Version update date:November 10, 2023
Version effective date:November 10, 2023
The entity responsible for the processing of personal data referred to below is CHERY Automobile Co.,Ltd (hereinafter referred to as “CHERY”, “we” or “us”), a private company with limited liability established under the local and international laws and regulations, having its statutory seat in [No. 236, Yinhu North Rd, Free Trade Pilot Zone, Wuhu Area ,Anhui , China]. To ensure compliance with international data protection legislation, CHERY is the data controller of this personal data.
We give top priority to the protection of your personal data, and we process your data in accordance with applicable data protection laws. This statement provides comprehensive information about the processing of personal data when you use our website.
1.The processing of personal data when you use our vehicle;
2.The processing of personal data when you interact with distributors, dealer, or retailers (such as when you purchase your car or have it repaired);
3.Your use of third-party services in our website. The data processing of these services is subject to their individual privacy policies, which we strongly advise you to read carefully;
4.Our employee personal data or candidate recruiting practices. For more information, please see our EMPLOYEE PRIVACY STATEMENT. or CANDIDATE PRIVACY STATEMENT.
1. What personal data we collect and how do we use it?
2. What third-party services do we use?
3. With whom will we share this data?
4. How do we transfer your data outside your region?
5. What rights do you have in relation to your personal data?
6. How long do we retain your data?
7. How do we protect your data?
8. How can you contact us and make a request?
9. How will we update this Privacy Statement?
We use the collected personal data when you visit our web applications to manage and meet with your service and information requests, to make our products and services as effective as possible, and to protect our IT systems from attacks and other illegal activities.
To communicate with you:
To ensure information security, and to understand and improve our products and services.
On our websites, we incorporate social plugins from popular social networks like Instagram, Facebook, Twitter, TikTok, and YouTube. Here's how they work:
- When you visit our websites, social media plugins are initially deactivated. This means no information is transmitted to the network operators. If you want to use any of these networks, simply click on the respective plugin to establish a direct connection to their servers.
- If you're logged into your user account on a social network when you activate the plugin, the network can recognize your visit to our websites and associate it with your account. To prevent this, please log out of the network before activating the social plugin. The social network cannot detect your visits to other websites of ours unless you activate its social plugin on those sites too.
- When you activate a social plugin, the network directly transfers the available content to your browser, which integrates it into our websites. During this process, data transfers controlled by the respective social network may occur. Your connection to a social network, the data transfers between the network and your system, and your interactions on the platform are governed solely by the network's data protection provisions.
- The social plugin remains active until you deactivate it or delete your cookies. For more information about cookies setting, please read our Cookies Notice.
To assist, operate, enhance, and fulfil services on our behalf based on our legitimate interests to outsource certain operations, we share personal data with our affiliates and subsidiaries.
We share data with our services providers and partners to maintain our business operations, our relationship with you, and provide you with our services:
To fulfil our legal obligations, we may be required to disclose information in response to subpoenas, court orders, or lawful requests from government authorities conducting investigations. This includes compliance with law enforcement requirements, regulatory inquiries, and the verification or enforcement of our policies and procedures. We may also disclose information in emergency situations to prevent or halt potentially illegal, unethical, or legally actionable activities. When we receive a request for personal data from a law enforcement authority, we assess the necessity and proportionality of the requested information.
CHERY is a global company, and we operate internationally. By making a purchase or otherwise submitting your personal data to us, your information may be transferred to CHERY in the countries other than your place of residence or in which the information was originally collected. For example, where we have facilities or in which we engage service providers. CHERY complies with laws on the transfer of personal data between countries to help ensure your data is protected as described in this Statement, wherever it may be.
We may rely on various legal grounds to collect, use, and otherwise process your information, including: your consent; that the information is necessary for the performance of a contract with you; to comply with a legal obligation; to protect your, or someone else’s vital interests; or for a legitimate interest that is balanced against your rights and interests. These legitimate interests may include CHERY’s interest in improving its products and services, enhancing safety and security, protecting CHERY or its business partners against wrongful conduct, and responding to customer inquiries and claims. Where applicable, we will inform you whether and why we need certain information from you, for example, whether we need the information to fulfill a legal or contractual requirement and what the consequences are of not providing the information.
If you are located in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, we ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws and, in particular, that appropriate contractual, technical, and organizational measures are in place. CHERY's international transfer of personal data collected in the EEA, the UK, and Switzerland is governed by Standard Contractual Clauses. The controller of personal data relating to individuals located in the EEA, UK, or Switzerland, is O&J Automotive Netherlands B.V.
