1. Basic Terms

This personal data processing policy has been prepared in accordance with the requirements of the Estonian legislation "On personal data" (hereinafter referred to as the Personal Data Act) and determines the personal data processing procedures performed by Rengang Yongsheng (hereinafter referred to as the Operator) and the measures to ensure the security of personal data.

1.1. The Operator regards respect for the rights and freedoms of individuals and citizens in the processing of personal data, including the protection of privacy, personal and family privacy, as its most important goal and condition.

1.2. This Operator’s Personal Data Processing Policy (hereinafter referred to as the Policy) applies to all information that the Operator may collect about visitors to the Website.

2. Basic concepts used in the policy

2.1. Automated processing of personal data – the processing of personal data using computer tools.

2.2. Blocking of personal data is the temporary suspension of the processing of personal data (unless there is a need to clarify the processing of the personal data).

2.3. Website – a collection of graphic and information materials, as well as software for computers and databases, which make these materials available on the Internet.

2.4. Personal data information system – a collection of personal data contained in a database and providing information technology and technical means for their processing.

2.5. Anonymization of Personal Data – the action of making it impossible to attribute Personal Data to a specific user or other Personal Data subject without the use of additional information.

2.6. Processing of personal data – any operation (transaction) or combination of operations (transactions) with personal data or unmanned tools, including collection, recording, systematization, accumulation, storage, clarification (update, modification), extraction, use, transfer (dissemination, provision, access), depersonalization, blocking, deletion, destruction of personal data.

2.7. Operator – state, local authority, law or natural person, which, independently or jointly with others, organizes and/or carries out the processing of personal data and determines the purposes of the processing of personal data, the composition of the personal data to be processed, the operations (transactions) performed with personal data.

2.8. Personal Data – any information relating directly or indirectly to a specific or clearly defined User of the Website.

2.9. Personal data that the personal data subject has permitted to be disseminated – personal data, to which the personal data subject has given permission for an unlimited number of persons to access, and to which the personal data subject has given permission to process the personal data in the manner prescribed by the Personal Data Act (hereinafter referred to as permitted to be disseminated personal data).

2.10. User – any visitor to the Website.

2.11. Provision of personal data – action aimed at disclosing personal data to a specific person or group of persons.

2.12. Dissemination of personal data – any action aimed at disclosing personal data to an unidentifiable group of persons (transfer of personal data) or making personal data familiar to an unlimited number of persons, including publishing personal data in the mass media, posting in information and telecommunication networks or providing access to personal data in any other way.

2.13. Cross-border transfer of personal data – the transfer of personal data to foreign state authorities on the territory of a foreign state, to a foreign natural person or a foreign legal entity.

2.14. Destruction of Personal Data – any action that leads to the permanent destruction of Personal Data from information systems of Personal Data and/or physical holders of Personal Data, making further recovery of the Personal Data content impossible.

3. Basic rights and obligations of operators

3.1. The Operator has the right to:

  • Receipt of reliable information from the personal data subject and/or documents containing personal data.

  • If the personal data subject withdraws consent to the processing of personal data, the Operator shall be entitled to continue processing the personal data on the grounds provided for in the Personal Data Act, even if the personal data subject has not given consent.

  • Determine at your own discretion the composition and list of measures necessary and sufficient to ensure the fulfilment of obligations under the Personal Data Act, unless otherwise provided for by the Personal Data Act or other federal law.

3.2. The Operator shall:

  • Provide personal data subjects with information about the processing of their personal data upon request;

  • Organise the processing of personal data in accordance with the procedures established by the laws in force in Estonia;

  • Respond to requests and demands from personal data subjects and their legal representatives as required by the Personal Data Act;

  • Provide the necessary information requested by the authority responsible for protecting the rights of personal data subjects to the authority authorized for protection of the rights of personal data subjects within 30 days from the date of receipt of the request;

  • Publish or otherwise provide unrestricted access to the personal data processing policy;

  • Take legal, organizational and technical measures to prevent personal data from being accessed, destroyed, altered, blocked, copied, provided, disseminated and other unlawful actions against personal data by unauthorized persons;

  • To terminate the transmission (dissemination, provision, access) of personal data, to stop processing and to destroy personal data in the cases provided for in the Personal Data Act, in the manner provided for in the Personal Data Act.

  • Perform other duties prescribed by the Personal Data Law.

4. Basic rights and obligations of personal data subjects

4.1. The personal data subject has the right to:

  • Receive information about the processing of their personal data, unless otherwise provided by federal law. The information will be provided in a form accessible to the personal data subject and shall not contain personal data about other personal data subjects, unless there is a legitimate reason for disclosing such personal data. The information and the procedure for obtaining it are regulated by the Personal Data Act.

  • Request the Operator to clarify, block or destroy their personal data if it is incomplete, outdated, inaccurate, obtained illegally or not in line with the stated processing purposes, and take the measures provided by law to protect their rights.

  • Requires prior consent for the processing of personal data in the promotion of goods, works and services on the market.

  • Withdraw consent to the processing of personal data.

  • lodge an objection to any unlawful act or omission of the Operator in processing their personal data with an authority or judicial process for the protection of the rights of the data subject.

