MIXUEBINGCHENG Franchisee Privacy Policy
Latest update on: 12/10/2022
MIXUEBINGCHENG Co., Ltd. and its affiliates (mainly including MIXUEBINGCHENG Co., Ltd., Zhengzhou Baodao Trading Co., Ltd. and all subsidiaries of MIXUEBINGCHENG Co., Ltd. in the world) (hereinafter referred to as “MIXUEBINGCHENG” or “We”) attaches great importance to the personal information protection and privacy of franchisee applicants, franchisees and their employees (hereinafter referred to as the “franchisee” or “You”). We are fully aware of the importance of personal information to You and will take corresponding security protection measures to protect your personal information in accordance with the requirements of laws and regulations and mature industrial security standards. We hope that through this "MIXUEBINGCHENG Franchisee Privacy Policy" (hereinafter referred to as “this Privacy Policy”), We will clearly introduce to You how We process your personal information when You apply for and formally become a MIXUEBINGCHENG franchisee, use the "My MIXUE" APP, MIXUE Management System (hereinafter referred to as MMS) systems and when You interact with us in other ways, and the ways of access, correction, deletion and protection of this information We provide You with as well as how to contact us.
This Privacy Policy will help You understand the following:
1. How We collect and use your personal information;
2. How We use Cookies and similar technologies;
3. How We share, transfer and publicly disclose your personal information;
4. How We store and protect your personal information;
5. How You manage your personal information;
6. The protection of personal information of minors;
7. Notices and amendments;
8. How to contact us.
9. Appendix
[Special Notice] Please read carefully and fully understand this Privacy Policy before using the services We provide (key content is in bold or underlined to prompt your attention) and make your choices accordingly. Once choosing to use or continue to use our services, You consent to our processing of your information in accordance with this Privacy Policy. (If You have any questions about this Privacy Policy, You may contact us through the means provided in “VIII. How to Contact Us” herein).
Please note that this Privacy Policy does not apply to other third-party products/services that You access through our Services (“other third parties”, including your counterparties, any third party websites and third party service providers, etc.), as set forth in the Privacy Policy or similar statement of such third parties. We recommend that You read and confirm that You understand such Privacy Policy before accepting the relevant services and providing personal information.
I. How We collect and use your personal information
(I) Personal information collection
We may collect and use your personal information during your use of our services in the following scenarios, where the sensitive personal information is marked by us in an underlined form. If You refuse to provide such necessary information, You will not be able to use our services properly. We will collect and use your personal information for the following purposes as described in this Privacy Policy in accordance with the principles of justification, legality and necessity.
1. Inquiry on franchising
2. Apply for franchisee and other cooperation
When You submit an franchisee application, You need to provide personal information such as the applicant’s name, gender, age, contact number, date of birth, education, marital status, current place of residence, and self-introduction, etc.; in addition, You also need to provide information about your current work status, years of employment or business operation, name of company or project, position or job title, annual income, and other work or business experience; We also need to understand your knowledge of our franchise program and your franchisee proposal (such as the intended city, whether You have an intended store, whether You are willing to open stores across cities, maximum investment budget, source of funds, expected monthly net profit, expected payback period, planned number of stores, store management plan, and store opening plan) so that We may review your franchisee application. The specific types of personal information We may collect are subject to the type of store You are applying for.
The application You initiate in the MMS system may contain your identity information, contact information, property information, etc. Please be careful in displaying or providing it to others, and We will also try to de-identify the information when displaying the application information based on the availability of the information.
3. Face to face interview, store review and agreement execution
Interviews will be conducted either online or offline. We may record the interview in order to ensure the quality thereof. We will inform You individually and obtain your consent before the recording.
When You pass the interview and apply for a location review, You will need to provide the name of the contact point of your investment operation, your name, gender, age, mobile phone number, domicile, ID photo, store opening permit, and information about the store to be reviewed. After the store review is approved, You also need to provide your name, email address, education, place of origin, the name and phone number of the receiver, the receipt address, the account number for payment, the photo of the storefront, and the housing lease contract, so that we shall enter into the franchise contract with You.
