Privacy Policy and Personal Information Collection Statement
Last updated Dec 21, 2020.
For any questions about our privacy policy or your personal data, please contact us at privacy@qima.com.
Contents
Legal Basis and Data Controller
Principles of the Processing
Categories of Personal Data Concerned
Denying Conferral of Personal Data and Relating Consequences
Personal Data Purposes and Processing
Recipients of Personal Data
Your Rights
Changes and Updates to the Privacy Policy
QIMA Cookie Policy
Need more information?
By contacting QIMA you agree to our privacy policy and terms and conditions.
1. Legal Basis and Data Controller
QIMA Limited, a company incorporated under the laws of Hong Kong, with its registered office at 5/F., Dah Sing Life Building, 99-105 Des Voeux Road Central, Hong Kong, business registration no. 30774516-000-03 (hereinafter "QIMA", "us", "we" or "our"), knows how important privacy is to its customers (hereinafter "you" or "your"), and strives to be clear about how personal data is collected, used and disclosed.
This Personal Information Collection Statement and Privacy Policy (hereinafter collectively the "Privacy Policy") provides an overview of our privacy practices and tells you about the information that we collect when you access or use our services, either via an QIMA website (hereinafter referred to as the "Site") or in any other way agreed with us (hereinafter, collectively, our "Services"), as well as how we may use or disclose such collected information. The list of websites convered by this Privacy Policy can be found below.1
We act as "Data Controller" of your personal data.
If you do not agree to the practices described in this Privacy Policy, you should not use our Services.
2. Principles of the Processing
We are committed to fully complying with data processing requirements worldwide. This includes but is not limited to both the Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) and the European Regulation no. 2016/679 (General Data Protection Regulation) in case our processing activities are related to offering our Services to data subjects that are either physically located in or citizens of those countries. We encourage you to check your details and email communication preferences here: test.
Therefore, we have configured our Services so that the use of personal data is kept to the minimum necessary. We have also adopted safeguards and technical and organizational measures in order to protect the rights of data subjects, and to ensure that, by default, only personal data which are necessary for each specific purpose of the data are being processed.
3. Categories of Personal Data Concerned
We may receive from you the following categories of personal data (hereinafter collectively the "Personal Data"):
3.1 Registration and user account information. Data required when you sign up for our Services (such as name, address, email, title and phone number).
3.2 Other information. Other types of data about you, such as:
When you use our Services;
Data received from or about your computer, mobile phone, or other device used to access the Services (such as IP address or mobile phone number, and other information about the operating system, location, the type of the device or browser used, referral source, length of visit and number of pages viewed, etc.);
Cookies (please, refer also to our Cookie Policy in such respect);
Information relating to any transactions carried out between you and us, including Information relating to any Services purchased and financial data.
4. Denying Conferral of Personal Data and Relating Consequences
Conferring Personal Data to us and, in particular, your email address, your mailing address, name, title and phone number and, if applicable, your credit card/debit card and bank details, is required in order to fulfill our Purposes (as defined below). Some of the aforementioned data may be indispensable so as to fulfill the obligations imposed by the law or other regulations, or to provide the Services you may have requested. Refusal to disclose certain Personal Data, identified on the applicable form with an asterisk (*), may make it impossible to provide you with the Services and/or complete all purchase contract phases and/or fulfill all obligations required by the laws and regulations in force. Therefore, failure to disclose certain Personal Data can, according to individual circumstances, constitute a legitimate and justified reason preventing the supply of our Services.
5. Personal Data Purposes and Processing
5.1 Purposes. Your Personal Data will be processed by us, individually or in the aggregate, for the following purposes (hereinafter collectively the "Purposes"):
manage, process and conclude commercial transactions concerning the supply of our Services to you;
conduct direct marketing activities;
conduct internal operations (including troubleshooting, data analysis, testing, research and service improvement).
generate anonymized statistics and reports in relation to the provision of our services
5.2 Process. Your Personal Data are mainly processed in electronic format and in certain cases also in paper format.
5.3 Time of retention. Personal Data are stored as long as it is necessary to provide our Services to you, so that information associated with your account will be kept until such account is deleted, subject in any case to your right to withdraw your consent (see below). In case of a legal request or duty, a governmental investigation, or in case of investigations concerning possible violations of our Terms of Services, as well as in case we need to establish, exercise or defend a legal claim, your Personal Data may be accessed, processed and retained for an extended period of time.
6. Recipients of Personal Data
6.1 Disclosure for ancillary purposes. Personal Data may be disclosed and made available to third party companies that provide specific services to QIMA and that will process your data for the sole purpose of executing the purchase contract for our Services (such as, for instance, the financial institution that executes the remote electronic payment services, via credit card/debit card). In no way will such disclosure be inconsistent with the Purposes. The mentioned third-party companies include:
any subsidiary, holding company, associated company, affiliate of, or companies controlled by or under common control with QIMA;
any of our commercial partner(s) agreeing to QIMA's partnerships conditions;
third-party service providers (e.g., software maintenance services, advertising serving technologies, e-mail service providers, delivery services, database management, web analytics, payment processing and other services). When we share this information in this way, we require the service provider to maintain the privacy, confidentiality and security of the Personal Data.
any subcontractor who is under a duty of confidentiality to QIMA agreeing to keep Personal Data strictly confidential;
any financial institution, charge or credit card issuing company, credit information or reference bureau, or collection agency necessary for establishing and supporting the payment of any services being requested.
