Last Updated: June 1, 2021
Effective date: June 1, 2021
It is important to note that this Policy does not apply to services provided to you by other third parties. You may receive links, content, products or services provided by third parties, please prudently determine whether to access them. We encourage you to carefully review the privacy policies of any Third Parties you access before submitting any personal information.
We have chosen to use plain language in order to make sure that you fully understand this Policy and make your own choices. We have also marked or highlighted key terms in bold or capital letters for your attention. We will also notify you by a pop-up window when you first use our service to help you understand the core terms of this Policy.
If you have any questions, please feel free to contact us by the following means:
Carlcare firmly believes that the fundamental privacy rights should not differ depending on where you live in the world. Any information relating to an identified or identifiable individual, in particular by reference to the individual's name, identification number, location data, and online identifier or to one or more factors specific to the physical, physiological, genetic, mental of that natural person will be treated as “Personal Information” by us, regardless of where such natural person lives.
We only collect the information that is necessary for specified, concrete, explicit and legitimate purposes and will ensure that the information is not further processed in a manner that is incompatible with those purposes. If we intent to use your personal information for other purposes not specified in this Policy, we will obtain your consent at that time.
We may collect your personal information by the following means: 1) information you provide directly to us (such as your nickname, profile picture, name and phone number you provide to us when you login to your account or take part in the promotion activity we held); 2) information we obtain automatically during your use of this Application (such as device information, service log information); 3) information we obtain from other sources.
You have the right to choose whether or not to provide the personal information when you use Carlcare and its Service or when we have requested. You are not required to provide your personal information to Carlcare, but in some cases, if you choose not to do so, we will not be able to provide you with related products or services, nor will we be able to respond or resolve the problems you've encountered. We will collect and use your personal information only for the purposes described in this Policy. The following describes your personal information that we collect:
Carlcare mainly provides you with comprehensive services including online self-service such as online booking for repairs, repair status check, service location check, warranty check, online customer service, extended warranty online purchase and activation, broken screen free replacement insurance card online purchase and activation, order inquiries, order rating, and online shopping and community communications.
2.1 To provide you with the service of account registration and login services
To fully use the functions and services of the software conveniently, you can login by providing us with your mobile phone, in such case, we will collect your mobile phone number, mobile phone verification code and password. If you refuse to provide this information, you will not be able to register a Carlcare account or use relevant functions. However, your normal use of other features of this Application will not be affected. You can still browse and use the basic features of the software in tourist mode (i.e. without being a registered user).
When logging in and using this Application, you may choose to provide, fill in and modify your nickname (including your real name), profile picture (including your real portrait),and your location. However, your refusal to provide additional information will not affect your registration or login.
2.2 To provide you with comprehensive after-sales service
Carlcare provides you with comprehensive after-sales services including but not limited to warranty check, warranty extension and broken screen free replacement insurance. The information we collect depends on how you interact with us. In order for your normal use of our products and services and to provide you with comprehensive after-sales services, we may automatically collect your device and SIM card related information, including:
(1) Device and SIM card related information, When you start using this Application and its Service, we will, based on your specific operations in the application and the specific permissions granted by you during the installation and use of the application, receive and record your information of mobile devices that you use (including phone brand, phone model, operating system version information, unique device identifier, phone device CPU model, mobile phone Settings and system language, network equipment hardware address, IP address, mobile phone installed game Application Package Name and version information, equipment, software and hardware environment characteristic information), Hardware device identifier GAID (Google Advertising ID), Application Store number, information about the location of the device (including the location information of the country or region of your authorized phone, network access method), SIM card information.
(2) Log information: We will automatically collect details of your use of our services and store them as service logs. For example, we will automatically collect the information regarding your detailed use of our service when you use online after-sales service, online ordering and online customer service, including the information you posted, service access time, access frequencies, usage time, event information (errors, crashes, restarts, upgrades), online customer service usage, browser history of online ordering and other log information generated by the use of the device.
Please note that the above-mentioned separate device information and log information alone cannot be used to identify a specific natural person. Only when such non-personal information is used in combination with other information to identify a specific natural person, or when it is used in combination with personal information, will this information be regarded as personal information during such combination. In this case, we will anonymize and de-identify this type of information, unless with your consent or otherwise according to laws and regulations. The above-mentioned information is essential as to the provision of the Service. If you choose not to provide them, we may not provide you with the Service related to this Application.
