Data Protection Policy
Haier is a Chinese multinational consumer electronics and home appliances company. It designs, develops, manufactures and sells products including air conditioners, mobile phones, computers, microwave ovens, washing machines, refrigerators, and televisions.
The headquarter is located in P. R. China but there are some Haier entities located in the South Asia.
Haier is particularly committed to conduct its business in accordance with the privacy and the protection of personal data of individuals.
The purpose of this Data Protection Policy (the “Policy”) is to inform you about the commitments made by Haier to ensure that your personal data are processed in compliance with the applicable relevant laws.
This Policy may evolve according to the legal and regulatory context and the doctrine of supervisory authorities.
Data Controller: means a person who either alone or jointly or in common with other persons processes any personal data or has control over or authorizes the processing of any personal data, but does not include a data processor;
Data Subject: means an individual who is the subject of the personal data;
Personal Data: means any information that relates directly or indirectly to a data subject, who is identified or identifiable from that information or from that and other information in the possession of a data controller, including any sensitive personal data and expression of opinion about the data subject which:
(i) is being processed wholly or partly by means of equipment operating automatically in response to instructions given for that purpose;
(ii) is recorded with the intention that it should wholly or partly be processed by means of such equipment; or
(iii) is recorded as part of a relevant filing system or with the intention that it should form part of a relevant filing system,
Provided that anonymized, encrypted or pseudonymized data which is incapable of identifying an individual is not personal data.
Processing: means collecting, recording, holding or storing the personal data or carrying out any operation or set of operations on the personal data;
Data Processor: in relation to personal data, means any person, other than an employee of the data controller, who processes the personal data solely on behalf of the data controller, and does not process the personal data for any of his own purposes.
The Policy is subject to the relevant local laws of the concerned Haier legal entity such as the Electronic Transactions Ordinance, 2002 and the Prevention of Electronic Crimes Act, 2016.
In case any of the terms/provisions herein are inconsistent or in contradiction with the applicable laws, the applicable laws shall prevail and the terms/provisions herein shall be interpreted and apply to the maximum extent permissible under the applicable laws.
Principles for processing Personal Data
Haier commits to ensure that Personal Data are:
· processed fairly and reasonably and lawfully manner;
· collected for specified, clear, legitimate purposes and limited to what is necessary
· accurate and, where necessary, kept up to date;
· kept for no longer than is necessary for the purposes;
· processed in a manner that ensures appropriate security.
Privacy of Data Subjects under the age of 18
Our products and services are not targeted to persons under the age of 18. We do not knowingly collect or process personal data from persons under the age of 18. Please note that if you are under the age of 18, you will need to provide us a written signed consent from your parent or guardian indicating that your parent or guardian has consented for us to process your data and send us the consent through contact information provided from the section of “Whom should I contact?”
Haier ensures that all its Processing are performed in accordance with the applicable laws.
Management is responsible for defining and structuring all processes where Personal Data can be collected, processed and/or used, that they comply with this Policy.
In particular, the following tasks are falling in the responsibility scope of the management:
· Ensuring that technical and organizational security measures are in place;
· Assuring that processes for the Personal Data collection, use and/or processing are compliant with the applicable laws;
· Monitoring on a regular basis the relevant applicable laws.
How do we process Personal Data?
In which context do we obtain Personal Data?
· By hiring people;
· By being contacted by customers, suppliers and/or other persons via our website, phone, email or any other mean;
· By prospecting new clients.
How do we respect the transparency principle?
Data Subjects are informed by the Haier legal entity which is collecting the Personal Data that his/her Personal Data are collected, used and/or processed and how his/her Personal Data are being handled by Haier.
In particular, Data Subjects are informed (i) of which types of Personal Data will be subject to Processing; (ii) for which specific purpose(s); (iii) to whom such Personal Data might be transmitted; (iv) how the Data Subject can exercise its rights and (v) of when personal data shall not be kept.
How do we use the Personal Data?
Personal Data are subject to data secrecy. Haier apply the following rules in order to prevent any unauthorized collection, processing or use of such data by its employees:
· Employees may have access to Personal Data only as is appropriate for the type and scope of the task in question;
· Employees shall not disclose Personal Data to unauthorized people, either within the company or externally;
· Employees shall request help from their manager or the Data protection officer (if applicable) if they are unsure about any aspect of data protection.
How do we respect data accuracy?
Haier ensures that Personal Data are accurate and, where necessary, kept up to date, by applying the following rules:
· Employees shall take every opportunity to ensure Personal Data are updated and the management shall ensure that relevant databases and systems are checked on a regular basis;
· Personal Data shall be updated as inaccuracies are discovered.
How do we store Personal Data?
Haier is aware that periods for which the Personal Data are stored must be limited to a strict minimum. To ensure safely storage, Haier applies the following rules:
· Personal Data shall be protected by strong passwords that are changed regularly and never shared between employees;
· Personal Data shall only be stored on designated drives and servers, and shall only be uploaded to an approved cloud computing services;
· Servers containing Personal Data shall be sited in a secure location, away from general office space;
· Personal Data shall be backed up frequently;
· All servers and computers containing Personal Data should be protected by approved security software and a firewall.
Transfer of Personal Data
As Haier is a multinational group, Personal Data may be transferred to countries located outside the Pakistan.
The transfer of Personal Data within Haier Group is subject to standard contractual clauses or intra-group schemes.
The transfers of Personal Data outside Haier Group are managed on a case-by-case basis.
Technical and organizational security measures
Haier has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk of each Processing.
These measures are detailed in the different security and IT policies of Haier.
Personal Data breach
In case of a data breach, Haier has implemented an internal process in order to prevent, detect and stop Personal Data breach as well to notify the relevant supervisory authority and, if applicable, the Data Subjects, in time.
Whom should I contact?
by post to
Haier Pakistan (Pvt) Limited.
Information Security Manager
[27 College Rd, Block D Block Q Gulberg 2, Lahore, Punjab 54660]
by e-mail to [email@example.com]
Done in Pakistan, on November 1, 2019