Privacy Policy
Yutong Bus Co., Ltd.
and its affiliates worldwide (hereinafter referred to as "Yutong", “we” or "us")
attach great importance to the protection of your personal data and privacy.
When you use our Internet of Vehicles (IoV) service, we may collect your data.
Please read this Privacy Policy carefully because it includes how we collect,
store, use, share and protect your data, so as to provide you with smooth
experience when using our vehicle products.
This Privacy Policy
is applicable to the Internet of Vehicles services provided by us, including
YUTONG V+ Fleet, YUTONG V+ ITS ,YUTONG Etruck and other websites or APPs.
The data we may collect
mainly include your personal data and vehicle data. However, these rules are
not all applied to you.
The privacy policy will help you understand the
following:
I. Your data we may collect
II. How we use your data
III. How we share your data
IV. How we store your data
V. Cross-border transfer of
your data
VI. Data processing records
VII. How you access and
manage your data
VIII. How we protect your
data
IX. Protection of personal
data of minors
X. Disclaimers for
third-party products and services
XI. Updates to the Privacy
Policy
XII. How to contact us
I. Your data we may collect
We may collect the
following data about you in the process of providing IoV services:
1. When you purchase IoV
services
In order to provide
services for you when you purchase the Internet of Vehicles service, we may
collect the following personal data about you: company name, company address,
name, gender, job title, contact phone number, cell phone, email address,
payment method and bank account information, etc.
2. User registration
After you receive the
vehicle, you do not need to register yourself and we will provide you with an IoV
account and password for login. You can change the password according to your
needs. During the registration process, we will not collect any personal data
from you.
3. When you use the IoV
service
When you use the IoV
service, we do not collect your personal data in principle, but may collect the
following data about your vehicle.
|
Vehicle data |
vehicle status (including GPS/Vehicle production number/ VIN) |
|
Mileage on the day |
|
|
Charging status |
|
|
Operating mode |
|
|
Vehicle speed |
|
|
Accumulated mileage |
|
|
Driving duration
on the day |
|
|
Main motor voltage |
|
|
Main motor current |
|
|
Main motor temperature |
|
|
Main motor speed |
|
|
Using period of battery |
|
|
Rated battery electricity |
|
|
A/C temperature |
|
|
Start time of charging |
|
|
End time of charging |
|
|
Input energy |
|
|
Total voltage |
|
|
Total current |
|
|
Gear position |
|
|
Battery cell overvoltage
alarm |
|
|
Battery cell
undervoltage alarm |
|
|
Accelerator pedal status |
|
|
Brake pedal status |
|
|
Door status |
|
|
Traction motor temperature |
|
|
Motor controller input voltage |
|
|
Motor controller DC bus current |
|
|
Alarm data |
Motor overheat fault |
|
Overcurrent |
|
|
Battery cell high
voltage alarm |
|
|
High-voltage loop interlocking fault |
|
|
Serious fault of battery system |
|
|
Seriously high temperature fault of battery |
|
|
Battery cell LV alarm |
|
|
System high temperature alarm |
|
|
Low SOC alarm |
|
|
Low insulation resistance alarm |
|
|
Five-in-one: output with phase loss, separate type: |
|
|
Five-in-one: accelerated overcurrent, separate type: overload |
|
|
Output with phase loss |
|
|
Main motor controller communication fault |
|
|
Communication fault of steering
motor controller |
|
|
Traction battery communication fault |
4. When you use the APP and website services
In
order to help us analyze the usage of product functions, better improve our
products and services, and enhance your user experience, we will collect the
following information: Running process information, application identifier,
application version, application distribution channel, language location, time
zone, network status and type, device information (IMEI, SIM card IMSI, Android
ID, IDFA, OpenUDID, GUID, OAID, GAID, ICCID, MAC address, IP address, brand,
mobile phone manufacturer, operating system version, device model, device
version, screen information (direction, resolution, DPI), power quantity,
software installation list, device sensor information, log information
(third-party developer defined log, Logcat log, APP crash stack information)
browser information (name, version), CPU architecture type, whether the device
is rooted, disk space occupation size, SD card space occupation size, memory
space occupation size, accessed pages and operations, etc.
We
will apply for camera permission or album permission (iOS)/storage permission
(Android) and device information permission of the device. The purpose of
applying for camera and album permissions is to upload abnormal photos of
vehicles in functions such as vehicle inspection. If you refuse this
authorization, the above-mentioned functions will not work normally, but your
normal use of our products and services that do not need to apply for camera
and album permissions will not be affected.
