposes of the General Data Protection Regulation is Tencent Cloud Europe B.V., a company registered in The Netherlands with its registered address at Atrium building, 8th floor, Strawinskylaan 3127, 1077 ZX Amsterdam, the Netherlands. If you are located outside the European Economic Area or Switzerland, the data controller of your personal information is the entity that you have contracted with, as set out in the Terms of Service. In each case, the relevant entity is referred to in this policy as "Tencent", "we" and "us". Our data protection officer can be contacted at cloudlegalnotices@tencent.com.
SECTION 1: WHERE WE ARE A DATA CONTROLLER
We will collect and use the following information about you:
Information you give us. You may give us information about you by making an enquiry about our Services, using our Services or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register for our Services (or for business customer, act as the company's business representative to register for Services), such as your name, username, email address, address, IP address, APPID, UIN, Device ID, Tencent Cloud ID, photo ID, credit card information, and telephone number. If you choose to set up your account using one of your existing accounts with Google, we also collect information from that connected account to complete your registration, this includes Google ID, email address, authentication code and avatar (in the form of a log).
Information we collect about you when use our Services. We automatically collect certain information from you when you use our Services through the Tencent Cloud web portal, including IP address, User Agent and Device ID, and information regarding your use of our Services such as our log of your visits, site access requests, uploads and downloads.
Information that we obtain from a third party. Tencent Cloud allows administrators of the user account to determine access rights. In doing so, the administrator of your Services (which might be you) can include the email addresses of other persons who are to be given access to the Services under that account. If you are the administrator of the account, you acknowledge and undertake to us that you have the consent of the individual concerned to provide their email address for this purpose.
We also collect and store your information each time you interact with Tencent, for example, when you communicate with us by email, activate new Services, or complete forms on our website. We also store information about the Services you purchase, such as the activation code, date of purchase, and information relating to any support issue.
Cookies
We use cookies and other similar technologies (e.g. web beacons, Flash cookies, etc.) ("Cookies") to enhance your experience using the Services. Cookies are small files which, when placed on your device, enable us to provide certain features and functionality.
You have the option to permit installation of such Cookies or subsequently disable them. You may accept all Cookies, or instruct the web browser to provide notice at the time of installation of Cookies, or refuse to accept all Cookies by adjusting the relevant function in the web browser of your computer. However, in the event of your refusal to install Cookies, Tencent Cloud may be prevented from providing some of its Services available to you.
For more information about the Cookies we use, please see our Cookies Policy. Children
Our Service is not intended for children. Children must not use the Service for any purpose. We will not knowingly allow anyone under 14 to register for our Services and/or provide any personal identification information. If you are under 14, please do not sign up to use our Services or provide any information about yourself through the Service.
We will use the information in the following ways and in accordance with the following legal bases:
|
Location, Name, Email Address, IP Address, User Agent (or website browser), Device ID and Tencent Cloud ID, Address(including city, province and post code), APPID, UIN, Username and other login security credentials; (If you choose to register via Google: Google ID, email address, authentication code and avatar(in the form of a log) (Mandatory) | We use this information to: create your Tencent Cloud account in accordance with your request and/or verify you have an account; allow for password resets; provide you with user support; record transactions or provide order confirmations; and enforce our terms, conditions and policies. | We process this information as it’s necessary for us to perform our contract with you to provide the Services. |
Mobile Number, Email Address, Address (Mandatory) | We use this information: to verify your Tencent Cloud account; for security protection (if you activate account verification, this will be used to send you SMS alerts and two-factor authentication codes when you modify account passwords, email addresses, etc.); for product notifications; for order confirmations; and for service information (e.g. account balance information, and to communicate to you when your account balance is running low). | It is in our legitimate interests to verify your identity and communicate with you about the Services. |
Photo ID (e.g., driver’s license, passport or work permit) Name and Address (Mandatory) | If you elect to use servers located in the PRC (excluding Hong Kong (China), Macau (China) and Taiwan (China)) for the Services, we use your photo ID (or, where you are a corporate customer, corporate documentation) to ensure that your account is legally verified in accordance with local law. | It is in our legitimate interests to process such data to ensure you are able to activate the service for use in jurisdictions where this is a legal requirement. |
Credit card information (card number, name, expiration date, security code, payment ID) (Mandatory) | We use your credit card information to process payments made by you for use of the Services. | We process this information as it’s necessary for us to perform our contract with you to facilitate payment for the Services. |
Transaction Records (such as date and time of payment for services) (Mandatory) | We provide access to your Transaction Records to allow you to see your transaction history. | We process this information as it’s necessary for us to perform our contract with you to manage payments in respect of the Services. |
Metadata, IP Address, User Tickets, User Agent, Date and Time of Access, each URL visit within the Tencent Cloud website whether direct or referred from third party website (Mandatory) | We use this information for strategy and Service improvement and for analytics. | It is in our legitimate interests to improve our strategy and Services. |
Log Data |
|
|
Customer Service Ticket/ Chat Content, IP Address, Tencent Cloud ID, incident details and response steps; (if you choose to enquire via Telegram: Telegram user’s account number) (Mandatory) | We use this information to: deal with your concerns and complaints about the Service; and improve and administer our Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes, and to keep our Services safe and secure. | It is in our legitimate interests to improve our Services and provide support in connection with the Services supplied to you. |
Metadata in relation to incidents (Mandatory) | We use this information in order to improve our Service and responses. | It is in our legitimate interests to improve our Service and responses. |
Log in relation to incidents (Mandatory) |
|
|
Enquiry Data (data provided when you submit an enquiry via our website contact form or as part of a sales enquiry), including: your name, email, phone number, UIN, priority of query or ticket, reminder settings, company name, business service, location, and details of your query or any additional information provided by you(Mandatory) | We use this information to respond to your request. | It is in our legitimate interests to process this information as it is needed to respond to your request. |
Technical support enquiry data (data provided when you submit a technical support request), including your name, email, phone number, the type of your question, and details of your query (Mandatory) | We use this information to respond to your request. | It is in our legitimate interests to process this information as it is needed to respond to your request. |
Promotional Contact Data: Name, Email, Phone Number, Company Name, Business Service, Location and details of your query (Optional) | We use this information to: promote our products and services to you; and to send you direct marketing communications through us or our third party partners. | We process this information with your consent. You can withdraw this consent at any time. |
Marketing Data: Name, Business Email, Phone Number, Company Name, Country/Region and Industry (Mandatory) | We use this information: to reserve you a place on our online events and webinars for product notifications; and for order confirmations. | We process this information with your consent. You can withdraw this consent at any time. |
Name, Email Address, Country Code, Phone Number, Company Name, Business Service, Inquiry (Mandatory) | We use this information: to process your application for the COVID-19 Cloud Resources Support Program; to respond to requests for our products; for product notifications; and for order confirmations. | We process this information pursuant to our contract with you to provide the support. |
Name, Email Address, Country Code, Phone Number and Company Name (Mandatory) | We use this information to communicate (whether through us or our third party partners) with you, in order to understand products and services that may interest you, and to explore potential business opportunities with you. | It is in our legitimate interests to process such data to maintain a relationship with you and to better understand your business needs. |
Name, Email Address, and any other information you provided for us to comply with the legal obligation (e.g. Date of Birth, Nationality, Business Registration Date, Business Registration Number, Place of Business Registration) (Mandatory) | We use this information to comply with our legal obligations | We process this information as it’s necessary for us to comply with the legal obligations that we are subject to. |
Name, UIN, credit card number (encrypted) (Mandatory) | We use this information to enforce our terms, conditions and policies, in order to provide a safe and secure environment, and to maintain the integrity of the Services | We process this information as it’s necessary for us to perform our contract with you to facilitate payment for the Services. |
We may process and collect other personal information from you from time to time for specific reasons, such as when you try our demo versions on our Services for a specific Feature. For example, when you input or upload data on the demo version of our Instant Messaging feature (such as by sending chat messages and notices, or changing chat names), we will process such data in order to enable you to experience the interface and functions, and delete such data within forty-eight (48) hours. We may also otherwise provide more information on the way we process personal information (including information on any changes to the way we process that personal information that may differ to this privacy policy), such as on our product pages.
