For the purposes of the General Data Protection Regulation (EU 2016/679),the data controller is Duoyinfo Company (see Contact Details). Duoyinfo Company is based in Guangzhou and is responsible for data collected in relation to websites and tradeshows managed by Duoyinfo Company.You should be aware that although Duoyinfo Company may be principally responsible for looking after your personal data, information may be held in databases which can be accessed by other affiliated entities of Duoyinfo Company.
We may make changes to this Policy from time to time in order to keep it up to date and compliant with legal requirements. Please refer to the "Last Updated" date at the bottom of this page to see when this Policy was last revised. We may also inform you about significant changes by email, using the address you last provided or by posting an alert which will be displayed when you access our systems. This Policy is not intended to override the terms of any contract that you have with us or between buyers and suppliers (or any rights you might have available under applicable data protection laws).
How Do We Collect Your Personal Data?
We collect your data in a variety of ways:
At Trade Shows, Roadshows, Seminars and Conferences
• Registration Forms
o We ask visitors to register their attendance by completing a form which we then enter into our systems.
• Check-In updates
o We ask visitors to update/complete data retrieved from previous registrations held in our system.
• Business Cards
o We scan and store details of visitors’ business cards.
• Booth Visit History
o Exhibitors use the Duoyinfo Company Supplier App to scan visitors’ badges when visitors call at their booths. Visit data is then uploaded to our servers.
Through Website Forms
• Registration & Inquiry Forms
o We ask visitors to our online sites to register in order to personalize and use the site’s messaging functions. We support both a full and a lite registration mode that captures minimal data. Additionally, we have a self-registration function for suppliers who wish to register as an advertiser on our site.
• Sample/Small Order Forms
o We capture details of sample and small orders placed by visitors to advertisers on the site.
• Private Sourcing Events
o We capture basic details of buyers interested in applying for our Private Sourcing service.
Call Center Activities
o We periodically contact people and seek information for market surveys and research questionnaires or to qualify prospects for our services or those of our advertiser community, e.g., to qualify potential:
visitors to our shows and/or online sites, or
advertisers/exhibitors to our shows and/or online sites
• Customer Service
o Online users, and Trade Show visitors and potential advertisers contact us for enquiries, complaints, suggestions or feedback through our Customer Service Team via online chat system, hotline, fax or email.
o Additionally, there are small numbers of potential advertisers who call in. Their details are qualified and entered into our systems.
What Personal Data Do We Collect?
The personal information we collect include:
• Contact and Communication Details
o This includes your name, addresses, telephone numbers, email addresses, and social media contact details.
• Business Details
o Job title, role, company name, and company demographics, i.e., number of employees, turnover, etc. Please note that contact details typically are work related since our mission is to facilitate B2B trade.
o Marketing preferences inferred from subscriptions to product/supplier alerts, print and eMagazines and Trade Show news.
o Display and language preferences
o Details of calls/messaging made between:
Customer service team members and visitors and advertisers/exhibitors
Sales Team members and advertisers/exhibitors or prospects
Advertisers/exhibitors and online visitors sent through Message Center, e.g., RFI, RFQ, RFS.
Advertisers/Exhibitors and online visitors sent though Tencent chat facility
• Buying & Payment History
o What sample requests or other orders placed between advertisers and site visitors
o What seminars/events booked at Trade Shows
o What print and eMagazines subscribed to
• Device and Log Information
o The internet domain and IP address from where you access our websites and apps.
o The type of browser software and operating system used to access our websites and apps.
o The date and time you access our websites and apps
o If you linked into our websites and apps from another website, the address of that website (referrer URL), and:
The pages you enter, visit and exit our websites and apps from
Your account log-in/online identifier
Unique device identifiers (such as the address of the device's wireless network interface (MAC Address), or mobile phone number used by the device)
• Online Behavioral Data
Search terms used
Pages visited and how they were accessed (for path analysis)
Products /suppliers inquired on or profiles viewed
• Offline Behavioral Data
o Trade shows, exhibitions, and conferences visitors attended
o Exhibitors visited (captured through Duoyinfo Company Buyer App)
o Summits/seminars/events attended
What Do We Use Your Personal Data For?
We use the data to provide you with our products and services, to develop new offerings and to protect Duoyinfo Company and our visitors, exhibitors, buyers, suppliers and advertisers as detailed below. In some instances, we will request that you provide data to us directly. If you do not provide the data that we request, or prohibit us from collecting such data, we may not be able to provide the requested products and services.
We will only use your personal data for those purposes set out above and only where we are satisfied that it is necessary and that its use falls under one or more of the following legal grounds, i.e.:
• To comply with a relevant legal or regulatory obligation that we are subject to
• To fulfill obligations under a contract signed between you and us, or
• To support 'legitimate interests' that we have as a business provided it is always carried out in a way that is proportionate and that respects your privacy rights
• Or exceptionally for clearly defined and limited cases, where you have freely given consent
How Do We Secure your Personal Data?
Whilst we cannot guarantee to keep your data 100% secure, we are committed to protecting you (and us) from unauthorized access to, or unauthorized alteration, disclosure, destruction of personal information that we hold.
• We regularly review our information collection, storage and processing practices, including physical, logical and organizational security measures, to guard against unauthorized access to systems and data stores.
• Our regular reviews include engaging external security consultants to test effectiveness of implemented security measures.
