Privacy Policy
Clearsky Network Privacy Policy
Last Updated: Jan 2020
Clearsky Solutions Ltd., a company incorporated under the laws of Hong Kong with an address at 9/F Amtel BLDG 148 Des Voeux, RD Central, Hong Kong (together with other members of its group (“Clearsky Network”/”we”/”us”/”ours”) is committed to protecting the privacy of its users (“you”/”your”) of the website https://www.clearsky-network.com/ (the “Site”).
This Privacy Policy (“Policy”) sets out what Personal Data we collect, how we process it and how long we retain it. This Policy is applies to all of our Processing activities where we act as a Data Controller. Further notices highlighting certain uses we wish to make of your Personal Data together with the ability to opt in or out of selected uses may also be provided when we collect Personal Data from you.
We ask that you please read this Policy before providing us with any Personal Data about you or any other person.
Additional defined terms are set out in the glossary at Appendix 1 of this Policy.
Our Site may contain links to other third party websites. If you follow a link to any of those third party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or Processing of your Personal Data. Please check these policies before you submit any personal information to such third party websites.
Certain aspects of this Policy only apply to users residing in the European Economic Area (“EEA”) – these are noted where relevant in this Policy.
Navigating this Policy
If you are viewing this policy online, you can click on the above links to jump to the relevant section.
IMPORTANT: Your Personal Data
IMPORTANT: BY USING THE SITE, YOU ACKNOWLEDGE AND AGREE THAT WE MAY BE UNABLE TO FULLY COMPLY WITH YOUR REQUESTS TO EXERCISE YOUR RIGHTS UNDER APPLICABLE DATA PROTECTION LAW, BUT THAT WE WILL TAKE SUCH STEPS AS ARE REASONABLY AND PRACTICABLE IF YOU DO NOT AGREE TO THIS, YOU SHOULD NOT REGISTER TO USE, OR USE, THE SITE.
1. How we collect Personal Data from you
We collect Personal Data about you (either directly or from third parties, such as your employing organization where you are acting on behalf of such organization) when you
- visit and use our Site;
- register for, and use our Site;
- provide us with certain information including as part of the registration process;
- contact and communicate with us either through our website or through other channels;
- enter into a contract with us or other participants on the Site; and
- Enter into any other relationship with us or interact with us or our service 2. What type of Personal Data we may collect about you
The Personal Data we collect and Process about you includes the following.
2.1 information provided to us through registration/resulting from registration: such as your name; address (personal/work); email address (personal/work); telephone number (personal/work); date of birth; nationality; details of tour employer (where you are acting on behalf of such employer); and Site user ID;
2.2 credit, identity and anti-fraud information: information relating to your financial situation, your creditworthiness or any criminal or fraudulent activities provided to us by you or third parties, including information which establishes your identity, such as driving licenses, passports and utility bills; information about credit ratings from credit reference agencies; fraud, offences, politically exposed person and sanctions lists where your details are included;
2.3 our correspondence: if you contact us, we will typically keep a record of that correspondence;
2.4 Survey information: we may also ask you to complete surveys that we use for research purposes. In such circumstances we shall collect the information provided in the completed survey;
2.5 website and communication usage: details of your visits to the Site, App and Site and information collected through cookies and other tracking technologies including, but not limited to, your IP address and domain name, your browser version and operating system, Information associated with or related to devices, such as device type (e.g., mobile, tablet); type and version of operating system (e.g., Android, iOS); network provider; mobile browser (e.g. Safari, Chrome, etc.); language setting; time zone; and network status type (such as WiFi). Information about End User’s interactions with apps and websites, Mobile advertising identifiers, such as iOS IDFAs and Android Advertising IDs (“Mobile IDs”). These Mobile IDs may be associated with other Information, including with Data Segments.
2.6 Precise Location information, generally an End User’s lat/long data (i.e., GPS-level data) or WiFi information, which we may associate with Mobile IDs, and which may be collected whether or not an app is in use Traffic data, web logs and other communication data, and the resources that you access.
3. How we use your personal information
In this section, we set out the purposes for which we use your Personal Data that we collect via our Site.
Where you are a user resident in the EEA, we also identify the “legal bases” on which we rely to Process the Personal Data in compliance with our obligations under European law. An explanation of the “legal bases” can be found at Appendix 2 of this Policy.
