Effective February 1, 2022
1. Scope of Application
2. Information Coremail Collects
3. How We Use Your Personal Information
4. How We Use Cookies
5. Personal Information Sharing, Transfer, and Disclosure Terms
6. How We Store Your Personal Information
7. Information Protection
8. How is Personal Information Transferred
9. Products or Services Offered
10. Trial Period
11. Third-Party Services
12. Revisions and Notifications
13. How to Contact Us
1.Scope of Application
1.1 This Privacy Policy applies to all products or services of Coremail. The services include providing webpage browsing and website login services to you, as well as providing technical services to you through Coremail.
1.2 It should be noted that as a user of Coremail, if you use Coremail's technical services to provide services to your own users, as your business data belongs to you, you should separately agree on a privacy policy with your users.
1.3 If you have started using Coremail products or services, it means that you have read, agreed to and accepted all the terms described in this Privacy Policy, as well as any changes we may make in the future.
2. Information Coremail Collects
2.1 Personal information refers to various types of information recorded electronically or in other ways, which can be used alone or in combination with other information to identify a specific natural person's identity or reflect specific natural person's activities .
2.2 When you purchase and use Coremail's products and services through the Coremail website (especially through the login console), we collect and use the following personal information of yours:
(1) Account Information:
To use Coremail products, you need to register for a Coremail mail system account. Therefore, we will obtain your personal information related to you that your employer (or "organization," hereinafter referred to as the "Employer") provides to us, such as your enterprise email address, name, position, etc. Your employer may provide us with additional personal information about you, or update the personal information provided to us when you use Coremail products.
(2) Real-Name Authentication Information:
In accordance with the provisions of the "People's Republic of China Network Security Law," before you purchase and use certain Coremail products and services, you need to complete real-name authentication. During the real-name authentication process, you are required to supplement information including but not limited to your name, identity document information (identity card or passport information), bank card number information, industry information, and location information. If you do not complete real-name authentication, it will not affect your browsing of Coremail web pages or product introductions, but you will not be able to purchase Coremail products and services.
(3) Log Information:
For the purpose of providing services to you and monitoring the running status of cloud services, we collect information such as your ID, IP address, browser type, language used, hardware device information, operating system version, network operator information, the date, time and duration of your access to the service, and the pages of the system you visit.
(4) Customer Service Information:
When you need to use Coremail's customer service, you need to provide UID, username, or other information that can verify your identity so that we can respond to your service request. At the same time, you also need to provide your surname and mobile phone number so that we can provide timely feedback on the service requests you raise. We may keep your chat records and order information for providing you with the services you wish to obtain.
(5) Operational and Support Information:
Coremail may organize operational activities for new services and functions from time to time. If you participate in relevant operational activities, we may collect your contact information (such as mobile phone number) and contact address information through the operational activity interface, so that you can successfully participate in the activity. If you do not participate in relevant operational activities, you do not need to provide the above information.
(6) Payment Information:
Based on the need to pay for services, you may need to provide payment information (such as WeChat, Alipay, or bank card information), value-added tax number, and tax identification number, which depends on the payment method stipulated in your service agreement with Coremail.
(7) Non-Personal Information:
We may also collect information that cannot identify specific individuals (i.e. information that does not belong to personal information), such as statistical data generated when you use a specific service, such as data related to user behavior, including uploads, downloads, synchronization, browsing, and the on/off of each synchronization service. The purpose of collecting such information is to improve the services we provide to you. The type and quantity of information collected depend on how you use our products or services. We will desensitize and anonymize your information and process it with technical methods. After ensuring that they cannot be associated with you personally, we will summarize them for comprehensive statistics and analysis to help us improve our products or services. For this Privacy Policy, aggregated data is considered non-personal information. If we combine non-personal information with personal information, such information will be considered personal information during the combined use period.
(8) Other Information:
Coremail collects other personal information that you authorize collection or provide when using our services, such as email account information, email reading and link clicking records when using our phishing simulation service to better carry out the phishing simulation service and collect the phishing simulation results.
3. How We Use Your Personal Information
In order to provide you with high-quality, convenient and secure services, we may use the information we collect for the following purposes, subject to relevant laws and regulations:
3.1 To provide you with our products and services. This includes using your information for identity verification, customer services, security and fraud monitoring, archival and backup purposes, to ensure the security of the products and services provided to you by Coremail.
3.2 To meet your personalized needs. For example, language settings, location information, personalized help services and instructions, or other responses to you and other users.
3.3 To optimize and develop our services. For example, we may use the information generated by the Coremail system in response to your requests to optimize our services.
