The data
controller under the EU General Data Protection Regulation (“the GDPR”) is:
Company: Changan Automobile
Deutschland GmbH
Address:
Georg-Brachle-Ring 56-58, 80992 Munich
Email: compliance@changanauto.eu
MyChangan
is an application developed by Changan Automobile Deutschland GmbH (hereinafter
referred to as “we”, “us”, “our”) to connect your vehicle and provide related
services. We attach great importance to your personal data. We will strictly
follow the provisions of the EU General Data Protection Regulation (“the GDPR”)
and other laws, and adhere to the principles of lawfulness, fairness,
transparency, purpose limitation, data minimization, accuracy, storage
limitation, integrity and confidentiality, and accountability to protect your
personal data and related rights. Through this MyChangan Privacy Policy
(“this Policy”), you will learn how we collect, use, store, disclose and
protect your personal data and other related information when using MyChangan's
products or services.
Please
understand that authorized dealers are independent entities and applications
and other services provided by third parties are not related to us. Please
understand and be aware of the privacy policies of third parties. If you have
any questions, please contact the third parties directly.
This
Policy applies to the Internet-based and mobile Internet-based services we
provide to you, including mobile clients, applications and other forms, as well
as other places where we collect your personal data.
Reminder:
If
you are under 16 years old, please do not provide any personal data without the
permissions of your parents or legal guardians.
By checking or clicking on
“Read”, “Agree” or other actions with the same meaning on the page to which
this Policy belongs, you are deemed to agree to the relevant content of this
Policy and agree to our processing of your personal data in accordance with
legal requirements and this Policy. If you do not agree to any content of this
Policy, we will not process your personal data. In general, this will not
affect your use of our products or services, unless the processing of relevant
personal data is necessary to provide the products or services. Please read
this Policy carefully before checking or clicking on “Read”, “Agree” or other
actions with the same meaning, accepting products or services we provide, and
submitting personal data to ensure that you are fully aware and understand the
meaning and corresponding legal consequences of its content. The MyChangan can
be used only after confirmation of full understanding and agreement.
We will identify, by bolding or
other reasonable means, terms that are (potentially) materially related to your
rights and interests, terms relating to sensitive personal data, etc., and you
should focus on reading them. If you have any questions, comments, or
suggestions about this Policy, you may contact us using the contact information
provided in this Policy.
Please
understand that our services are intended for the public. If you are not a
CHANGAN vehicle owner, you could still download MyChangan and register to sign
in, but you will not be able to bind your vehicle. We will still collect your
personal data based on the functions and services you use.
Part 1. Definitions and Legal Basis
Section 1. Definitions
1. “Personal Data” means any information
relating to an identified or identifiable natural person (“data subject”); an
identifiable natural person is one who can be identified, directly or
indirectly, in particular by reference to an identifier such as a name, an
identification number, location data, an online identifier or to one or
more factors specific to the physical, physiological, genetic, mental,
economic, cultural or social identity of that natural person.
2. “Special categories of personal data” refers
to personal data revealing racial or ethnic origin, political opinions,
religious or philosophical beliefs, trade union membership, and other personal
data, as well as genetic data, biometric data, data concerning health or data
concerning a natural person's sex life or sexual orientation and other related
data.
Section 2. Legal Basis
We
collect and process your Personal Data in
strict compliance with the GDPR. We do not normally collect Personal
Data directly from any other source than the data subject, and we collect
and process your Personal Data for the purposes
described in this Policy. In cases where the collection of special categories
of personal data, cross-border transfers of data, etc. are (potentially) of
significant relevance to your rights and interests, we will notify you by means
of enhanced notification or instant alerts (e.g., pop-up reminders) and obtain
your explicit consent.
We will
generally collect, use, disclose or otherwise process your Personal Data with
your consent or in accordance with the law, for the purposes described in this
Policy, including but not limited to the following circumstances:
l
You have given consent to the processing of your
Personal Data for one or more specific purposes;
l
Processing is necessary for the performance of a
contract with you or to take steps at your request prior to entering into a
contract;
l
Processing is necessary for compliance with our
legal requirements and fulfill our legal obligations;
l
Processing is necessary to protect the vital
interests of you or another natural person;
l
Processing is necessary for the performance of a
task carried out in the public interest or in the exercise of official
authority vested in us.