  • Exercise other rights provided for by Estonian law.

4.2. The personal data subject must:

  • Provide operators with reliable data about themselves;

  • Inform the Operator of the clarification (update, modification) of their personal data.

4.3. A person who provides false information to the Operator or provides personal data about another subject without the latter's consent shall be liable under the Estonian law.

5. The Operator may process the following personal data of Users

5.1. Surname, given name, patronymic.

5.2. Email Address.

5.3. Telephone Number.

5.4. This website also collects and processes anonymous data about its visitors through internet statistics services (Google Analytics, etc.).

5.5. The above data is hereinafter referred to as personal data.

5.6. The Operator shall not process special categories of personal data concerning race, nationality, political opinions, religious or philosophical beliefs, private life, etc.

5.7. The personal data that may be disseminated include special categories of personal data as provided for in the Personal Data Act, if the prohibitions and conditions provided for in the Personal Data Act are met.

5.8. The processing of the User's personal data for which dissemination is permitted shall be carried out separately and separately from the consent for other processing of personal data. The conditions provided for in the Personal Data Act must be observed. Requirements for the content of such consent shall be established by the authority authorized to protect the rights of the subject of personal data.

5.8.1 The User shall provide the Operator with his/her consent to the processing of the Personal Data permitted for dissemination directly.

5.8.2 The Operator shall publish information on the processing conditions, prohibitions and permitted dissemination of personal data within three working days of receiving the User's consent.

5.8.3 The personal data subject may at any time request the termination of the transmission (communication, provision, access) of the personal data to which he/she has been permitted to be transmitted. The request must include the personal data subject's first name, last name, patronymic (if applicable), contact information (telephone number, e-mail address or mailing address) and the list of personal data for which the processing is to be terminated. After receipt of the request, the personal data specified in the request shall only be processed by the recipient operator.

5.8.4 Once the personal data subject sends a request in accordance with Section 5.8.3 of this Policy, the consent for processing of personal data permitted for dissemination will be terminated immediately.

6. Principles of personal data processing

6.1. The processing of personal data is lawful and fair.

6.2. The scope of processing personal data is limited to achieving specific, predetermined and legitimate purposes. Processing of personal data that is incompatible with the purpose for which the personal data was collected is not permitted.

6.3. The merging of databases containing personal data processed for mutually incompatible purposes shall not be permitted.

6.4. Personal data may only be processed if it is necessary for the purposes of the processing.

6.5. The content and amount of personal data processed shall be appropriate to the stated purposes of processing. Processing of personal data that is redundant with respect to the stated purposes of processing is not permitted.

6.6. The processing of Personal Data shall ensure the accuracy, adequacy and, where necessary, relevance to the purposes for which the Personal Data is processed. The Operator shall take the necessary measures and/or ensure that such measures are taken to delete or clarify incomplete or inaccurate data.

6.7. Personal data shall be kept in a form that allows identification of the personal data subject for no longer than is necessary for the purpose for which the personal data is processed, unless the retention period for personal data is established by federal law, a treaty involving the beneficiary or guarantor of the personal data subject. Processed personal data shall be destroyed or anonymized when the purposes of processing have been achieved or are no longer necessary for those purposes, unless otherwise provided by federal law.

7. Purpose of processing personal data

7.1. Purpose of processing users’ personal data:

  • Notify users via email

  • Signing, performing and terminating civil contracts

  • To provide users with access to the services, information and/or materials on this website.

7.2. The Operator also reserves the right to inform the User about new products and services, special offers and various events. The User may refuse to receive information at any time by sending an email to the Operator at compliance.license@gmail.com and marking it as “Refuse to receive notifications about new products, services and special offers”.

7.3. Anonymous data about users collected through Internet statistics services is used to collect information about users' activities on the website and to improve the quality and content of the website.

8. Legal Basis for Processing Personal Data

8.1. The legal basis for the Operator’s processing of personal data is:

  • Operator's statutory documents

  • Contract between the Operator and the Personal Data Subject

  • Other laws, regulations and legal acts in the field of personal data protection

  • The user agrees to the processing of their personal data and consents to the processing of personal data that allows dissemination

8.2. The Operator processes the Users’ personal data only if the Users voluntarily fill in and/or send their personal data through specific forms located on the Website or send them to the Operator by e-mail.

8.3. If the User's browser settings allow, the Operator will process the User's anonymous data (including saving "cookie" files and using JavaScript technology).

8.4. The personal data subject decides on his/her own whether to provide his/her personal data and provides consent voluntarily, on a voluntary basis.

9. Conditions for processing personal data

9.1. The processing of personal data shall be carried out with the consent of the personal data subject to the processing of his or her personal data.

9.2. The processing of personal data is necessary to achieve the purposes provided for in Estonian international treaties or laws, to enable the Operator to perform its functions, powers and obligations conferred by Estonian law.

9.3. The processing of personal data is for the exercise of judicial functions, the execution of a court decision, an order of another body or official, which is enforceable under the Estonian law on enforcement procedures.

