Privacy Agreement

Introduction

Your trust is of utmost importance to us and we are aware of the importance of personal information to you. We may collect personal information from you as reasonably necessary in accordance with laws and regulations. We shall use our best efforts to prevent disclosure, damage or loss of your information through reasonable and effective information security technology and management procedures. In view of this, the providers of the overseas expense reimbursement platform ("iExpense") ("Midea" or "we") enter into this Privacy Agreement and brings to your attention that:

This Agreement applies to all products and services on the Overseas Expense Platform (iExpense). The domain name of the iExpense is: 【https://ibs-us.midea.com/ for North America; https://ibs.midea.com/ for Hong Kong】

However, it is to be specially explained that:

This Privacy Agreement shall not apply to services provided to you by third parties, such as a jump to iExpense through a third party's website or a jump to a Third Party Platform through iExpense. The personal information you provide to such Third-Party Servicer shall not be governed by this Agreement.

Prior to using any products or services of the iExpense, you are kindly required to read carefully and fully understand this Agreement, especially the terms and conditions highlighted in bold and underlined. You should focus on the terms and conditions highlighted in bold and underlined before using, and starting to use after you fully understand and agree to accept. If you have any questions about this Agreement, you may contact us through the contact information provided on the iExpense.

This Agreement mainly tells you about:

1 Our Role

2 What information we collect from you.

3 How we use your information.

4 The circumstances under which we share your information.

5 Public Disclosure

6 How we store your information.

7 How we protect your information.

8 Rights Enjoyed by You.

9 logging out and cancel of account number

10 How are minors' information protected

11 How are your personal data transferred across borders

12 How can you contact us

13 Update of Terms

 

1 OUR ROLE

Our Role: We are the controllers of your data. This means that we decide what we do with your personal information and for what purposes. We know that you care about how your data is used and shared and we appreciate your trust. We do so carefully and sensibly.

 

2 WHAT INFORMATION WE COLLECT FROM YOU

We collect your information on a lawful, reasonable and necessary basis. When we provide you with a specific service, we will clearly inform you of the information we expect to collect and for what purpose, in response to your specific service request. Depending on the services you choose, we may collect one or more of the following types of information in the following scenarios:

2.1 When you use the expense reimbursement service on our platform, we will collect from you your bank name, branch name, bank account name, bank account number, personal reimbursement bank account number, bank code (optional), ID and phone number (only collected by TPT (Thailand)).

2.2 We will use [cookies] to automatically receive and record your IP address, location, language used, date and time of access, software and hardware characteristics, web records of your requirements and other data.

2.3 It shall be specially noted that individual equipment information and service log information cannot identify specific natural persons. If we combine such non-personal information with other information to identify a natural person, or if we combine such non-personal information with personal information, during the period of combination, such non-personal information will be treated as personal information, and unless authorized by you or provided by laws and regulations, we will anonymize and de-identify such information.

2.4 To enhance the safety of your use of the service of the iExpense Platform, protect your life and property or those of other users or the public from damage, better prevent security risks such as phishing websites, fraud, cyber-vulnerabilities, computer viruses, cyber-attacks, cyber-intrusions and more accurately identify non-compliance of laws, regulations or rules of relevant agreements of the iExpense Platform, we may use or integrate your account information, device interaction information and other information that we obtain your authorization or share pursuant to the law, to comprehensively judge the risks of your account and transactions, to conduct identity verification, to detect and prevent security incidents, and to take necessary recording, analysis and disposal actions pursuant to the law.

2.5 If the information you provide contains the personal information of other users, you shall ensure that you have obtained legal authorization before providing such personal information to us. If we use the information for any purposes other than those set out in this Agreement or if we use the information we have collected for a specific purpose for any other purpose, or if we obtain your personal information from a third party on our own initiative, we will obtain your prior consent.

