Privacy Policy
Last Updated: October 1, 2020
This Privacy Policy (our "Privacy Policy") sets out how GREENSUN and our subsidiaries and affiliates ("GREENSUN," "we" or "us") collect, use and disclose personal information.
Overview of Privacy Practices
We think transparency is important. In this overview, we summarize the personal information we collect and how we use it, which is further explained in our Privacy Policy below. Keep in mind that the actual personal information we collect and how we use it varies depending upon the nature of our relationship and interactions with you. Also, in some cases (such as where required by law), we ask for your consent or give you certain choices prior to collecting or using certain personal information.
Categories of Personal Information Collected. Generally, we collect the following types of personal information:
Identifiers: includes direct identifiers, such as name, alias, user ID, username or unique personal identifier; email address, phone number, address and other contact information; IP address and other online identifiers; tax ID and other government identifiers; and other unique identifiers.
Customer Records: includes personal information, such as name, account name, user ID, contact information, employment information, and financial or payment information, that individuals provide us in order to purchase or obtain our products and services. For example, this may include information collected when an individual register for an account, purchases or orders our products and services, or enters into an agreement with us related to our products and services.
Commercial Information: includes records of personal property, products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
Usage Data: includes browsing history, clickstream data, search history, access logs and other usage data and information regarding an individual's interaction with our websites, mobile apps, and our marketing emails and online ads.
Audio, Video and Electronic Data: includes audio, electronic, visual, thermal, olfactory, or similar information such as, thermal screenings and CCTV footage (e.g., collected from visitors to our premises), photographs and images (e.g., that you provide us or post to your profile) and call recordings (e.g., of customer support calls).
Education Information: includes information you provide us or post to your profile about your education history.
Professional Information: includes professional and employment-related information such as current and former employer(s) and position(s), business contact information and professional memberships.
Inferences: includes inferences drawn from other personal information that we collect to create a profile reflecting an individual's preferences, characteristics, predispositions, behaviour, attitudes, intelligence, abilities or aptitudes. For example, we may analyse personal information in order to identify the offers and information that may be most relevant to customers, so that we can better reach them with relevant offers and ads.
Use of Personal Information. In general, we may use and disclose the personal information we collect for the following business and commercial purposes:
Providing and supporting our services
Supporting collaboration, networking, and projects
Communicating with you
Marketing and advertising
Personalizing content and experiences
Analysing and improving our services
Protecting GREENSUN, you, and others
Complying with legal obligations
In support of our general business operations
We want to make our policies on managing your data clear and understandable, so we've tried to write our Privacy Policy in plain English. We have designed this Privacy Policy to be as user friendly as possible. Each section of this Privacy Policy is labelled to make it easy for you to navigate - please click on a topic in the list above to find out more.
Updates
We may review or update this Privacy Policy from time to time to keep it up to date with legal requirements and the way we operate our business. We will place any updates on this webpage, so please check back regularly for updates. If we make fundamental changes to this Privacy Policy, we may take additional steps to notify you including by posting on our website, through pop-up notices, or via email.
Third-Party Websites
You might find links to external third-party websites on our website. This Privacy Policy does not apply to your use of a third-party website and we are not responsible for the privacy practices of any third party. You should check the privacy policies of any third-party websites for information on how these third parties process your personal information.
What personal information we collect and when and why we use it
In this section you can find out more about:
The types of personal information we collect;
When we collect personal information;
The different kinds of personal information we collect for certain services we offer;
How we use personal information;
The legal basis for using personal information; and
The collection of personal information from children.
Personal information we collect and use if you register to use or use one of our websites or services
Personal information that may be collected directly from you if you register to use or use one of our websites or services includes name, contact details, organization name and details, your own domain name, IP address, professional qualifications and billing details including credit card details.
We may also collect personal information such as IP address, device information and log information by using cookies. If you are a designer using our services, we will store the information on the profile you create and the content you choose to make available to other users, such as participation statistics, design concepts, design templates, service offerings, and messages and testimonials. We may also share this information with our third-party partners, including operators of other websites and platforms that choose to integrate our services into their websites and platforms, as part of providing services to you. We may also collect your tax information and information to verify your identity (passport, ID card or driver's license information).
If you are a customer using our services, we will store the information on the profile you create and the content you choose to make available to other users, such as design briefs, design contests, design concepts, and messages and testimonials.
We may process account behaviour for security purposes only to protect you from spam messages and to improve identification of spam and fraudulent activity.
We may also collect your personal information where you request information or materials from us, participate in surveys or polls, subscribe to our mailing list or join our social media pages. This information will typically be your name and email address, together with other information needed to respond to the particular campaign or your enquiry.
We also collect information about your marketing preferences including interests/marketing list assignments, record of permissions or marketing objections and website data.
