Privacy and Data Protection Policy

Hitpoint Cloud Privacy and Data Protection Policy

This is the privacy and data protection policy for the website www.hitpointcloud.com and the software products and services of Hitpoint Cloud:

- Hitpoint eCommerce Bridge

- Hitpoint WW WMS

The website and software are the property of Hitpoint Cloud Co., Ltd. We place great importance on the privacy of all visitors to our website and software, as well as our product users. Therefore, this policy outlines our stance on certain privacy issues and our use of cookies on the website and software.

This policy covers all data that visitors share with us directly through www.hitpointcloud.com, email, or by using our software services. It also covers data that our customers request us to process through hitpointcloud.com, any related connectors or integrated applications, or via our software's extended applications.

---

Which regulations does this policy apply to?

There are many privacy regulations to address, not to mention our policies to ensure the privacy of our customers and their customers. Therefore, while we meet the requirements of each applicable privacy regulation or law, we treat all personal data equally for all customers, all regulations, and all personal data.

The regulations within scope include, but are not limited to:

- EU GDPR

- US Privacy Shield

- US Health Insurance Portability and Accountability Act (HIPAA)

- California Consumer Protection Act (CCPA) and other relevant privacy laws in California or other states and territories in the US

- Amazon Data

Although we treat all personal information equally (which means we may exceed the requirements of a specific single regulatory authority), we will respond to requests regarding information based on the residence of the affected person (for example, we will respond to GDPR and Privacy Shield for someone residing in the EU; for California residents, according to CCPA and other California privacy laws and regulations).

---

Information We Collect

When using our website, we may ask you to provide us with certain personal data that can be used to contact or identify you ("Personal Data"). Personal data may include, but is not limited to:

- Email address

- First and last name

- Phone number

- Address, state, province, postal code, city

- Job title, occupation

- Photos or videos you submit

Automatically Collected Information

Like many websites, when you interact with us through a computer or mobile device, we and our third-party service providers (e.g., advertising and analytics providers) use cookies, web beacons, and other data technologies to receive and store certain types of information. Using these technologies helps us identify you, customize your experience, and create relevant marketing messages. Below are the types of information we collect:

- Log and Device Data: When you visit our website, we may automatically record information ("Log Data"), including information sent by your browser when you access our website. This log data may include the URLs you came from or are going to, your device model, operating system, browser type, unique device identifier, IP address, mobile network operator, as well as time zone or location.

- Third-Party Service Providers: Our third-party service providers may provide us with information on how our marketing ads (usually placed on third-party websites) perform and who clicks on these ads. This information does not identify any specific individual and is generally non-identifiable. If we associate it with you, we will treat it as personal data.

---

Privacy Statement and Policy

- Hitpoint Cloud Co., Ltd. adheres to the principles of privacy protection. If there is any conflict between the terms of the Hitpoint Cloud Privacy and Cookie Policy at https://www.hitpointcloud.com/privacy/ (to be linked once the webpage is set up) and the principles of privacy protection, the principles of privacy protection shall apply.

---

-Hitpoint Cloud Co., Ltd.is generally considered a "data processor" under EU privacy law. For example, business customers can use the Hitpoint eCommerce Bridge to process data in the integration between two SaaS applications, which contain names, email addresses, and other personal information about their customers. As part of Hitpoint Cloud providing services to business customers, this personal information of consumers may be transmitted through the Hitpoint Cloud environment according to our Privacy Shield certification or standard contractual clauses, as described below.

---

- Additional Information on How We Handle Personal Information Transferred Under the Privacy Shield:

- For the following topics regarding our handling of personal information that relies on the Privacy Shield for transfer, please refer to the relevant sections of the Hitpoint Cloud Privacy and Cookie Policy (this document):

---

Information We Collect

- Use of Cookies (Cookie Policy)

- Do Not Track Signals

- Use of Your Information – Reasons for Using Your Personal Data

- Sharing and Disclosure

- Storage of Your Personal Data / Data Transfer

- Third-Party Links

- Choices and Individual Rights

- Security

- Sensitive Data

- Our Children's Information Policy

- Contact Us

Please note that when Hitpoint Cloud uses service providers to process personal information received under the Privacy Shield, Hitpoint Cloud is liable if the service provider processes the information in violation of the Privacy Shield principles or model clauses (unless Hitpoint Cloud can prove that it is not responsible for the service provider's actions).