3.4 To protect your personal and property safety, as well as that of other users of Coremail, our partners, or the public; we may use your personal information and integrate the device information and log information received and recorded during your use of our services for the purpose of identity verification, security event detection and prevention, complaint handling, dispute resolution, fraud monitoring, customer support and maintenance services. We will also take necessary measures, including record keeping, auditing, analysis and disposal, to better prevent security risks such as phishing websites, fraud, network vulnerabilities, computer viruses, network attacks, and network intrusion, and more accurately identify violations of applicable laws, regulations, or Coremail's relevant agreements and rules.
3.5 To contact you. We and our authorized service centers will use the contact information you provide and your usage information of Coremail for product introduction, service notifications and communication with you in the pre-sale, in-sale, and after-sale stages.
3.6 To provide you with services that are more relevant to you. For example, providing you with similar features or services that you may be interested in.
3.7 To invite you to participate in surveys related to our products and services.
3.8 To comply with and enforce applicable laws and regulations, and the requirements of relevant regulatory agencies, industry standards, and Coremail's relevant policies and rules.
3.9 Other situations that may require the use of the collected information. If the use of information does not have any reasonable connection with the original purpose of collection, we will obtain your consent again before using the information.
4. How We Use Cookies
4.1 To ensure the normal operation of the website, provide you with a more convenient browsing experience, and recommend content that you may be interested in, we will store small data files called cookies on your computer or mobile device. Cookies usually contain identifiers, site names, and some numbers and characters. With the help of cookies, websites can store data such as your internet preferences. You can manage or delete cookies according to your preferences. We use cookies to simplify your repeated login steps, store your internet preferences and provide content that better suits your preferences, help you optimize your selection and interaction with advertisements, assist in determining your login status and account or data security, and improve your browsing experience.
4.2 In addition to cookies, we also use other similar technologies such as web beacons and pixel tags on our website. For example, the emails we send to you may contain links to our website content. If you click on the link, we will track your click and help us understand your product or service preferences to improve your customer service experience. Website beacons are usually transparent images embedded in websites or emails.
4.3 We will not use cookies for any purpose other than the purposes described in this privacy policy. You can manage or delete cookies according to your preferences. You can clear all cookies stored on your computer. Most web browsers automatically accept cookies, but you can usually modify your browser settings to reject cookies as needed. In addition, you can also clear all cookies saved in software. However, if you do so, you may need to manually change user settings each time you visit the website, and the corresponding information recorded before will also be deleted, which may have a certain impact on the performance of the services you use.
5. Personal Information Sharing, Transfer, and Disclosure Terms
5.1 Sharing:
We will not share your personal information with any company, organization, or individual outside of Coremail, except in the following circumstances:
(1) Sharing with explicit consent: We will share your personal information with other parties with your explicit consent.
(2)We may disclose your user information to external parties in accordance with legal and regulatory requirements, litigation and arbitration resolutions, or requests made by administrative or judicial authorities in accordance with the law.
(3) Sharing with our affiliates: Your personal information may be shared with Coremail's affiliated companies. We will only share the personal information required to provide services and in accordance with the purposes stated in this privacy policy. If our affiliates wish to change the purpose for handling personal information, they will seek your authorization and consent again. Affiliates refer to those controlling, jointly controlling, or significantly influencing one another, as well as those controlled, jointly controlled, or significantly influenced by one or more parties. Control means having the power to determine the financial and operational policies of an enterprise and obtain benefits from its business activities. Joint control refers to the joint ownership and control of an economic activity in accordance with contract agreements. It only exists when investors who share control of the significant financial and operational decisions related to the activity unanimously agree. Significant influence means having the power to participate in making financial and operational decisions for an enterprise but not controlling or jointly controlling the formulation of these policies with other parties.
(4) Sharing with authorized partners: Only to achieve the purposes stated in this policy, some of our services, such as anti-virus, will be provided by authorized partners. We will only use your personal information for legitimate, reasonable, necessary, specific, and explicit purposes, and provide the personal information required for the service. Our partners are not authorized to use the personal information obtained for any other purpose. For companies, organizations, and individuals that share user information with us, we will sign strict confidentiality and data processing agreements with them, requiring them to handle user information in accordance with our instructions, this privacy policy, and any other relevant confidentiality and security measures. In addition, your personal information will be transmitted through basic network operators to the storage space in the data center. Our services in China will use basic network operators and data centers located within China.
5.2 Transfer
We will not transfer your personal information to any company, organization, or individual, except in the following circumstances:
(1) Transfer with explicit consent: We will transfer your personal information to other parties with your explicit consent.
(2) In the event of merger, acquisition, or bankruptcy liquidation, if it involves the transfer of personal information, we will require the third-party company or organization holding your personal information to continue to be bound by this privacy policy. Otherwise, we will require them to re-seek your authorization and consent.