We may disclose your personal information with selected third parties in and outside your country, including:
Third Parties where we use a third party service to: (a) process payments ; (b) provide customer support (including provision of a support database and ticketing); (c) send SMS service notification; or (d) provide other services, support, features or functionality as part of the Services, including those listed on our Third Parties page. Related group companies, including the entities listed on our Third Parties page, with whom we share your personal information to operate our Services. To the extent data is transferred outside of the EEA or UK for processing (for example, to Mainland China), we rely on the European Commission's model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2001/497/EC (in the case of transfers to a controller) and Decision 2004/915/EC (in the case of transfers to a processor);
Law enforcement agencies, public authorities or other judicial bodies and organisations. We disclose information if we are legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
comply with a legal obligation, process or request;
enforce our terms of service and other agreements, policies, and standards, including investigation of any potential violation thereof;
detect, prevent or otherwise address security, fraud or technical issues; or
protect the rights, property or safety of us, our users, a third party or the public as required or permitted by law (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction); and
A third party that acquires all or substantially all of us or our business. We will disclose information to a third party in the event that we sell or buy any business or undergo a merger, in which case we will disclose your data to the prospective buyer of such business. We will also disclose information to a third party if we sell, buy, merge or partner with other companies or businesses, or sell some or all of our assets. In such transactions, user information may be among the transferred assets.
Third Party Links and Services
Tencent may provide links to other third party websites as a convenience to you (collectively, the "Third Party Websites"). Please exercise care when visiting any Third Party Websites. The Third Party Websites have separate and independent privacy policies, notices and terms of use which govern your use of such websites and their use of any information they collect. We recommend you read these policies carefully. Tencent disclaims all liability for personal information you provide to any Third Party Websites.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of the information transmitted to our site.
Data Retention
We will retain your personal information as described below (except if otherwise required to be retained by applicable law).
|
(i) Location, Email Address, Password, IP Address, User Agent (or website browser), Device ID, Tencent Cloud ID, Verification Code, Mobile Number, Name, Address (including city, province and post code), APPID, UIN;(ii) Google login credentials: Google ID, email address, authentication code, avatar (in the form of a log); (iii) Location based on the IP address of login activity for the purposes of your identity verification | (i) Account data is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted; (ii) For Google login credentials: information is retained until the expiry of a 90-day period from its creation; (iii) Only location based on the IP addresses of only the previous three (3) logins are retained. |
Credit card information(only limited to Payment ID) (we do not store your other credit card information including card number, name, expiration date and security code, except for the purposes of acquiring a payment ID which is provided by our payment processor upon receiving your other credit card information) | Payment ID is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted. |
| Payment data is held for as long as an account exists. Information is erased within ninety (90) days of the date the account is deleted. |
Photo ID (e.g., driver’s license, passport or work permit) Name and Address | Account data is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted. |
Metadata, IP Address, User Agent, Date and Time of Access, each URL visit within the Tencent Cloud website whether direct or referred from third party website | This data is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted. |
Log Data | This data is held for 3 months from the date of collection. |
Customer Service Ticket / Chat Content, IP Address, Tencent Cloud ID, incident details and response steps; Telegram's user account number | This data is held for so long as an account exists. Information is erased within twenty-four (24) hours of the date the account is deleted. |
Metadata in relation to incidents | This data is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted. |
Log in relation to incidents | This data is held for 3 months from the date of collection. |
Enquiry Data (data provided when you submit an enquiry via our website contact form or as part of a sales enquiry, including your name, email, phone number, UIN, priority of query or ticket, reminder settings, company name, business service, location,and details of your query or any additional information provided by you) | Enquiry data is held until an enquiry is resolved, and then erased within one hundred and eighty (180) days of such resolution, unless you agree to have this data retained and receive more information in the future. |
Technical support enquiry data(data provided when you submit a technical support request), including your name, email, phone number, the type of your question, and details of your query | Technical support enquiry data is held until an enquiry is resolved, and then erased within one hundred and eighty (180) days of such resolution, unless you agree to have this data retained and receive more information in the future. |
Promotional Contact Data: Name, Email , Phone Number ,Company Name, Business Service, Location and details of your query | Such data is held until you tell us that you no longer wish to receive promotional information. |
Marketing Data: Name, Business Email, Phone Number, Company Name, Country/Region and Industry. | Such data is held until you tell us that you no longer wish to receive promotional information. |
Name, Email Address, Country Code, Phone Number, Company Name, Business Service, Inquiry. | This data is held for so long as the COVID-19 Cloud Resources Support Program operates. Information is erased within ninety (90) days of the date the COVID-19 Cloud Resources Support Program ends. |
Name, Email Address, Country Code, Phone Number and Company Name | This data is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted. |
Name, Email Address, and any other information you provided for us to comply with the legal obligation (e.g. Date of Birth, Nationality, Business Registration Date, Business Registration Number, Place of Business Registration) | This data is held for so long as necessary to fulfil the applicable legal obligations. |
Name, UIN, credit card number (encrypted) | This data is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted. |
Personal information, which has fulfilled the purpose for which it was collected or used, or has reached the period of time during which personal information was to be possessed, will be destroyed in an irreversible way. Personal information stored in electronic files will be deleted safely in an irreversible manner by using technical methods, and printed information will be destroyed by shredding or incinerating such information. Also, we will delete your personal information within 10 days (i) upon your request to have your personal information deleted; (ii) upon your deletion of your account; and/or (iii) if any personal information is left behind with incomplete account registrations.