Please note that we may also collect the above-mentioned device information and log information in various features and scenarios (which may vary slightly in different features within this Application).
In order to provide you with comprehensive after-sales service, we will require your permissions to read your call status and mobile network information, and your device parameters information.
2.3 To provide you with online shopping and pre-ordering service
You can use this Application for online shopping and pre-ordering. When you place an order, we will collect the ID number, mobile phone number, email address, your country and region information that you provide to us, as well as KYC information (e.g. delivery address, credit card information, postcode) as required by your country or region.
In order to provide you with online shopping and pre-ordering service, we will require your permissions regarding your location information and access to your phone calls. If you refuse to provide the information required to place an order or the afore-mentioned permissions, we may not be able to provide you with this service, your use of other features of this Application will not be affected.
2.4 To provide you with a forum communication service
You can browse and follow the topics you interested in and express your views through the "Discover" features in this Application. When you post, comment, favorite or re-post in the forum, we will collect the content of the messages which you choose to post (photos, texts), and display your nickname, and avatar .
When you use the forum communication function, we will require your permissions to access the contents in your SD card. If you refuse to provide this permission, you will not be able to use the relevant functions, your use of other features of this Application will not be affected.
2.5 To provide you with information on nearby service locations
We may collect your location information, such as latitude and longitude, to provide you with the address and contact details of nearby service locations.
In order to provide you with information on nearby service locations , we will require your permissions to access your geolocation. If you refuse to do so, we may not be able to provide you with this service, your use of other features of this Application will not be affected.
2.6 To provide you with online customer service (Carlcare bot)
If you encounter any problems with your use of this Application, you can contact us via our online customer service and ask for help. We may collect the content of your enquiry, chat logs, your device information, contact details (email, mobile phone number, call records and content or other contact details you leave with us) for the purpose of contacting you or helping you resolve the problem, or recording the solution and outcome of the problem. If you refuse to provide such information, we may not be able to provide you with this service, your use of other features of this Application will not be affected.
In order to provide you with online customer service, we will require your permissions to access the contents in your SD card. If you refuse to provide such information, we may not be able to provide you with this service, your ability to use other features of this Application will not be affected.
2.7 To Provide You with Cache Clearing Service
You can scan your device and clear the cache to free up storage space on your device. We may collect your device information such as hardware device ID (GAID, MAC address, Android ID), phone model, system version information, system language, country or region settings, application store version, applications installed on the phone, and display device related information.
In order to provide you with cache clearing service, we will require your permissions to modify or delete the contents in your SD card, read the contents of your memory card, calculate the storage space in your applications. If you refuse to provide such information, we may not be able to provide you with this service, your use of other features of this Application will not be affected.
2.8 To Provide you with Recharge Service
You can recharge for your mobile service through the Software. You will need to provide us with your mobile-related phone number to complete the recharge service.
2.9 To Provide You with Promotional Activities Service
We may launch or offer you promotional activities from time to time. When you participate in a corresponding promotional activity, we will collect the information you provide to us through the operational activity page, such as your name and contact details, so that we can contact you and offer you a prize. If you refuse to provide such information needed for the activity, we may not be able to provide you with this service, prize or rewards, your use of other features of this Application will not be affected.
2.10 To provide you with advertising and marketing services
We may collect your device usage information, ad interaction information and show you relevant promotional contents (or more relevant personalized ad contents) to you during your use of Carlcare and its Service. We will strictly protect your privacy during this process. We may create a profile by analyzing the above information and creating user groups (putting your personal information into one or more segments). We will only disburse Personalized ads to the extent permitted by applicable law and with your consent.
We may combine the aforementioned information with other information (including information across different services or devices such as computers, mobile phones, and other connected devices) to provide and improve our products, services, content, and advertising. You have the right to opt-out from receiving personalized advertisements and to object to user profiling at any time, including identification analysis for direct marketing and automated decision-making purposes. In order to exercise these rights, you can turn it on or off through the “Settings” on your device, or contact us via email@example.com at any time. The way of permission management may vary for different versions.
2.11 To Provide You with Notifications Services
We may also send you service notifications, events, prizes and other messages based on your device identifier, operating system version, user nickname of current device, network information and information about your use of the app. To unsubscribe from notifications, events, prizes, etc., you can withdraw your consent via Settings > Notification Centre > Notification Management, permission management may vary for different versions.