• We restrict access to personal information to our employees, contractors and agents who need access to the relevant personal information in order for them to process it for us and who are subject to strict contractual confidentiality obligations.
• We implement strong access control mechanisms, such as two-factor authentication, identity & access management in addition to strong password policies.
• Where appropriate, we use technical solutions such as encryption, pseudonymization and anonymization to further protect data at rest and in transit.
On your part, we encourage you to use a unique and strong password to protect your account, activate the two-factor authentication (2FA) feature that we provide, limit access to your computer and log out after using our services. In addition, you should make sure your computer is updated with the latest security patches and protected with an anti-malware product at all times.
Please note that you are responsible for the personal information that you choose to share, disclose or submit voluntarily while using our website and which can be viewed by members of third party applications or messengers.
How Long Do We Keep Your Personal Data?
In some circumstances we may retain your personal information for longer periods of time, for example, where we are required to do so to meet legal, regulatory, tax or accounting requirements or in the event of any complaint or challenge, or if we reasonably believe there is a possibility of legal action relating to your personal information or dealings. Under normal circumstances this should not exceed 7 years from the date of the last engagement with you.
Who Do We Share Your Personal Data With?
We may share your personal information with third parties, to help manage our business and deliver services as outlined below:
• Service providers, who perform functions on our behalf such as fulfilling orders, who help manage our IT and back office systems, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analyzing data, providing marketing assistance, providing search results and links (including paid listings and links), and providing customer services.
• Data protection authorities, regulatory authorities and law enforcement agencies, in Hong Kong, EU and around the world.
• Other third parties, for the purpose of detecting, preventing or otherwise addressing fraud, security or technical issues, protecting against harm to the rights, property or safety of our users or the public.
• We may disclose or transfer your data to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Duoyinfo Company business, assets or stock (including any bankruptcy or similar proceedings).
We may use your personal information to send you direct marketing communications about our products and services or our related services according to your preferences either with your consent or because we have a legitimate interest to do so, including our latest product announcements and upcoming events. This may be in the form of emails, SMS, telephone calls or targeted online advertisement. We limit direct marketing to a reasonable proportionate level, and to send you communications which we think will be interesting and relevant to you, based on the information we have about you.
You have choices when it comes to how we use your data and we want to ensure you have the information to make the choices that are right for you.
If you no longer want to receive marketing-related emails, SMS, or printed materials, you may opt out by following the instructions in any such emails, SMS or printed materials you receive from us.
What Rights do you Have?
You have a number of rights in relation to your personal information. Specifically, you have the right to request:
• Access to Your Data - You can ask us to:
o Confirm whether we are processing your personal information
o Give you a copy of that data
o Provide you with other information about your personal information, such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your data from and whether we have carried out automated decision making or profiling, to the extent that information has not already been provided to you in this notice.
o You can ask us to rectify inaccurate personal information in our files. We may seek to verify the accuracy of the data before rectifying it.
• Erasure (Right to be Forgotten) - You can ask us to erase your personal information, but only where:
o It is no longer needed for the purposes for which it was collected; or
o You have withdrawn your consent (where the data processing was based on consent); or
o It follows a successful right to object; or
o It has been processed unlawfully; or
o It is necessary to comply with a legal obligation.
We are not required to comply with your request to erase your personal information if the processing of your personal information is necessary:
o For compliance with a legal obligation; or
o For the establishment, exercise or defence of legal claims.
In the context of marketing, please note that we will maintain a suppression list if you have opted out from receiving marketing content to ensure that you do not receive any further communications.
• Restriction - You can ask us to restrict (i.e. keep but not use) your personal information, but only where:
o Its accuracy is contested, to allow us to verify its accuracy; or
o The processing is unlawful, but you do not want it erased; or
o It is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
o You have exercised the right to object, and verification of overriding grounds is pending.
We can continue to use your personal information following a request for restriction, where:
o We have your consent; or
o To establish, exercise or defend legal claims; or
o To protect the rights of another natural or legal person.
o You can object to any processing of your personal information which has our 'legitimate interests' as its legal basis, if you believe your fundamental rights and freedoms outweigh our Legitimate Interests. Once you have objected, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights, however, this does not apply as far as the objections refers to the use of personal information for direct marketing purposes.
• Data Portability
o You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it 'ported' directly to another Data Controller, but in each case only where:
The processing is based on your consent or the performance of a contract with you; and
The processing is carried out by automated means.
• Information about any automated processing e.g. segmentation or profiling using your data. You can ask not to be subject to such processing.
• Information about International Transfers.
o You can request details about international transfers of your data
To exercise your rights, you can contact us as set out above. Please note the following if you do wish to exercise these rights:
• Identity - We take the confidentiality of all records containing personal information seriously and reserve the right to ask you for proof of your identity if you make a request.
• Fees - We will not ask for a fee to exercise any of your rights in relation to your personal information, unless your request for access to information is unfounded, repetitive or excessive, in which case we will charge a reasonable amount in the circumstances.
• Timescales - We aim to respond to any valid requests within one month unless it is particularly complicated or you have made several requests, in which case we aim to respond within three months. We will let you know if we are going to take longer than one month. We might ask you if you can help by telling us what exactly you want to receive or are concerned about. This will help us to action your request more quickly.
• Exemptions - Local laws, including in the EU member states, provide for additional exemptions, in particular to the right of access, whereby personal information can be withheld from you in certain circumstances, for example where it is subject to legal privilege.