HKC Co. LTD

Login/Registr
EN
EN
CN
Privacy Policy

Privacy Policy

Last Updated: 2025-09-17

Effective Date: 2025-09-17


HKC Corporation Limited and its affiliates (“HKC” or “we”) respect your privacy and are committed to protecting your personal information.


This Privacy Policy (“Policy”) explains how we collect, use, store, share, transfer, or otherwise process your personal information when you use our websites, mini-programs, official WeChat accounts, and any other products or services that display or link to this Policy (collectively, the “Services”).


Please read this Policy carefully. If you do not agree with any part of it, or if you have questions, we recommend that you stop using the Services and contact us using the details at the end of this Policy.


Important notices: We highlight in bold certain clauses that may materially affect your rights and interests, describe personal sensitive information we may process, or limit or exclude our liability in accordance with applicable law. Please pay special attention to these provisions.


Minors: Our websites, mini-programs, and official accounts are channels for displaying HKC corporate information and products and for business inquiries and communications. We do not provide Services to minors. If you are a minor—especially a child under the age of 14—please do not register as our user, and do not use our Services without the consent and guidance of your guardian.


Table of Contents

I.Definitions

II.How We Collect and Use Personal Information

III.Cookies and Similar Technologies

IV.How We Share, Transfer, and Publicly Disclose Personal Information

V.How We Protect Personal Information

VI.Your Rights and How to Exercise Them

VII.Third-Party Service Providers and Their Services

VIII.Storage of Personal Information

IX.Protection of Minors

X.Updates to This Policy

XI.How to Contact Us


I.Definitions


“Affiliates” means companies related to HKC by common ownership or control.


“Control” means the direct or indirect ability to influence the management or operations of an entity through ownership, voting securities, contracts, de facto relationships, or other means recognized by law.


“Third Party” means any company, natural person, or other organization other than you, HKC, and HKC’s Affiliates.


“Personal Information” means any kind of information, recorded electronically or otherwise, relating to an identified or identifiable natural person, excluding information that has been anonymized; the categories referred to in this Policy are listed in Section 2.


“Personal Information Handler” means the organization or individual that independently determines the purposes and methods of processing personal information (similar to a “data controller” under some regimes).


“Sensitive Personal Information” means personal information that, if leaked or illegally used, may easily lead to infringement of a natural person’s dignity or endanger their personal or property safety, including biometric identifiers, religious belief, specific identities, medical and health information, financial accounts, precise location/trajectory, and personal information of minors under the age of 14.


“De-identification” means processing personal information so that, without additional information, it cannot identify a specific individual (e.g., pseudonymization, encryption, hashing).


“Anonymization” means processing personal information to make it impossible to identify a specific individual and impossible to restore.


II.How We Collect and Use Personal Information


When you browse content that falls within the scope of this Policy (e.g., viewing products or solution materials), we do not collect your personal information. However, to enable certain basic business functions (such as business inquiries, recruitment, electronic nameplate services), we must collect and use necessary personal information. If you refuse to provide such necessary information, some basic functions may not be available in full.


We follow the principles of lawfulness, legitimacy, and necessity, and collect only the information required to achieve specific, reasonable purposes for the Services. If we intend to use your information for purposes not specified in this Policy, we will seek your consent again.


We may obtain personal information in three ways: (i) information you provide directly; (ii) information generated automatically when you use the Services; and (iii) information obtained indirectly through lawful sharing, transfers, or publicly available sources. For brevity, we do not repeat these collection methods under each function below.


We process your information for basic functions (required) and optional extended functions (voluntary):


(1)Basic Business Functions

Business Cooperation Inquiries. To allow you to submit inquiries about products and solutions, we need to collect name, contact details (phone, email), and your demand type (product/solution). These are necessary for providing inquiry services. If you do not provide them, we may be unable to follow up. You may optionally provide your organization name, industry, position, and budget to help us match the appropriate service team more efficiently; these fields are optional and not required to use the inquiry function.

Recruitment. To connect job applicants with opportunities at HKC, we collect and use the personal information contained in your resume as provided by you (name, contact details, education, work experience, etc.). Such information is used only for recruitment-related purposes.

Electronic Nameplate. To provide convenient electronic nameplate (electronic desk badge) services, we collect and use name, employer, position/title, and contact number as provided by users.


