Jingdong ME (“JDME”) Privacy Policy

 

Last Updated: March 20, 2018

 

Introduction

JDME ("We") attaches great importance to users’ privacy and personal information protection. When you use our products and/or services, we may collect and use your relevant information. We hope to show you how we collect, use, save, share and transfer this information when you use our products and/or services, and how we provide you with access, update, delete and protect this information through JDME Privacy Policy.

 

This policy will help you understand the following:

 

- How we collect and use your personal information;

- How we use Cookie and similar technologies;

- How we share, transfer and publicly disclose your personal information;

- How we protect and preserve your personal information;

 

This privacy policy is closely related to the JDME service you use and the various business functions (hereinafter referred to as "our products and/or services"). We hope that you will read carefully before using our products and/or services and confirm that you have fully understood the contents of this policy and allow you to follow the instructions. Follow the guidelines of the privacy policy and make the choices you think are appropriate. In this privacy policy, we try our best to express the terminology concisely and provide links for further explanation so that you can understand it better. If you use or continue to use our products and/or services after we update this Privacy Policy (we will prompt you to update it in time), it means that you agree with the content of this Privacy Policy (including the updated version) and that we collect, use, save and share your relevant information in accordance with this Privacy Policy.

 

If you have any questions about this privacy policy or related matters, you can send an email to it@jd.com to contact us.

 

How We Collect and Use Your Personal Information

Personal information refers to all kinds of information recorded electronically or in other ways that can identify a particular natural person's identity or reflect the activities of a particular natural person independently or in combination with other information. Personal information covered in this privacy policy includes: basic information (including personal name, organizational structure, gender, personal telephone number, e-mail), personal identity information (including identity card, driver's license, etc.); facial features; network identity information (including system account, IP address, e-mail address and previous information). Describe the relevant passwords, passwords, password protection answers; personal property information (welfare vouchers, personal wages, employee financial management, wallet balance and other property information); address book; personal online records (including software browsing records, use records, click records); personal commonly used equipment information (including hardware model, operation). System type, unique device identification code of software list (such as IMEI/Android ID/IDFA/OPENUDID/GUID, SIM card IMSI information, etc.) and personal location information (including precise positioning information, longitude and latitude, etc.);

 

Personal sensitive information refers to personal information that may endanger personal and property safety, easily lead to personal reputation, physical and mental health damage or discriminatory treatment, etc. Once disclosed, illegally provided or abused, personal sensitive information in this privacy policy includes: your property information (welfare vouchers, personal wages, employee management). Property information such as financial and wallet balance; facial identification features; personal identity information (including identity cards, driver's licenses, etc.); network identity information (including system account, IP address, mailbox address and password, password and password protection answers related to the above); other information (including address book, personal telephone number, etc.) Code, mobile phone number, software browsing record, usage record, click record, personal location information.

 

We will only collect and use your personal information for the following purposes:

 

1 You must authorize us to collect and use your personal information

Our products and/or services include core business functions and additional functions. Our products and/or services include some core functions, which include the functions necessary to achieve mobile office services, the functions necessary to improve our products and/or services, and the functions necessary to ensure security. We may collect, save and use the following information about you to achieve these functions. If you do not provide relevant information, you will not be able to enjoy the products and/or services we provide. These functions include:

 

1.1 The Essential Functions of APP in Normal Use

1.1.1 User Login

JDME needs to be judged by ERP that you are an active employee in Jingdong before you can continue to use JDME. When a user logs in, JDME will get your mobile phone number and send a short message authentication code to verify whether your identity is valid. Your account name is your real name, you can modify and supplement your mobile phone number, seat number, signature, responsibility and other information, which belongs to your "account information". Your supplementary account information will help improve office efficiency, but if you do not provide this supplementary information, it will not affect your use of the basic functions of JDME.

 

1.1.2 Employee Taxi

In order to let you use the employee taxi, we need to obtain your precise positioning information, latitude and longitude, etc. for the driver to locate.

 

1.1.3 My Salary

In order to facilitate you to view wages, as well as wage printing, financial management and other operations, salary application in JDME will obtain your actual wage information. This information is only available to users themselves, and no sharing is allowed.

 

Looking at the salary details for front-line employees, my salary application in JDME will get the salary details for front-line employees. This information is only available to users themselves, and no sharing is allowed.