Part 2. The business features we offer and
how we collect and process your Personal Data
The type and scope of Personal Data we
collect from you may vary depending on the physical environment you are in, the
permissions you have authorized to open, the SDKs you are using, etc. It may
also vary depending on whether you select "Full Privacy Mode" or
"Connected Services and Analytics Mode" or "Whether or not to
log in to your owner's or driver's account and use Connected Vehicles
features" in your vehicle system.
Section 1.
We will collect and process your Personal Data for the following purposes as
set out in this Policy.
We collect
and process your Personal Data for the purpose of providing you with the
products or services described below. We process Personal Data on the basis of
legitimate interests and we have carried out balancing tests, data protection
impact assessments etc. to document the processing with due regard to the
impact of the processing on your personal data rights. The Personal Data
described below is necessary to provide MyChangan's features or services, and
we may perform automated decision-making or send you marketing information via
email, telephone, etc. based on the Personal Data we collect from you.
Therefore, if you do not provide and authorize us to process the Personal Data
described below, we will not be able to provide you with products or services.
1. Personal Data you
provide
|
Products or services |
Personal Data |
Purposes |
|
Register / Login account |
Email address, email
verification code, telephone number, mobile verification code, login
password, traceid, userid, VIN code, vehicle model, vehicle registration
number, vehicle nickname, vehicle parameters |
We
collect email address, email verification code, telephone number, mobile
verification code, login password for MyChangan account registration and login. If you have bound a vehicle, we
collect traceId, userId, VIN, vehicle model,
license plate number, vehicle nickname, vehicle parameters for synchronizing
your data for display on the APP page. |
2. Personal data
collected when you use the products or services
|
Products or services |
Personal Data |
Purposes |
|
Account and Security Management |
Email address, telephone number,
login password, mobile phone network status, device model, device type,
device version, operation log, service log, IP address |
We collect
email addresses, telephone number, and login passwords to distinguish between
different accounts. We
collect mobile phone network status to ensure the normal use of the service. We
collect device model, device type, device version, operation logs, service
logs, and IP addresses to identify abnormal account status, understand
product suitability, and ensure the safe and stable operation of the services
provided to you. |
|
Remote control of vehicles |
vehicleId, vehicle air
conditioning status, tire status, charging status, travel plan, seat status,
lamp status, vehicle cycle status, vehicle position, window information, door
status, vehicle status data; steering wheel heating status, remote seat
heating status, battery heating status, seat ventilation status, vehicle
control code, flashing siren, flashing lights |
We collect these data for you to
check the relevant data, such as battery level and mileage, in the APP when
you bind the vehicle with our APP and turn on the relevant functions of the
vehicle. If you open the corresponding collection authority in the vehicle
system, it can provide you with the function of remote control of
vehicle-related status, such as window control, car search, interior air
conditioning on and temperature setting, seat ventilation, steering wheel
heating, remote seat heating, and travelling reservation. |
|
Vehicle management |
Vehicle nickname, license plate
number, vehicle model, VIN, purchase record, device model, vehicleId |
We collect vehicle nickname,
license plate number, vehicle model, VIN, and purchase record for the purpose
of systematically identifying and marking the vehicles you wish to manage, so
that we can accurately identify and provide you with services such as bonding
and unbinding vehicles. |
|
Vehicle upgrades |
VIN, software version number,
vehicle model, vehicleId, traceId |
We collect the VIN, software
version number, vehicle model, vehicleId, traceId for system identification,
to identify the vehicle to be upgraded and the version of the system to be
upgraded. |
|
Charging reservation |
Target SOC setting, reservation
status, remote charging start/end time setting control, remote charging end
time setting control, remote charging start time setting |
We collect these data to
determine the battery target state of charge, the current appointment status
to avoid repeat appointments and your chosen charging period. |
|
Language and country settings |
System language, country code,
device model, VIN |
We
collect system language, country code, and device model for switching
language versions for your convenience. We
collect VIN in order to find information about the vehicle you are tying into