Hitpoint Cloud is responsible for any of your personal information shared with third parties under the forward transfer principle for external processing on our behalf.

For responding to legitimate requests from public authorities, including to meet national security or law enforcement requirements, Hitpoint Cloud may need to disclose personal information.

Inquiry About Your Data:

Contact Hitpoint Cloud Directly – If you have any questions or complaints about our compliance with the Privacy Shield principles, please contact us at: info@hitpointcloud.com

Complaints:

In accordance with the Privacy Shield principles, Hitpoint Cloud is committed to resolving complaints regarding our collection or use of your personal information.

Individuals with questions or complaints about our Privacy Shield policy should first contact Hitpoint Cloud at: info@hitpointcloud.com

Definition of Personal Information

For the purposes of the Privacy Shield principles, "personal information" means: (1) information recorded in any form; (2) that is about or related to a specific individual; (3) can be linked to that individual; (4) collected by Hitpoint Cloud in connection with Hitpoint Cloud's business activities. Personal information does not include de-identified, anonymized, or publicly available data.

Use of Your Data

When Hitpoint Cloud uses our customers' personal data for conducting business (e.g., sales, marketing, and support), Hitpoint Cloud is the data controller. Therefore, Hitpoint Cloud has established measures to comply with GDPR requirements as a data controller and manages personal data in accordance with the following six lawful processing conditions under GDPR:

- Compliance with legal obligations

- Performance of a contract

- Legitimate interests

- Public interest

- Vital interests

- Consent

When Hitpoint Cloud transfers our customers' personal information across borders, we comply with applicable laws.

---

Use of Cookies (Cookie Policy)

Cookie Data. We may use "cookies" (small text files sent by your computer each time you visit our website) or similar technologies to record log data. Many browsers accept cookies by default. You can change this setting in your browser or clear cookies.

We may use the following types of cookies:

- Advertising and Analytics: These cookies collect information on who visits our website and how users interact with our website. This information does not identify any individual user. It is aggregated and anonymous. The information included in this analysis is the number of visitors to our website, referring websites, pages visited on our site, time of visit to our website (whether this is a new visitor or a repeat visitor), and other similar information. This information is used to help us understand how our website is used, more effectively improve and operate our services, and monitor activities on our website. Please see the list of our analytics providers below.

- Essential Cookies:These cookies help run our website and improve your experience. These include cookies that allow you to access only part of the website or help the content of our website load quickly. These cookies are only used to provide you with these services.

- Functional Cookies: These cookies allow the site to remember your chosen preferences, such as login details or other choices you may have made. These are intended to make it easier for you to use our website without having to set the same preferences each time.

- Social Media Cookies: We use social media tools on our website, and these cookies allow social media networks to record when you like or engage with social media tools on our website. In some cases, social networks may send us data that you have set to share. If you do not want social media networks to share information with us, please check your privacy settings on the social media network.

- Advertising Cookies: These cookies allow us to track browsing habits when you visit our website. Based on your browsing history and with your consent, we may use third-party advertising partners to show you relevant ads when you visit third-party websites (e.g., social media platforms). In these cookies, we may also know your precise location, such as latitude, longitude, GeoIP, and other location-specific information. Please see below for your choices regarding cookies and the use of advertising.

To help us make our emails more useful and interesting, if your computer supports such functionality, we usually receive confirmation when you open our emails. You can choose not to receive our emails. Please see the "Your Choices" section below.

We may also use pixel tags, which are small graphic files that allow us and third parties to monitor website usage and provide us with information based on your interactions with the website. These tags may collect IP addresses from the device you used to load the page. When you visit our website, our third parties will also use pixel tags to collect information, links you perform on our website, and other actions, and we may combine this information with cookies to display targeted ads.