 

1.1.4 Chat

In order to facilitate communication between users, JDME will acquire users’ ERP, name, organizational structure, mobile phone number and e-mail address.

Personal information such as signature, chat history, message notification settings and other chat information.

 

1.1.5 Information Display and Search

In order for you to quickly find the information you need, we may collect the device information (including device name, device model, device identification code, operating system and application version, language settings, resolution, service provider network ID (PLMN)) and browser type that you use our products and/or services. To provide you with the best way to display commodity information. We will also use your personal information in order to continuously improve and optimize the above functions.

 

You can also search for precise information you need. We will keep your search content to facilitate your re-entry or show you the goods associated with your search content. Please note that your search keyword information cannot independently identify your identity and does not belong to your personal information, we have the right to use it for any purpose; only when your search keyword information is used in conjunction with your other information and can identify your identity, we will use it in conjunction with you. Your search keyword information will be treated as your personal information and processed and protected in accordance with this privacy policy along with your search history.

 

1.1.6 Payment Function

You can choose the payment services provided by the related parties of JDME or the third-party payment institutions cooperating with JDME (including employee card payment, Jingdong Pay and UnionPay channels, hereinafter referred to as "payment institutions"). The payment function itself does not collect your personal information, but we need to share your payment order number and transaction amount information with these payment agencies in order to confirm your payment order and complete payment. "Affiliated Party" means any company, institution or legal representative of the above-mentioned company or institution under the control, control or joint control of one party at present or in the future. "Control" means the direct or indirect possession of the ability to influence the management of the company mentioned, whether through ownership, voting shares, contracts or other means determined by the people's court.

 

1.1.7 Customer Service Function

Our customer service and systems engineers will use your account information and event sheet information.

 

1.1.8 Employee Information Declaration

To ensure workplace safety, JDME obtains your health information through your independent declaration or partners, including your itinerary during the epidemic prevention period, vaccination status, health code status, and other health information that may affect workplace safety.

 

When you need our services, we may inquire about your personal information, application usage information, equipment information, etc.

 

1.2 Necessary Functions for Improving our Products and Services

We may collect your personal information, browse information for data analysis to form user portraits to show you the content or service information you are interested in, or show you the information you may want to find when you search. We may also obtain your other information for the reasonable need to provide services and improve the quality of services, including the information you provided when you contacted customer service, the information you sent us when you participated in the questionnaire, and the information we obtained when you interacted with our affiliates and partners. Relevant information. For the information collected from your various devices, we may associate them so that we can provide you with consistent services on these devices. We may combine information from one service with information from other services in order to provide you with services, personalized content and suggestions.

 

1.3 Necessary Functions for Safeguarding Transaction

In order to improve the security of the system when you use our products and/or services, prevent phishing website fraud more accurately and protect account security, we may judge your account risk by understanding your browsing information, your commonly used software information and equipment information, and may record some of the information we think is windy. Links ("URLs"); We will also collect your equipment information for analysis of JDME system problems, statistics of traffic and possible risks, and check if you choose to send us abnormal information.

 

2. Functions Which You May Choose Whether to Authorize Us to Collect and Use Your Personal Information

2.1 In order to make your office more convenient and enhance your experience of using JDME, we may collect and use your personal information in the following additional functions. If you do not provide this personal information, you can still use JDME. These additional functions include:

 

- Personalized recommendation function based on location information: We will collect your location information (we only collect your geographical location at that time, but will not combine your location information at different times to determine your trajectory) to determine your location, provide you with employee taxi, punch-in/out, social services and so on.

 

- Additional function based on camera: You can use this additional function to complete the functions of video shooting, photographing, scanning and face recognition login. We collect your facial information when you log in using face recognition. We may apply face recognition technology to more scenarios in the future, but then we will confirm with you again whether you want us to use your facial information to achieve these additional functions.

 

- Additional function based on picture upload: You can upload your photos in JDME to achieve chat, approval, information release and other functions. We will use your uploaded photos for information display of related systems.

 

- Additional functions based on voice technology: You can use microphones directly for voice search or consult and interact with our customer service robots. In these functions, we will collect your recordings to identify your application needs and customer service and after-sales needs.

 

- Additional function based on network information: JDME will judge whether you are in the workplace by acquiring your network status and network information, and provide punch-in service through network information.