5.3 Information Disclosure
We will only disclose your personal information to relevant departments under the following circumstances:
(1) Disclosure based on explicit consent: With your explicit consent or based on your active selection, we may publicly disclose your user information.
(2) Disclosure based on legal obligations: In the event of a legal or government department's requirement, such as legal procedures, litigation, or government regulatory requirements, we may publicly disclose your personal information.
**5.4 Exceptions to Authorization and Consent**
Under the following circumstances, sharing, transfer, and disclosure of your user information do not require your prior authorization and consent:
(1) Related to national security and defense;
(2) Related to public safety, public health, and major public interests;
(3) Related to criminal investigation, prosecution, trial, and judgment enforcement;
(4) Necessary to safeguard your or other individuals' vital legitimate rights and interests but difficult to obtain your consent;
(5) Personal information that you have voluntarily made public to the public;
(6) Personal information collected from legal public disclosures, such as legal news reporting and government information disclosure channels.
6. How We Store Your Personal Information
Coremail will store your personal information during the legal retention period or the retention period stipulated in the contract to ensure that you can smoothly use our products and services. After the legal retention period or the retention period stipulated in the contract ends, we will delete your personal information or anonymize it.
Depending on the scope of interaction between you and Coremail's products, your personal information may be stored in countries or regions, including Hong Kong, China, as determined by the user agreement. If we transfer personal information to another jurisdiction, we will seek your consent and ensure compliance with this privacy policy and relevant personal information protection laws and regulations.
However, in the following circumstances, and only for the purposes related to these circumstances, we may need to retain your information or some of your information for a longer period:
(1) Complying with legal and regulatory requirements.
(2) Complying with court judgments, rulings, or other legal procedures.
(3) Complying with requests from relevant government agencies or other authorized agencies.
(4) We have reason to believe that it is necessary to comply with laws, regulations, and other relevant provisions.
(5) To execute relevant service agreements or this privacy statement, maintain social public interests, handle complaints/disputes, and protect the personal and property safety or legitimate rights and interests of our customers, other users or employees of us or our affiliated companies in a reasonable and necessary manner.
7. Information Protection
7.1 Coremail attaches great importance to the security of your information. We take various reasonable physical, managerial, and technical security measures to protect your user information and prevent unauthorized access, disclosure, use, modification, damage, or loss of your user information. For example, we use encryption technology to improve the security of your user information, we deploy trusted protection mechanisms to prevent your user information from being maliciously attacked, we deploy access control mechanisms to restrict only authorized personnel to access your user information, and we regularly hold security and privacy protection training to enhance employees' awareness of the importance of protecting user information. We will do our best to protect your user information, but please note and understand that no security measures can be foolproof. In an internet environment, even if we have made every effort to strengthen security protection measures, we cannot guarantee 100% security of user information.
7.2 We will take reasonable and feasible measures to try to avoid collecting irrelevant user information. We will only retain your user information for the period necessary to achieve the purposes described in this privacy policy unless an extension of the retention period is necessary or permitted by law. After the above-mentioned user information retention period, we will delete or anonymize your user information.
7.3 Please use complex passwords and keep your account and password properly to avoid the leakage of your user information. If you fail to keep your account and password properly and cause legal liability, you will be fully responsible. If you find that your account or password has been illegally used or there is an abnormal situation, you should promptly notify Coremail, and you may request us to take measures to suspend the login and use of your account.
7.4 To respond to the risks that may arise from personal information leakage, damage, and loss, we have formulated multiple systems, clarified the classification and grading standards for security incidents and vulnerabilities, and corresponding processing flow. We have also established an emergency response team for security incidents. According to the requirements of security incident handling standards, we will initiate security plans for different security incidents, carry out loss control, analysis, positioning, formulate remedial measures, and coordinate with relevant departments for tracing and cracking down.
Please understand that due to technical limitations and the limitations of risk prevention, even if we have tried our best to strengthen security measures, we cannot always guarantee 100% security of information. In the event of a security incident such as personal information leakage, we will initiate emergency plans to prevent the incident from expanding, report it in accordance with relevant provisions such as the National Network Security Incident Emergency Plan, and inform you of relevant situations through emails, push notifications, announcements, and other forms, and provide security advice.
You need to understand that the systems and communication networks used when you use Coremail services may encounter problems due to circumstances beyond our control. To more effectively protect the information security of you and end-users, we also hope that you can strengthen self-protection. If your physical, technical, or managerial protective measures are damaged, and personal information of you and end-users is accessed, disclosed, tampered with, or destroyed without authorization, the risks and liabilities arising from this will be borne by you, and we will not bear any responsibility.