9.4. The personal data is processed for the performance of a contract for which the beneficiary or guarantor of the personal data is the subject of the personal data and for the conclusion of a contract or for which the personal data subject is the beneficiary or guarantor.

9.5. Personal data is processed for the purpose of exercising the rights and legitimate interests of the Operator or a third party or for socially significant purposes, provided that the rights and freedoms of the personal data subject are not violated.

9.6. Processing of personal data that is accessible to an unlimited number of persons to whom the subject of the personal data is subject or to whom the personal data is made available at their request (hereinafter referred to as public personal data).

9.7. Processing of personal data the release of which is permitted or disclosure of which is mandatory in accordance with federal law.

10. Collection, storage, transfer and other processing of personal data

The security of personal data processed by the Operator is ensured by implementing legal, organizational and technical measures that fully comply with current legal requirements in the field of personal data protection.

10.1. The Operator shall ensure the preservation of Personal Data and take all possible measures to prevent unauthorized persons from accessing Personal Data.

10.2. The User's personal data shall not be transferred to third parties under any circumstances, except in connection with the implementation of applicable legislation or in cases where the subject of personal data has given his consent to the transfer of data to a third party in order to fulfil civil contractual obligations.

10.3. If the Personal Data are found to be inaccurate, the User may update them by sending a notification marked “Update Personal Data” to the Operator’s email address compliance.license@gmail.com.

10.4. The processing period of personal data is determined by the fulfillment of the purpose for which the personal data was collected, unless otherwise provided by contract or applicable law.

The User may withdraw his consent to the processing of Personal Data at any time by sending an e-mail to the Operator’s e-mail address compliance.license@gmail.com, marked “Withdrawal of consent to the processing of personal data”.

10.5. All information collected by third-party services (including payment systems, communication means and other service providers) is stored and processed by the designated person (Operator) in accordance with their User Agreement and Privacy Policy. The personal data subject and/or User is obliged to be informed of these files in a timely manner. The Operator is not responsible for the actions of third parties, including service providers designated in this paragraph.

10.6. The prohibition of the personal data subject on the transfer (except for the granting of access rights) and/or the processing (except for the granting of access rights) of personal data shall not apply in cases of public, public or other public interest provided for by Estonian law.

10.7. The Operator ensures the confidentiality of Personal Data when processing Personal Data.

10.8. The Operator shall keep personal data in a form that allows identification of the personal data subject for no longer than is necessary for the purposes of the processing of the personal data, if the retention period for personal data is not established by federal law or by agreement with the beneficiary or guarantor of the personal data.

10.9. The processing of personal data may be terminated if the purpose of the processing of personal data is achieved, the consent period of the personal data subject expires or the personal data subject withdraws consent, or if the personal data is found to be processed unlawfully.

11. Procedure for transfer of personal data

11.1. The Personal Data Subject and/or User may transmit his/her Personal Data to the Operator via the methods specified on the Website or to the Operator’s specified e-mail address.

11.2. The Operator is not responsible for the security of personal data transmitted via e-mail; the insecurity of such transmission is determined by the telecommunications operator between the Operator and third parties.

12. Final Provisions

12.1. Before starting a cross-border transfer of personal data, the Operator must ensure the security of the subject's personal data in the foreign country to which the personal data is transferred.

12.2. Cross-border transfers of personal data to foreign territories that do not meet the above requirements may only be carried out with the written consent of the personal data subject to the cross-border transfer of his personal data and/or for the performance of a contract to which the personal data subject is a party.

13. Final Provisions

The Operator and other persons who have access to personal data shall not disclose or distribute it to third parties.

Personal data may not be disclosed without the consent of the subject of the personal data, unless otherwise provided by federal law

14. Final Provisions

14.1. The User may obtain any clarification regarding the processing of his Personal Data by sending an email to the Operator’s email address compliance.license@gmail.com.

14.2. This document will reflect any changes to the Operator's policy on the processing of personal data. This policy will remain in effect for an unlimited period of time until it is replaced by a new version.

14.3. The current version of the Free Access Policy is available on the Internet.



CONTACT US

If you need more information or have any compliance-related consultation needs, please feel free to contact us. Our professional team will provide you with the best service.

Hong Kong: Rengang Yongsheng (Hong Kong) Co., Ltd. Mainland: Rengang Yongsheng (Shenzhen) Legal Services Co., Ltd.


Shenzhen: 1106, Building 1, Excellence Century Center, Futian District, Shenzhen (Does not accept business in the Mainland, interviews need to go to the Hong Kong office)

Hong Kong: Rengang Yongsheng, 19th Floor, Yishi Commercial Building, 253-261 Hennessy Road, Wan Chai, Hong Kong

Website: www.jrp-hk.com Hong Kong mobile: 852-92984213 (WhatsApp)

Mobile: +86 15920002080 [Regulatory Compliance Consulting/Hong Kong Lawyer Notarization]

Tel: +86-0755-83017248 Email: 200559081@qq.com


OUR PARTNERS

The employees interact with European regulators and government departments on a daily basis and are ready to represent your company in the most appropriate country. We highly value partnership and long-term cooperation in business and try to expand our partner network every year.

PLEASE LEAVE YOUR REQUEST