In the event that the processing and retention period have terminated, but personal information is required to be retained continuously for other reasons including for the purposes as prescribed under applicable laws, the relevant personal information will be stored and maintained separately from other types of personal information.
Your Rights
This section ("Your Rights") applies to users who are located in the European Economic Area. The sub-section entitled "Access, Correction & Deletion" also applies to users who are located in Japan and Korea and Macau Special Administrative Region..
You have certain rights in relation to the personal information we hold about you. Some of these only apply in certain circumstances as set out in more detail below. We also set out how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights. We must respond to a request by you to exercise those rights without undue delay and at least within one month (although this may be extended by a further two months in certain circumstances) unless otherwise permitted by the applicable legislation. To exercise any of your rights, please contact us at cloudlegalnotices@tencent.com.
Access, Correction & Deletion
You can access, correct and delete some of your data in the account portal at any time here. If you believe there is any other personal information we process about you, or you are unable to correct or delete inaccurate information, you can contact us at cloudlegalnotices@tencent.com. You may also have the right to receive a copy of certain personal information (see Portability below).
Please note, however, that we may retain personal information if there are valid grounds under data protection laws for us to do so (e.g., for the defence of legal claims or freedom of expression) but we will let you know if that is the case.
Portability
You have the right to receive a copy of certain personal information we collect from you in a structured, commonly used and machine-readable format and a right to request that we transfer such personal information to another party. The relevant personal information is information you provided for the purposes of performing our contract with you (for example, your mobile number, email address, or transaction data). You can export your Content at any time.
If you wish for us to transfer the personal information to a third party you can contact us at cloudlegalnotices@tencent.com. Note that we can only do so where it is technically feasible.
Restriction of Processing to Storage Only
You have a right to require us to stop processing your personal information that we hold, other than for storage purposes, in certain circumstances. Please note, however, that if we stop processing the personal information, we may use it again if there are valid grounds under data protection laws for us to do so (e.g., for the defence of legal claims or for another's protection).
Objection
You have the right to object to our processing of your personal information under certain circumstances (such as where that information is used with your consent, for example for marketing or profiling) by completing the form here. Communications from Us
If you have opted-in to the receipt of direct marketing from us, we may send you news and offers from time to time, for example; to reserve you a place on our webinars. You can opt-out anytime by contacting us at: cloudlegalnotices@tencent.com.
We may from time to time send you service-related announcements when we consider it necessary to do so (such as when we temporarily suspend Tencent Cloud for maintenance, or security, privacy or administrative-related communications). You may not opt-out of these service-related announcements, which are not promotional in nature.
Questions, comments and requests regarding this policy are welcomed and should be addressed to our Privacy Officer at cloudlegalnotices@tencent.com.
In the event that you wish to make a complaint about how we process your personal information, please contact our Privacy Officer in the first instance at cloudlegalnotices@tencent.com and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.
Updates & Changes
If we make any material changes to this policy, we will post the updated policy here and provide a notice on our website. Please check this page frequently to see any updates or changes to this policy.
JURISDICTION-SPECIFIC ADDENDA
SOUTH KOREA
Last updated: 10 / 19 / 2023
This Addendum to the Tencent Cloud Privacy Policy (the "Addendum") is to address matters that are necessary to process your personal information in compliance with the Personal Information Protection Act (the "PIPA") of Korea. Please refer Tencent Cloud Privacy Policy for more details on the conditions of using the Services.
a. We delegate the processing of your personal information as described below, and the delegatees may process your personal information according to the purpose of the delegation:
|
NICE Payments Co., Ltd. | Payment processing and risk management |
Image Frame Investment (HK) Limited | |
Tencent Cloud Computing (Beijing) Co., Ltd. | Providing back-end support |
AroundDeal Holdings Limited | Provide information of corporate website visitors of the Real-Time Communication feature website for Tencent Cloud to carry out data analytics, to improve the services, and to conduct direct marketing. |
We transfer Personal Information to third parties overseas as follows:
|
NICE Payments Co., Ltd. cskim@nicepay.co.kr
| Korea | | Credit card number, date of birth, name, valid period, CVV, address | Payment processor and risk management | |
Frensworkz Software Technology Co., Limited support@frensworkz.com | | | First and last name Title Role Position Industry Employer Contact information (company, department, role, email, phone, QQ number, physical mail address, website) Account, account name, account remark name ID data Billing address, billing country, billing street, billing city, billing state/province, billing zip/postal code | Aggregate implementing services | Until completion of system support services by Frensworkz or for 20 months (whichever is earlier) |
Image Frame Investment (HK) Limited dataprotection@tencent.com | | | Mobile number, SMS content | | Account data is held for so long as an account exists. SMS messages are deleted 13 months after the SMS messages have been sent. |
Salesforce.com Singapore Pte. Ltd https://www.salesforce.com/ ap/company/privacy/ | | | Promotional Contact Data Marketing Data First and last name Title Role Position Industry Employer Contact information (company, department, role, email, phone, QQ number, physical mail address, website) Account, account name, account remark name ID data Billing address, billing country, billing street, billing city, billing state/province, billing zip/postal code | Client relationship management and marketing support | Please refer to the retention periods set out in “Data Retention”, subject to termination of the contractual relationship between us and Salesforce, in which case data will be deleted within 300 days from termination. |
Tencent Cloud Computing (Beijing) Co., Ltd. meeting_info@tencent.com | People’s Republic of China | Online transmission upon account creation and payment | Mandatory: Date of birth, name, mobile phone number, email address, location, address (including city and post code), type of business, password Optional: Photo ID (e.g., driver’s license, passport, work permit or business license) name and address | System operation and maintenance | Account data is held for so long as an account exists. Information is erased within thirty (30) days of the date the account is deleted. (For location information based IP addresses used for the purposes of account verification, the location of the IP addresses of only the previous three (3) logins are retained) |
Google Inc. https://policies.google.com/privacy | | Transmitted if user logs in using Google ID | | | |
AroundDeal Holdings Limited
tim.s@arounddeal.com | United States | Encrypted transmission | Corporate Website Visitor Information (as defined in Real-Time Communication (TRTC)
s Privacy Policy Module) | Purpose as specified in TRTC’s Privacy Policy Module | Deleted by AroundDeal (i) within 3 years from the termination of the contractual relationship between us and AroundDeal, or (ii) upon receipt of our data deletion request (whichever is earlier) |
Data Destruction
Personal information, which has fulfilled the purpose for which it was collected or used, and has reached the period of time during which personal information was to be possessed, will be destroyed in an irreversible way. Personal information stored in electronic files will be deleted safely in an irreversible way by using technical methods, and printed information will be destroyed by shredding or incinerating such information.
