CloudDrive Privacy Policy

Introduction

CloudDrive and its related services (hereinafter referred to as “Product”, “Service”). We highly value your privacy. This Privacy Policy (hereinafter referred to as “Policy”) describes how we collect, use, and disclose, process, and store any personal information that you provided to us or that we collect from you when you use our products and services. If you are under 16 or otherwise regarded as a minor in your jurisdiction, do not provide any personal information without your parent’s or guardian’s permission. 

This Policy only applies to the Product that reference or link to this Privacy Policy. It also describes your rights and available choices regarding your personal information.

Data Controller: ViewSonic Software Co. Ltd,. are the controller (or similar term under applicable laws) of any information processed in connection with this Policy.

It is our policy to comply with applicable data protection laws. We reserve the right to change the provisions of this Policy from time to time. We encourage you to periodically review this page for the latest information on our privacy practices.

Profile of CloudDrive Activity:

1.) CloudDrive can offers advanced features such as fast cloud file transfers, instant cloud file notifications, and application-level permission control. Whether you are an advanced user or a general cloud storage user, CloudDrive allows you to fully utilize the potential of cloud storage resources with excellent efficiency and ease of use.

2.) Functionality of managing local files, we may have access to the files locally stored on your device at your command or when necessary to provide the functionalities to you. But in no event shall we upload or transfer your local files, unless at your command.

 3.) Google workspace APIs within CloudDrive are not used to develop, improve, or train generalized AI/or ML models

4.)When you use the functionality of managing files stored on third-party cloud storage (including Google Drive and OneDrive), for the sake of binding your third-party cloud storage service and helping you manage your files from third-party cloud storage (including browsing, sorting and filtering, copying, cutting, pasting, deleting, renaming files or folders, sending files and creating folders), we collect the following information about you.

I. What Information We Collect

The term of “personal information” or “personal data” means information that specifically identifies an individual (such as a name, mobile number, email address, or other account number), and information about that individual’s location or activities (such as information about your use of our Service, IP addresses or mobile device identifiers) when directly linked to personally identifiable information. Personal information also includes demographic information such as date of birth, gender, geographic area, and preferences when such information is linked to other personal information that identifies or may identify you.

Personal information does NOT include “anonymized” information, which is data we collect about the use of our Service or about a group or category of products, services or users, or other data from which individual identities or other personal information has been removed so that the individual concerned cannot be identified directly or indirectly. Such data helps us understand trends and our users’ needs so that we can better consider new features or otherwise tailor our Service. This Policy in no way restricts or limits our collection and use of such information.

We may collect information that automatically collected by us and certain information we obtain from third-party sources. More information about the categories and sources of information is provided below.

1. Information we collect automatically

File Information

To provide you with the functionality of managing local files, we may have access to the files locally stored on your device at your command or when necessary to provide the functionalities to you. But in no event shall we upload or transfer your local files, unless at your command.

Usage Information

To provide you with the functionality of managing files stored on third-party cloud storage, we may collect information about your operation of binding third-party cloud storage account.

2. Information from third-party sources

When you use the functionality of managing files stored on third-party cloud storage (including Google Drive and OneDrive), for the sake of binding your third-party cloud storage service and helping you manage your files from third-party cloud storage (including browsing, sorting and filtering, copying, cutting, pasting, deleting, renaming files or folders, sending files and creating folders), we collect the following information about you:

Files stored within the third-party cloud storage (We may have access to files at your command or when necessary to provide the Services to you but in no event shall we upload or transfer your files);

Email address;

Username;

Avatar;

Your User Certificate.

After you bind your account of Google Drive, our use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. Currently, we do not transfer information received from Google APIs. If we transfer information received from Google APIs, our transfer of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

3. Special categories of information

We do not request or intend to collect any “special categories of information”, such as any information on health, race, religion, political opinions or philosophical beliefs, sexual preferences or orientation. We also want to kindly remind you to be cautious when sharing this information about yourself (or others) in our Services.