Form/Online Behavior

Other data technologies may be used to collect comparable information for security and fraud detection purposes.

---

### Amazon Data Protection

We provide software and services for Amazon sellers. To comply with Amazon's Data Protection Policy https://sellercentral.amazon.com/mws/static/policy?documentType=DPP&locale=en_US , we have established additional policies for Amazon data. If these policies conflict with other policies listed in this document, the Amazon data policies take precedence:

- We do not provide any Amazon data or personally identifiable information from Amazon to our users. If our software and services require Amazon data to complete a process, we only use it within the process. This means that within our logistics software and services, within our tax accounting services, you can obtain the service results, but we do not provide Amazon data in any format.

- We do not offer archiving or backup services for any Amazon data, nor do we provide any offline backups to any user.

- We use Amazon data on a need-to-know basis and encrypt Amazon data as required by Amazon policies. We do not provide any technical details related to data security regarding networks, software, and hardware. Our Amazon data workflows are subject to Amazon's review only.

- Any attempt to violate our policies and retrieve Amazon data from our service processes is illegal. We reserve the right to take legal action.

---

### Do Not Track Signals?

Our website and services do not collect personal information about your online activities over time and across third-party websites or online services. Therefore, "Do Not Track" signals transmitted from web browsers do not apply to our website or services, and we will not change any of our data collection and usage practices upon receiving such signals.

---

### Use of Your Information – Reasons for Using Your Personal Data

The information we collect and store about you is primarily used to enable us to provide you with services. Additionally, Hitpoint Cloud collects and processes any personal data you may provide based on the following lawful reasons:

- Legitimate Business Interests: To provide you with information related to our products or services that you have requested and to provide information about other products that we believe may interest you (if you consent to receive such information, this is considered a legitimate business interest). To notify you of any changes to our website, such as improvements or changes to our services/products that may affect our services. If you are an existing customer, we may contact you to provide information about goods and services similar to those previously sold to you.

- Performance of a Contract: To fulfill our contractual commitments to you and to perform our contractual obligations.

- User Consent: We may use your data, or allow selected third parties to use your data, to provide you with information about relevant services that we may collaborate to offer. If you are a new customer, we will only contact you or allow third parties to contact you in the manner you have consented to, and only if you have consented. If you do not wish us to use your data for ourselves or third parties, you will have the opportunity to withdraw your consent.

- Please note that we do not disclose personally identifiable information to our advertisers, but we may sometimes provide them with aggregated statistics about visitors, such as your region of residence or age group.

---

### Sharing and Disclosure

We will not share your personal information with others unless specified in this policy or we notify you and give you the opportunity to opt-out of sharing your personal information.

We will share your information in the following ways:

- With third-party service providers, agents, or contractors. We use other companies, agents, or contractors ("service providers") to provide services on our behalf or to assist us in providing services to you. For example, we may engage service providers to process credit card transactions or other payment methods. Alternatively, we may engage service providers to offer marketing, advertising, communication, infrastructure and IT services, provide customer service, collect debts, and analyze and enhance data (including data about user interactions with our services). These service providers may access your personal or other information to provide these functions. Additionally, certain information we request may be collected on our behalf by third-party providers. We do not authorize them to use or disclose your personal information unless it is related to providing their services.

- To comply with legal processes or to protect Hitpoint Cloud. If we believe that disclosure is reasonably necessary to comply with laws, regulations, legal or government requirements; to enforce applicable terms of use, including investigating potential violations; to protect the safety, rights, or property of the public, any individual, or Hitpoint Cloud according to legal requirements; or to detect, prevent, or otherwise address security or technical issues or illegal or suspected illegal activities (including fraud).

- Business transfers. We may engage in mergers, acquisitions, bankruptcies, dissolutions, reorganizations, or similar transactions or procedures involving the transfer of information described in this policy. In such transitions, customer information is often one of the business assets transferred or acquired by third parties. In the event that we or substantially all of our assets are acquired or enter court proceedings, you acknowledge that such transfers may occur, and your personal information may continue to be used in accordance with the provisions of this Privacy Policy.