Additionally, when you choose to provide a testimonial, we may use your testimonial for marketing purposes. If we offer a referral service from time to time and one of our users utilizes that referral service to tell a friend about our website, we will collect your name and email address from that user to send you a one-time email inviting you to visit our site. We store this information for the sole purpose of sending the one-time email and tracking the success of our referral program. You may contact us to remove this information from our database.
If you apply for a job with us, we collect information such as your contact details and the information you submit in your application and CV.
When we collect information
We collect information about you if you register with or use one of our websites or online services, purchase or use one of our services, contact us or work with us as a business partner.
We may collect information about you indirectly from other sources and combine that with information we collect through our services where this is necessary to help manage our relationship with you. These other sources may include third party software applications and social media platforms such as Facebook, Google+ and Twitter.
How we use the personal information we collect
In general, we use and disclose personal information for the following business and commercial purposes:
Providing and supporting our Services: we use personal information to provide and support our services, including to:
provide you with our services and to maintain, manage, promote and improve our services;
verify the identity of our designers;
provide a professional work environment;
enable you to access and use our services, including uploading, downloading, collaborating on and sharing content; and
provide you with support including technical support and troubleshooting for example, to reset your password.
Supporting collaboration, networking, and projects:
we use personal information in order to enable collaboration and networking, and connect customers with designers, including to:
enable you to communicate, collaborate and share content with users you designate; and
enable users to connect with designers, submit projects and receive bids for design services and to otherwise connect users and designers or other providers.
Communicating with you: to communicate with you about the services, including to:
send you notifications when you receive new messages;
provide you with information about the services and features;
administer surveys and questionnaires about the services; and
respond to your inquiries and requests.
Marketing and advertising: to support our marketing and advertising activities, including to:
contact you to let you know about updates to our services or information we feel may be of interest to you (see more in the "Direct marketing, profiling and analytics" section below)
better reach you with more relevant ads (both on our websites and on third-party websites); and
measure and improve our advertising and marketing campaigns.
Personalizing content and experiences: to tailor the content you see in order to provide content, features, and information that match your interests and preferences, to offer location customization and personalized help and instructions and to otherwise personalize your experiences.
Analysing and improving our services: to better understand how users access and use our services, for other research and analytical purposes, such as to evaluate and improve our services and business operations, develop new features, products, or services, and to otherwise improve our services and user experiences.
Protecting GREENSUN, you and others: to protect our business and secure our network and information technology, assets and the services, including to:
prevent and detect fraud, unauthorized activities, access and other misconduct
where we believe necessary to investigate, prevent or take action regarding suspected violations of our Terms of Use and other agreements, as well as fraud, illegal activities and other situations involving potential threats to the rights or safety of any person or third party; and
as necessary to defend our legal interests and rights protect you and conduct security investigations and fraud analysis (including to help us flag spam messages and to prevent unauthorized access to our services).
Complying with legal obligations:
to comply with the law or legal proceedings; For example, we may disclose information in response to subpoenas, court orders, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements. We also use your personal information for data analytics, particularly to understand how you use our services. We use aggregated information derived from the use of our services to provide GREENSUN with information on usage trends and product insight. This aggregated information is used to improve GREENSUN' services and products only.
Legal basis for using your personal information under GDPR and other relevant laws
Certain laws, including the General Data Protection Regulation (GDPR), UK Data Protection Act, and the Brazilian General Data Protection Act (LGPD), require that we inform you of the legal bases for our processing of your personal information. Pursuant to the GDPR (and other similar relevant laws, including the LGPD and the UK Data Protection Act), we may process personal information for the following legal bases:
Performance of contract: processing of your personal information which is required for us to perform obligations or exercise rights under contracts that you may have with us (for example, if you use our services).
Compliance with laws: to comply with our legal obligations (for example, maintaining information in accordance with tax, audit, or company law requirements and responding to legal process).
Our legitimate business interests: in furtherance of our legitimate business interests including:
to facilitate your participation in interactive features you may choose to use on our websites and services and to personalize your experience with the services by presenting content tailored to you.
to correspond with you, notify you of events or changes to our services, or otherwise respond to your queries and requests for information, which may include marketing to you.
to send you advertising material via email, such as surveys and promotions (except where consent is required under applicable laws).
to provide and personalize the services.
for data analysis, audits, fraud monitoring and prevention, and developing new products, enhancing, improving or modifying our websites, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities.
to protect and defend our legal rights and interests and those of third parties.