4. Cookies and Other Similar Technologies

By using our Services, you acknowledge that we may have access to information stored on your device and write certain file on your device, which is necessary for us to provide our Services to you. You may clear the file we write on your device by unbind your third-party cloud storage account. We will not use cookies for any purpose other than those stated in this Policy.

II. How We Use Your information and Legal Basis

We may only use your information when we have justifications (each called a "legal basis") under data protection law. To process your information as described in this Policy, we rely on the following legal bases involve contractual necessity, compliance with applicable laws and regulations.

1. Contractual necessity

To offer our Services to you;

To enter into and to perform our contract with you, or to perform any steps you require from us before entering into a contract with you;

To communicate with you, including but not limited to respond to your request for any help with the Services or for exercising your rights with respect to your personal information.

2. Legitimate interests

To pursue our legitimate interests (or those of a third party) as we deem fit and necessary, where your interests and fundamental rights do not override those legitimate interests of ours (or any third party’s), such as:

To enforce or exercise our rights, for example our User Agreement;

To respond to complaints, hearings, arbitrations, law suits or other governmental or regulatory proceedings.

3. Compliance with applicable laws and regulations

To comply with legal requirements;

Assist law enforcement.

III. How We Store Your Personal Information

The personal information we collect and generate in our operations is processed and stored locally on your device.

We store your personal information in response to the requirements of laws, regulations or our commercial purposes. We will delete or anonymize your personal information beyond the above retention period.

IV. How We Disclose Your Personal Information

We may disclose some of your personal information with authorized partners who cooperate with us providing products and services. We will not disclose your personal information with third parties for their own marketing or commercial purposes.

1. Authorized partners, such as third-party cloud storage providers: For the performance of certain features or to provide you with better Services and a better user experience, some of our Services will be provided by our authorized partners. We uphold the principles of minimization, necessity, and legality to carry out such sharing. Before sharing information, we will require authorized partners to take relevant confidentiality and security measures to process personal information in accordance with this Policy and applicable laws in your jurisdiction.

2. Corporate transactions: Where a merger, acquisition or bankruptcy liquidation takes place, if transfer of personal information is involved, we will request the new company or organization which obtains your personal information to be subject to this Policy, otherwise we will ask such company or organization to acquire your authorization and consent again. 

3. Legal obligations and rights: We will only publicly disclose your personal information if it is mandatorily required by laws, in compliance with subpoena, legal proceedings, legal actions or compulsory request by supervisory department of government agencies. If we sincerely believe that disclosure is necessary to protect our rights, ensure your or others’ safety, investigate fraud or respond to government, we may publicly disclose your personal information.

V. How We Protect Your Personal Information

1. We have taken reasonably feasible and technical measures to protect collected services-related data. However, please be attention, even if we undertake reasonable measures to protect your data, there is no website, internet transmission, computer system or wireless connection that are definitely safe.

2. We have taken safeguarding measures in accordance with industry standards to protect the personal information you provided and prevent data from unauthorized access, public disclose, use, modification, damage or loss. We take all reasonably practical measures to protect your personal information. In particular: 

(1) We encrypt a lot ofmost of your information. For instance, we do not store your password but only store the Hash value after your password’s double layer SHA as a proof of security authentication. The HASH algorithm of SHA is irreversible. Therefore, no one can find your password according to the Hash value. We periodically review practices regarding information collection, storage and possessing (including physical security measures), to prevent various systems from unauthorized access. 

(2) We use computer system that has limited access and merely allow our employees who need to know personal information in order to help us process it or authorized staff from the Services companies to access personal information. These people are required to comply with strict contractual confidentiality obligations. Failure to comply with the obligations will lead to legal liabilities or termination of contract with us.