6.2 Legal requests. Personal Data may be accessed, preserved and shared in response to a request from judicial or governmental authorities or agencies, if we have a good faith belief that the law requires us to do so, as well as when we have a good faith belief it is necessary to detect, prevent and address fraud and other illegal activity, to protect us, you and other persons, or to prevent death or imminent bodily harm.
6.3 Transfer abroad. Your Personal Data will not be transferred to recipients in countries or international organizations other than those which ensure that the level of privacy protection is compliant with the applicable laws and regulations.Your data will be transferred outside the European Economic Area. In the context of these transfers, your rights and interests as regards to your data are guaranteed and protected as a result of the standard contractual clauses from the European Commission which have been inserted in the contracts we have entered into with the entities to which your data is being transferred. You can review the clauses here.
6.4 General. Except for the above, no Personal Data shall be disclosed, assigned or otherwise transferred to third-parties for purposes not permitted by law or without informing you and obtaining your consent in advance or, if applicable, unless having removed your name and any other personally identifying information or combined it with other people’s data in a way that it no longer personally identifies you.
7. Your Rights
7.1 Right of access. You are always entitled to receive confirmation as to whether or not your Personal Data are being processed and, where that is the case, access and receive a copy of such Personal Data in an intelligible form. Furthermore, you are also entitled to receive information concerning: the purposes of the processing; the categories of Personal Data concerned; the recipients (or categories thereof) to whom the Personal Data have been or will be disclosed; where possible, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period; the existence of the right to request from us rectification or erasure of personal data or restriction of processing of your Personal Data or to object to such processing; the right to lodge a complaint with a supervisory authority; the source of the Personal Data; the existence of automated decision-making; where Personal Data are transferred to a third country or to an international organization, the appropriate safeguards relating to the transfer.
7.2 Right to withdraw consent. You are always entitled to withdraw, at any time, your consent to the processing of your Personal Data, both on legitimate grounds (even though they are relevant to the purpose of the collection) and if the processing is carried out for direct marketing purposes. The preceding will not affect the lawfulness of processing based on consent before the withdrawal.
7.3 Right to rectification, erasure and restriction. You are always entitled to obtain from us, without undue delay: the rectification or integration of your Personal Data that are inaccurate or incomplete; the erasure of your Personal Data that have been processed unlawfully or whose retention is unnecessary for the Purposes; the restriction of processing, in case you challenge either the accuracy of your Personal Data or the lawfulness of the processing, or in case we no longer need the Personal Data for the Purposes, but they are required by you for the establishment, exercise or defense of a legal claim.
7.4 Right to data portability. You have the right to receive your Personal Data in a structured, commonly used and machine-readable format, as well as the right to transmit those data to another controller without hindrance from us, where technically feasible.
7.5 Right to lodge a complaint before an European supervisory authority. If you are an EU citizen, you have the right to lodge a complaint with a Data Protection Supervisory Authority located in the Member State of your habitual residence.
7.6 Contacts. You are entitled to exercise your rights at any moment in time, within the terms and conditions provided by the law, sending such requests by e-mail to privacy@qima.com or by post to QIMA Data Processing, Sino Plaza, 8th Floor 255-257 Gloucester Road Causeway Bay, Hong Kong. If you are from Hong Kong, you can complete the Personal Data (Privacy) Ordinance Data Access Request Form and send it to the contacts above.
8. Changes and Updates to the Privacy Policy
We may amend or simply update all or part of this Privacy Policy when amendments are made to laws or regulations that govern protection of personal data and your rights. Changes and updates to this Privacy Policy shall be binding once posted on the Site in this section. We therefore recommend you access this section regularly in order to check the most recent and updated version of this Privacy Policy. You can check the "effective date" posted at the top to see when the Privacy Policy was last updated.
9. QIMA Cookie Policy
We use cookies and similar technologies (e.g., web beacons, pixels, ad tags and device identifiers) to recognize you and/or your device(s). You can control cookies through your browser settings. For a detailed list of the cookies that we use on QIMA web properties, please visit our cookie table.
Legal Footnotes
1. qima.com, qima.ae, qima.cn, qima.fr, qima.com.de, qima.it, qima.com.br, qima.ru, qima.es, qima.com.tr, qima.com.se, qima.fi, qima.vn, asiafoodinspection.com, asiafoodinspection.es, asiafoodinspection.fr, chinainspection.com, africafoodinspection.com, africainspection.com, chinainspection.com, indiainspection.com and quality-control-in-china.com