With your consent: where applicable laws require that we obtain your consent to collect and process your personal information, we will obtain your consent accordingly. When we obtain your consent, the GDPR (where it applies) and other applicable laws give you the right to withdraw your consent without penalty (e.g., you have agreed to receive marketing emails. By signing up or ticking "yes", you are agreeing to allow GREENSUN to use your data for outreach and marketing purposes. By unsubscribing, you revoke that consent.) You can do this at any time by contacting us using the details at the end of this Privacy Policy. In some jurisdictions (not including where the GDPR applies), your use of the websites may be taken as implied consent to the collection and processing of personal information as outlined in this Privacy Policy.
Children
Our services are not offered to persons under the age of 16 years old and we will not knowingly collect any personal data about children under 16 years old.
Sharing personal information with others
In this section you can find out more about how we share personal information:
within GREENSUN;
With third parties that help us provide our products and services; and
With government organizations and agencies, law enforcement and regulators.
We may also share your personal information in the manner and for the purposes described below:
With other companies within the GREENSUN group where such disclosure is necessary to provide you with our products or and services, including technical support or to manage our business. You can get a list of our group entities by contacting us;
With third parties that operate other websites and platforms and who choose to integrate our services into their websites and platforms. They use your personal information to the extent required as part of integrating our services into their websites and platforms;
With third parties who help manage our business and deliver services. Our contracts with third parties generally include an obligation for them to comply with this Privacy Policy and to use any personal information we share with them solely for the purpose of providing services to us. However, any personal information you agree to provide may be received by a third party and may be stored and used by them according to their privacy policy;
Where you direct us as part of the services we are providing to share your personal information with another user or to a third-party service provider in order to integrate our services with a service that they may provide, for example with a third-party printing partner, website builder or web development service provider so that they can provide you with a quote or service;
With government organizations and agencies, law enforcement, regulators to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies;
With credit reference agencies and organizations working to prevent fraud in financial services and spam activities;
If, in the future, we sell or transfer some or all of our business or assets to a third party, we may disclose information to a potential or actual third-party purchaser of our business or assets; and
We may share in aggregate, statistical form, non-personal information regarding the visitors to our website, traffic patterns, and website usage with our partners, affiliates, or advertisers.
Direct marketing, profiling and analytics
In this section you can find out more about:
How we use personal information to keep you up to date with our products and services;
How you can manage your marketing preferences;
When and how we undertake profiling and analytics; and
When and how we carry out automated decision making.
How we use personal information to keep you up to date with our products and services
We may use your personal information to let you know about our services or related services that we believe will be of interest to you. We may contact you by email or through other communication channels that we think you may find helpful. In most cases our processing of your personal information for marketing purposes is based on our legitimate interests, although in some cases (such as where required by law or where we use or process any of your Sensitive Personal Data (as defined under the GDPR)) it may be based on your explicit consent. In all cases, we will respect your preferences for how you would like us to manage marketing activity with you.
How you can manage your marketing preferences
To protect your privacy rights and to ensure you have control over how we manage marketing with you:
We will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you;
You can ask us to stop direct marketing at any time - you can ask us to stop sending email marketing, by following the "unsubscribe" or opt-out links in electronic communications or by adjusting your marketing preferences from within your online account. Alternatively, you can contact us; and
You can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained below.
We recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms as well as your preferences within your account with us.
When and how we undertake profiling and analytics
We undertake profiling to lock stolen accounts or accounts that are used for spamming/fraud.
If you have signed up to receive marketing updates, we may use profiling to ensure that marketing materials are tailored to your preferences and to what we think you will be interested in. This does not have any significant effect or a legal effect on you.
Cookies
A cookie is a small text file containing small amounts of information which is downloaded to / stored on your computer (or other internet enabled devices, such as a smartphone or tablet) when you visit a website.
Cookies may collect personal information about you. Cookies help us remember information about your visit to our website, like your country, language and other settings. Cookies allow us to understand who has seen which web pages and advertisements, to determine how frequently particular pages are visited and to determine the most popular areas of our website. They can also help us to operate our website more efficiently and make your next visit easier. Currently, our websites and services do not recognize browser do-not-track signals; see our Privacy Policy for information about how to control your cookie preferences on our websites.
Third-party analytics: We use Google Analytics, a web analysis service of Google Inc. ('Google'). Google Analytics uses cookies to monitor traffic to and use of our website and services. Information about the use of our services generated by these cookies is generally transferred to a Google server in the USA and stored there. Google uses this information on our behalf to evaluate your usage of our website and services, to compile reports on activities, and to provide additional analytics services connected with our services. We will not identify you to Google and will not merge personal and non-personal information collected through this service. You can prevent the use of Google Analytics cookies by adjusting the settings on your browser software as explained below, however, you may not be able to fully use all of the functions of our website and services if you do so. For more information about and to prevent Google's collection of data generated by your use of our website and services (including your IP address) you can download and install a Browser Plugin available at https://tools.google.com/dlpage/gaoptout?hl=en.
