Privacy Policy

1. Introduction

Welcome to the Privacy Policy of 常州鲸途国际贸易有限公司, operating as EchoIntel. We are located at Xinbei District, Longhutang Street, Longye Road, and Fengyuan Building 3, Room G209, Changzhou City, Jiangsu Province. This policy outlines how we collect, use, process, and protect your personal information when you use our website, products, and services. As a tech startup specializing in AI-driven data insights, we are committed to safeguarding your privacy and ensuring transparency in our data practices.

2. Information We Collect

We collect various types of information to provide and improve our services to you:

2.1. Personal Data You Provide Directly

• Contact Information: Name, email address, phone number, company name, and job title when you register for an account, subscribe to our newsletter, request a demo, or contact us.
• Account and Authentication Data: Usernames, passwords, and other credentials used to access our services.
• Payment Information: Billing address, payment method details (e.g., credit card numbers, bank account information) when you make a purchase.
• Communications: Records of your correspondence with us, including customer support inquiries, feedback, and survey responses.

2.2. Information Collected Automatically

• Usage Data: Information about how you interact with our website and services, such as IP address, browser type, operating system, pages viewed, time spent, features used, and referral URLs.
• Usage Analytics and Telemetry: Data on service performance, feature adoption, and diagnostic information to help us understand and improve user experience and product functionality.
• Device Information: Information about the device you use to access our services, including device type, unique device identifiers, and mobile network information.
• Cookies and Tracking Technologies: As detailed in our Cookie Policy, we use cookies and similar technologies to collect information about your browsing activities.

2.3. Information from Third Parties

• We may receive information about you from third-party service providers (e.g., analytics providers, marketing partners) if you have provided consent for them to share your data.
• When you integrate third-party services with EchoIntel via our API, we may access data from those services with your explicit authorization.

3. How We Use Your Information

We use the collected information for the following purposes:

• To Provide and Maintain Our Services: Fulfilling service requests, managing your account, processing transactions, and ensuring service uptime.
• To Improve Our Services: Analyzing usage patterns, troubleshooting issues, conducting research, and developing new features and products based on aggregated usage analytics and telemetry.
• To Communicate With You: Sending service updates, security alerts, administrative messages, marketing communications (with your consent), and responding to your inquiries.
• To Personalize Your Experience: Tailoring content and features to your preferences and needs.
• For Security and Fraud Prevention: Protecting our systems and users from fraudulent activities, unauthorized access, and other security threats.
• For Legal Compliance: Adhering to applicable laws, regulations, legal processes, and government requests.
• For Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction.
• API Access and Integration Data: Data accessed via API integrations is used solely to provide the specific services and features you authorize.

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Consent: Where you have given us explicit consent for a specific purpose (e.g., marketing communications).
• Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract (e.g., providing our services).
• Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, and your interests and fundamental rights do not override those interests (e.g., improving our services, security, fraud prevention).
• Legal Obligation: Where processing is necessary to comply with a legal or regulatory obligation.

5. Information Sharing

We may share your information with the following categories of third parties:

• Service Providers: Third-party vendors and service providers who perform services on our behalf, such as payment processing, data hosting, analytics, marketing, and customer support. These providers are contractually obligated to protect your data.
• Business Partners: With your consent, we may share information with business partners for joint marketing or service offerings.
• Legal Requirements: We may disclose your information if required to do so by law, in response to a court order, subpoena, or other legal process, or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business Transfers: In the event of a merger, acquisition, asset sale, or other business transaction, your information may be transferred to the acquiring entity.
• Aggregated or Anonymized Data: We may share aggregated or anonymized data that cannot be reasonably used to identify you for research, analytics, marketing, or other business purposes.
• API Access and Integration Data: Data provided to or accessed from third-party APIs as part of authorized integrations will only be shared or used as explicitly approved by you when setting up the integration.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The criteria used to determine retention periods include:

• The duration of your active account or subscription with us.
• Legal obligations or regulatory requirements that mandate longer retention periods.
• The nature and sensitivity of the data.
• The potential risk of harm from unauthorized use or disclosure.

Upon expiry of the retention period, your personal data will be deleted or anonymized.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right to Access: Request a copy of the personal information we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal information.
• Right to Erasure (Right to be Forgotten): Request the deletion of your personal information under certain circumstances.
• Right to Data Portability: Request to receive your personal information in a structured, commonly used, and machine-readable format.
• Right to Restriction of Processing: Request the restriction of processing your personal information under certain conditions.
• Right to Object: Object to the processing of your personal information in certain situations (e.g., for direct marketing).
• Right to Withdraw Consent: Withdraw your consent at any time if processing is based on consent.

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section below.

8. Data Security

We implement robust technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These measures include:

• Encryption: Encrypting data both in transit and at rest.
• Access Controls: Limiting access to personal data to authorized personnel on a need-to-know basis.
• Regular Audits: Conducting regular security assessments and audits of our systems.
• Incident Response: Maintaining a comprehensive incident response plan to address any potential data breaches promptly.
• Cloud Storage and Data Processing Locations: Your data may be stored and processed on secure cloud infrastructure, typically within geographical regions that comply with relevant data protection regulations. We ensure our cloud providers adhere to high security standards.
• Service Uptime and Incident Data Handling: In the event of service incidents, operational data may be temporarily processed to diagnose and resolve issues, always under strict security protocols and access limitations.

9. International Transfers

As a global tech company, your personal information may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. We ensure that such international transfers are conducted in compliance with applicable data protection laws, using appropriate safeguards such as Standard Contractual Clauses (SCCs) or other legally recognized mechanisms.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to remove that information from our servers.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Company Name: 常州鲸途国际贸易有限公司

Business Registration Number: 91320411MADH337131

Address: Xinbei District, Longhutang Street, Longye Road, and Fengyuan Building 3, Room G209, Changzhou City, Jiangsu Province

Email: privacy@echointel.com