The personal information are required to be retained pursuant to the following laws and will be retained for the periods indicated in the below table. Please also note that personal information retained pursuant to the following laws may also be retained for other purposes as indicated in the Data Retention section.
Act on the Consumer Protection in Electronic Commerce, Etc. | Article 6 of the Act on the Consumer Protection in Electronic Commerce, Etc.Article 6 of the Implementation Decree of the Act on the Consumer Protection in Electronic Commerce, Etc. | In an electronic commerce or a mail-order sale: Records regarding labelling and advertising (6 months) Records regarding execution or withdrawal of a contract (5 years) Records regarding the payment of a price and the supply of goods and services (5 years) Records regarding customer services or dispute resolution (3 years) |
Protection of Communications Secrets Act | Article 15-2 of the Protection of Communications Secrets Act Article 41 of the Implementation Decree of the Protection of Communications Secrets Act | Log records, IP address (3 months) The date of telecommunications by users, the time that the telecommunications started and ended, the interlocutor’s subscription number such as incoming and outgoing numbers, the frequency of use (12 months) |
Your Rights of Data Subject and Methods to Exercise Such Rights
You may exercise the following rights at any time in relation to the protection of personal information:
(a) The right to request permission to inspect personal information;
(b) The right to request correction of personal information if there is any error, etc.;
(c) The right to request deletion of personal information;
(d) The right to request suspension of processing personal information,
by completing the form specified in attached Form 8 of the Enforcement Rule of the PIPA and submitting it to us by post, email or fax. In such cases, we will take necessary measures promptly. You may also exercise your above rights through an agent, including a legal representative and a power of attorney. In such cases, the data subject is required to submit a letter of delegation as specified in attached Form 11 of the Enforcement Rule of the PIPA. The right to access or restrict processing of personal data may be restricted in accordance with Articles 5-4 and 37-2 of the PIPA. With respect to a request for correction or deletion of personal information, a data subject cannot request the deletion of personal information of such subject if the relevant personal information is provided for as information subject to collection under any statute.
Upon receipt of a request to inspect, correct or delete personal information or a request to suspend processing of personal information, we will verify whether the requesting person is the data subject or a legitimate representative.
We have implemented the following measures to protect your personal information.
Management Measures: We have established and implemented internal privacy management policies, which include the designation of privacy personnel, and audit procedures to ensure the privacy policies are implemented effectively.
Technical and Organizational Measures: We have employed a variety of security technologies and procedures to protect your personal information from unauthorized access, use, modification, or disclosure. For example, we have implemented access authorisation and control systems that allow us to grant, change and cancel access rights to personal information to control and limit access to your personal information and record access to personal information. Additionally, we use security software that are regularly updated as well as encryption technology to reduce the risk of personal information leakage during storage and transmission.
Physical Measures: Your personal information is stored in controlled facilities with strict access control procedures in place.
If you have any questions or comments about the Privacy Policy, if you need to report a problem, or if you would like us to update, amend, or request deletion of the information we have about you, please contact our Chief Privacy Officer (or department in charge of personal information protection) at:
Department in Charge of Protection of Personal Information
Name of Department: Privacy and Data Protection Department
E-mail: cloudlegalnotices@tencent.com
Domestic Privacy Representative
Pursuant to Article 39-11 of the PIPA and Article 32-5 of the Act on Promotion of Information and Communications Network Utilization and Information Protection, the information regarding the designated domestic agent is as follows:
Name and Representative: Tencent Korea Yuhan Hoesa (Representative: Li Yan)
Address: 152, Taeheran-ro, Gangnam-gu (Gangnam Finance Center, Yeoksam-dong), Seoul, Korea
Telephone Number: +82-2-2185-0926
E-mail: cloudlegalnotices@tencent.com
If you need to report or consult any invasion of private information issue then please contact the below agencies:
Personal Information Dispute Mediation Committee (kopico.go.kr/main/main.do dial 1833-6972)
Personal Information Infringement Report Center (privacy.kisa.or.kr / dial 118)
Supreme Prosecutor’s Office’s Cyber Crime Investigations Division (spo.go.kr / dial 1301)
Korean National Policy Agency’s Cyber Investigation Bureau Electronic Cybercrime Report & Management System (ecrm.cyber.go.kr/minwon/main dial 182)
UNITED STATES
The terms of this Addendum apply to residents of the United States under the California Consumer Privacy Act, as amended by the California Privacy Rights Acts (“CCPA”) , the Colorado Privacy Act, Connecticut’s Act Concerning Personal Data Privacy and Online Monitoring, the Utah Consumer Privacy Act and the Virginia Consumer Data Protection Act (collectively, the “U.S. Privacy Laws”). The U.S. Privacy Laws provide certain U.S. residents with certain legal rights regarding their personal information such as the right to request access, deletion and correction. These rights are not absolute and are subject to certain exceptions. For purposes of this Addendum, “consumer”, “you” and “your” means users of the Services, job applicants and representatives of entities with whom we engage in relation to the Services.
Do Not Track (DNT)
Your browser settings may allow you to transmit a “do not track” signal, “opt-out preference” signal or other mechanism for exercising your choice regarding the collection of your personal information when you visit various websites. Like many websites, our website is not designed to respond to such signals, and we do not use or disclose your personal information in any way that would legally require us to recognize opt-out preference signals.
Collection, Use and Disclosure of Personal Information
Over the past 12 months, through your use of the Services, we may have collected and disclosed the following categories of personal information, including sensitive personal information (as denoted by *):
Identifiers, including name, email address, mobile number, IP address, device identifiers, Tencent Cloud ID, mailing address, government-issued identification, and verification codes transmitted to or from the device. This information is collected directly from the consumer or device.