2.12 To improve our products or services
We may also collect other information about you that we reasonably need to improve our products or services, including any feedback you provide when you contact customer service and any questionnaire you send back to us when you participate in a survey. We may combine information from one service with information from others in order to provide you with better service.
2.13 To provide you with security services
To improve the security of your use of our services, to protect you, other users or public safety and property from harm, to better prevent security risks such as phishing sites, fraud, network vulnerabilities, computer viruses, network attacks, network intrusions, and to more accurately identify violations of laws and regulations or our relevant agreement rules, we may use or integrate information about your device, as well as information about the applications you have installed, the information about running processes, the overall operation of the application, the usage frequency of the application, crash data, overall installation and usage, performance data and information about the source of the application, to help you conduct security risk detection, prevent security risks, and take the necessary recording, auditing, analysis and disposal measures in accordance with the law.
Where permitted by law, we may obtain your personal information from other individuals, business entities, public channels or other third parties acting at your direction, our partners who work with us to provide our products and services and assist us in information security and fraud prevention, and from other lawful sources. We will explain it to you at the time of such collection and obtain your consent.
We may also use other methods to collect other information about you, your device or your use of services, which will be explained to you at the time of collection and we will obtain your consent.
In order to better improve our product layout and provide you with great services, we may conduct research, statistical analysis and prediction on the collected information in an anonymized manner (including machine learning or model algorithm training by using anonymous data). We will take technical measures and other necessary measures to process such data, so that the data cannot be re-identified to specific individuals, nor can it be recovered. In accordance with the applicable laws and regulations, such processed data can be used without separately notifying you or obtaining your consent.
1. What are Cookies and Similar Technologies
The personal information collected with your consent will be stored in accordance with the laws and regulations on the personal privacy data protection of the countries concerned. To the extent not prohibited by local laws and regulations, we may also store the collected personal information in countries or regions outside the country where the business is located.
Currently, Carlcare may store your personal information in: India and/or Ireland.
The personal information collected and generated during our operations in India will be stored on servers located in India.
The personal information collected and generated in our business outside India will be stored on servers in Ireland.
According to business conditions, we may use servers in other regions or countries in the future, and we will update this Policy at that time.
Whether we store personal information in the country where the business is located, or in other countries or regions to the extent that doing so does not violate laws and regulations, we will retain it in accordance with the relevant laws and regulations on data storage. At the same time, we will consider the characteristics, scope and purpose of personal information processing, the risks that may be encountered in the processing, and the serious consequences caused by the damage, etc., and implement the necessary security measures. For example, we will use encryption and de-identification methods to store the personal information collected. We will also keep the information for the shortest storage period specified by law. For those not specified by law, we will retain the information according to the shortest storage period required for business. For data that exceeds the storage period, or data that you request us to delete, we will delete said data accordingly or take other appropriate measures without violating the relevant laws and regulations.
We will take other necessary measures to protect the security of your personal information and prevent data from being misused, unauthorized access, and unauthorized modification, disclosure or destruction, etc.
We implement security safeguards designed to protect your personal information and regularly monitor our systems for possible vulnerabilities and attacks, and we use administrative, technical, and physical safeguards to protect your personal information by taking the types of the personal information, the processing, and the threats posed themselves into account. We are constantly working to improve on these safeguards to keep your personal data secure.
Nevertheless, we need to remind you that no matter how perfect the measures are, there is no absolute guarantee of avoiding the occurrence of data storage security incidents. If a data breach event occurs, we will report it to the corresponding regulatory authorities as required by the relevant laws and regulations, and provide the type of personal data involved in the breach, the number of data subjects, the possible consequences of the breach, and the remedial measures we intend to take according to the requirements of the regulatory authorities. We will take the best possible measures to remedy or mitigate the damage and consequences of data breach. When permitted or required by laws and regulations, we will inform you of the possible consequences or significant damage to you in a timely manner, so that you can take appropriate measures promptly to protect your rights as much as possible.
There is no absolutely safe website, Internet transmission, computer system and wireless connections. In addition to the necessary protective measures we have taken, users have to strengthen the awareness of privacy security risks. For example, when you access third-party websites, links, products or services from our services, for the security of any data collected by those websites, links, products or services, please read through the terms and conditions of those third-parties carefully. We do not take any legal responsibility for data security issues caused by such third parties. If you find that certain contents, advertisements or features in our websites, products or services may be provided by a third party and may possibly endanger your privacy and security, please contact us promptly, as we will handle it with priority in accordance with laws and regulations.