 

- The function of acquiring the rights of mobile phone address book: to view the enterprise address book, it is necessary to acquire the rights of mobile phone address book when it is necessary to save his mobile phone number to the local address book.

 

- The function of acquiring the right to make phone calls by mobile phone: to view the enterprise address book, you need to make phone calls by others, to choose the phone number in the chat history, and to get the right to make phone calls by mobile phone when employees need to call drivers when they use taxis.

 

- The function of acquiring SMS privilege of mobile phone: share function in JDME, including sharing APP and H5. If you choose to share via SMS, you need to get the right to send SMS in mobile phone.

 

- The function of acquiring the face information: JDME gesture lock function will use your facial information to verify, allowing you to unlock more securely and faster. JDME only accepts the verification results and will not collect and save your facial information. You can unlock the APP through other methods if you don't want to use this function.

 

2.2 The additional functions mentioned above may require you to open the access rights of your geographic location (location information), camera (camera), album (picture library), microphone and network information to us in your device in order to collect and use the information involved in these functions. You can view the opening status of the above permissions item by item in the privacy settings of personal devices, and you can decide whether to open or close these permissions at any time (we will guide you to complete the settings in your device system). Please note that if you open these permissions, you authorize us to collect and use this personal information to achieve the above functions. If you close the permissions, you cancel these permissions, then we will no longer continue to collect and use your personal information, nor will we be able to provide you with functions that the above corresponding permissions involve. Your decision to close permissions will not affect the processing of personal information based on your authorization.

 

3 Please make sure you are fully aware that in the following cases, we Do Not need your authorized consent to collect and use personal information:

 

- Relating to national security and national defense security;

- Relating to public safety, public health and major public interests;

- Relevant to criminal investigation, prosecution, trial and execution of judgments;

- It is difficult to obtain personal consent in order to safeguard the major legitimate rights and interests of the subject of personal information or other individuals, such as life and property;

- The personal information collected is made public to the public by the subject of personal information;

- Personal information collected from legitimate public information, such as legitimate news reports, government information disclosure, etc.;

- It is necessary to sign a contract according to your requirements;

- It is necessary to maintain the safe and stable operation of the products and/or services provided, for example, to detect and dispose of faults in the products and/or services;

- Necessary for legitimate news reporting;

- When it is necessary for academic research institutions to carry out statistical or academic research based on public interest and provide the results of academic research or description to the outside world, the personal information contained in the results should be de-labeled;

- Other circumstances prescribed by laws and regulations;

 

4 The situation in which we obtain your personal information from a third party

We may obtain your authorized account information (avatar, nickname, current status) from a third party and bind your third-party account to your JDME account after you agree to this privacy policy so that you can login directly through a third-party account and use our products and/or services. We will use your personal information on the basis of agreements with third parties and validation of the legitimacy of personal information sources, in accordance with relevant laws and regulations.

 

5 Rules for the Use of Your Personal Information

- We will use the personal information collected in accordance with the privacy policy and for the realization of our product and/or service functions;

 

- After collecting your personal information, we will use technical means to de-label the data, and the de-labeled information will not be able to identify the subject. Please understand and agree that in this case, we have the right to use the information that has been de-identified; and without revealing your personal information, we have the right to analyze and commercialize the user database;

 

- Please note that all personal information provided by you when using our products and/or services will be continuously authorized to use during your use of our products and/or services unless you delete or refuse to collect it through system settings. When you cancel your account, we will stop using and delete your personal information;

 

- We will make statistics on the usage of our products and/or services, and may share these statistics with the public or third parties to show the overall usage trend of our products and/or services. But these statistics do not contain any identification information for you;

 

- When we display your personal information, we will desensitize your information by means of content replacement and anonymous processing to protect your information security;

 

- When we want to use your personal information for other purposes not specified in this policy, or for other purposes, we will seek your consent in advance through the form of your voluntary check-out;

 

How we use Cookie and similar technologies

1 Use of Cookies

1.1 In order to meet the personalized needs of your online experience, you can have a more relaxed access experience. We will send one or more small data files named Cookies on your mobile device. The Cookies assigned to you are unique and can only be read by Web servers that publish Cookies to your domain. We send you Cookies to simplify the steps of repeated login, store your search information, chat records and other data, and then provide you with preferences, help to determine your login status and account or data security.