Where you have given consent for the processing of your personal data, you may withdraw your consent at any moment with effect for the future.
You have the right to request information about the personal data we hold regarding you. Upon request, we will provide you with a copy of your personal data.
You may request from us the rectification of incorrect or incomplete personal data concerning you. We make reasonable efforts to keep personal data in our possession or control, which are used on an ongoing basis, accurate, complete, current and relevant, based on the most recent information available to us.
You may request from us the restriction of processing of your personal data, if:
You contest the accuracy of your personal data, for the period we need to verify the accuracy;
The processing is unlawful and you request the restriction of processing rather than erasure of your personal data;
We no longer need your personal data for the processing purpose, but you require them for the establishment, exercise, or defense of legal claims;
You object to the processing while we verify whether our legitimate grounds override yours.
You have the right to receive your personal data provided to us and, where technically feasible, request its transfer to another organization. This right applies if we process your personal data through automated means, based on your consent or for the performance of a contract you are a party to. Your personal data must have been provided by you, and this right should not adversely affect the rights and freedoms of others. You can receive your personal data in a structured, commonly used, and machine-readable format. The transmission of your personal data to another organization is subject to technical feasibility.
You have the right to request that we delete the personal data we process about you. We must comply with this request unless the processing of your personal data is necessary for:
Compliance with a legal obligation requiring processing by laws to which we are subject;
Archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes;
The establishment, exercise, or defense of legal claims.
You have the right to object, at any time, to the processing of your personal data based on our legitimate interests or the legitimate interests of a third party, provided that the processing is not based on your consent. If you exercise this right, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing is necessary for legal claims. If you object to the processing, please let us know if you also wish for your personal data to be erased.
You have the right to be informed about the collection and use of your personal data. We have prepared this Statement for this purpose, and you will be informed of any changes to this Statement.
You have the right to lodge a complaint with your local data protection supervisory authority or with any other data protection authority in your region. However, we would appreciate it if you first contact us to try to solve your issue – you can find our contact details in Section 8.
We retain data related to our provided services in accordance with legal obligations. If you are a customer, we will keep your data for the duration of any contractual relationship you have with us, and, where permitted, beyond the end of that relationship for as long as necessary to fulfil the purposes set out in this Privacy Statement.
We retain the data we collect from or about you for the period necessary to fulfil the purposes outlined in this Privacy Statement, unless a longer retention period is required or permitted by law. Once the data is no longer necessary for these purposes, we either delete it or retain it in an anonymized form. In determining the appropriate retention period, we take into account various criteria, including the type of services requested by or provided to you, the nature of our relationship with you, the potential impact on the services we provide to you if we delete certain data about you, and the retention periods mandated by law.
We strive to maintain high security standards and have implemented robust technical and organizational measures to protect your data, in accordance with the current, general state of technology. We ensure that your personal data is adequately secured against loss, falsification or unauthorized access. However, please note that the transmission of information via the internet is not completely secure. While we do our best to protect your personal data, we cannot guarantee 100% security of your data transmitted to us.
Once we have received your personal data, we use strict procedures and security features to prevent unauthorized access. In the unfortunate event of a personal data incident, we will report it and take remedial measures in accordance with the requirements of the law and regulatory authorities.
We do not knowingly collect or use any Personal Data from children (we define ‘children’ as minors younger than 16) without prior, verifiable consent which is given or authorized by the holder of parental responsibility over the child. We do not knowingly allow children to order our vehicles, communicate with us, or use any of our online services.
If you become aware that a child has provided us with Personal Data, please contact us: email@example.com. We will take all reasonable measures to delete the information as soon as possible and to not use such information for any purpose, except where necessary to protect the safety of the child or others as required by law.
If you have any questions about the processing of your personal data, we recommend reading through this Privacy Statement first. To make a query, raise a concern, or exercise your data subject rights, please feel free to contact us via:
E-mail Address: firstname.lastname@example.org
Mailing Address: Kingsfordweg 151, 1043GR Amsterdam
We take your privacy seriously and aim to respond to you within one month or within the timeline specified by the relevant local privacy protection law, after confirming your identity.
If you believe that we have not adequately addressed your complaints or concerns, you have the right to lodge a complaint with a competent data protection authority.
We may update this Privacy Statement, for example, to reflect changes in our business operations and measures for protecting personal information. If we make changes to this Privacy Statement, we will notify you. Where changes to this Privacy Statement significantly impact the nature of our data processing or have a substantial effect on you, we will provide sufficient advance notice, allowing you the opportunity to exercise any applicable rights.