SynControl Privacy Policy

  1. Purpose and Scope
    1. SynControl, a private company limited by shares, registered by the Government of the Hong Kong Special Administrative Region; address: 5 Tai Mong Tsai Rd., Sai Kung, NT, Hong Kong, hereinafter referred to as the “Company”, strives to comply with applicable laws and regulations related to Personal Data protection in countries where the Company operates. This Policy sets forth the basic principles by which the Company processes your personal data, and indicates the responsibilities while processing personal data.
    2. The Company intends to sell a licence to companies, not to individuals. The Company does not attempt to receive personal data from people under 18 years.
    3. The Company acknowledges and understands that you are aware of and care about your own personal privacy interests, and the Company takes that seriously. This Privacy Policy describes the policies and practices with regard to the collection and use of your personal data, and sets forth your privacy rights. The Company recognizes that data privacy is an ongoing responsibility, and, therefore, the Company will from time to time update this Privacy Policy and its privacy practice as the Company undertakes new personal data practices or adopt new privacy policies.
  2. Company’s website
    1. The Company controls and manages http://www.syncontrol.com/ (hereinafter the “Website”) which may collect particular data for its business purposes.
  3. Company’s mobile application
    1. The Company controls and manages the SynControl mobile application (hereinafter the “App”) which may collect particular data for its business purposes.
  4. Definitions of legal bases for the processing
    1. Consent – your clear agreement to the processing of your personal data for a specific purpose.
    2. Contract – the reason why the processing is necessary based on a contract you have with the Company, or because the Company has asked you to take specific steps before entering into that contract.
    3. Legitimate Interests – the reason why the processing your data is necessary which is based on the legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
      1. gaining insights from your behaviour on the Website;
      2. delivering, developing and improving the Website and the App;
      3. enabling the Company to enhance, customise or modify the Website, the App, and services;
      4. determining whether marketing campaigns are effective;
      5. enhancing data security.
  5. Consent rule
    1. If you have given consent to the processing of your data you can freely withdraw such consent at any time by emailing the Company to ra@syncontrol.com
    2. If you do withdraw your consent, and if the Company does not have another legal basis for the processing of your data, then the Company will stop the processing of your personal data.
    3. If the Company has another legal basis for the processing of your data, then the Company may continue to do so subject to your legal interests and rights.
  6. Company’s responsibilities
    1. If you are a registered user or a visitor to the Website or the App, the Company acts as the ‘data controller’ of personal data. This means that the Company determines how and why your data are processed.
  7. Your responsibilities
    1. Read this Privacy Policy carefully.
    2. If you provide the Company with personal data about other individuals, the Company will only employ that data for the special reason for which it was provided to the Company. By sending the data, you confirm that you have the right to dispose to process the data on your behalf in accordance with this Privacy Policy.
    3. Treat your personal data confidential and secure.
  8. Collected data on the Website
    1. The Company collects data when you interact with its Website, especially when:
      1. you browse any page of the Website;
      2. the Company calls you;
      3. you use the Website;
      4. you receive emails from the Company;
      5. you chat with the Company for customer support;
      6. you opt-in to marketing emails.
    2. The Company collects the following categories of data:
      1. contact details such as your first name, last name, email address, telephone number;
      2. business details such as your company, your job title;
      3. anything else you would like the Company to know;
      4. data that identifies you such as your IP address, login information, browser type and version, time zone setting, browser plug-in types, operating system and version;
      5. data on how you use the Websites such as your URL clickstreams (the path you take through the Websites), services viewed, page response times, download errors, how long you stay on webpages, what you do on those pages, how often, and other actions.
  9. Collected data on the App1. The Company collects data when you interact with its App, especially when:
      1. you open the App and use it
      2. you chat with the Company for customer support;
    2. The Company collects the following categories of data:
    1. data that identifies you such as your chosen identifier (not necessarily your real name), email address, IP address, in order to authenticate the user and personalize the user experience;
    2. device ID such as hardware type and version for analytics purposes, and time zone setting to personalize the user experience;
    3. data on your usage of the App such as your workflow (the path you take through the App pages), how long you stay on the App pages, what you do on those pages, how often, and other actions, for analytics purposes;
    4. The only user content we collect are photos, videos, scanned barcodes, and other text notes, for App functionality;
    5. We collect diagnostic data such as crashes and performance history  for analytics purposes;
    6. The App does NOT collect any data related to location, any sensitive personal information, contactssearch history, or purchase history.