Internet or other electronic network activity information, including the User Agent or website browser, log metadata associated with the consumer’s interactions with Tencent Cloud, and Tencent Cloud customer support incident details (as well as response steps associated with customer service tickets). This information is collected directly from the consumer or device.
Geolocation data, including location data derived from IP address provided directly to us from the device. The Wi-Fi access point data can be used to understand location data at a zip-code level. This information is collected directly from the device.
Commercial information, including payment card information and transaction records (such as information about purchased Services, such as the activation code and date of purchase). This information is collected directly from the consumer or device.
We collect personal information for the following purposes and as described in the applicable Module:
To operate and administer the Services;
To communicate with consumers;
To improve the Services;
For security and verification purposes, including to prevent and detect fraudulent activity; and
To address and remediate technical issues and bugs.
For additional information about what each type of personal information is used for, see this chart in the main portion of the Privacy Policy. We do not collect, use or disclose your personal information, including sensitive personal information, for purposes other than those specified in this Privacy Policy. Further, we only use and disclose sensitive personal information for purposes permitted by U.S. Privacy Laws, or otherwise with your consent. We disclose personal information to the following types of entities:
Our affiliate companies within our corporate group who process personal information in order to operate the Services
Other companies that provide services on our behalf who are prohibited by contract from retaining, using, or disclosing personal information for any purpose other than for providing the services to us
Regulators and judicial authorities and law enforcement agencies
Entities that acquire or are in the process of acquiring all or substantially all of our business
In the past 12 months, we have not sold personal information of U.S. residents within the meaning of “sold” in the U.S. Privacy Laws and have not shared personal information of California residents within the meaning of “share” in the CCPA. Further, we do not have actual knowledge that we sell or “share” personal information of residents under 16 years of age.
Rights under the U.S. Privacy Laws
If you are a U.S. resident and the U.S. Privacy Laws do not recognize an exemption that applies to you or your personal information, you have the right to:
Request we disclose to you free of charge certain information about you. If you are a California resident, you may request that we disclose the following information:
the categories of personal information about you that we collected;
the categories of sources from which the personal information was collected;
the purpose for collecting personal information about you;
the categories of third parties to whom we disclosed personal information about you and the categories of personal information that was disclosed (if applicable) and the purpose for disclosing the personal information about you; and
the specific pieces of personal information we collected about you;
Request we delete personal information we collected about you;
Request we correct inaccurate personal information that we maintain about you; and
Be free from unlawful discrimination for exercising your rights including providing a different level or quality of services or deny goods or services to you when you exercise your rights.
We aim to fulfill all verified requests within 45 days. If necessary, extensions for an additional 45 days will be accompanied by an explanation for the delay.
How to Exercise Your Rights
First, you may wish to log into your account and manage your data from there. If you are a U.S. resident to whom the U.S. Privacy laws apply, you may exercise your rights, if any, to other personal information by contacting us at cloudlegalnotices@tencent.com.
Only you, or someone that you authorize to act on your behalf, may make a request regarding your personal information. An authorized agent may make a request by providing written permission assigned by you. As part of the identify verification process for the purpose of handling your data subject request, you are required to log into your existing account and we may ask you additional information (including but not limited to country of registration, cloud resources purchased, and mobile number registered) to make your account verifiable.
In addition, where applicable, we will provide you with more information about our appeal process. When you submit a request or launch an appeal, we will limit our collection of your information to only what is necessary to securely fulfill your request or process your appeal.
BRAZIL
This section applies to users located in Brazil:
Consent Revocation
Whenever we use your personal information based on your consent, you may revoke consent that you have previously given for the collection, use and disclosure of your personal information, subject to contractual or legal limitations. To revoke such consent, you may terminate your account or you can contact cloudlegalnotices@tencent.com. This may affect our provision of the Service to you.
Parental and Guardian Consent
If you are under the age of 18, you should not use the Service for any purpose without first obtaining parental/guardian agreement to this Privacy Policy (both for themselves and on your behalf). We do not knowingly collect personal information from any children under the age of 18 without such consent. Please contact our Data Protection Officer if you believe we have any personal information from any children under the age of 18 without such parental/guardian consent – we will promptly investigate (and remove) such personal information.
CANADA
In addition to the information provided in this section of the Privacy Policy, we may store your personal information in and outside of Canada, including in Singapore and Hong Kong.If you have: (i) any questions or comments about the Privacy Policy; (ii) would like to obtain written information about the Privacy Policy; (iii) if you need to report a problem; or (iv) if you would like us to update, amend, or request deletion of the information we have about you, please contact our Chief Privacy Officer (or department in charge of personal data protection) at cloudlegalnotices@tencent.com.
EGYPT
Please note that this service is only available to users above 18 years. If you are under this age, you are only eligible to use this service if you obtain parental or guardian consent.
If you do not agree to the processing of your personal information in the way this Privacy Policy describes, please do not provide your information when requested and stop using the Services. Your use of the Services shall be deemed an express consent of the rules governing your personal information as described in this Privacy Policy.
By proceeding with the sign up process, you acknowledge that you have read, understood, and consented to this Privacy Policy. If you do not consent to this Privacy Policy, you must not use the service.
You are acknowledging your consent to the processing, storage, and cross-border transfer for your personal data. The cross border transfer may occur to any country in which we have databases or affiliates, including those outside of Egypt (see The Types of Personal Information we Collect and Process for more information).
If you are a new user, you have seven days to inform us of any objection you may have to this Privacy Policy.
As an Egyptian data subject, you have certain rights under the Egyptian Personal Data Protection Law.
France
Your Rights
Instructions for the processing of your personal data after your death.
You have the right to provide us with general or specific instructions for the retention, deletion, and communication of your personal data after your death.
The specific instructions are only valid for the processing activities mentioned therein and the processing of these instructions is subject to your specific consent.
You may amend or revoke your instructions at any time.
You may designate a person responsible for the implementation of your instructions. This person will be informed of your instructions, in the event of your death, and be entitled to request their implementation from us. In the absence of designation or, unless otherwise provided for, in the event of the death of the designated person, their heirs will have the right to be informed of your instructions and to request their implementation from us.
When you wish to make such instructions, please contact us at cloudlegalnotices@tencent.com .
India
Sensitive Personal Information
Your Sensitive Personal Information shall mean passwords, financial information such as bank account or credit card or debit card or other payment instrument details, biometric data, physical or mental health, sex life or sexual orientation, and/ or medical records or history, and similar information, but does not include information available in the public domain, or provided under Indian laws, including the Right to Information Act, 2005.