Please note that in addition to the disclosures we have identified below, we may disclose Personal Data for the purposes we explain in this Policy to service providers, contractors, agents, advisors (e.g. Legal, financial, business or other advisors), law enforcement/regulatory bodies and affiliates of Clearsky Network that perform activities on our behalf, as well as other members of the Clearsky Network group:
- User registration: to register you as a user of our Site, to communicate with you and respond to queries, or to carry out our obligations arising from any agreements entered into between you and us. This may include passing your details to counterparties, service providers;
- in relation to fraud prevention: we and other organizations may also access and use certain information to investigate and prevent fraud as may be required by applicable law and regulation and best practice at any given time. If false or inaccurate information is provided and fraud is identified or suspected, details may be passed to fraud prevention agencies and may be recorded by us or by them.
- To provide you with marketing materials: to provide you with updates and offers, where you have chosen to receive these. We may also use your information for marketing our own and our selected business partners’ products and services to you by email, SMS, phone and,where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing. We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us as set out in the “Contacting Us” section below.
- in connection with legal or regulatory obligations: we may process your Personal Data to comply with our regulatory requirements which may include disclosing your Personal Data to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime;
- business change: in the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organization, we may need to transfer some or all of your Personal Data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analyzing any proposed sale or re-organization. We may also need to transfer your Personal Data to that re-organized entity or third party after the sale or reorganization for them to use for the same purposes as set out in this policy
- for research and development purposes: to analyses your Personal Data in order to better understand your and our other clients’ services and marketing requirements, to better understand our business and develop our products and services;
Legal bases: legitimate interests (to allow us to improve our services);
- to ensure Site content is secure and relevant: to ensure that content from our websites is presented in the most effective manner for you and for your device, which may include passing your data to business partners, suppliers and/or service providers;
Legal bases: legitimate interests (to allow us to provide you with the content and services on the Site in a relevant and secure manner)
How long we keep Personal Data
We retain your Personal Data only for as long as is necessary for the Processing purpose(s) for which the Personal Data was collected (as set out in this Policy) and for any other permissible, linked purpose(s) in accordance with our internal Retention and Deletion Policy. Records can be held on a variety of media (physical or electronic) and formats.
Retention periods are determined based on the type of record, the nature of the record, business need and activity and the legal or regulatory requirements that apply to those records. Typically, Personal Data which is collected pursuant to our legal obligations (such as AML) are retained for 2 years. Where Personal Data is collected pursuant to a contract or prior to the creation of a contract, these are retained for 6 years after the termination of the contract pursuant to our legitimate interests in establishing or defending any related legal claims.
However, we may retain your Personal Data for a longer period of time where such retention is necessary for compliance with a legal obligation to which we are subject.
Data Security
We have put in place commercially reasonably security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other service providers who have a business need to know. They will only Process your Personal Data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. You are responsible for keeping your password and private key confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password/private key with anyone.
Transferring your information outside of the EEA (relevant to users who are EEA residents only)
We may share your Personal Data with employees, agents, contractors and other third parties (including companies which are related to Clearsky Network) located outside the EEA where data protection laws may be of a lower standard than the EEA.
We only do this where we have a legal basis for doing so. This may also require us to take certain additional steps to ensure that appropriate safeguards are in place if that third country is not deemed by the European Commission to offer an adequate level of protection for your privacy rights, which may include use of contractual safeguards to allow you to be able to enforce your rights and ensure these are preserved. In certain circumstances, we may need to ask you for your explicit consent to such third country transfers, and will always do so in writing and giving you full information about why we need your consent and your right to withdraw that consent at any time (together with the consequences of withdrawal). Please contact us as per the “Contacting us” section below if you would like to see a copy of these safeguards.
Your data protection rights
You have certain rights under applicable legislation (and in particular, where you are a user that is an EU resident, under the General Data Protection Regulation).
Below is a summary of these rights. Please note that these rights may vary depending on where you are located and the exercise of such rights may be subject to certain exemptions.
In order to exercise such rights, you should contact us as per the contact details in the “Contacting us” section below. We will check your entitlement and respond in most cases within a month.
The rights likely available are the:
- Right of information: you have a right to be informed about the Processing of your Personal Data (and if you did not give it to us, information as to the source) and this Policy intends to provide the information;
- Right to rectification: you have the right to have any inaccurate Personal Data about you rectified and to have any incomplete Personal Data about you completed. The accuracy of your Personal Data is important to us. If you need to advise us of any changes to Personal Data please contact us as per the contact details in the “Contacting us” section below;
- right to erasure (right to be ‘forgotten’): you have the general right to request the erasure of your Personal Data in certain circumstances;
- Right to restrict processing and right to object to processing: you have a right to restrict processing of your Personal Data in certain circumstances such as whilst a complaint is being investigated.