(3) The security of your information is extremely important to us. Therefore, we endeavour to ensure the security of your Personal information and implement measures such as security encryption during storage and transmission to prevent your information from unauthorized access, use, or disclosure. At the same time, no one can access the specific content of some encrypted data except the users themselves.

3. In case of personal information security incident is likely to result in high risk to the rights and freedoms of personal information subjects, we will promptly inform you of the relevant information related to the leakage by email.

VI. How Long Do We Retain Your Personal Information?

1. We retain your personal information for the purpose of the information collection described in this Privacy Policy or required by the applicable laws, the requirements of laws and regulations, until you take the initiative to delete. We will cease to retain and delete or anonymize personal information once the purpose of collection is fulfilled, and/or after we terminate the operation of the corresponding product or service, and/or after we confirm your request for erasure.

2. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. When we no longer need to use your information, we will remove it from our systems and records and / or take steps to anonymise it promptly so that you can no longer be identified from it.

3. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

4. However, we may continue to retain certain data to the maximum extent permitted by applicable laws. If you would like to delete your data, please refer to the heading of “Your Rights” below.

VII. Your Rights

As the subject of the personal information, you are entitled to have the rights provided by the privacy laws in your jurisdiction. Your rights may include part or all of those described underneath. You can exercise your rights entitled by the privacy laws in your jurisdiction at any time by sending your requests to 【support@ViewSonic.com】. Your rights may include:

1. Right to be informed:

We publish this Policy to inform you of how we handle your personal information. We are committed to the transparency of the use of your information. 

2. Right to access your personal information: 

You have the right to access personal information we hold about you, how we use it, and who we share it with.

3. Right to correct your personal information: 

You have the right to correct your information where that information is not accurate. You can correct your personal information by contacting us via the email stated in this Policy.

4. Right to delete your personal information:

You can remove certain personal information that we have stored about you. However, please note that we may need to retain personal information if there are valid grounds under data protection laws for us to do so (e.g., for the defense of legal claims or freedom of expression) but we will respond to you and let you know if that is the case.

5. Right to restrict processing:

In limited circumstances, you have the right to request us to stop processing your personal information we hold about you other than for storage purposes in certain circumstances.

6. Right to data portability:

You can request a copy of certain data in a machine-readable form that can be transferred to another provider if such right is requested by the privacy laws in your jurisdiction. 

7. Right of Refusal: 

Even if the processing of your data is based on our legitimate interest, exercise of public right, direct marketing (including data aggregation) and statistics, you have right to refuse our processing for these purposes.

8. Right to Withdraw Consent: 

You may withdraw your consent for the processing of your personal information by submitting a request to us via email. We will deal with your request within a reasonable time frame from the time when the request was received, and thereafter not processing your personal information as per your request.

Please note that your withdrawal of consent could result in certain legal consequences. Depending on the extent to which you authorize us to process your personal information, it may mean that you will no longer be able to enjoy the use of our services. However, any decision on your part to withdraw your consent or authorization will not affect personal information processing previously performed with your permission.

9. Right to Refuse Automated Decision: 

You may have rights not to be bound by automatic decisions, including user profiling, if such right is requested by the privacy laws in your jurisdiction.

10. Right to lodge complaints to the supervisory authority: 

To help us verify that you are the subject of the personal information and exercise your rights outlined above, we may require you to provide sufficient proof of identification. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

If you are concerned about the way in which we are managing your personal information and think we may have breached any relevant laws and obligations, please contact us.

We will respond and reply to you as soon as possible. Generally, we will reply to you within one (1) month upon receipt of your request (If necessary, we may extend it by an additional two (2) months as permitted by law. We will inform you the reason for the extension within the aforementioned 30-day period, such as the request is too complicated or too much in volume).

If you feel we have not resolved your concern, you have the right to lodge a complaint with your local privacy or data protection regulator.