Sharing Of Your Sensitive Personal Information
Where we permit any third parties to collect and use your Sensitive Personal Information, we shall take reasonable measures to ensure that the third parties do not further disclose the Sensitive Personal Information.
Age Restrictions
Children under the age of 18 are not allowed to execute online contracts with us or sign up for our services. Parental consent is required for children under the age of 18 years to avail our services.
Withdrawal Of Consent
To the extent provided by applicable laws and regulations, you may withdraw any consent you previously provided to us for certain processing activities by contacting us at cloudlegalnotices@tencent.com. Where consent is required to process your personal information, if you do not consent to the processing or if you withdraw your consent we may not be able to deliver the expected service.
INDONESIA
Our Service is not intended for children. Children must not use the Service for any purpose. We will not knowingly allow anyone under 21 to register for our Services and/or provide any personal identification information. If you are under 21, please do not sign up to use our Services or provide any information about yourself through the Service.
We will retain your personal information as described in the Tencent Cloud Privacy Policy and for a minimum of five years (except if otherwise required to be retained by applicable law).
Japan
Consent
By clicking “accept”, you consent to the cross-border transfer of your information to any country where we have databases or affiliates, including outside of Japan. This includes transfers to Singapore, Hong Kong, the PRC, and the United States.
You may find information on the legal regimes for protection of personal information in those countries on the website provided by the Personal Information Protection Council (https://www.ppc.go.jp/enforcement/infoprovision/laws/).
Where we use affiliates or providers who might have access to your personal information, we require them to have privacy and security standards that are comparable to ours, and we use contracts and other measures with our affiliates and service providers to maintain the confidentiality and security of your personal information.
Your Rights
You may request us to notify you about the purposes of use of, to disclose, to make any correction to, to discontinue the use or provision of, and/or to delete any and all of your personal information which is stored by us, to the extent provided by the Act on the Protection of Personal Information of Japan. When you wish to make such requests, please contact us at cloudlegalnotices@tencent.com.
MALAYSIA
If you wish to use the Service you will be required to provide your personal data. If you do not wish to supply your personal data you should stop using the Service.
Language of this Privacy Policy
In the event of any discrepancy or inconsistency between the English version and Bahasa Melayu version of this Privacy Policy, the English version shall prevail.
Parental and Guardian Consent
If you are under the age of 18, please do not use the Service.
In the event you are agreeing to this Privacy Policy in order for a minor to access and use the Service, you hereby consent to the provision of personal information of the minor to be processed in accordance with this Privacy Policy and you personally accept and agree to be bound by the terms in this Privacy Policy. Further, you hereby agree to take responsibility for the actions of such minor, and that minor’s compliance with this Privacy Policy.
Rights of Data Subjects
Right of access: You have the right to request access to and obtain a copy of your personal information that we have collected and is being processed by or on behalf of us. We reserve the right to impose a fee for providing access to your personal information in the amounts as permitted under law.
When handling a data access request, we are permitted to request for certain information to verify the identity of the requester to ensure that he/she is the person legally entitled to make the data access request.
Right of correction: You may request for the correction of your personal information. When handling a data correction request, we are permitted to request for certain information to verify the identity of the requester to ensure that he/she is the person legally entitled to make the data correction request.
Right to limit processing of your personal information: You may request to limit the processing of your personal information by using the contact details provided above. However this may affect our provision of the Service to you.
Contact
To protect your personal information and handle complaints relating to your personal information, we have appointed the following department responsible for managing and protecting your personal information.
Our data protection officer, responsible for the management and safety of your personal information
Telephone: +603-22872388
Email: cloudlegalnotices@tencent.com.
PHILIPPINES
You must be at least 18 years of age to be able to use the Service.
Changes
We will not implement any material changes to the way we process your personal information, as described in the Privacy Policy, unless we have notified you and have obtained your consent to such material changes.
Your Rights
You are entitled to the following rights, to the extent provided by applicable laws:
Right to be informed. You have the right to be informed whether personal data pertaining to you shall be, is being, or have been processed, including the existence of automated decision-making and profiling.
Right to object. You shall have the right to object to the processing of your personal information, including processing for direct marketing, automated processing or profiling. When you object or withhold consent, we shall no longer process your personal data, unless the personal data is needed pursuant to a subpoena; the collection and processing are for obvious purposes, including, when it is necessary for the performance of or in relation to a contract or service to which you have bound yourself; or your personal information is being collected and processed as a result of a legal obligation.
Right to access. You have the right to reasonable access to, upon demand, the following:
contents of your personal information that were processed;
sources from which your personal information were obtained;
names and addresses of recipients of your personal information;
manner by which such data were processed;
reasons for the disclosure of the personal data to recipients, if any;
information on automated processes where the data will, or is likely to, be made as the sole basis for any decision that significantly affects or will affect the data subject;
date when the personal information concerning you were last accessed and modified; and
the designation, name or identity, and address of the personal information controller.
Right to rectification. You have the right to dispute the inaccuracy or error in the personal information and have us correct it immediately and accordingly, unless the request is vexatious or otherwise unreasonable. If the personal information has been corrected, we shall ensure the accessibility of both the new and the retracted information and the simultaneous receipt of the new and the retracted information by the intended recipients thereof, provided that recipients or third parties who have previously received such processed personal data shall be informed of its inaccuracy and its rectification, upon your reasonable request.
Right to erasure or blocking. You shall have the right to suspend, withdraw or order the blocking, removal or destruction of your personal information from our filing system.
This right may be exercised upon your discovery and substantial proof of any of the following:
your personal data is incomplete, outdated, false, or unlawfully obtained;
your personal data is being used for purpose not authorized by you;
your personal data is no longer necessary for the purposes for which they were collected;
you withdraw consent or object to the processing, and there is no other legal ground or overriding legitimate interest for the processing;
your personal data concerns private information that is prejudicial to you, unless justified by freedom of speech, of expression, or of the press or otherwise authorized;
the processing is unlawful;
we violated your rights.
Consent
By consenting to this Privacy Policy, you consent to us:
sharing your personal information with third parties, companies within our corporate group, and a third party that acquires substantially all or substantially all of us or our business, as described in this Privacy Policy and for the purposes stated herein; and
SAUDI ARABIA
You consent to the disclosure, transfer and export of your personal information outside of Saudi Arabia or any other jurisdiction in which you provided it.
SINGAPORE
We may store your personal information within and outside Singapore.
Please refer to the following paragraph instead of the second paragraph under the general “Introduction” section of the main privacy policy:
If you do not agree with this privacy policy, we are unable to deliver the Services to you.