and to synchronise language switching. |
|
Bluetooth key |
Bluetooth data |
We collect Bluetooth data to
identify nearby devices for connection and control the vehicle through
Bluetooth keys. |
|
Vehicle diagnostics |
Tire pressure data, airbag data,
battery current and charging status data, powertrain data, vehicle stability
system data, steering data, ABS data, etc. |
We collect this data for you to
check the current health of your vehicle and to see if the vehicle's major
modules are in proper condition. |
|
Vehicle condition check |
Air quality data |
We collect air quality data to
show you the current air quality of your vehicle. |
|
Vehicle sharing |
Email address, CAPTCHA, expiry
time data, email address of the person being shared |
We
collect email addresses and verification codes for authentication when you
share your vehicle with other users on the app. We
collect valid time data to set the expiry date of sharing. We
collect the email address of the person being shared for record-keeping
purposes so that the person being shared can log in to their account and use
it. |
3. Personal data
obtained from third parties
To protect your rights and interests,
fulfill our contractual obligations with you, comply with legal requirements or
obtain your consent, we may receive your Personal Data from third parties,
including but not limited to: our dealers, our service providers. We will
strictly comply with the provisions of Article 14 of the GDPR to fulfill our
obligations to protect your Personal Data and rights.
Section
2. We will only require your authorization to turn on the following permissions
for you to use our products or services.
To
provide the relevant products and services, in addition to the Personal Data
provided by you, we may also need you to authorize the opening of the following
permissions, and the refusal to open these permissions may result in us being
unable to provide you with the relevant products or services.
These
permissions include network, Bluetooth, location, and camera device
permissions, as detailed in the table below:
|
User Rights |
Descriptions |
Purposes |
|
Network |
When you use the MyChangan, we may need to
enable network permissions on your mobile device. |
Enable network and networking services,
browse pages, and use features. |
|
Bluetooth |
When you use the Bluetooth key function, we
may need to enable Bluetooth permissions on your mobile device. |
Use
Bluetooth key to control the vehicle and search for nearby devices. |
|
Camera |
When you need to log in, authorize and
other operations on the car terminal, we need you to scan the QR code on the
car terminal using the APP. We may need to open the camera permission of your
mobile device. |
It is used for scanning the QR code of the
car terminal, logging in the account of the car terminal, completing the
authorization in the scenarios such as restoring the factory settings and
other scenarios where the camera privileges may be used. |
|
Location |
When you use the Bluetooth Key feature, we
may need to turn on location permissions for your mobile device. |
Identify
nearby vehicles and unlock the vehicle with the Bluetooth key. |
We only
collect the permissions mentioned in the above description and will not request
additional permissions beyond the functional requirements. You can choose to
turn off some or all permissions at any time in the device settings function;
You can manage your permissions and refuse the collection of your Personal Data
by operating within MyChangan: "Home" - "Personal Center" -
"Setting" - "System Rights Management".
Section
3. We will only access the SDK if you use our products or services for the
following reasons.
For
the purpose of providing services to you and with your consent, we may access
and update from time to time the software development kit (SDK) in order to
ensure the realization and stable operation of the functions. We will monitor
the security of the SDK within the current state of technology and reasonable
time and labor costs and will protect the security of your Personal Data as
much as possible. For more information, see the following table.
|
SDK |
Personal Data |
Scenarios and Purposes |
|
Digital Key SDK |
Device identification information, geographic location
information |
Used to initiate Bluetooth connections with vehicle-to-vehicle
devices and issue Bluetooth positioning calibration data. |
Part 3. How we disclose and store your
Personal Data
Section 1. Disclosure
Under
normal circumstances, we will not disclose your Personal Data to third party
subjects. In order to protect your rights and interests, fulfill the
contractual obligations signed with you, meet the legal requirements or obtain your
consent, we may disclose your Personal Data to third-party subjects, and we
will always comply with the legal requirements when disclosing your Personal
Data, abide by the principles of purpose limitation and minimum necessity, and
protect your Personal Data and related rights. The details are as follows:
1.
