1. Personal data
Personal data refers to the information that can be used alone or in combination with other information to confirm a person's identity. Such data will be submitted by you to us when you use our website, products or services and interact with us, or will be obtained by us via our recording of how you interact with our website, products or services, for example via technologies such as Cookie. The data we collected depends on the website you visit or the product or service you use which may include name, address, email, phone number and other personal data. The purpose of our collection of personal data is to contact you to provide corresponding services or send important notifications, etc.
Shanghai Baolong Automotive Corporation and its subsidiaries worldwide (hereinafter referred to as "Baolong Automotive", "we" or "our") understand the importance of personal data to our customers and users. Therefore, Baolong Automotive attaches great importance to the protection of the personal data of customers and users, and takes a series of measures to ensure that relevant businesses comply with applicable personal data protection requirements.
2.1 To ensure effective implementation of requirements on personal data protection, Baolong Automotive appoints a Data Protection Officer (DPO).
2.2 Baolong Automotive adopts industry-recognized personal data protection methods and practices. In applicable business scenarios, Baolong Automotive uses the method of Data Protection Impact Assessment (DPIA) to assess and reduce the security risk of personal data during the use of products and services.
2.2.1 Baolong Automotive requires to thoroughly assess the personal data involved in products and services, and demands projects involving personal data to carry out DPIA;
2.2.2 Projects involving personal data must establish data lists and data flow charts;
2.2.3 Projects involving personal data must recognize potential risks during the process of data treatment (including collection, usage, storage, sharing, and deletion), and take corresponding measures as per risk level (including management, physical and technical measures)
2.2.4 Corresponding reports must be prepared after the execution of DPIA and the approval of DPO must be obtained.
2.3 Baolong Automotive has implemented technical methods including invasion inspection, access control, encryption, data leakage prevention, anti-spam, terminal security protection, and vulnerability scanning, and checks the effectiveness of personal data protection measures via penetration text.
2.4. Baolong Automotive has established an emergency response mechanism for personal data leakage. In the event of personal data leakage, Baolong Automotive will instantly initiate the emergency response process, try its best to mitigate the losses caused by such leakage, and make sure to send proper notification to persons affected thereby.
2.6. To ensure compliance, Baolong Automotive has implemented necessary technical audit and procedure audit for personal data protection.
2.7. Baolong Automotive has obtained certification recognized internationally and will continue to accept assessment and verification, including TISAX, ISO 27001, etc.
Personal data protection is not only a legal requirement, but also a social responsibility. Baolong Automotive will continue to optimize its products and services to ensure security and privacy, and reduce the protection risk of personal data of customers and users.
3. Policy update
2. Contact information of information security
Tel: +86 21-31273333