Please refer to the following paragraph regarding “Access, Correction and Deletion” of your personal information, instead of the general “Access, Correction and Deletion” paragraph in the “Your Rights” section of the main privacy policy:
You can access and correct your data in the account portal at any time. If you believe there is any other personal information we process about you, or you are unable to correct inaccurate information, you can make a request by contacting us at
cloudlegalnotices@tencent.com. In accordance with the laws in Singapore you do not have the legal right to delete your data, however we may delete your data on request to us.
To the extent provided by Singapore data privacy laws, you may withdraw consent you previously provided to us for certain processing activities by contacting us at cloudlegalnotices@tencent.com. Where consent is required to process your personal information, if you do not consent to the processing or if you withdraw your consent we may not be able to deliver the expected service. Please note that the right to withdraw consent is only available if the legal basis for processing information is consent.
We may also use, disclose and/or retain personal information to comply with any applicable laws/regulations, enforceable government request or court order, and for the enforcement or defence of legal claims.
Thailand
You acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree with this Privacy Policy, you must not use the Service.
You may request us to discontinue, to restrict the use or provision of, and/or to request for data portability of any and all of your personal information which is stored by us, to the extent provided by the Act on the applicable data privacy laws and regulations in Thailand, including the Thai Personal Data Protection Act. When you wish to make such requests, please contact us at cloudlegalnotices@tencent.com.
We will give you notice by email of any changes to this Privacy Policy, and give you an opportunity to reject such changes, failing which the changes will become effective as stated in the notice.
Türkiye
Our Data Controller Representative in Türkiye is Özdağıstanli Ekici Avukatlık Ortaklığı for the purpose of compliance with Turkish Law on Personal Data Protection Law (“DPL”) and its secondary regulations can be contacted at tencent@iptech-legal.com. Please include the word “Türkiye” in the subject line of your email.
Our Service is not intended for children. Children must not use the Service for any purpose. We will not knowingly allow anyone under 18 to register for our Services and/or provide any personal identification information. We will ask for parental consent for children under age 18 for any processing of their personal data.
With respect to the section “How We Use Your Personal Information”, for the purposes of Türkiye the column “Legal Basis for Processing” shall be deemed to be amended such that the purposes for processing personal information for Türkiye shall be Art. 5/2 c and Art 5/2 f of the Law on Protection of Personal Data w. no 6698.
Your personal data can be transferred and stored into servers located in Türkiye or abroad with your consent.
The paragraph headed “The Security of Your Personal Information” in the Tencent Cloud Privacy Policy is inapplicable with respect to personal data collected in Türkiye.
You have legal rights, which are set forth in Article 11 of the DPL, in relation to the personal information data we hold about you. As a Turkish data subject, you may have right to apply to the data controller and (and to the extent permitted under applicable laws and regulations):
learn whether or not your personal data has been processed;
request information about processing if your personal data has been processed;
learn the purpose of processing of your personal data and whether your data is being processed in line with that purpose
know the third parties in the country or abroad to whom personal data has been transferred;
request rectification in the event personal data is incomplete or inaccurate;
request deletion or destruction of personal data within the framework of the conditions set forth under Article 7 of the Law on Protection of Personal Data Protection (Türkiye);
object to automatic processing of data and seek certain remedies in accordance with the Personal Data Protection Law (Türkiye).
These rights are not absolute.
UAE
Our Service is not intended for children. Children must not use the Service for any purpose. We will not knowingly allow anyone under 21 to register for our Services and/or provide any personal identification information. A user under 21 will need to obtain the relevant court order to use the Services.
We may voluntarily report a cyber-security incident where it constitutes a crime under UAE law (e.g. under the UAE Cybercrime Law). The incident can be reported to the relevant authorities for the purpose of investigations. Please note also that voluntary reporting of a cyber-security incident can also be made to the UAE Computer Emergency Response Team (“CERT”). CERT is a security awareness organisation that provides a process for logging incidents and advising on known cyber security threats in the UAE.
VIETNAM
By accepting this Privacy Policy, you expressly agree and authorize us to collect, use, store, and process your personal information, including, lawfully disclosing and transferring it to third parties, as described in this Privacy Policy.
We maintain international standards and security practices for data protection. When your personal information is transferred within or outside your jurisdiction of residence, it will be subject to the same or higher levels of security practices and data protection by the recipient entity as adhered to by us.
Where we permit any third parties to collect and use your personal information, we shall take reasonable measures to ensure that the third parties do not further disclose the personal information.
Your personal information, if required to be disclosed to the law enforcement agencies, public authorities or other judicial bodies and organisations, it will disclosed upon receipt of written request from such organizations.
Your Rights
You have the right to access, correct, and erase the personal information we hold about you. You also have the right to withdraw your earlier provided consent to collect, store, process, use and disclose your personal information and to request us to stop providing your personal information to a third party.
PRC Addendum
The terms of this Addendum apply to the processing of your personal information if you select China Mainland (excluding Hong Kong SAR, Macau SAR and Taiwan, the same below) as a Service Region when using the Services. Please refer to the Tencent Cloud International Privacy Policy for more details on the general conditions of using the Services outside of China Mainland. Tencent Cloud Computing (Beijing) Co., Ltd. (“Tencent Cloud (PRC)”, “we”, “us” and “our” for the purposes of this Addendum) provides the Services in the China Mainland region. We will process your personal information in accordance with the laws and regulations of China Mainland and relevant requirements of government authorities.
In this Addendum, “Services” refers to the Tencent Cloud services offered by Tencent Cloud (PRC) when China Mainland is selected as the Service Region.
By using the Services, you (a) shall ensure that any personal information collected and used by you is done so in accordance with the law and that you do not and have not infringed the legal rights of any person or entity in any way; (b) guarantee that you have the right to use the Services to store, transmit, analyze, distribute or otherwise process personal information; (c) understand and agree that the PRC may have relevant regulations on data storage and export and before you use the Services to store or transmit personal information, you should comply with the applicable laws and regulations of the PRC to conduct full and necessary assessment and approval to ensure compliance with relevant regulations; and (d) consent to the processing of your personal information by Tencent Cloud (PRC) in accordance with the terms of this Addendum.
Your Personal Information
We may collect your personal information by the following means:
(1) when you voluntarily provide, or provide on behalf of your authorized persons, information to us when using the Services, such as by filling out a form or uploading information to the Services;
(2) through our employees or partners (such as your service provider) when they submit information that is provided by you and submitted to us on your behalf, for example, when you engage a specific service provider to fill in and upload your information in the Tencent Cloud (PRC) system; and
(3) automatically through your interactions with us and your use of the Services, for example, we record your login time when you log in to your Tencent Cloud account and your operational and usage records when you use specific Services.