When sharing, transferring, and disclosing your personal information, we uphold the principles and requirements of minimization, necessity, and legality. Under normal circumstances, we do not share, transfer or disclose your personal information externally. However, to the extent permitted by applicable laws and regulations, we may share, transfer and disclose your personal information in the following situations:
We may share the necessary personal information with authorized third-party partners (including technical service providers, data storage service providers, after-sales service providers, marketing promotion service providers, third-party SDK service providers, etc.) for the performance of certain features or to provide you with better service and a better user experience. For example, in order to enable you to share information to third party platforms, use location service and other kinds of services and features, we may embed third party SDK or other similar applications of authorized partners in this Application. We uphold the principles of minimization, necessity, and legality to carry out such sharing. Before sharing information, we will sign strict confidentiality agreements with authorized partners and require them to take relevant confidentiality and security measures to process personal information in accordance with this Policy and applicable laws in your jurisdiction. In addition, we will also require them to provide data security capabilities and information security qualifications (e.g., grade protection assessment, information security management system). When we embed the third party SDK or other similar applications of authorized partners in this Application, we will notify you promptly and request the SDK service provider that obtains the information to protect your data security.
In order to provide evaluation, analysis or other business services, we may also share your non-personal information with third parties. For example, we may use aggregated data to help partners (e.g., advertising service providers) understand the effectiveness, feedback and usage trends of their services.
In the event of a merger, acquisition or bankruptcy liquidation, asset transfer and other related transaction, if a personal information transfer is involved, we will require the new entity or organization holding your personal information to continue to be bound by this Policy through an agreement or other appropriate measures, and we will require such subject to take confidentiality and security measures of a degree no less than the requirements of this Policy to process personal information.
Carlcare will not transfer your information to any other parties, except in the following circumstances:
(1) Obtain your explicit consent.
(2) If Carlcare is involved in a merger, acquisition or sale of all or part of its assets, which may affect your personal information, we will issue a prominent notice via email and/or on our website or other appropriate methods to inform you of any changes in the ownership and your rights of your personal information, and any choices you may have about your personal information.
According to the legal requirements, legal procedures, litigation and/or requests from government departments and authorities, Carlcare may need to disclose your personal information. If the disclosure is necessary or appropriate for national security, law enforcement, or other matters of public importance, we may also disclose information about you.
Additionally, we may share your personal information with:
(1) Our attorneys, lawyers, accountants, auditors, or similar consultants, when we request them to provide professional advice.
(2) Investors and other relevant third parties, if actual or potential sales or other company transactions occur and are related to entities within our group.
(3) Other third parties, for example, the disclosure of specific information with your authorization.
In the circumstance that we transfer personal information outside of your jurisdiction, whether it transferred to our affiliates or third-party service providers, we will comply with relevant applicable laws. We will take appropriate security measures and safeguards to make sure that all such transfers meet the requirements of applicable local data protection laws.
As a data subject, you have a series of rights to your personal information, including the right to confirm, access, correct, delete, withdraw consent, and lodge complaints (hereinafter referred to as “request”). We fully understand and respect your rights, and such rights will be subject to specific exclusions and exceptions under applicable laws. We will also take active steps to ensure that your rights are effectively protected. However, please understand and note that for security reasons, we may need to verify your identity before processing your request. In principle, we do not charge a fee for your lawful and reasonable request, but we will charge a certain reasonable fee for repeated requests that exceed the reasonable limit where applicable, and based on actual administrative costs permitted by the applicable laws. We may reject requests that are unreasonably repetitive, require excessive technical means (for example, to develop new systems or fundamentally change existing practices), pose risks to the legal rights of others or are extremely impractical, or violate the mandatory provisions by law.
However, we may not grant your deleting request in some situations, for example, if you ask us to delete your transaction data when we are legally obligated to keep a record of that transaction to comply with the applicable local law. Please also kindly note that if you request to delete your information from our products and services, we may not remove the corresponding information from the backup system immediately due to some applicable local laws and technological limitations, however, we will securely store your personal information and isolate it from any further processing until the backup is updating or can be deleted or be made anonymous.
