Privacy and Information Security

1. Privacy Policy
1. Personal data
Personal data refers to information that can be used to determine personal identity when used alone or in combination with other information. Such data will be submitted to us when you use our website, products or services, and when you interact with us, or we obtain it by recording how you interact with our website, products or services, for example, through cookies, etc. Technology. The data we collect depends on the website you visit or the products and services you use, and may include personal data such as your name, address, email address, and phone number. Our purpose of collecting personal data is to get in touch with you in order to provide corresponding services or send important notices.
2. Privacy Policy
ANTS ELECTRONICS LIMITED/Xicheng Intelligent IoT and its global subsidiaries (hereinafter referred to as "Xicheng", "us" or "our") are well aware of the importance of personal data to customers and users. For this reason, we attach great importance to the protection of personal data of customers and users, and have taken a series of measures to ensure that relevant businesses comply with applicable personal data protection requirements.
2.1 To ensure the effective implementation of personal data protection requirements, we have appointed a data protection officer (DPO).
2.2 We have adopted personal data protection methods and practices recognized by the industry. In the business scenarios where GDPR applies, we use the Data Protection Impact Assessment (DPIA) method to evaluate and reduce personal data security risks in products and services.
2.2.1 We require a full assessment of the personal data involved in products and services, and projects involving personal data must undergo DPIA;
2.2.2 Projects involving personal data must establish data lists and data flow diagrams;
2.2.3 Projects involving personal data must identify possible risks in the data processing process (including collection, use, storage, sharing, deletion, etc.), and take corresponding measures (including management, physical and technical measures) according to the risk level
2.2.4 After the implementation of the DPIA, the corresponding report must be output and approved by the DPO.
2.3. We have implemented technical measures including intrusion detection, access control, encryption, data leakage prevention, anti-spam, terminal security protection, vulnerability scanning, etc., and have tested the effectiveness of personal data protection measures through penetration testing.
2.4. We have established an emergency response mechanism for personal data leakage. In the event of a personal data leak, Xicheng will immediately initiate an emergency response process to try to reduce the possible losses caused by the personal data leak and ensure that the affected persons are properly notified.
2.5. We have established a continuous employee privacy policy training mechanism to ensure that every employee involved in GDPR can accurately understand the legal principles of data protection based on their specific job responsibilities, and strictly implement the company's applicable systems and procedures.
2.6. To ensure compliance, we have implemented necessary personal data protection technical audits and process audits.
2.7. We have obtained internationally recognized certifications and continue to undergo evaluation and appraisal, including TISAX, ISO 27001, etc.
Personal data protection is not only a legal requirement, but also a corporate social responsibility. We will continue to optimize products and services to ensure safety and privacy, and reduce the risk of personal data protection for customers and users.
3. Policy update
We reserve the right to update or modify this policy from time to time. If this policy changes, we will post the latest version of the policy here. If we make a major change to the privacy policy, we may also send you a notice of the change through different channels, for example, post a notice on our website or post a separate notice to you.
2. Contact us
1. Privacy policy contact information
Organization: Data Protection Officer (DPO)
2. Information security contact information
Organization: Security Office (SSO)
Phone: +86 755-89300765