2.6 Exception of Authorized Consent: You fully understand and agree that our collection, use, sharing, transfer and public disclosure of your personal information do not require your authorized consent and we may not respond to your requests for correction/amendment, deletion, cancellation, withdrawal of consent or request for information under the following circumstances:

A) related to national security and the security of national defense;

B) related to public safety, public health or material public interests;

C) related to judicial or administrative enforcement of law such as crime investigation, prosecution, trial and execution of judgment;

D) due to the need to protect your or other individuals' life, property and other significant legitimate rights and interests, but it is difficult to obtain your personal consent;

E) personal information that you disclose to the public on your own;

F) collect personal information from legally and publicly disclosed information, such as legal news reports, disclosure of government information or other channels.

G) necessary in accordance with relevant agreements or other written documents entered into and performed between you and us;

H) necessary for maintaining the safe and stable operation of products and/or services provided, such as identifying and disposing of defects of products and/or services;

I) is necessary for legitimate news reporting;

J) it is necessary for an academic research institution to perform statistical or academic research based on the public interest and when the results of academic research or description are provided to external parties, the personal information contained in such results is de-identified;

K) other circumstances provided by the law or regulation.

3 HOW WE USE YOUR INFORMATION

3.1 We will keep your personal data up-to-date; store or destroy it securely; minimise the collection and retention of data that we need to provide services to you; protect personal data from disclosure, misuse, unauthorized access and disclosure; and take the appropriate technical measures to keep your personal data secure.

3.2 We will use your information only for the purpose of providing the expense reimbursement service to you and for other purposes as permitted by your agreement.

3.3 It should be noted that the above methods cover the main methods in which we use your information. We may provide more diversified services to our users from time to time by, for example, updating our website by way of etc. If we intend to use the information for purposes other than those stated herein or we intend to use the information collected for a specific purpose for other purposes, we may request your consent again by signing an agreement, pop-up window, updating this Agreement, or otherwise.

4 UNDER WHAT CIRCUMSTANCES DO WE SHARE YOUR INFORMATION

We will not share your personal information with companies, organizations or individuals outside the United States, except in the following cases:

4.1 Sharing under Statutory Situations: We may share your personal information in accordance with laws or regulations, or to meet the need for dispute resolution, or requirements put forward by administrative or judicial authorities in accordance with laws.

4.2 Sharing with Express Consent: We may share your personal information with other parties if we have obtained your express consent.

4.3 Sharing with Affiliates: In order to facilitate the provision of products and services to you, to identify account abnormalities and to protect the personal and property of other users or the general public, your personal information may be shared with our affiliates and/or the designated service providers of our affiliates. We will only share personal information when necessary and are bound by the stated purposes in this Agreement. If we share sensitive personal information with you or our affiliates change the purposes for which the personal information is used or processed, we will seek your written consent again.

4.5 We will not transfer your personal information to other companies, organizations or individuals, except in the following cases:

A) Transfer with Express Consent: We may transfer your personal information to other parties if we have obtained your express consent;

B) In the event of a merger, internal or external business reorganization, acquisition or insolvency involving us or any other event involving us, acquisition or insolvency, where there is a transfer of personal information, we will require the new company, organization or individual holding your personal information to continue to be bound by this Agreement, otherwise we will require the new company, organization or individual to seek your written consent again.

5 PUBLIC DISCLOSURE

We may make public disclosure of your personal information only in the following cases:

5.1 Subject to your consent.

5.2 Disclosure Based on Laws: We may make public disclosure of your personal information as may be compulsorily required to do so by laws, legal proceedings or litigation or by governmental authorities.

6 HOW DO WE STORE YOUR INFORMATION

6.1 Depending on your geographic location, we may store your information in either Azure Cloud located in Virginia, USA or Orange Cloud located in Hong Kong or Orange Cloud located in Paris, France. We have strict control over the storage and view of information in order to realize data storage and management by partitioning.

6.2 Unless otherwise required by law, iExpense will continuously keep your information, unless you actively invalidate your iExpense account number and there are no unresolved disputes.