Service providers of Changan Automobile Deutschland GmbH
We
may disclose your Personal Data to service providers to protect your rights and
interests, fulfill our statutory obligations and contractual obligations
entered into between us and you, and to provide complete products or services.
We will provide Personal Data to the minimum extent necessary for them to
provide the service and sign a contract requiring the service provider not to use
your Personal Data for any purpose other than the purpose agreed with us and to
take technical, organizational, and administrative measures to protect your
Personal Data. Service providers include but are not limited to: (1) IT
service providers; (2) logistics and freight service providers; (3) data
storage and cloud service providers; (4) event management service providers;
(5) call center service providers.
2.
Business partners of Changan
Automobile Deutschland GmbH
In
order to protect your rights and interests, fulfill our legal obligations and
contractual obligations with you, and provide complete products or services, we
may disclose your Personal Data to our business partners. We will provide
Personal Data to the minimum extent necessary for their business cooperation
and sign a contract requiring the business partners not to use your Personal
Data for any purpose other than those agreed with us and to take technical,
organizational, administrative, and other measures to protect your Personal
Data. Partners include but are not limited to dealers, maintenance business,
insurance business, financial business, and other partners.
3.
Third parties required by law
We
may have to disclose your Personal Data under certain legal requirements, such
as: legal obligations that we need to fulfill or rights that need to be
protected.
4.
If we are required by law to obtain your consent, we will first obtain your
consent.
Section 2. Storage
The
Personal Data we collect and generate about you while operating and
administering MyChangan within the European Union is stored in our database
server room in Frankfurt, Germany, under conditions that will satisfy the data
protection standards of the European Union.
The
duration of our storage of your Personal Data may vary depending on the purpose
of the processing, legal requirements, your rights, etc., but will not exceed
the time necessary for the processing of the Personal Data. After the expiry of
the storage period, we will delete your personal data or make the Personal Data
unrecognizable to you directly or indirectly.
We
have applied a series of technical, administrative, and organizational measures
to protect the stored Personal Data and to minimize the risk of unauthorized
use, disclosure, and inaccessibility. The security measures we have taken
include, but are not limited to data desensitization, data encryption,
firewalls, and data access authorization controls.
Part 4. How we
process your Personal Data in global range
To protect your Personal Data, we do not
normally process your Personal Data outside the European Union. However, in
order to comply with legal requirements, fulfill our contractual obligations
with you, fulfill your functional use and ensure the safe and stable operation
of your vehicle, provide other assistance services, etc., and subject to your
consent, we may transfer your Personal Data outside the European Union to a third
country or accessed by our affiliates company in a third country, and your Personal Data may be transferred or disclosed within
the intra-group.
Where data protection standards in third
countries are lower than those determined as adequate by the European Union or
the European Commission, we will apply protection equivalent to the GDPR requirements,
in accordance with the authorization of the competent regulatory authority, to
ensure that Personal Data transferred to third countries will be accorded at
least the same protection standards as those required by the European Union.
For example, we will enter into a standard contractual clause (SCC) with a
third country recipient or establish binding corporate rules that meet the
conformance mechanism as set forth in the GDPR; or we will adopt technical
measures to make that the Personal Data cannot be directly or indirectly
identified to you. Alternatively, we will enter the standard data protection
provisions adopted by the European Commission in accordance with the GDPR.
Furthermore, we will transfer the Personal Data to any third countries or international
organizations under the condition that we ensure that you can exercise your
rights and obtain effective legal remedies.
If you would like more information about
how your Personal Data is protected outside of the EU, please contact us using
the contact details provided in this Policy.
Part 5. How we
protect your Personal Data
We will provide appropriate security
measures to prevent unauthorized or unlawful access, use, correction, or
disclosure of your Personal Data. We regularly review and update the security
mechanisms used to protect data to provide effective protection against data
abuse.