(2)Extended Business Functions

We do not currently provide extended business functions that require additional personal information. If we introduce such functions in the future, we will notify you (e.g., via pop-ups or inline explanations), disclose the related processing rules, and obtain your consent in advance.


(3)Statutory Exceptions to Consent

You understand and agree that, under applicable laws and regulations, we may collect and use personal information without your consent in the following circumstances:

1.where necessary to conclude or perform a contract to which you are a party, or to implement human resources management in accordance with lawfully formulated labor rules or lawfully concluded collective contracts;

2.where necessary to perform statutory duties or obligations;

3.where necessary to respond to public health emergencies, or to protect life, health, or property in emergencies;

4.where, for the public interest, personal information is processed within a reasonable scope for news reporting, public supervision, etc.;

5.where personal information you disclosed yourself or has been lawfully disclosed is processed within a reasonable scope (except where it would significantly affect your rights or you explicitly refuse);

6.other circumstances provided by laws and administrative regulations.

We may also provide additional notices, product statements, or supplemental privacy notices about specific products, services, or features. If such notices conflict with this Policy, the specific notice or supplemental privacy statement will prevail.


III.Cookies and Similar Technologies


(1)What Are Cookies

Cookies are text files stored on your browser or device when you visit certain websites. They can record visitor information, improve user experience, remember preferences, analyze behaviors, optimize content, and provide more targeted services.


(2)Cookies We Use

We use Baidu Tongji (Baidu Analytics) anonymized cookies to analyze user behavior (e.g., visit counts, browser types, popular pages, and traffic sources) for the purposes of optimizing content display, improving features, troubleshooting, and enhancing overall user experience. All data is processed in an anonymized manner and does not involve personal identification.


(3)Managing or Deleting Cookies

You can manage or delete cookies in your browser settings, including clearing cached data or blocking cookies. Blocking cookies may cause parts of some websites to function improperly and may affect your browsing experience.


IV.How We Share, Transfer, and Publicly Disclose Personal Information


(1)Sharing

We do not share your personal information with any third-party companies, organizations, or individuals, except in the following cases:

1.With your explicit consent. We will share your personal information after obtaining your explicit consent;

2.As required by law/regulation or by competent authorities. We may share your information as required by applicable laws or binding governmental requests;

3.With Affiliates. We may share necessary personal information with Affiliates of HKC for the purposes stated in this Policy. If an Affiliate changes the purposes or methods of processing, it will seek your additional consent;

4.With authorized partners. Within the scope permitted by law and only for the purposes stated in this Policy, some Services are provided by authorized partners. We may share certain personal information with partners to deliver better customer service and user experience. Partners are not permitted to use shared information for any other purpose. Current categories include technology service providers and other partners located within mainland China (e.g., infrastructure, service usage analytics, effectiveness measurement, customer service, payment facilitation, academic research/surveys). We conduct security reviews of partner APIs/SDKs and require strict data protection measures under our instructions, this Policy, and other confidentiality and security obligations.

Where a feature cannot be completed by us alone, we may share necessary information with third-party collaborators to ensure delivery. We contractually require recipients to meet our privacy protection requirements (e.g., data protection agreements, undertakings, and relevant policies).


(2)Transfer

We do not transfer your personal information to any company, organization, or individual, except:

1.With your explicit consent;

2.As required by applicable laws/regulations, legal proceedings, or mandatory administrative/judicial requests;

3.Corporate changes. If a service provider undergoes merger, division, dissolution, or bankruptcy and personal information needs to be transferred, we will inform you of the recipient’s name and contact details and require the new recipient to be bound by this Policy; if the recipient changes the purposes or methods of processing, it will seek your consent again.


(3) Public Disclosure

We will publicly disclose your personal information only:

1.with your explicit consent;

2.within the purposes and scope otherwise specified in this Policy;

3.where we determine, in accordance with law, that you have violated laws/regulations or seriously breached our agreements/rules, or where disclosure is necessary to protect the personal/property safety of third-party users or the public.


(4) Exceptions to Prior Consent for Sharing/Transfer/Disclosure

No prior consent is required where processing is:

1.related to national security or national defense security;

2.related to our performance of statutory duties/obligations;

3.directly related to public security, public health, or major public interests;

4.directly related to criminal investigation, prosecution, trial, or enforcement of judgments;

5.necessary to protect your or others’ life, property, or other major lawful rights where it is difficult to obtain consent (we will notify you after the emergency subsides);

6.information you have publicly disclosed yourself;

7.information lawfully collected from public sources (e.g., lawful news reports, government disclosures);

8.necessary to conclude or perform a contract at your request;

9.necessary to ensure the safe and stable operation of products or services (e.g., detecting/handling failures);

10.other circumstances provided by laws and administrative regulations.


