Who we are
This policy will help you understand the following
- How We Collect and Use Your Personal Data
- How Long We Keep Your Personal Data
- How We Disclose Your Personal Data
- How We Protect Your Personal Data
- Your Rights with Regards to Your Personal Data
- How We Process Children’s Personal Data
- Third-Party Service Providers and Their Services
- How Your Personal Data Is Transferred Globally
“Affiliated Company” refers to a company that is related to NovaStar due to joint ownership or control.
“Third Parties” refer to companies or persons who do not have a related relationship arising out of joint ownership or control with NovaStar (i.e., a non-affiliated company) or other non-related persons. Third parties can be financial or non-financial companies, or persons other than you and NovaStar.
“Personal Data” refers to any information relating to an identified or identifiable natural person.
II. How We Collect and Use Your Personal Data
We collect data to improve operational efficiency and to optimize your product experience. Our channels for collecting personal data include: (1) you provide your data to us directly, (2) we obtain certain data about how you interact with our products or website, and/or (3) we obtain certain data about you from third parties. The data we collect depends on the environment in which you interact with NovaStar, the choices you make, such as your privacy settings and the products and services you use.
1 Personal data we collect
(1) Personal data directly provided by you
The services we provide require you to provide certain personal data directly to us. For instance:
- Registering an account ID, a forum ID or filling out a warranty card/electronic warranty card requires you to create an account or to complete a personal profile where you would provide personal data such as name, address, mobile number, email address, username and password created, etc.
- Some of our services (eg, the forum on our website) allow you to communicate and share contents with others. The communicated or shared content may be transmitted through and stored in our system.
We may ask you to provide personal data under other circumstances, such as when you sign up for our training session, register to receive our newsletter, or participate in promotional or marketing activities organized by us or our business partners. The information you provide helps us design and improve the products and services. We may match your personal data with third-party data to better understand your needs.
(2) Service usage information
In addition to the information you provide, we may also collect information about your use of our services through software on your device and other means. We may collect:
- Device information — such as device identification number (IMEI number, etc.), region and language settings, device hardware information and status, usage habits, IP address, Mac address, operating system version, and settings of the device used to access our services.
- Log information — such as when and how long the service is used, search terms entered through the service.
- Location information — such as the GPS signal of the device or information about WiFi access points and cell towers nearby, device location ID, network service provider ID. You can modify the location settings of your device from the device settings to change the location information provided to us.
We may also collect other information about your use of our services — such as the version of the application being used, the website visited, and how you interact with the content provided through our services.
(3) Obtaining data from a third party
To the extent permitted by law, we may obtain your personal data from public or commercial sources and may combine that with other personal data we collected or will collect.
2 How we use your personal data
- with your prior explicit consent which can be withdrawn at any time at your request;
- so that we can perform or carry out a contract with you in relation to our products and/or services;
- for compliance with a legal obligation to which NovaStar is subject;=
- when necessary for the purposes of the legitimate interests pursued by NovaStar or a third party to whom it may be necessary to disclose information. Where we process your information in reliance on such grounds, we will only do so where we have appropriately balanced such interests against your right to privacy. Such legitimate interests may include (without limitation), as follows:
- Provide products and improve services. The personal data we collect will be used to provide you with NovaStar’s products and services, process your orders or fulfil the contract between you and NovaStar to ensure the functionality and safety of our products and services.
- Customer Support. We use data to diagnose product issues, repair customer equipment, and provide other customer care and support services. We also use this information to improve our products and analyse the efficiency of our business operations. However, we will not use this information to track your location. We may also collect your email address to reply your questions or comments.
- Product Improvements. We use data to constantly improve our products, including the addition of new features and functionality.
- Commercial Promotion Activities. If you sign up for our training session, register to receive our newsletter, or participate in promotional or marketing activities organized by us or our business partners, we will use the personal data you provide to manage such activities.
(4) We do not take any decisions involving the use of algorithms or profiling that significantly affects you. If certain of our services require us to do so in the future, we will inform you in advance.
IV. How Long We Keep Your Personal Data
Our retention period for personal data is the minimum time necessary to realise the purpose of collection unless a longer retention period is required by law. Beyond the above retention period, we will delete or anonymise your personal data.
V. How We Disclose Your Personal Data
1 At times NovaStar may make certain personal data available to affiliated companies and other third parties that work with NovaStar necessary to provide products and services. Your information will not be shared with third parties for their own independent marketing or commercial purposes.
We will only share your personal data for lawful, legitimate, necessary, specific and clear purposes, and only personal data necessary for service provision will be shared. Our partners are not allowed to use the shared personal data for any other purposes.