VIII. How We Process Children’s Personal Information

Our Services are mainly adult-oriented and we do not offer services directly to a child or use personal information of children for the purposes of marketing. A child should not create his/her own user account. We treat anyone under 16 years old (or equivalent minimum age in relevant jurisdiction) as a child. We do not knowingly collect any information about or market to children, minors or anyone under the age of 16. If you are less than 16 years old, we request that you do not submit information to us. If we become aware that a child, minor or anyone under the age of 16 has registered with us and provided us with personal information, we will take steps to terminate that person’s registration.

IX. How Your Personal Information is Transferred Globally

For the purposes described in the Privacy Policy, your information may be transferred to other countries or regions where our server may locate in accordance with applicable law. We may also transfer your personal information to third-party authorized partners and your data may therefore also be transmitted to other countries or regions. However, this does not change our commitment to comply with this Privacy Policy and to protect your personal information.

If we need to transfer personal information outside of your jurisdiction, we will comply with related applicable laws. We will take corresponding protective measures according to the requirements of applicable laws to ensure data security.

When we transfer your information outside of the EEA, the UK, or Switzerland, we ensure it benefits from an adequate level of data protection by relying on:

l Standard contractual clauses. The European Commission has approved contractual clauses under Article 46 of the GDPR that allows companies in the EEA to transfer data outside the EEA. These (and their approved equivalent for the UK and Switzerland) are called standard contractual clauses. We rely on standard contractual clauses to transfer information as described in “What Information We Collect” to authorized partners in countries without an adequacy decision.

For more information on protection measures on personal information in scenario of cross border data transfer, please contact us.

X. How This Policy is Updated

We reserve the right to update or modify this Policy from time to time. For significant changes to our Privacy Policy, we will push the updated Privacy Policy to you through our device; nonetheless, we will post the notification on our website to notify you about the changes to this Policy.

XI. Inconsistency

In case of any inconsistency between this Policy and other privacy policies on personal information management related to the Services, the latest policy contents shall prevail.

XII. Contact Us

If you have any concerns or doubt over our Privacy Policy, please contact us via:

【support@ViewSonic.com】[SC1] 

United States Addendum

If you are residents of the United States and where we meet the relevant meets the relevant threshold tests, the following additional terms apply. If any conflict arises between the main Privacy Policy, the following terms shall prevail:

Minimum Age. In the United States, the minimum age for users is 13. We therefore do not knowingly collect any personal information from children under the age of 13 in the United States without parental consent, unless permitted by law. If we learn that a child under the age of 13 has provided us with personal information, we will delete it in accordance with applicable law.

De-identified information. Where we maintain or use de-identified data, we will continue to maintain and use the de-identified data only in a de-identified fashion and will not attempt to re-identify the data.

Nevada Residents. If you are a resident of the State of Nevada, Chapter 603A of the Nevada Revised Statutes permits a Nevada resident to opt out of future sales of certain covered information that a website operator has collected or will collect about the resident. Note we do not sell your personal information within the meaning of Chapter 603A.

Your Rights. You are able to exercise your privacy rights described in the “Section VII. Your Rights” of the Privacy Policy in accordance with the applicable law as well as subject to certain limitations at law, including but limited to:

(i)The right to access;

(ii) The right to correct;

(iii) The right to delete;

(iv) The right to take your data with you / to request a copy of your data.

These rights are not absolute and are subject to certain exceptions. You can exercise your rights by sending your requests to 【support@viewsonic.com】[SC2] .

We do not sell personal information and not use personal information for the purpose of targeted advertising and profiling, and therefore we do not process requests for opt-out of sale, targeted advertising and profiling.

We will not unlawfully discriminate against you for exercising your rights.

If we refuse to take action on your request, you may appeal this refusal within a reasonable period after you have received notice of the refusal. You may file an appeal by sending emails to 【support@viewsonic.com】[SC3] .

Once we receive your request, we may verify it by requesting information sufficient to confirm your identity. If you would like to use an authorized agent to exercise your rights, we may request evidence that you have provided such agent with power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. Not all kinds of requests can be made by authorized agents in all states.