- right to data portability: in certain circumstances, you have a right to receive the Personal Data you provided to us in a structured, commonly used and machine-readable format, or ask us to send it to another person;
- Right to object to direct marketing: you have a choice about whether or not you wish to receive marketing communications from us. You can change your marketing preferences at any time by contacting us as per the “Contacting Us” section below. On each and every marketing communication, we will always provide the option for you to opt-out of further marketing by clicking on the ‘unsubscribe’ button on our marketing emails or choosing a similar opt-out option on any forms we use to collect your Personal Data. Please note that any administrative or service-related communications (to notify you of an update to this Privacy Policy or applicable terms of business, etc.) are not marketing communications. Therefore, please be aware that your ability to opt-out from receiving marketing and promotional materials does not change our right to contact you regarding your use of our website or as part of a contractual relationship we may have with you;
- right to request access/ receive information: you have a right to be provided with a copy of the Personal Data we hold about you. To protect your Personal Data, we follow set storage and disclosure procedures, which mean that we may require proof of identity from you prior to disclosing such Personal Data; and
- right to withdraw consent: where the legal basis for processing your Personal Data is your consent, you have the right to withdraw that consent.
If you wish to raise a complaint on how we have handled your Personal Data, you can contact us as set out in the “Contacting us” section below and we will then investigate the matter.
Where you are a user resident in the EEA, if we have not responded to you within a reasonable time or if you feel that your complaint has not been resolved to your satisfaction, you are entitled to make a complaint the relevant data protection authority in the EEA country in which you are based. A list of the EEA data protection regulators can be found at: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
Review of this Policy
We may make changes to this Policy from time to time. Where we do so, we will notify those who have a business relationship with us or who are subscribed to our emailing lists directly of the changes, and change the ‘Last updated’ date above. We encourage you to review the Policy whenever you access or use our website to stay informed about our information practices and the choices available to you. If you do not agree to the revised Policy, you should discontinue your use of the Site, App and Site.
Contacting Us
Clearsky Solutions Ltd., a company incorporated under the laws of Hong Kong with an address at 9/F Amtel BLDG 148 Des Voeux, RD Central, Hong Kong is the Data Controller under this Policy.
Any questions regarding our Policy or your rights should be sent to:
Privacy Manager
Questions can be sent by email to: Support@Clearsky-Network.com
Appendix 1: Glossary
“Data Controller” means the organization which alone or jointly with others determines the purpose and means of the processing of Personal Data. Clearsky Network Limited is the Data Controller under this Policy.
“Data Processor” means the organization which processes Personal Data on behalf of the Data Controller (not including employees of the Data Controller). Service providers that handle Personal Data on the Data Controller’s behalf will be Data Processors.
“Personal Data” means any information relating to you as an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an online identifier or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Special Categories of Personal Data” means types of data that is subject to more stringent processing conditions than other Personal Data, and in the EU includes Personal Data which reveals racial or ethnic origin, political opinion, religious or philosophical beliefs, trade-union membership, and the processing of genetic data, biometric data in order to uniquely identify a person or data concerning health, sex life and sexual orientation. Data concerning health covers Personal Data relating to the physical or mental health of an individual which reveals information about the individual’s health status. In the EU, Personal Data relating to criminal convictions or offences or related security measures may only be processed when authorized by Member State or EU law.
Appendix 2: Legal basis (only relevant to users resident in the EEA)
Legal bases for Personal Data:
- Contract performance: where your information is necessary to enter into or perform our contract with you.
- Legal obligations: where Clearsky Network is required to process your Personal Data to comply with a legal requirement; and
- Legitimate interests: where Clearsky Network collect and use personal information in reliance on its legitimate interests (or those of any third party) and these outweigh any prejudices to your data protection rights.
Special Categories of Personal Data
- Legal claims: where Clearsky Network is required to process your personal information for Clearsky Network to establish, defend, prosecute or make a claim against you, Clearsky Network or a third party;
- In the substantial public interest: the processing is necessary for reasons of substantial public interest, on the basis of EU or local law; and
- Explicit consent: where you have given explicit consent to the processing of those personal data for one or more specified purposes (this will rarely be relied on). You are free to withdraw your consent by contacting us using the details set out in the “Contacting us” section above. If you do so, we may be unable to provide a benefit or service that requires the use of such data.