The types of personal information we collect:
(1) Personal information that you provide for real-name authentication purposes. Depending on the type of real-name authentication that you choose, personal information collected may include your name, ID card, business license, corporate bank account number, mailing address, industry information, cell phone number, facial recognition information and contact information. Real-name authentication is necessary for our assessment of your account ownership. For the safety of your account, please make sure that you choose the authentication method carefully and submit legal, real and valid information. The Services in China Mainland are available for real-name authenticated users only. If you are not authenticated, you will not be able to use the Services with China Mainland selected as the Service Region.
(2) Information related to your login, use of and interaction with the Services, including:
Operation records. We collect operation records of your use of the Services and related information, such as user ID, operation time, object information (resource ID generated from the product(s) you use, region, relevant Tencent Cloud (PRC) product/service), IP address, browser type, language used, device model, operating system version and web browsing and retrieval records only in relation to your use of the Service, etc.
Contract information. If you need to apply for offline delivery of a product or if you need to conduct product testing, we need to collect information such as contact person, contact information, address, invoicing information, order information, etc., to fulfill the contract.
Other information, such as work order records relating to the Services, consultation and communication records with our customer support teams.
The above information is collected in order for us to provide the Services and to ensure its quality.
We process personal information for the following purposes and in accordance with relevant laws and regulations:
In order to provide you with the Services, we use the collected information for the following purposes, subject to the relevant laws and regulations:
(1) providing the Services to you;
(2) meeting your personalized needs as per your instructions when using the Services. For example, language settings, location settings, personalized help services and instructions, or otherwise respond to you and other users;
(3) service optimization and development. For example, we may optimize our Services in response to improve the quality of the Services provided to you;
(4) protecting the security and integrity of the Services and the interests of Tencent Cloud (PRC), other Tencent Cloud (PRC) users and Tencent Cloud (PRC)'s partners. For example, we will use your information for identity verification, security incident prevention, fraud monitoring and detection, and assessment of the security status of your account. For example, when you use security features or other similar services, we will detect malicious programs or viruses, or identify fraudulent information for you. For example, when dealing with related disputes and complaints, we provide relevant information to the relevant parties in order to better facilitate the handling and resolution of disputes and complaints, etc.;
(5) pushing relevant business news (such as financial news, product news, Tencent Cloud (PRC) news, etc.) and commercial advertisements to you. For example, Tencent Cloud International may push commercial advertisements to you by SMS, telephone, email and any other means at your cell phone number, email address and other contact information to publicize and promote Tencent Cloud (PRC) services or other services on the Tencent Cloud (PRC) platform, only with your consent;
(6) providing you with Services that are more relevant to you. For example, based on the statistics and analysis of your information which we conduct or the statistics and analysis of other Tencent Cloud user data, we will provide you with similar functions or services that may be of interest to you, etc.;
(7) inviting you to participate in surveys about our products and services, only with your consent;
(8) analyzing the data of Tencent Cloud (PRC) users' use of the Services in order to form statistic user reports, business analysis and other information (collectively, "Statistics"), and share, publish and display them within or outside Tencent Cloud (PRC). We will ensure that the Statistics are aggregated, anonymized and will not involve information that can identify specific users.
Except as specified above otherwise, we process your personal information by relying on contract necessity as a legal basis.
Transfer, Location and Retention of Personal Information
We will not share your personal information with any unrelated third party without your consent, except in the circumstances specified in the section “How We Disclose and Store Your Personal Information” in this Privacy Policy.
We will not publicly disclose your personal information, and if we have to make public disclosure thereof, we will inform you of the purpose of the same, the type of information disclosed and the sensitive information that may be disclosed, and obtain your express consent.
In addition, in accordance with relevant laws and regulations and national standards in China Mainland, we may share, transfer, and publicly disclose personal information without your prior authorized consent in the following cases:
it directly relates to national security, national defense security;
it directly relates to public safety, public health, and significant public interests;
it directly relates to crime investigation, prosecution, trial and enforcement of judgments, etc.;
for the purpose of safeguarding the life, property and other significant legitimate rights and interests of the subject of personal information or other individuals but where it is difficult to obtain the consent of the individual;
where the subject of personal information discloses personal information to the public by himself/herself; and
where personal information is collected from lawfully publicly available information, such as lawful news reports, government information disclosure and other sources.
In order to enhance your user experience, such as to optimize advertising effects, we need to share information that has been anonymized or de-identified with third-party partners, etc., and we require such partners to strictly comply with our measures and requirements regarding data privacy protection, including but not limited to processing in accordance with data protection agreements, undertakings and relevant data processing policies, to avoid identification of individuals and to safeguard privacy.
Our server for storing your personal information in respect of the Services is located in China Mainland.
Retention of Personal Information
We generally retain your information only for the duration of the Services provided to you, and the retention period does not exceed the period necessary to fulfill the relevant purpose of use. However, we may need to retain your information or part of it for a longer period of time in the following circumstances, and only for the following purposes:
to comply with applicable laws and regulations and other relevant provisions;
to comply with court decisions, rulings or other legal process requirements;
to comply with the requirements of the relevant administrative, judicial or other competent authorities; and
as reasonably necessary to enforce the relevant service agreement or this statement, to deal with complaints/disputes, or to protect the personal and property safety or legitimate interests of others.
Data Subject Rights
You may, by yourself at the control menu, or contact us at the contact information disclosed in this Addendum to, access, modify and delete your personal information. However, subject to technical logic, legal and regulatory requirements, information security and other legitimate reasons, some of your information may not be accessed, modified and deleted. We will collect, use and store your information in accordance with the requirements of laws and regulations. If we collect, use or store your information in violation of laws and regulations, we will correct or delete it. If the information we collect and store about you is incorrect and you are unable to correct it yourself, you may request us to correct it.
Contact Us
If you have any question about this Addendum or anything relating to processing of personal information, you may contact us at dataprivacy@tencent.com or the address at Data Privacy Protection Department, Tencent Building of Binhai , 33 Haitian 2nd Road, Nanshan District, Shenzhen, Guangdong Province 518054, China. We will review the issue as soon as possible and respond within fifteen days of receipt of your question.
MODULES
The following Modules shall apply and form part of this privacy policy if you use the specific Feature (as defined in each relevant Module). You acknowledge we will collect, process, use and store your personal information, as described in the applicable Module:
Revision History
Was this page helpful?