1.2 We will not use Cookies for any purpose other than those stated in this Privacy Policy. You can manage or delete cookies according to your preferences. You can clear all Cookies saved on your mobile device. But if you do, you may need to change user settings in person every time you visit JDME, and the corresponding information you recorded before will be deleted, and may have some impact on the security of the services you use.

 

How We Share, Transfer and Publicly Disclose Your Personal Information

1 Sharing

1.1  We will not share your personal information with any company, organization or individual other than JDME, except in the following cases:

 

- Obtain your explicit consent or authorization in advance;

- Provision shall be made in accordance with applicable laws and regulations, requirements of legal procedures and mandatory administrative or judicial requirements;

- Within the scope permitted by laws and regulations, it is necessary to provide for the protection of the interests, property or safety of the relevant parties or partners of JDME or JDME, you or other users of JDME or the public;

- Only by sharing your information can we realize the core functions of our products and/or services or provide the services you need;

- Deal with disputes or disputes between you and others according to your needs;

- Comply with the relevant agreements signed with you (including electronic agreements signed online and corresponding platform rules) or other legal documents agreed to provide;

- Use on the basis of academic research;

- Used in accordance with the social and public interests of laws and regulations;

 

1.2 We may share your personal information with our affiliates. But we will only share the necessary personal information and be bound by the purposes stated in this privacy policy. If our affiliates want to change the purpose of personal information processing, they will again seek your authorization.

 

1.3 We may share your account information, equipment information and location information with third-party applications to ensure the smooth completion of the services provided to you. But we will only share your personal information for legitimate, legitimate, necessary, specific and clear purposes, and only share the personal information necessary to provide services. Our third-party applications do not have the right to use shared personal information for any other purpose.

 

1.4 For companies, organizations and individuals with whom we share personal information, we will sign strict confidentiality agreements requiring them to process personal information in accordance with our instructions, this Privacy Policy and any other relevant confidentiality and security measures. In the use of personal sensitive data, we require third parties to adopt data desensitization and encryption technology, so as to better protect user data.

 

1.5 In order to abide by the law, enforce or apply our conditions of use and other agreements, or to protect the rights and property or safety of JDME, you or other JDME customers, such as in order to prevent fraud and other illegal activities and reduce credit risk, exchange information with other companies and organizations. However, this does not include selling, renting, sharing or otherwise disclosing personal information for profit in violation of the commitments made in this privacy policy.

 

2 Transfer

We will not transfer your personal information to any company, organization or individual except in the following cases:

 

- Obtain your explicit consent or authorization in advance;

 

- To provide information necessary for the application of laws and regulations, requirements of legal procedures and mandatory administrative or judicial requirements;

 

- Comply with the relevant agreements signed with you (including electronic agreements signed online and corresponding platform rules) or other legal documents agreed to provide;

 

- When dealing with mergers, acquisitions, asset transfers or similar transactions, we will require new companies and organizations holding your personal information to continue to be bound by this privacy policy. Otherwise, we will ask the company and organizations to seek authorization consent from you again;

 

3 Public Disclosure

We will publicly disclose your personal information only in the following circumstances and on the premise of taking safety precautions in line with industry standards:

 

3.1 Disclosure of your designated personal information in a manner that you explicitly agree to according to your needs;

 

3.2 We may publicly disclose your personal information according to the type of personal information required and the way of disclosure, if it is necessary to provide your personal information according to the requirements of laws, regulations, compulsory administrative law enforcement or judicial requirements. On the premise of conformity with laws and regulations, when we receive the above request for disclosure of information, we will require corresponding legal documents, such as subpoenas or letters of inquiry. We firmly believe that the information we are required to provide should be as transparent as possible within the limits permitted by law. We have carefully reviewed all requests to ensure that they have a legitimate basis and are limited to data that law enforcement authorities have a legitimate right to obtain for specific investigative purposes. With the permission of laws and regulations, the documents we disclose are protected by the encrypted key.

 

How We Protect and Preserve Your Personal Information

1 Our Technology and Measures for Protecting Your Personal Information

We attach great importance to personal information security and take all reasonable and feasible measures to protect your personal information:

 

1.1 Technical Measures for Data Security

We will adopt industry standards of security protection measures, including the establishment of reasonable system specifications, security technology to prevent unauthorized access to your personal information, use, modify, avoid data damage or loss. JDME network service adopts encryption technology such as transport layer security protocol, and provides browsing service through HTTPS to ensure the security of user data in the transmission process. We adopt encryption technology to encrypt and save user's personal information, and isolates it through isolation technology.