We use encryption technology to ensure the
confidentiality of Personal Data; We use trusted protection mechanisms to
prevent malicious attacks on data; and we deploy access control mechanisms to
ensure that only authorized personnel have access to Personal Data. We have
established a dedicated privacy compliance organization and a management system
for employees and third parties, etc. We will regularly hold security and privacy protection
training courses to enhance employees' awareness of the importance of
protecting Personal Data. We will carefully select service providers and
business partners and conduct periodic Personal Data protection audits.
In the event of a data breach, we will
notify the regulator in accordance with Article 55 of the GDPR, where
practicable, within 72 hours of
becoming aware of the data breach, unless it is unlikely that such a breach of
Personal Data would pose a risk to your rights and freedoms. If the Personal
Data breach is likely to pose a high risk to
your rights and freedoms, we will immediately notify you of the remedial
measures taken in relation to the Personal Data breach
and notify the affected parties and relevant authorities.
If you believe the
security of your Personal Data has been compromised, or if you would like
further information about our data protection measures, please contact us using the
contact information provided in this Policy.
Part 6.
How we protect your rights
We want to make sure that you are fully
aware of all your rights as a data subject. In accordance with the relevant
laws and regulations of the European Union, as well as the general practices of
other countries and regions, you have the following legal rights to your
Personal Data:
Section 1. The right to access, review and
obtain a copy of your Personal Data
Pursuant to
Article 15 and Article 20
of the GDPR, you have the right to access, review and obtain a copy of your
Personal Data, except for the exceptions specified by law.
You can access and review some of your
Personal Data within MyChangan by going to: ‘Home’ - ‘Personal Centre’.
You can send an email to compliance@changanauto.eu
to request access to and obtain a copy of your Personal Data.
If it is technically feasible and meets
the conditions stipulated by the relevant authorities, we can transfer a copy
of your Personal Data collected by us directly to you, or your designated
Personal Data controller, at your request, and we will provide you with an
appropriate way to transfer them.
Section 2. The right to object
Pursuant to
Article 21 of the GDPR,
you have the right to object to the collection, use or disclosure of the
Personal Data in question, e.g., you have the right to object to direct
marketing.
You can send us a request to object to the
processing of your Personal Data by sending an email to compliance@changanauto.eu
Section 3. The right to erase or destroy
Pursuant to Article 17 of the GDPR, you
have the right to request that we erase the Personal Data relating to you or
make the Personal Data unassociated to you, directly or indirectly, based on
the following circumstances:
1. If our processing of Personal Data in violation of
laws and regulations;
2. If the purpose of processing your Personal Data has
been achieved, cannot be achieved or is no longer necessary to achieve this
purpose (for example, you are no longer the owner of CHANGAN Automobile; if you
restore the in-vehicle terminal as the owner to the factory settings, your Personal
Data in the in-vehicle terminal system will be deleted, etc.);
3. If we collect or use your Personal Data without your
authorized consent or you object to our collection, use or disclosure of your
Personal Data;
4. If our processing of your Personal Data in breach of
our contract with you;
5. If we have ceased to provide products or services or
if the retention period has expired;
6. If you have withdrawn your authorized consent for us
to process your Personal Data and there is no other legal basis to support the processing
of your Personal Data;
7. You have exercised your right of object pursuant to
Article 21 of the GDPR and there is no other superior legal basis for the
processing of your Personal Data;
8. When we erase Personal Data on the basis of compliance
with a legal obligation in EU or Member State;
9. When the collection of Personal Data relates to
information on the provision of social services under Article 8, of the GDPR;
10. In other cases provided for by law.
You can send us a request for erasure of
your Personal Data by sending an email to compliance@changanauto.eu
If you need to cancel your account, you
can do so in MyChangan: ‘Home’ - ‘Personal Centre’ - ‘Account & Security ’
- “Account cancellation”. After cancellation of your account, we will stop
providing you with all MyChangan's products and services, and delete your
Personal Data generated in the course of your use of MyChangan in accordance
with the requirements of laws and regulations, or make it impossible for such
Personal Data to identify you directly or indirectly. If you are unable to
cancel your account in the above manner, you can send us a request to cancel
your account by sending an email to: compliance@changanauto.eu
If we decide to respond to your erasure
request, we will also simultaneously notify other entities that have access to
your Personal Data through us and ask them to erase it, unless otherwise
required by law or regulation, or if these entities have obtained your
independently authorized consent.