6.2 We will back up the information we have collected on a regular basis in accordance with the data backup policies of the Midea platform.

6.3 Your personal information will be anonymized and desensitized and become marketable data ready for use, and the overseas expense reimbursement platform (iExpense) may store and use without your consent.

6.4 If our products or services cease to operate, we will notify you by use of push notice, public announcement or other methods and will delete your personal information or anonymize your information within a reasonable period of time.

 

7 HOW WE PROTECT YOUR INFORMATION

7.1 We have taken reasonable and feasible security protection measures in line with industry standards to protect your information and prevent personal information from unauthorized access, public disclosure, use, modification, damage or loss. For example, the exchange of data between your browser and the server is protected by SSL protocol encryption; we also provide HTTPS protocol secure browsing methods for each website of the overseas expense reimbursement platform (iExpense); we will use encryption technology to improve the security of personal information ; We will use trusted protection mechanisms to prevent malicious attacks on personal information; we will deploy access control mechanisms to try our best to ensure that only authorized personnel can access personal information; and we will hold security and privacy protection training courses to strengthen employees' awareness of protection Awareness of the importance of personal information.

7.2 The Internet is not an absolutely safe environment. When using the products or services of the overseas expense reimbursement platform (iExpense), we strongly recommend that you do not use the communication methods recommended by the overseas expense reimbursement platform (iExpense) to send your information. You can connect and share with each other through our services. When you create a communication, transaction or sharing through our services, you can choose the object of communication, transaction or sharing independently, as a third party who can see your transaction content, contact information, exchange information or shared content and other related information.

7.3 In the event of an unfortunate personal information security incident, we will inform you in accordance with the requirements of laws and regulations: the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, and your suggestions for self-prevention and risk reduction , remedies for you, etc. We will inform you of the relevant circumstances of the event by email, letter, telephone, push notification, etc. When it is difficult to inform the personal information subjects one by one, we will publish announcements in a reasonable and effective way. At the same time, we will also report the handling of personal information security incidents in accordance with the requirements of regulatory authorities.

7.4 You fully understand and agree that we have the right to review whether the identity information provided by the user for registration is true and valid, and actively take reasonable measures such as technology and management to ensure the safety and effectiveness of the user account; the user is obliged to properly keep his account and password, and use their account and password correctly and securely. If any party fails to fulfill the above obligations, resulting in loss of account password, account theft, etc., which causes damage to the civil rights of users and others, it shall bear the legal responsibility arising therefrom.

7.5 If you find that someone else has fraudulently used or stolen your Midea account and password, or any other use without your legal authorization, you should immediately notify and inform us in the required effective way. When you notify, you should provide the enterprise registration information consistent with your registration identity information. After receiving your valid request and verifying your identity, we will take corresponding measures (including but not limited to suspending the login and use of the account, etc.) according to your request or in light of the specific circumstances. Any losses incurred by other users shall be borne by you. If you do not provide valid identity information or the personal valid identity information you provide is inconsistent with the registered identity information, we have the right to reject your request, and you shall be responsible for the loss caused thereby.

 

8 RIGHTS ENJOYED BY YOU

You have the right to manage your information, including:

8.1 Access to your personal information:

a) Account information: If you wish to access or edit the profile information in your account, change your password, etc., you can log in to your account to access your information through the settings.

b) Other personal information: For the personal information generated during your use of our products or services, if you need it, you can contact us through the contact information in Article 9.

8.2 Correction of your personal information

When you find that there is an error in our processing of your personal information, you have the right to ask us to make corrections or supplements. You can make corrections or supplements by visiting the Personal Information Settings page or contact us directly.