8. How is Personal Information Transferred
This privacy policy only applies to activities such as the collection and processing of personal information about you. Regarding the user business data stored, processed, uploaded, and distributed by you through our products and services, we will comply with the processing methods and technical security measures agreed with you in specific procurement agreements, user agreements, and other agreements. Of course, as a principle, you can specify the region where the content or business data you upload is stored.
To provide you with services, the personal data we collect from you may be stored in the country/region where Coremail and its affiliated companies' servers are located. In such cases, we will take measures to ensure that the collected personal data is processed in accordance with this statement and the applicable laws and regulations of the data location.
9. Products or Services Offered
Due to the international or borderless nature of the internet, the information provided through this website is also international in nature and may include references to products or services not available in your country or region. Therefore, not all products or services mentioned on this website are available in your country or region. Please contact your local sales representative or dealer to learn about the products or services available in your country or region.
10. Trial Period
The trial is to test online services before purchase. After the trial period, Coremail may temporarily retain the information collected during the trial period to improve your customer experience when you decide to purchase online services in the future. However, after the trial period, your information may be deleted from the online service at any time.
11. Third-Party Services
Coremail products may access or link to social media or other services (including websites or other forms of service) provided by third parties, including:
11.1 You can use the "Share" button to share some of the content of Coremail products to third-party services, or you can share the content of third-party services to Coremail products. These features may collect your information (including your log information) and may install COOKIES on your computer device to function properly;
11.2 We provide links to third-party services or websites to you through advertisements or other means of our service.
11.3 Other cases of accessing third-party services. For example, to achieve the purposes stated in this policy, we may access SDK or other similar applications provided by third-party service providers, and share certain information we collect from you in accordance with this policy with such third-party service providers to provide better customer service and user experience. Currently, the third-party service providers we access mainly include the following types:
(1) Used for message push functions, including push notifications from mobile phone manufacturers, specific event reminders, personalized content recommendations, etc.;
(2) Used for payment-related services, including order payment, transaction behavior verification, income settlement, payment information summary statistics, etc.;
(3) Used for obtaining device location permissions, collecting device information and log information, etc. with your consent;
(4) Used to optimize product performance, including improving hardware networking capabilities, reducing server costs, and function hotfixes;
(5) Used for account security and product reinforcement related services, including network monitoring, domain name resolution (HTTPDNS), anti-hijacking, anti-spam and anti-cheat, encryption and decryption services, etc.
(6) Used to provide antivirus-related services, phishing email exercises, etc.
We will only share your information for legitimate, necessary, and specific purposes. We will require our third-party service providers who share information with us to fulfill confidentiality obligations and take appropriate security measures.
11.4 These third-party social media or other services are operated by the relevant third party. Your use of such third-party social media services or other services (including any information you provide to such third parties) is subject to the third party's own terms of service and information protection statement (not this policy), and you need to carefully read their terms. This policy only applies to personal information we collect and does not apply to any services provided by third parties or third-party information usage rules. If you find any risks with these third-party social media or other services, it is recommended that you terminate the relevant operation to protect your legal rights and interests.
12. Revisions and Notifications
12.1 To provide you with better services and with the development of Coremail's business, this privacy policy will be updated accordingly. However, without your explicit consent, we will not reduce the rights you are entitled to under this privacy policy. We will update the content by issuing updated versions on the Coremail website and reminding you of the updates through website announcements or other appropriate means before they take effect. Please visit Coremail to stay up-to-date with the latest privacy policy. If you continue to use our products or services, it will be deemed that you agree to our revised privacy policy, and we will collect, use, and store your personal information in accordance with the updated privacy policy.
12.2 For significant changes, we will also provide more prominent notification (including but not limited to email, SMS, or special prompts on the browsing page) to explain the specific changes to the privacy policy. Significant changes referred to in this policy include but are not limited to:
(1) Significant changes in our service model. Such as the purpose of processing personal information, the type of personal information processed, the way personal information is used, etc.
(2) Significant changes in our ownership structure, organizational structure, etc. Such as changes in ownership caused by business adjustments, bankruptcy and mergers, etc.
(3) Significant changes in the main objects of personal information sharing, transfer, or public disclosure.
(4) Significant changes in your rights and how they are exercised in personal information processing.
(5) When the department responsible for the security of personal information processing, contact information, and complaint channels change.
(6) When the personal information security impact assessment report shows a high risk.
12.3 We will also archive the old versions of this privacy policy for your reference.
13. How to Contact Us
If you have any questions, opinions, or suggestions about this privacy policy, you can submit them to us through the Coremail Work Order System (WOS) or contact us through our customer service phone: 400-8882-488 or customer service email: support@coremail.cn.
We will review your questions, opinions, or suggestions as soon as possible, and reply to you promptly after verifying your user identity.