Due to legal requirements or technical
limitations, we may not immediately erase or anonymize the corresponding
Personal Data from our systems and in the meantime, we will store your Personal
Data securely and not process it any further, leaving your Personal Data in a
state where it cannot be retrieved or accessed.
Section 4. The right to restrict
processing
Pursuant to Article 18 of the GDPR, you
can send us a request for restriction of the processing of your Personal Data
by sending an email to compliance@changanauto.eu based on the following
circumstances:
1. You question the accuracy of your Personal Data,
subject to allowing us to verify the accuracy of your Personal Data within a
certain period of time.
2. The processing is unlawful, and you only request the
restriction of the use of the Personal Data and object to the deletion of the
Personal Data.
3. We no longer require the Personal Data for the
purposes of the processing, but you require the Personal Data for the
establishment, exercise, or defense of legal rights.
4. When we are waiting for verification or review to
prove that we collected, used, or disclosed your Personal Data based on an
exemption or for the purposes of scientific, historical, or statistical
research in order to refuse your request to object to the processing of personal
data.
Section 5. The right to rectification
Pursuant to Article 16 of the GDPR, you
have the right to request us to correct or supplement your Personal Data
processed by us when you find it to be inaccurate or incomplete.
You can improve your Personal Data through
‘Home’-‘Personal Centre’-‘Account and
Security’.
If you are unable to correct your Personal
Data in the ways described above, you can send us a request to correct your
Personal Data by sending an email to compliance@changanauto.eu
Section 6. The right to withdrawal of
consent
You also have the right to give or
withdraw your consent to the collection, use or disclosure of Personal Data at
any time. You can give or withdraw your consent at any time by going to ‘Home’
- ‘Personal Centre’ - ‘About Us’ - ‘Privacy Policy’ - click on ‘More Actions’
in the upper right corner - ‘Withdraw Consent’ and click on ‘Withdrawal’. -
‘Privacy Policy’ - click on ‘More Actions’ in the upper right corner -
‘Withdraw Consent’ and click on Confirmation ". If you are unable to
withdraw your consent in the manner described above, you can send us a request via
email to: compliance@changanauto.eu. After you have withdrawn your consent, we
will no longer process the Personal Data within the scope of your withdrawal of
consent, but the decision to withdraw your consent will not affect the
collection, use or disclosure of the Personal Data to which you have already
consented.
Section 7. Responding to your requests and
complaints above
In order to protect your personal data
rights and data security, we may need you to verify your identity by means of a
written request, etc. before accepting your request, and we will provide you
with information on our response to these requests in response to your request
within one month from the date of receipt of your request, which may sometimes
take longer than one month if your request is particularly complex or you have
made many requests. In
such cases, we will inform you and keep you updated on the above extensions
within one month from the date of receipt of the request, together with the
reasons for the extension and the possibility for you to file a complaint with
the regulator and seek judicial remedies.
We will notify data recipients of any
changes, erasures, and restrictions to the processing of Personal Data after it
has been made public pursuant to Articles 16, 17 and 18 of the GDPR, unless
such notification proves impossible or requires unreasonable efforts. We will
inform you of these data recipients upon your request.
We may refuse requests that are
groundless, require disproportionate technical means (e.g., the development of
new systems or fundamental changes to existing current practice law), pose a
risk to the legitimate interests of others or are highly impractical.
Pursuant to the GDPR, you may report to a
supervisory authority and seek judicial remedies if you believe that our
collection, use and disclosure of your Personal Data is unlawful or does not
comply with applicable personal data protection laws.