Do Not Track Signals?

Use of Your Information – Reasons for Using Your Personal Data

- Performance of a Contract: To fulfill our contractual commitments to you and to perform our contractual obligations.

---

### Sharing and Disclosure

We will not share your personal information with others unless specified in this policy or we notify you and give you the opportunity to opt-out of sharing your personal information.

We will share your information in the following ways:

For California Residents – As of January 1, 2020:

Under the California Consumer Privacy Act, you as a California resident have the right to:

- Request that we do not sell your data.

- Hitpoint Cloud does not sell any consumer information as defined by CCPA, so we do not have or need a "Do Not Sell My Info" button.

- Request information about what information we hold about you (see the list of categories above).

- Request specific pieces of personal information we have collected about you.

- Request the categories of third parties with whom we share your personal information. (partners)

- Correct inaccurate data.

- Request that Hitpoint Cloud delete any personal information about you collected by Hitpoint Cloud within the scope of the California Consumer Privacy Act of 2018.

- Enjoy equal service and pricing even if you exercise your privacy rights.

Security

We use reasonable administrative, logical, physical, and managerial measures to protect your personal information from loss, theft, and unauthorized access, use, and modification. Unfortunately, no measures can guarantee 100% security. Therefore, we cannot guarantee the security of your information.

Sensitive Data

We ask that you do not send us any sensitive data, such as social security numbers or national identification numbers, information related to race or ethnic origin, political views, religious beliefs, health data, biometric or genetic, criminal background, or trade union membership information. If you do send us this information, you agree to its processing in accordance with this Privacy Statement. To avoid processing sensitive data, please do not submit it.

Our Children's Information Policy

Our website is not directed at children under the age of 16. If you become aware that your minor child has provided us with personal information without your consent, please contact us.

- We welcome any questions, comments, or requests you may have regarding this policy, please feel free to contact us at info@hitpointcloud.com

- If you have any questions about the information we may hold about you, you can contact us as follows:

1. Send an email to our Data Protection Officer at info@hitpointcloud.com, providing the following information:

- Name _________________________________

- Company _______________________________

- Title ___________________________________

- Country ________________________________

- Country of Residence ______________________

- How to contact you regarding the request, (phone or email, preferably email, address)

2. Call our toll-free number 400 033 9909 and leave a message, including:

- Name _________________________________

- Company _______________________________

- Title ___________________________________

- Country ________________________________

- Country of Residence ______________________

- How to contact you regarding the request, (phone or email, preferably email, address)

Privacy and Data Protection Policy

Hitpoint Cloud Privacy and Data Protection Policy

This is the privacy and data protection policy for the website www.hitpointcloud.com and the software products and services of Hitpoint Cloud:

- Hitpoint eCommerce Bridge

- Hitpoint WW WMS

---

Which regulations does this policy apply to?

The regulations within scope include, but are not limited to:

- EU GDPR

- US Privacy Shield

- US Health Insurance Portability and Accountability Act (HIPAA)

- California Consumer Protection Act (CCPA) and other relevant privacy laws in California or other states and territories in the US

- Amazon Data

---

Information We Collect

When using our website, we may ask you to provide us with certain personal data that can be used to contact or identify you ("Personal Data"). Personal data may include, but is not limited to:

- Email address

- First and last name

- Phone number

- Address, state, province, postal code, city

- Job title, occupation

- Photos or videos you submit

Automatically Collected Information

---

Privacy Statement and Policy

---

- Additional Information on How We Handle Personal Information Transferred Under the Privacy Shield:

---

Information We Collect

- Use of Cookies (Cookie Policy)

- Do Not Track Signals

- Use of Your Information – Reasons for Using Your Personal Data

- Sharing and Disclosure

- Storage of Your Personal Data / Data Transfer

- Third-Party Links

- Choices and Individual Rights

- Security

- Sensitive Data

- Our Children's Information Polic

- Contact Us

Hitpoint Cloud is responsible for any of your personal information shared with third parties under the forward transfer principle for external processing on our behalf.