  10. Data linked to the user
    1. All the data listed in the above section are linked to the user.
    2. We do not attempt to link the data back to the user’s identity if that doesn’t serve a purpose to provide customer support as requested by the user, and we do not attempt to tie the data to other datasets that enable it to be linked to a particular user’s identity.
  11. Recipients of data collected on the Website or the App
    1. The recipients of the collected data are the highest management level of the Company, its employees and contractors, and other third party service providers mentioned below.
  12. Tracking
    1. We do not link data collected from the App about a particular end-user or device, such as a user ID, device ID, or profile, with Third-Party Data for targeted advertising or advertising measurement purposes, or for sharing data collected from the App about a particular end-user or device with a data broker.
  13. Purposes and legal basis for the processing
    1. The Company processes the data for:
      1. Providing Services (quality inspection software and services):
        1. Details: the Company needs to provide services accessible via the Website and the App.
        2. Legal basis: Consent; Contract; Legitimate Interests.
      2. Keeping the Website and the App running:
        1. Details: managing your requests (like quote), login and authentication, remembering your settings, processing payments, hosting and back-end infrastructure.
        2. Legal basis: Contract; legitimate Interests.
      3. Improving the Website and the App
        1. Details: testing features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping the Website, traffic optimization and data analysis and research, including profiling and the use of machine learning and other techniques over your data and in some cases using third parties to do this.
        2. Legal basis: Contract; legitimate Interests.
      4. Customer support
        1. Details: notifying you of any changes to the service, solving issues, any bug fixing.
        2. Legal basis: Contract; Legitimate Interests.
      5. Direct marketing purposes (with your consent)
        1. Details: sending you emails and messages about new functions, goods and services, and content.
        2. Legal basis: Consent.
  14. Your rights
    1. You may choose not to provide the Company with personal data. If you choose to do so, you can continue to visit the Website and use the App, but the Company will not be able to process transactions without personal data.
    2. Regarding the Website, you may turn off cookies in your browser via settings. You can block cookies on your browser refusing cookies. You may delete cookies. If you turn off cookies, you can continue to use the Website and browse its pages, but the Website and certain services will not work properly.
    3. You may ask the Company to refrain from using your data for marketing. You can opt out from marketing by emailing the Company at ra@syncontrol.com
    4. You can exercise the following rights by sending the Company an email at ra@syncontrol.com
      1. You have the right to access information about you, especially:
        1. the categories of data;
        2. the purposes of data processing;
        3. third parties to whom the data disclosed;
        4. how long the data will be retained and the criteria used to determine that period;
        5. other rights regarding the use of your data.
      2. You have the right to make the Company correct any inaccurate personal data about you.
      3. You can object to the Company using your personal data for profiling you or making automated decisions about you. The Company may use your data to determine whether the Company should let you know information that might be relevant to you (for example, tailoring emails to you based on your behaviour).
      4. You have the right to the data portability of your data to another service or Website. The Company will give you a copy of your data in readable format so that you can provide it to another service. If you ask the Company and it is technically possible, the Company will directly transfer the data to the other service for you.
      5. You have the right to be “forgotten”. You may ask erasing any personal data about you, if it is no longer necessary for the Company to store the data for purposes of your use of the Website  or the App.
      6. You have the right to lodge a complaint regarding the use of your data by the Company. You can address any complaint to your national Data Protection Authority (http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm).
    5. In the context of the right to access information the Company shall provide you with the information within one month of your request unless there is a justified requirement to provide such information faster.
  15. Principles of the processing
    1. The data protection principles outline the basic responsibilities for the Company handling your personal data. Article 5(2) of the GDPR stipulates that “the controller shall be responsible for, and be able to demonstrate, compliance with the principles”. As the Company is the controller, the Company follows the following principles:
      1. Lawfulness, Fairness and Transparency. Personal data will be processed lawfully, fairly and in a transparent manner in relation to you.
      2. Purpose Limitation. Personal data will be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
      3. Data Minimization. Personal data will be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed. The Company applies pseudonymization to personal data if possible to reduce the risks to your privacy.
      4. Accuracy. Personal data will be accurate and, where necessary, kept up to date; reasonable steps will be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified in a timely manner.
      5. Storage Period Limitation. Personal data must be kept for no longer than is necessary for the purposes for which the personal data are processed.
      6. Integrity and confidentiality. Taking into account the state of technology and other available security measures, the implementation cost, and likelihood and severity of personal data risks, the Company uses appropriate technical or organizational measures to process personal data in a manner that ensures appropriate security of personal data, including protection against accidental or unlawful destruction, loss, alternation, unauthorized access to, or disclosure.