Note: Sharing or transferring de-identified personal information such that the recipient cannot re-identify individuals does not constitute external sharing, transfer, or public disclosure of personal information. We may use anonymized data for big-data analysis (e.g., heat maps, insight reports) and may publicly share aggregated statistics without identity information.


V.How We Protect Personal Information


(1)Technical Measures

We use industry-standard physical, technical, and managerial safeguards to protect your information against unauthorized access, disclosure, loss, misuse, alteration, or destruction, including SSL, encryption at rest, de-identification, and access controls at our data centers. We employ encryption to enhance security, trusted protection mechanisms against attacks, access-control mechanisms to limit access to authorized personnel only, and categorized data management.


(2)Security Management System

We adopt industry-standard security measures, including appropriate organizational rules and security technologies to prevent unauthorized access, use, or modification and to avoid damage or loss. We operate an advanced data-centric security management framework covering the entire data lifecycle, including organizational design, policy development, personnel management, product technology, and personal information protection impact assessments.


(3)Personnel Security

We strictly manage employees and contractors who may access your information through role-based access controls, confidentiality agreements, and activity monitoring. We provide security and privacy training, maintain and implement incident response plans, and conduct regular drills.


(4)Security Reminders

1.Protect your credentials. Please keep your personal information and identity factors secure. If you suspect a leak, contact us immediately so we can take appropriate measures.

2.Incident notifications. In the event of a personal information security incident, we will notify you as required by law of the incident, potential impacts, measures taken or to be taken, suggestions to mitigate risks, and remedial actions. We may notify you by email, letter, phone, or push notification; if individual notice is infeasible, we will issue a public announcement. We will also report handling of incidents to regulators as required.

3.No absolute security. The internet is not absolutely secure. Despite our best efforts, we cannot guarantee absolute security. If our physical, technical, or managerial safeguards are compromised, leading to unauthorized access, disclosure, alteration, or destruction of personal information and causing harm to your lawful rights, we will bear corresponding legal responsibility in accordance with applicable law.


VI.Your Rights and How to Exercise Them


We respect your rights over your personal information. You may request explanations of our processing rules, and we will respond within 15 business days. For security, we may verify your identity before processing your request.


(1)Access/Copy

To access or obtain copies of your personal information generated during your use of the Services (except where confidentiality is required by law or notice is not required), please contact us using the details in Section 11.


(2)Rectification

If your personal information is inaccurate or incomplete, you may request rectification via the contact methods in Section 11.


(3)Deletion

You may request deletion (or anonymization) via the contact methods in Section 11. We will delete/anonymize where verified, including when:

1.you withdraw consent;

2.the processing purpose has been achieved, cannot be achieved, or is no longer necessary;

3.our processing violates laws/regulations;

4.we collected/used your information without consent;

5.our processing breaches our agreement with you;

6.you no longer use our products/services;

7.we no longer provide products/services to you, or the retention period has expired.

If we agree to delete, we will also notify entities that obtained your information from us to delete it, unless otherwise required by law or independently authorized by you.

Please note that deletion from active systems may not immediately remove data from backups, but we will delete it upon backup refresh. If legal retention periods have not expired, or deletion is technically infeasible, we will cease processing other than storage and necessary security measures.


(4)Change/Withdraw Consent

You may restrict or refuse processing, or withdraw consent, except where otherwise required by law. After withdrawal, we will cease collecting information related to the withdrawn permissions. Certain functions require basic personal information; after withdrawal we may no longer provide the corresponding Services, but prior processing based on your consent remains lawful.


(5)Account Deletion

You may request to delete your account. After deletion, we will stop providing Services tied to that account and will delete or anonymize related personal information unless a special legal requirement applies.


(6)Data Portability (Copies)

You may request a copy of your personal information via the methods in Section 11. Where technically feasible (e.g., compatible interfaces), we can, at your direction, transfer your personal information copy to a designated third party.


(7)Automated Decision-Making

We currently do not make decisions about you solely through automated processing.


(8)Complaints and Reports

We provide complaint/reporting channels. Please contact us per Section 11; we will handle your feedback in a timely manner.