II. How we use your data
1. Communicate with you
(1) Inform you of important
safety-related data about your vehicle or new energy products;
(2) Notify the service
personnel in case of vehicle failure or accident;
(3) Send you data and
changes of products, services, terms and policies;
(4) Inform you of our
marketing activities;
(5)
Respond to your inquiries and satisfy your requests.
2. Provide you with
products or services
(1) Implement our orders: handle
payment, deliver, and evaluate your financing needs;
(2) Monitor vehicle
performance;
(3) After-sales services
such as roadside assistance and maintenance;
(4) Handle, assist and provide relevant customer support.
3.Verify the accident cause
When a vehicle accident occurs, locate the vehicle, and verify the accident
cause and the vehicle condition at that time.
4. Improve and enhance our
products and services
(1) Product system upgrading;
(2) Satisfaction surveys;
(3) Research, analyze and improve
the performance of products, and develop new technologies related to products.
III. How we share your data
We limit how and with
whom we share your personal data, and we will not share your personal data with
any company, organization or individual, except the following circumstances:
1.
Obtain your explicit consent;
2. In
order to assist, improve and perform our services, we may share your personal
data with affiliates, dealers, service providers, satisfaction survey agencies,
etc.
3. To comply with mandatory
requirements of laws and regulations, requirements of courts or government
authorities, safeguard the social and public interests, or protect the personal
and property safety or legitimate rights and interests of our customers and
employees.
Our sharing of your data to third parties is subject to the purposes
stated in this Privacy Policy, and your authorization will be sought again if
our sharing will change the purposes for which personal data is processed. You
may also withdraw your consent at any time and your personal data will no
longer be shared.
IV.
How we store your data
In principle, your data is
stored in our IDC server room (private cloud) / Ali public cloud operated by
our company in the People's Republic of China.
If you
are in the European Economic Area (EEA), your vehicle data will be stored in
our ECS in Germany.
Wherever our servers are
located, we will take appropriate organizational and security measures to
protect data security. We will not retain your data longer than necessary,
unless an extension of the retention period is needed or permitted by law. Different
retention periods apply to different types of data. For example, vehicle
journal account data will be retained for 1 year and vehicle statistics data
will be retained for 3 years. If the retention period expires, we will
completely delete your relevant data from our system or anonymize it to ensure
that it cannot be recovered or traced back to you personally. Notwithstanding
this provision, we may retain your data for the purpose of assisting any
governmental and judicial investigations to file or support legal claims or
civil, criminal or administrative proceedings.
V. Cross-border
transfer of your data
We are
a global company and as such we operate on a global scale. In order to provide
services to you, we sometimes need to share your data with our offices, branches,
subsidiaries, affiliates, service providers outside your country and others. We
comply with the laws on the transfer of personal data between countries/regions
to ensure that your data can be protected regardless of its location.
If you
are in the European Economic Area (EEA), we ensure that your personal data is
transferred in accordance with applicable privacy laws. When processing the
data beyond the originally collected or hosted areas, Yutong promises to ensure
that all transfers of personal data are subject to relevant safeguards (if
applicable) to maintain adequate protection of personal data.
VI. Data processing
records
Yutong's system maintains
necessary records of data sharing, transmission, and processing, including
third-party data, disclosed data, and time of disclosure, etc., which are
generated by our software during data processing. Records are generally made in
electronic form. According to requirements of regulatory authorities, we can
provide accessible data processing records as controllers or processors and when
necessary.
VII. How you access
and manage your data
We attach great importance
to your data and do our best to protect your right to access, correct and
delete your personal data, so that you have the full capacity to safeguard your
privacy and security.
Your rights include:
|
Access to data |
If you want to
access your website or account data, order data, vehicle use data and others,
you can contact us to access your personal data as set forth in the
"Contact Us" below. |
|
Right to correct |
When you find that
there is an error in your personal data processed by us, you have the right
to correct or update the incorrect or incomplete data, provided that your
identity is verified and that the correction does not affect the objectivity
and accuracy of the data. You may contact us in the ways listed in the
"Contact Us" below. |
|
Right to be forgotten |
If we collect, use
and share your personal data with others in violation of laws and regulations
or your agreement, you have the right to ask us to delete it. You can contact
us according to the methods listed in the "Contact Us" below. |
|
Right to restrict processing |
In some cases, you
can restrict our processing of your personal data. If you object to the
marking of stored personal data in order to restrict the subsequent
processing of such data, please contact us through the methods listed in the
"Contact Us" below. |
|
Data portability |
In some cases, you
have the right to receive the personal data you provide to us in a
structured, common and machine-readable form and/or to transfer such data to
third parties. If you have such a request, please contact us in the ways
listed in the "Contact Us" below. |
|
Right to refuse |
You have the right
to refuse: -Processing
(including analysis) of your personal data at any time for the purpose of
direct marketing; -In other cases, we
will continue to analyze your personal data if the processing is in our
legitimate interest. |
|
Right to
self-determine (independent decision making) |
You have the right
not to be restricted by a decision that relies solely on automated processing
(including analysis). If you refuse automated decisions regarding your
personal data, you can feed back to us in the ways listed in the
"Contact Us" below. |
If you wish to exercise any
of these rights, please do the following:
• Send email, call or write
- see below: "How to contact us";
• Tell us the rights you want to exercise and the personal data involved
in the request.