2. We will only publicly disclose your personal data under the following circumstances:
(1) After we obtain your explicit consent;
(2) Disclose in accordance with laws: we may disclose your personal data if it is compulsorily required by laws, such as to comply with a subpoena or other legal proceedings, legal actions or government agencies, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
VI. How We Protect Your Personal Data
- We have taken reasonably practical and technical measures to protect the collected personal data related to our services. While we have taken reasonable measures to protect your information, no websites, Internet transmissions, computer systems or wireless connections are absolutely secure.
- We have taken safeguarding measures in accordance with industry standards to protect the personal data you provided and prevent data from unauthorised access, public disclosure, use, modification, damage or loss.
- In case of personal data security incident, we will act, in accordance with the applicable law.
VII. Your Rights to Your Personal Data
We respect your legal rights to your personal data. We list below your legal rights and the measures we take to protect these rights.
- The right to access: If you wish to access your personal data, you are entitled to ask us.
- The right to rectification: If you find that your personal data we hold is inaccurate or incomplete, you are entitled to ask us to make rectifications.
- The right to erasure: You can submit a request to us to delete personal data if we do not have a legal reason to continue to process and hold it.
- The right to restriction of processing: You have the right to ask us to restrict how we process your personal data. This means we are permitted to store the data but not further process it unless we are legally entitled to continue processing.
- The right to data portability: To the extent permitted by laws and regulations, you have the right to obtain a copy of your personal data in a structured, commonly used and machine-readable format.
- The right to object: You have the right to object to NovaStar processing your data even if it is based on our legitimate interests, the exercise of official authority, direct marketing (including data aggregation), and processing for the purpose of statistics.
- The right to withdraw consent: If you have given us your consent to process your personal data but change your mind later, you have the right to withdraw your consent at any time, and NovaStar must stop processing your data.
- The right to object automated individual decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling.
- The right to lodge a complaint: You have the right to lodge a complaint about the way we handle or process your personal data with the data protection authority of your jurisdiction.
You can exercise your rights by submitting a request to email@example.com. In principle, we do not charge a fee for your reasonable request. However, for multiple and repetitive requests that exceed reasonable limit, we may charge a reasonable fee to cover some costs depending on the nature of the request. We may refuse requests that are manifestly unfounded, unreasonably repetitive, or require disproportionate technical effort (for instance, require the development of new systems). In addition, we may not respond to requests that directly concern significant issues of public interest or may cause serious damage to the legitimate rights and interests of you or other individuals or entities.
VIII. How We Process Children’s Personal Data
- Our products, websites and services are mainly adult-oriented and may not be used by children without guardian consent. A child should not create his/her own user account. We treat anyone under 16 years old (or equivalent minimum age for full legal capacity in relevant jurisdiction) as a child.
- When we find that a child’s personal data is collected without expressed and verifiable guardian’s consent, we will delete the relevant data as soon as reasonably possible.
IX. Third-Party Services Providers and Their Services
- Our websites, products, applications, and services may contain links to third-party websites, products, and services. You can choose whether to access websites, products and services provided by third parties or not.
X. How Your Personal Data Is Transferred Globally
- We provide products and services through resources and servers around the world. This means, in compliance with applicable laws, your personal data might be transferred to or accessed from jurisdictions outside of the jurisdiction where you use our products or services.
- In case your personal data is transferred to countries located outside of the European Economic Area (EEA) and United Kingdom (UK), we will ensure that it will be protected in a manner that is consistent with legal requirements. This can be done in a number of different ways, such as:
- the recipient of the personal data is located within a country that benefits from a full “adequacy” decision of the European Commission;
- the recipient may have adhered to binding corporate rules (only for intragroup transfers);
- the recipient has signed a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal data; or
- where the recipient is located in the US, it is a certified member of the EU-US Privacy Shield scheme.
In the absence of these appropriate safeguards, we will ask you for your explicit consent for cross-border transmission of your personal data. In the meantime, security measures such as encryption, de-identification will be adopted for the safety of your personal data.
The personal data that we collect from you may also be otherwise transferred to, and stored at, destinations outside the EEA or UK. It may also be processed by individuals operating outside of the EEA and UK who work for our affiliates or for one of our suppliers.
In all cases, however, we will ensure that any transfer of your personal data is compliant with the applicable data protection law.
XII. Contacting us
DEF101, Lingyi Square, Xi’an Software Park, #72 2nd Keji Rd., Xi’an, 710075, Shaanxi, China