4. Store operation and management
After You become a franchisee officially, We will provide support with respect to production, operation, information technology, and manage your store according to the agreement of the franchise contract. You may initiate various types of business work orders through “My MIXUE” APP and MMS system to obtain our support and assistance in production, operation, etc. During such process, We may collect, store and use the following information related to You, if You do not provide the relevant information, We will not be able to provide You with the appropriate support and assistance;
Information about the store and needs for product distribution is needed when You apply for product distribution;
In addition, We may collect the raw material order, food order, surveillance video, and other non-compliant store operation scenes of your store taken during on-site or long-distance inspection.
When You participate our events (including but unlimited to training and annual meeting), We may collect the name, gender, mobile phone number of the attendees.
5. Security safeguard to You
In compliance with laws and regulations, and in order to safeguard your account security, transaction security and system operation security, We will obtain your device information with your authorization, including the properties, connection and status information of your device, such as device model, unique device identifier (such as IMEI/androidID/IDFA/OPENUDID /GUID, SIM card, IMSI information, etc.), device MAC address, software list, telecom operators, etc., during your use of our services.
In order to strengthen the security during your use of the services and to prevent phishing site fraud and Trojan horse viruses more accurately, We may use or integrate your personal information and information that our affiliates and other related parties have obtained under your authorization or shared in accordance with the law. To make comprehensive judgments of your account and transaction risks, your usage habits and commonly used software information, etc. will be used, including verification of identity, prevention, detection and investigation of possible fraud, cyber viruses, cyber-attacks, and other security risks and violations of our or our affiliates’ agreements, policies or rules, to protect the legitimate rights and interests of You, other users, us and our affiliates, and to record some links that We consider to be risky (“URL”).
6. Auto-collection of personal information by us
In order to ensure the stable operation of our products and services, We will collect your browsing and search records and keep them as relevant weblogs, including your IP address, browser type, language used, operating system version, date and time of access, posted information, browsing, search, web requests, etc. We also need to keep appropriate logs to record the running status of our applets to comply with the laws and regulations of your country.
(II) Others
During the application of franchisee and store operation, You may be involved in the provision of personal information of others (e.g. choosing another person other than yourself as the receiver), please make sure You have obtained authorization of relevant person.
(III) Rules for using personal information
To satisfy your personalized needs, and to main and improve our service quality, We will use the below information subject to laws and regulations and by your specific authorization:
1. We may collect information that You voluntarily provide to us when You participate in a service survey, as well as information related to your interactions with our Affiliates and other related parties, in order to enable You to initiate customer complaints and to optimize the quality and processes of our customer service by us. We will inform You of the specific processing rules prior to collection and obtain your consent as required by applicable data protection laws.
2. We may invite You to participate in relevant events organized by us or third parties on a regular or occasional basis.
3. We may use personal information collected during the course of our business for statistical analysis and to improve operations, and use information that has been de-identified in a way that does not identify You and cannot be recovered, to create a database and to make commercial use of it.
If We use the information for purposes other than those set forth in this Privacy Policy, or if We use the information for purposes other than the specific purpose collected for, We will separately obtain your consent.
II. How We use Cookies and similar technologies
(I) Use of Cookies
To ensure the proper and efficient operation of the applet, to provide You with easy access experience, and to make recommendations that fit your interest, We will store small data files called Cookies on your device terminal/system. Cookies help You recall your information when You subsequently visit our relevant platforms, simplify the process of filling in your personal information (e.g. one-click login, etc.); help You optimize your choice and interaction with the advertisement; safeguard your data security, etc. We shall not use Cookies for any purpose other than those described in this Privacy Policy. You may manage or delete Cookies based on your preferences, may clear all Cookies stored on your computer or mobile device, and You have the right to accept or reject Cookies. Most browsers automatically accept Cookies, but You can usually modify your browser settings to reject Cookies if You wish; alternatively, You may clear all Cookies stored within the software. However, You may not be able to fully experience some of the convenience and security features of our services as a result.