3．Right to withdraw consent: To achieve the respective features of our various products or services, we will require necessary personal information in accordance with the applicable local laws. This is described in the "How We Collect and Use Your Personal Information" part of this Policy. You can withdraw your consent previously granted to us for a specific purpose by deleting information, turning off device features, and requesting to withdraw consent, including the collection, use and/or disclosure of your personal information that we manage or control. You can email us at firstname.lastname@example.org for above operations. We will process your request within a reasonable time after you send the request, and thereafter will not collect, use and/or disclose your personal information in accordance with your request.
If you withdraw your consent, you may not be able to continue receiving the part and/or full benefit of Carlcare and its Service. The withdrawal of your consent or authorization will not affect the validity of our previous processing activities based on your consent.
4．Right to complain: You have the right to lodge a complaint by sending us an email at email@example.com. We will respond promptly after receiving your complaint. If you are unsatisfied with our response, especially if our processing of personal information violates your legitimate rights and interests, you may refer your complaint or report to your local statutory personal data protection department, or file a lawsuit with a competent court.
5．Right to control your privacy settings
You have the right to control your privacy settings and restrict our collection, use, disclosure, or processing of your personal information via such privacy settings. For example, you can prefer turn on or turn off the permissions of “Location Access”, “Camera”, “Text Message”; you can also obtain detailed information regarding the device security status in “Settings”. If you have agreed to such permission or have agreed to our use of your information previously for the above-mentioned scenarios. You can turn it off via “Permission Management” > “App Permissions” or contact us via firstname.lastname@example.org to change your decision.
6．Right to cancel a service or account
You can request to cancel through the “Logout” settings provided in the service or by contacting us via email@example.com.
We hereby kindly remind you that, if you wish to cancel a certain service or account, such cancellation may prevent you from using some of Carlcare features and its services, and such act of account cancellation is irreversible. Once you cancel your account, we will delete or de-identification your relevant information.
If you sign in to the accounts of Carlcare through a third-party account (e.g., via Facebook, Google ID), you need to apply for cancellation of the account from the third party.
7．Rights in some jurisdictions
Particularly, according to the applicable laws of some jurisdictions, you may have the following data subjects rights:
(1) Right to restriction processing. You have the right to request our restriction on the processing of your personal information. We shall consider the grounds regarding your restriction request. If the grounds are in the compliance with applicable data protection laws, we will process your personal information under applicable circumstances in such laws and notify you before the restriction of processing is lifted.
(2) Right to automated decision-making. You have the right to refuse the processing based on automated decision-making, including profiling and other automated processing which may have legal or similar effects on you.
(3) Right to data portability. You have the right to apply for your personal information to be transmitted to another data controller in a structured and commonly used format.
We have the right to refuse to process your requests or only respond to some of your requests where an exemption applies or when we are otherwise entitled to do so under applicable laws, for example, some requests are manifestly unfounded or obviously excessive or it requires the disclosure of information of third parties.
Carlcare understands the importance of safeguarding the personal data of children, therefore, children under the age of 14 or the equivalent age as specified by law in your jurisdiction (we will define children mainly based on the laws and regulations of the country or region where our business is located because laws of different countries may differ when defining the age of children) are not allowed to use our products or services without the consent and guidance of their legal guardians and such practice shall be permitted by relevant laws and regulations. In principle, we do not provide services directly to children, do not actively collect children’s personal data or do not use children’s personal information for the purposes of marketing. We will only collect, use and disclose a child's personal information with the explicit permission and consent of the child's guardian, to the extent permitted by law, and when it is indeed necessary to collect such information. If at any time the guardian needs to access, modify or delete the personal information related to the child under guardianship, please contact us by methods as described herein, and we will respond in a timely manner. If you find that a child’s information has been collected to us without the awareness of the legal guardian, please send an email to firstname.lastname@example.org to contact us. We will remove the relevant information as soon as possible. If we find that we have collected the personal information of a child without the prior consent of a verifiable guardian, we will also remove the relevant content as soon as possible.
The content of Carlcare and its services described herein may vary according to the type of product you use, your system version, or requirements of local laws and regulations.
We will review your privacy or personal information requests as soon as possible and respond to you in 15-30 days after verifying your user identity. If your request itself involves any complicated or significant issue, we may ask you for more information.
If you are not satisfied with our response, especially when you believe that your legitimate rights and interests have been violated by us, you can seek remedy from relevant data protection regulatory authority in your jurisdiction. If you consult us, we will provide information on the relevant complaint channels that may be applicable based on your circumstance.