8.3 Deletion of your personal information

In the following cases, you can contact us through email addressed in Article 11 to request the deletion of personal information:

a) If our processing of personal information violates laws and regulations.

b) If we collect and use your personal information without your express consent.

c) If our processing of personal information seriously violates our agreement with you.

d) If you do not need to use our products and services, or you voluntarily invalidate your overseas expense reimbursement platform (iExpense) account.

e) If we are permanently not required to provide products or services.

f) If we share or transfer your personal information with others without your express consent, you have the right to ask us and third parties to delete

g) If we publicly disclose your personal information in violation of our agreement with you, you have the right to ask us to stop the public disclosure and issue a notice to require the relevant recipient to delete the corresponding information

If we decide to respond to your deletion request, we will stop providing you with products or services and delete your personal information as required by applicable law.

8.4 Right to withdraw consent

a) When we rely on your consent to process data, you have the right to withdraw your consent at any time, specifically by canceling your overseas expense reimbursement platform (iExpense) account.

b) When you withdraw your consent or authorization, we will no longer be able to continue to provide you with the services corresponding to the withdrawal of your consent or authorization, and will no longer process your corresponding personal information. However, your decision to withdraw your consent or authorization will not affect the previous processing of personal information based on your consent or authorization.

9 LOGGING OUT AND CANCEL OF ACCOUNT NUMBER

9.1 You can cancel the previously registered account at any time. If you need, you can contact us through the contact information in Article 11 of this agreement to cancel the account as an information subject.

9.2 After you invalidate your account, we will stop providing you with products or services, and at your request, unless otherwise provided by law, we will delete your personal information.

10 HOW TO PROTECT THE INFORMATION OF MINORS

This product and service is mainly for enterprise users.

If you are a minor, please do not register and use our system.

11 HOW YOUR PERSONAL DATA IS TRANSFERRED ACROSS BORDERS

We are a multinational company and the responsibility range of our teams responsible for data processing may cover the world or a variety of countries/regions. Therefore, these teams may be located anywhere in the world where we conduct business, including countries outside the EU that may not pursue the same standards for personal information protection as your country. We may also transmit data outside the EU, including China. By using or joining our services and/or providing us with your information, you agree that we will collect, transmit, store and process your information outside the country/region you live in accordance with this Privacy Policy. We will make every effort to ensure that they comply with applicable legal requirements to the extent permitted by existing technology, for example, by executing standard contract terms. All of your data that we collect is used for user and product analysis after necessary confidential processing to provide you with better services. But in this case, we will take steps to protect your information appropriately.

 

12 HOW DO YOU CONTACT US

12.1 If you have any questions, comments or suggestions about this Privacy Policy, or if you want to exercise any rights, or if you have any requests to discuss with us, please contact our department dealing with personal information protection matters in the following ways:

a) Overseas expense reimbursement platform (iExpense) service provider: 【GD Midea Air-Conditioning Equipment Co.,Ltd】

b) Address: Midea Headquarters Building, Beijiao Town, Shunde District, Foshan City

c) Email: MideaDPO@midea.com

12.2 For security reasons, you may be required to provide a written request or otherwise prove your identity. Generally, we will reply within 15 days. If you are dissatisfied with our response, especially if our personal information processing behavior has damaged your legitimate rights and interests, you can also file a complaint or report to the regulatory authorities such as Netcom, telecommunications, public security and municipal supervision.

12.3 If you are not satisfied with our response, especially if you think that our personal information processing behavior has harmed your legitimate rights and interests, you can also seek a solution by filing a lawsuit with the competent court where the defendant is domiciled.

 

13 TERMS UPDATE

13.1 In order to provide you with better services and better user experience, this Agreement will be subject to timely changes in accordance with business adjustments, changes in laws, regulations or policies. If we update this statement, we will post the latest version of the privacy statement on the overseas expense reimbursement platform (iExpense) website. If you continue to use any of the services we provide or visit our related websites after the privacy policy is adjusted or changed, we will I believe this means that you have fully read, understood and accepted the revised Privacy Agreement and are bound by it.

13.2 You are advised to periodically review this Statement for any changes. If we make any material changes to this Statement (changes in the scope and purpose of use of personal data collected), we will notify you through appropriate channels and obtain your consent.

 

 

MIDEA

April 30, 2023 version

Effective on April 30, 2023