Transferring personal information globally
In this section you can find out more about:
How we operate as a global business and transfer data internationally; and
The arrangements we have in place to protect your personal information if we transfer it overseas.
Your personal information may be disclosed, transferred to or processed outside of your country of residence. If you are an individual in Australia this may include the United States of America, Germany, the Philippines and Brazil, where it will be subject to the laws of the country to which it is transferred. These jurisdictions may not have an equivalent level of data protection laws as those in your country.
We will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:
We ensure transfers within GREENSUN' group of companies will be covered by an agreement entered into by members of GREENSUN' group of companies (an intra-group agreement) which contractually obliges each member to ensure that personal information receives an adequate and consistent level of protection wherever it is transferred within GREENSUN' group of companies;
Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information is disclosed.
How we protect and store your information
Security
We store most of your personal information electronically. We implement and maintain technical and organisational security measures, policies and procedures, appropriate to the nature of the information concerned, designed to reduce the risk of accidental destruction or loss, misuse or interference or the unauthorised disclosure, access or modification to such information, which include, where appropriate, encryption of personal information in transmission, access controls, and written confidentiality obligations applicable to personnel and vendors who may access personal information.
Storing your personal information
We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this Privacy Policy. Where your information is no longer needed, we will ensure that it is disposed of in a secure manner.
In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.
Where you request that we delete your account from our system, we will lock the account and delete it from our servers within 30 days. However, in specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
Legal rights available to help manage your privacy
You may access or request correction of the personal information that we hold about you by contacting us. There are some circumstances in which we are not required to give you access to your personal information.
We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up to date, and complete.
Legal rights for individuals under GDPR and Similar Laws
If you are an individual based in or a resident of the European Union, United Kingdom, or Brazil, or a person to whom the GDPR, UK Data Protection Act or LGPD applies, there are additional rights available to you. Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information.
To access personal information;
To rectify / erase personal information;
To restrict the processing of your personal information;
To transfer your personal information;
To object to the processing of personal information;
To object to how we use your personal information for direct marketing purposes;
To obtain a copy of personal information safeguards used for transfers outside your jurisdiction; and
To lodge a complaint with your local supervisory authority.
If you wish to access any of the above-mentioned rights, we may ask you for additional information to confirm your identity and for security purposes, before disclosing personal information to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
You can exercise your rights by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Right to access personal information
You have a right to request that we provide you with a copy of your personal information that we hold and you have the right to be informed of; (a) the source of your personal information; (b) the purposes, legal basis and methods of processing; (c) the data controller's identity; and (d) the entities or categories of entities to whom your personal information may be transferred.
Right to rectify or erase personal information
You have a right to request that we delete your personal information or rectify inaccurate personal information, subject to certain exceptions under applicable laws. We may seek to verify the accuracy of the personal information before rectifying it.
You can also request that we erase your personal information in limited circumstances where:
it is no longer needed for the purposes for which it was collected; or
you have withdrawn your consent (where the data processing was based on consent); or
following a successful right to object (see right to object); or
it has been processed unlawfully; or
to comply with a legal obligation to which GREENSUN is subject.
We are not required to comply with your request to erase personal information if the processing of your personal information is necessary:
for compliance with a legal obligation; or
for the establishment, exercise or defence of legal claims.
Right to restrict the processing of your personal information
You can ask us to restrict your personal information, but only where:
its accuracy is contested, to allow us to verify its accuracy; or
the processing is unlawful, but you do not want it erased; or
it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
you have exercised the right to object, and verification of overriding grounds is pending.
We can continue to use your personal information following a request for restriction, where:
we have your consent; or
to establish, exercise or defend legal claims; or
to protect the rights of another natural or legal person.
Right to transfer your personal information
You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:
the processing is based on your consent or on the performance of a contract with you; and
the processing is carried out by automated means.
Right to object to the processing of your personal information
You can object to any processing of your personal information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests.
If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
Right to object to how we use your personal information for direct marketing purposes
You can request that we change the manner in which we contact you for marketing purposes.
You can request that we not transfer your personal information to unaffiliated third parties for the purposes of direct marketing or any other purposes.
Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction
You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the European Union.
We may redact data transfer agreements to protect commercial terms.
Right to lodge a complaint with your local supervisory authority
You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information.
We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
Contact us
The primary point of contact for all issues arising from this Privacy Policy is our Data Protection Officer. The Data Protection Officer can be contacted in the following ways:
Via e-mail: hoangtnth@gmail.com
Via mail:
CT1-S11 Chung cu Sky9, Lien Phuong, Khu Pho 2, Phuong Phu Huu, Quan 9
If you have any questions, concerns or complaints regarding our compliance with this Privacy Policy, the information we hold about you or if you wish to exercise your rights, we encourage you to first contact our Data Protection Officer or us. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by data protection laws.