Section 8. We may not
be able to respond to your request in the following circumstances:
1. With us that perform the obligations as stipulated in laws and
regulations;
2. Those that are directly related to national security and
national defense security;
3. Those that are directly related to public security, public
health, and major public interests;
4. Those that are directly related to criminal investigation,
prosecution, trial, enforcement of judgment, etc.;
5. We have sufficient evidence to prove that you have subjective
malice or abuse of your rights;
6. Where to protect your or others' life, property and other
significant legitimate rights and interests but it is difficult to obtain your
consent;
7. Responding to your request will cause serious damages to your
legitimate rights and interests or those of other individuals or organizations;
8. Where it relates to the exercise of the rights to freedom of
expression and information;
9. Where it relates to trade secrets;
10. Complying with your request will adversely affect the rights and
freedoms of others;
11. Your request is manifestly unreasonable or excessive, especially
if it is repeated.
Part 7. How we protect the Personal Data of
minors
Our products and services are primarily marketed towards adults.
Minors under the age of 16 may not create their own accounts without the
consent of a parent or other guardians. We do not knowingly collect Personal
Data from users under the age of 16 without the prior consent of a parent or
other guardians. We
will consider available technology and make reasonable efforts to verify the
consent or authorization of the child's guardian in a situation involving the
child.
If we become aware that any Personal Data
of any minor under the age of 16 has been inadvertently collected, we will
immediately delete the data or process the minor's Personal Data only if we can
rely on a legal basis other than consent.
We will strictly comply with national and
regional legal requirements regarding the Personal Data of minors and comply strictly
with any lower age thresholds required by law.
Part 8. How we use Cookies and similar
technologies
Cookies
are small file that are temporarily stored on your computer or mobile device to
recognize and remember you. It is sent to your browser and stored on your
computer's hard drive, tablet, or mobile device. When you visit our service
providers, business partners and our websites and emails we received, we may
collect data about you through Cookies or similar technologies. A detailed
description of what Cookies are and how they work can be found in the EU
Cookies Guide: Cookies policy (europa.eu).
The
use of Cookies and similar technologies helps us to analyze your usage to
improve your experience. We undertake that we will not use Cookies for any
purpose other than that set out in this Policy.
Part 9. How we maintain updates to this
Policy
We reserve
the right to modify this Policy at any time. If such changes are material, we
will automatically consider your consent withdrawn until you agree again to the
terms of our Privacy Policy. We will not reduce your rights under this Policy
without your express consent.
To better
protect your Personal Data, we
encourage you to check back frequently to keep up to date with our Privacy
Policy. We will periodically post any changes to this Policy on this page. We
will archive older versions of this Policy, which can be accessed via
"Home" - "Personal Center" - "About Us" -
"Privacy Policy" - click on "Historical Versions" in the
upper right corner.
For major
changes, we will also provide more prominent notice (including, but not limited
to, special notices on browsing pages, pop-up notices) and request your consent
again if necessary or required by law.
Major
changes within the meaning of this Policy include, but are not limited to:
1. When
there is a significant change in our service model, such as the purpose of
processing Personal Data, the type of Personal Data processed, the way Personal
Data is used, etc.;
2. When we
undergo significant changes in our ownership structure, organizational
structure, etc., such as changes of data controllers due to business
restructuring, bankruptcy and mergers and acquisitions, etc.;
3. When
there is a change in the main targets of in the cases of disclosure of Personal
Data, cross-border, and other circumstances;
4. When
there is a significant change in your right to participate in the processing of
Personal Data and the way of exercising your right;
5. When
there is a change in the department, the contact information and complaint
channels responsible for handling Personal Data security.
Part 10. How to contact us
When and if you have any questions, comments or suggestions
about this Policy or matters relating to your Personal
Data, or if you wish to exercise any of your rights, you can contact
us in the following ways:
Email: compliance@changanauto.eu
Address: Georg-Brachle-Ring 56-58, 80992
Munich