      7. Accountability. The Company will be responsible for and be able to demonstrate compliance with the principles above.
  16. Security
    1. The Company have security and organizational measures and procedures to secure the data collected and stored. The Company have security policies and data processing agreements with all employees and contractors who are obliged to follow and maintain appropriate technical and organisational measures.
    2. Connections to the Website are encrypted using 256-bit SSL.
    3. The Company use servers that comply with strict international data security standards.
    4. You acknowledge that no perfect security infrastructure exists, no data transmission is guaranteed to be 100% secure, and there may be some security risks.
    5. You are responsible for your login information and password. You shall keep them confidential.
    6. In case if your privacy has been breached, please contact the Company immediately on ra@syncontrol.com
  17. Location of the processing of personal data
    1. The personal data collected by the Company is processed at the Company’s offices in Hong Kong. The Company may add offices in other countries and in this case, we will add an address to the contact page.
    2. The servers for storing the data are provided by HubSpot, Inc.  (25 First Street, 2nd Floor, Cambridge, MA 02141 USA,https://www.hubspot.com) which has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss–U.S. Privacy Shield Framework and has offices in the European Union.
  18. Third parties who process your data
    1. The Company uses third parties to provide services, communicate with you, deliver proposals in which you may be interested, etc
    2. When the Company does this, sometimes it is necessary for the Company to share your data with such third parties to be able to satisfy your needs. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy.
    3. Here are the details of the main third parties who may process your data:
      1. HubSpot
        1. The Company uses HubSpot to provide services available on the Website. The Website is hosted by the HubSpot. The Company uses customer relationship management (CRM) via HubSpot. HubSpot helps track your use, and issues reports on your activity.
        2. Privacy Policy
        3. HubSpot Data Processing Agreement
      2. Facebook
        1. Facebook Pixel is a web service to measure actions and build audiences. The Company uses it to track your use of the Website, and issue reports on your activity.
        2. Privacy Policy
      3. Google Analytics
        1. Google Analytics is a web analytics service. The Company uses it to track your use of the Website, and issue reports on your activity.
        2. see their privacy policy
      4. Google AdWords
        1. Google AdWords is an online advertising service. The Company uses it to provide relevant advertisement.
        2. see their privacy policy
  19. Retention period
    1. The Company will delete your personal data from the databases no later than 1 year from the last time you used the Website.
    2. Some applicable accounting, tax and regulatory laws require the Company to store personal data for specific purposes for a longer period. The Company will store such information according to such laws, use the personal data only when the Company is lawfully required to do so, provide such data only for purposes set up by such laws, and will minimize any risks regarding the vulnerability of such personal data.
  20. Transfer of your personal data
    1. The Company is set up outside the EEA, especially the Company is registered and based in Hong Kong, therefore, some data the Company collects from you will be processed in Hong Kong. Hong Kong has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR.
    2. The Company relies on derogations for specific situations as set forth in Article 49 of the GDPR. In particular, the Company collects and transfers to Hong Kong personal data only: with your consent; to perform a contract with you; or to fulfill a compelling legitimate interest of the Company in a manner that does not outweigh your rights and freedoms. The Company endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with the Company and the practices described in this Privacy Policy. The Company also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.
  21. Cookies
    1. Cookies are pieces of data that the Website transfers to your hard drive for record-keeping purposes. The Company uses cookies to provide proper functionality on the Website and aggregate traffic data (e.g., what pages are popular).
    2. The Website capture limited data (user-agent, HTTP referrer, last URL requested by the user, client-side and server-side clickstream) about visits to the Website. The Company may use this data to analyze patterns and to perform system maintenance.
    3. You have several options how to manage cookies on your device. All browsers allow you to block or delete cookies from your device. You may consult the privacy features in your browser to understand what you should do if you need to manage cookies.
    4. For your convenience, you also may use “Privacy Preference Centre” where you can deactivate “Performance Cookies”, “Functional Cookies”, and “Targeting Cookies”.
  22. Contact details of the Data Controller
SynControl; Private company limited by shares; Registered by the Government of the Hong Kong Special Administrative Region; Address: 5 Tai Mong Tsai Rd., Sai Kung, NT, Hong Kong Email: ra@syncontrol.com

COOKIES USED ON THIS SITE:

No 1 Product & Supply Chain Compliance Software for Importers and Retailers

Get product compliance & quality under control now!