Special Terms for California

If you are a consumer resident in California and where we meet the relevant threshold tests, the following provisions shall apply.

Notice at Collection, Use, and Disclosure of Personal Information

As described above, we have disclosed the information about our collection, use and disclosures of your personal information in the “Section I. What Information We Collect”, “Section IV. How We Disclose Your Personal Information” of the Policy. As required by certain state laws, we use extra tables below (served as “Notice at Collection”) to explain this same information, including the categories of personal information we collect (and have collected over the preceding 12 months), types of recipients to which we disclose such information, and the ways we use each category of information.

We do not knowing collect the personal information of consumers under 13 years of age thus we do not sell personal information of consumers under 13 years of age or share personal information of consumers under 13 years of age for cross-context behavior advertising.

In the preceding 12 months, we have not sold personal information or shared personal information for cross-context behavior advertising.

We do not use or disclose sensitive personal information for purposes not permitted by appliable laws.

As described above in more detail in “IV. How We Disclose Your Personal Information”, we may also disclose your personal information as part of, or during negotiations of, any merger, sale, divestiture, or transfer of all or a portion of the company assets, financing or acquisition or in any other situation where personal information may be transferred as one of our business assets. We may also disclose personal information as required by law, regulations or court order; to respond to governmental and/or law enforcement requests.

As described above in more detail in “Section VI. How Long Do We Retain Your Personal Information” of the Policy, we retain personal information only as long as necessary to provide you with the Services, our legitimate interests or our business purposes. For the criteria used to determine the period of time your personal information will be retained, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements. And we may continue to retain certain data to the maximum extent permitted by applicable laws.

Your Rights

You have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Acts (“CCPA”), and you may exercise your following extra privacy rights by sending your requests to 【support@viewsonic.com】. Please note that if you submit a request to exercise the following rights, you will be asked to verify your identity in accordance with the law.

(i) The right to know: You have the right to request that we disclose to you the following information covering the 12 months preceding your request:

a) the categories of personal information we collected about you and the categories of sources from which we collected such personal information;

b) The business or commercial purpose for collecting, selling, or sharing personal information;

c) The categories of third parties to whom the business discloses personal information(if applicable) and the purposes for disclosing personal information;

d) The specific pieces of personal information we have collected about you.

(ii) The right to correct. You have the right to request the correction of your personal information if it is inaccurate.

(iii) The right to delete: You have the right to request that we delete your personal information that we collected from you, subject to certain exceptions. Subject to certain exceptions, we will notify service providers or contractors, where applicable, to delete your personal information from their records.

(iv) The right to non-discrimination for the exercise of your privacy rights. You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights conferred by the CCPA.

If you would like to use an authorized agent to exercise your rights, we may request evidence that you have provided such agent with power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf.

We do not sell personal information or share personal information for cross-context behavior advertising and not use personal information for the purpose of targeted advertising and profiling, and therefore we do not process requests for opt-out of sale, sharing for cross-context behavior advertising, targeted advertising and profiling.

We only use or disclose (if applicable) sensitive personal information for purposes set forth in applicable laws thus do not process requests to limit use and disclosure of sensitive personal information.

We do not provide any financial incentives tied to the collection, sale, or deletion of your personal information.

In addition, under California law, operators of online services are required to disclose how they respond to “do not track” signals or other similar mechanisms that provide consumers the ability to exercise choice regarding the collection of personal information of a consumer over time and across third party online services, to the extent the operator engages in that collection. At this time, we do not track individuals’ personal information over time and across third-party online services. This law also requires operators of online services to disclose whether third parties may collect personal information about their users’ online activities over time and across different online services when the users use the operator’s service. We do not knowingly permit third parties to collect personal information about an individual’s online activities over time and across different online services.

California “Shine The Light” Law. For consumers located in California, we do not share your personal information with third parties for those third parties’ direct marketing purposes.