Respond to your rights
To ensure your data
security, we will first ask you to verify your identity before processing your
request. In general, we will accept your request by e-mail within 7 working
days and within 5 working days for requests by phone. After the acceptance, we
will process your legitimate request within 15 working days, and may feed it back
the processing results by phone, email and other channels.
In principle, we do not
charge for your reasonable request, but we will charge a certain amount of cost
for repeated requests that exceed the reasonable limit as appropriate. We may
deny requests that are unnecessarily repeated, require excessive technical
means (for example, requiring the development of new systems or fundamental
changes to current practices), pose a risk to the legal rights of others, or
are highly impractical (for example, involving data stored on backup tapes).
We will not be able to
respond to your request in the following circumstances:
1. Related to the
performance of the obligations of the controller of personal data under laws
and regulations;
2. Directly related to
national security or national defense security;
3. Directly related to
public safety, public health, or vital public interests;
4. Directly related to
criminal investigations, prosecutions, trials and enforcement of judgments,
etc.
5. The personal data
controller has sufficient evidence of subjective malice or abuse of rights by
the personal data subject;
6. For the purpose of
safeguarding the life, property and other significant legitimate rights and
interests of the personal data subject or other individuals when it is
difficult to obtain the consent;
7. Responding to the
request of the personal data subject will lead to serious damage to the
legitimate rights and interests of the personal data subject or other
individuals or organizations;
8. Involve commercial
secrets.
VIII. How we protect
your data
We attach great importance
to your data security and take all reasonable and feasible measures to protect
your data. Technical measures for data security include:
1. We will adopt
security protection measures that conform to industry standards, including
establishing reasonable regulations, specifications and security technologies
to prevent your data from being used or modified by unauthorized access, and
avoid data damage or loss, such as vulnerability scanning systems, application
firewalls, SSL digital certificates, database desensitization systems,
anti-virus protection systems, etc.
2. We have
established a data security management organization, built and improved the
data security management system and privacy security management system, and
taken necessary technical measures to effectively ensure the life cycle
security of your personal data.
3. In order to deal
with the possible risks such as data leakage, damage and loss, we have
developed a number of systems to clarify the classification and grading
standards of security incidents and security vulnerabilities and the
corresponding handling procedures. We also set up a special emergency response
team for security accidents. According to the requirements of security accident
handling specifications, we launched security plans for different security accidents
to stop losses, analyze, locate, develop remedial measures, and work with
relevant departments to trace the source and fight back. We will inform you and
the corresponding regulatory authorities of the suspicious situation of data
security vulnerabilities according to laws.
IX. Personal data
protection for minors
Our IoV services are
primarily intended for adults, and we do not knowingly collect personal data
from minors, except as required by applicable law. Without the consent of their
guardians, minors are not allowed to provide us with personal data. If we find
that we have collected personal data of minors without the prior verifiable consent
of parents or guardians, we will seek to delete the relevant data as soon as
possible. If parents or guardians have reason to believe that minors have
submitted personal data to Yutong without their prior consent,
please contact us to ensure that such data is deleted.
X. Disclaimers for third
party products and services
In the course of
using our products and/or services, you may access applications and other
services provided by third parties, and we assume no responsibility for the
collection and use of personal data by such third-party applications or
services. We suggest that you carefully read the applicable terms and
conditions (and any relevant privacy statement) and fully understand the rules
for collecting and using your personal data before using such applications or
services. If you have any questions about the use of your personal data by a
specific third party, please contact the third party directly.
XI. Updates to the
privacy policy
This Privacy Statement is released
on March 20, 2024.
We may revise this
Privacy Policy from time to time and then we will post an updated version on
this page and notify you of any changes made to this Privacy Policy in a pop-up
box or in a manner that is as prominent as the pop-up box. By clicking agreement,
you agree to the revisions to this Privacy Policy.
XII. How to contact us
If you have any questions
about this Privacy Policy or the data we hold about you, or to claim your
legitimate rights as described above, please contact us by mail, email or
telephone.
|
Contact Information |
|
Address: Yutong
Industrial Park, Shibalihe, Zhengzhou City, Henan Province, China Email:dataprotection@yutong.com TEL:+86-371-85338999 |