(9)Handling Your Requests

You may be asked to submit a written request or otherwise verify identity. Reasonable requests are generally free of charge, but we may charge a cost-based fee for repetitive or excessive requests. We may refuse requests that are manifestly repetitive, require disproportionate technical effort (e.g., developing new systems or fundamentally changing practices), would risk others’ lawful rights, or are highly impractical (e.g., data on backup tapes).

We cannot respond to requests where:

1.related to our performance of legal obligations;

2.directly related to national security or defense security;

3.directly related to public security, public health, or major public interests;

4.directly related to criminal investigation, prosecution, trial, or enforcement;

5.where there is sufficient evidence of bad faith or abuse of rights;

6.necessary to protect your or others’ life or property where consent is hard to obtain (we will notify you promptly after the emergency ends);

7.responding would cause serious harm to your or others’ lawful rights and interests;

8.involves trade secrets.


VII.Third-Party Service Providers and Their Services


This Policy applies only to HKC’s Services that display or link to it. The Services may contain links or integrations (e.g., APIs) to third-party websites, products, or services that may collect your information. We strongly recommend that you carefully read their privacy policies and decide whether to visit or accept their offerings. We will exercise prudent reminders and basic reviews and will require such third parties to protect your personal information. If you identify risks in third-party pages, products, or services, please contact them directly for details of their privacy practices and stop relevant operations to better protect your rights.


VIII.Storage of Personal Information


(1)Location

In accordance with applicable PRC laws and regulations, we store collected personal information on servers located within mainland China, with appropriate security measures such as encryption. We do not transfer your personal information outside China without your consent.


(2)Retention Period

Unless otherwise required by law/regulation:

1.We retain personal information for the minimum period necessary to meet legitimate business needs (including providing Services and complying with legal, tax, and accounting requirements). Network logs related to operations and security incidents are retained for not less than six (6) months.

2.When there is no longer a legitimate business need to use your information, or when the retention period required by PRC law has expired, or when you request deletion, we will delete or anonymize your information. If deletion or anonymization is not possible (e.g., stored in backups), we will store it securely and isolate it from further processing.


(3)Cessation of Operations

If we discontinue Services or operations, we will promptly cease collecting personal information, provide advance notice as required by law, and, after the purposes of this Policy are fulfilled and statutory/ regulatory retention periods expire, delete or anonymize your personal information (unless otherwise required by law or regulators).


IX. Protection of Minors


We value minors’ privacy. Given the nature of our Services, we do not provide Services to minors. If we discover that we have collected minors’ information without verifiable parental or guardian consent, we will endeavor to delete such information as soon as possible.


X.Updates to This Policy


We may update this Policy due to legal/regulatory changes or business developments. We will not reduce your rights under this Policy without your explicit consent. We will post any changes on this page.


For material changes, we will provide more prominent notice (e.g., in-app pop-ups upon login or version updates) describing the specific changes and will seek your consent again. Material changes include, but are not limited to:

1.significant changes to our service model, such as processing purposes, types of personal information processed, or how information is used;

2.significant changes in ownership or organizational structure (e.g., business adjustments, bankruptcy/merger leading to ownership changes);

3.changes to the primary recipients of personal information sharing, transfers, or disclosures;

4.significant changes to your rights to participate in processing and how to exercise them;

5.changes to the responsible department, contact methods, or complaint channels for personal information security

6.where a personal information protection impact assessment identifies high risks;

7.other changes that may significantly affect personal information rights and interests.


XI.How to Contact Us


We have established a personal information protection department and appointed a personal information protection officer. For questions, comments, or suggestions regarding your personal information, please contact us:

1.Address: 1/F–3/F & 5/F–7/F, Building 1, and 7/F of Building 6, HKC Industrial Park, No. 1 Gongye 2nd Road, Shilong Community, Shiyan Sub-district, Bao’an District, Shenzhen, China

2.Email: hkc@szhk.com.cn


We will review your request as soon as possible and, after verifying your identity, will respond promptly—generally within 15 business days. If we cannot respond as requested, we will notify you within the time required by law and explain the reasons.


If you remain dissatisfied—especially if you believe our processing has infringed your lawful rights—you may seek resolution through external avenues: You may bring a lawsuit before the court(s) with jurisdiction in Bao’an District, Shenzhen, which is deemed the place where this Policy is concluded.