For responding to legitimate requests from public authorities, including to meet national security or law enforcement requirements, Hitpoint Cloud may need to disclose personal information.

Inquiry About Your Data:

Contact Hitpoint Cloud Directly – If you have any questions or complaints about our compliance with the Privacy Shield principles, please contact us at: info@hitpointcloud.com

Complaints:

In accordance with the Privacy Shield principles, Hitpoint Cloud is committed to resolving complaints regarding our collection or use of your personal information.

Individuals with questions or complaints about our Privacy Shield policy should first contact Hitpoint Cloud at: info@hitpointcloud.com

Definition of Personal Information

Use of Your Data

- Compliance with legal obligations

- Performance of a contract

- Legitimate interests

- Public interest

- Vital interests

- Consent

When Hitpoint Cloud transfers our customers' personal information across borders, we comply with applicable laws.

---

Use of Cookies (Cookie Policy)

We may use the following types of cookies:

Form/Online Behavior

Other data technologies may be used to collect comparable information for security and fraud detection purposes.

---

### Amazon Data Protection

- We do not offer archiving or backup services for any Amazon data, nor do we provide any offline backups to any user.

- Any attempt to violate our policies and retrieve Amazon data from our service processes is illegal. We reserve the right to take legal action.

---

### Do Not Track Signals?

---

### Use of Your Information – Reasons for Using Your Personal Data

- Performance of a Contract: To fulfill our contractual commitments to you and to perform our contractual obligations.

---

### Sharing and Disclosure

We will not share your personal information with others unless specified in this policy or we notify you and give you the opportunity to opt-out of sharing your personal information.

We will share your information in the following ways:

Do Not Track Signals?

Use of Your Information – Reasons for Using Your Personal Data

- Performance of a Contract: To fulfill our contractual commitments to you and to perform our contractual obligations

---

### Sharing and Disclosure

We will not share your personal information with others unless specified in this policy or we notify you and give you the opportunity to opt-out of sharing your personal information.

We will share your information in the following ways:

For California Residents – As of January 1, 2020:

Under the California Consumer Privacy Act, you as a California resident have the right to:

- Request that we do not sell your data.

- Hitpoint Cloud does not sell any consumer information as defined by CCPA, so we do not have or need a "Do Not Sell My Info" button.

- Request information about what information we hold about you (see the list of categories above).

- Request specific pieces of personal information we have collected about you.

- Request the categories of third parties with whom we share your personal information. (partners)

- Correct inaccurate data.

- Request that Hitpoint Cloud delete any personal information about you collected by Hitpoint Cloud within the scope of the California Consumer Privacy Act of 2018.

- Enjoy equal service and pricing even if you exercise your privacy rights.

Security

Sensitive Data

Our Children's Information Policy

Our website is not directed at children under the age of 16. If you become aware that your minor child has provided us with personal information without your consent, please contact us.

- We welcome any questions, comments, or requests you may have regarding this policy, please feel free to contact us at info@hitpointcloud.com

- If you have any questions about the information we may hold about you, you can contact us as follows:

1. Send an email to our Data Protection Officer at info@hitpointcloud.com, providing the following information:

- Name _________________________________

- Company _______________________________

- Title ___________________________________

- Country ________________________________

- Country of Residence ______________________

- How to contact you regarding the request, (phone or email, preferably email, address)

2. Call our toll-free number 400 033 9909 and leave a message, including:

- Name _________________________________

- Company _______________________________

- Title ___________________________________

- Country ________________________________

- Country of Residence ______________________

- How to contact you regarding the request, (phone or email, preferably email, address)

- If you would like to write to us, our mailing address is:

- Hitpoint Cloud Co., Ltd.

- No. 221 Huangxing Road, Yangpu District, Shanghai, China

- Postal Code: 200090

- Phone: 400-033-9909

Last Updated: June 21, 2021If you would like to write to us, our mailing address is:

- Hitpoint Cloud Co., Ltd.

- No. 221 Huangxing Road, Yangpu District, Shanghai, China

- Postal Code: 200090

- Phone: 400-033-9909

Last Updated: June 21, 2021