 

In the use of personal information, such as personal information display, personal information association calculation, we will use a variety of data desensitization technologies including content replacement, SHA256 to enhance the security of personal information in use. JDME uses strict data access control and multiple identity authentication technology to protect personal information and avoid data being used illegally. We use automatic code security check and data access log analysis technology to conduct personal information security audit.

 

2 Other Security Measures Taken by JDME to Protect Personal Information

- JDME manages and standardizes the storage and use of personal information by establishing data classification and classification system, data security management norms and data security development norms.

 

- JDME controls data comprehensively through the confidentiality protocol, monitoring and auditing mechanism of information contactors.

 

- JDME set up a data security committee and set up a full-time information protection department and a data security emergency response organization to promote and protect personal information security.

 

1.3 We only allow employees and partners of JDME affiliates who need to know this information to access personal information, and set up strict access control and monitoring mechanism for this purpose. We also require all personnel who may have access to your personal information to perform the corresponding confidentiality obligations. Failure to fulfil these obligations may result in legal liability or suspension of cooperation with JDME. We also require all personnel who may have access to your personal information to perform the corresponding confidentiality obligations. Failure to fulfil these obligations may result in legal liability or suspension of cooperation with JDME.

 

1.4 We will take all reasonable and feasible measures to ensure that no irrelevant personal information is collected. We will retain your personal information only within the time required to achieve the objectives set out in this policy, unless it is necessary to extend the retention period or be permitted by law.

 

1.5 The Internet is not an absolutely safe environment, and the way of communication with other users such as e-mail, instant messaging, social software cannot determine whether it is completely encrypted. We suggest that you use complex passwords when using such tools, and pay attention to protecting your personal information security.

 

1.6 The Internet environment is not 100% secure. We will try our best to ensure or guarantee the security of any information you send us. If our physical, technical, or managerial protective facilities are damaged, resulting in unauthorized access to information, public disclosure, tampering, or destruction, resulting in damage to your legitimate rights and interests, we will bear the corresponding legal responsibility.

 

1.7 Disposal of Security Incidents

Please protect your personal information properly and provide sensitive personal information to others only when necessary.

 

After unfortunate personal information security incidents, we will inform you in time according to the requirements of laws and regulations: the basic situation and possible impact of security incidents, the disposal measures we have taken or will take, the suggestions you can take to prevent and reduce risks independently, and the remedial measures for you. At the same time, we will promptly inform you about the event by mail, letter, telephone, push notification, etc. When it is difficult to inform the subject of personal information one by one, we will take a reasonable and effective way to publish the announcement. At the same time, we will actively report the disposal of personal information security incidents in accordance with the requirements of the regulatory authorities.

 

1.8 If you have any questions about our personal information protection, you can contact us by sending an email to it@jd.com. If you find that your personal information is leaked, especially your account and password, please contact us by email immediately so that we can take appropriate measures.

 

Notification and Revision

1. In order to provide you with better services and with the development of JDME business, this privacy policy will be updated accordingly. But without your explicit consent, we will not curtail your rights under this privacy policy. We will send you an updated version on JDME and remind you of the updates by website announcement or other appropriate ways before it comes into effect. We also invite you to visit JDME in order to keep abreast of the latest privacy policy.

 

2. For major changes, we will also provide more prominent notifications (we will explain specific changes in privacy policies by including, but not limited to, e-mail, text messages or special prompts on browsing pages).

 

Major changes referred to in this Policy include, but are not limited to:

 

- Significant changes have taken place in our service model. Such as the purpose of personal information processing, the type of personal information processing, the way of using personal information, etc.

- Significant changes have taken place in ownership structure and organizational structure. Such as business adjustment, bankruptcy mergers and acquisitions caused by owner changes, etc.

- The main objects of sharing, transferring or publicly disclosing personal information have changed;

- Significant changes have taken place in your right to participate in personal information processing and in the way that you exercise it.

- When the departments responsible for handling personal information security, contact methods and complaint channels change;

- When the personal information security impact assessment report indicates that there is a high risk.

 

We will also archive the old version of this strategy for your reference.