(II) Use of Beacon network and similar technologies
In addition to Cookies, our applets often contain electronic images (called “single pixel” GIF files or “web Beacons”) and other similar technologies that can help count the users using the relevant platform or access certain Cookies, and We use web Beacons in the following ways:
1. We use web Beacons on our relevant platforms to count the number of visitors and to identify registered users by accessing Cookies.
2. We can provide personalized services on our relevant platforms by the information We obtained from Cookies.
III. How We share, transfer, and publicly disclose your personal information
(I) Share
We may share following personal information under following circumstances.
1. To share after obtaining your explicit consent or authorization.
2. Under legal circumstances, such as under legal request from administrative, judicial, or other competent authorities and with relevant procedures.
3. To share among the Affiliates: We may use and share among our Affiliates your personal information internally (which in some cases may include sensitive personal information) as necessary to provide You with consistent services, to facilitate the uniform management by You, for other purposes as set forth in this policy. This will include sharing your personal information with MIXUEBINGCHENG entities located outside of the country where the information was originally collected.
4. We may share information necessary to provide services to You, etc., with our business partners. Our business partners include but are not limited to the following types of partners: technology services, payment services, financial services, renovation business, etc.
5. Under agreement: When it is necessary to share with third parties based on the relevant agreements signed between You and us (including the electronic agreements and the platform rules signed online) or other legal documents.
Prior to any specific sharing, We will inform You of the name or names of third parties, contact information, the purpose and manner of processing, the type of personal information to be processed, and obtain your consent as required by applicable data protection laws. Please be aware that We will only share your personal information for lawful, legitimate, necessary, specific and explicit purposes, and that We will enter into strict information protection and confidentiality agreements with companies, organizations and individuals with whom We share personal information only to fulfil the purposes stated in this Privacy Policy, requiring them to comply with the agreements and take relevant security measures to protect your personal information.
(II) Transfer
As our business grows, We and our Affiliates may engage in mergers, acquisitions, asset transfers or similar transactions that involve the transfer of personal information, We will require the company or organization to which your personal information is transferred to continue to be bound by this Privacy Policy, or We may require that company or organization to seek your authorization and consent again. During such process, We may need to disclose your personal information to third parties such as auditors, law firms, consultants, etc., as a result of reasonable commercial arrangements such as due diligence at the request of a potential buyer.
(III) Public disclosure
We may disclose your personal information publicly only in the following circumstances and only if We take safety precautions that meet industrial standards.
Please be noticed that the information You voluntarily post or even publicly share when using our services may involve your or others’ personal information or even personal sensitive information, such as your transaction information, and various forms of information such as text, pictures or videos containing personal information that You choose to upload when submitting your review. Please consider more carefully when using our services whether to post or even publicly share relevant information.
(IV) Exceptions to obtaining prior consent to share, transfer or public disclose personal information.
Your prior authorized consent is not required for the sharing, transfer, or public disclosure of your personal information in the following cases.
1. In relation to the fulfilment of our obligations under laws and regulations.
2. Directly related to national security or national defence security
3. Directly related to public safety, public health, and significant public interests
4. Directly related to criminal investigations, prosecution, trial, and execution of judgments, etc.
5. For the purpose of safeguarding your or other individuals’ life, property and other significant legitimate rights and interests, whereas it is difficult to obtain your consent
6. Personal information that You disclose to the public on your own.
7. Personal information collected from legitimate publicly disclosed information, such as legitimate news reports, government information disclosure and other channels.
According to the law, if the personal information that has been de-identified is shared, transferred, or publicly disclosed, and it is ensured that the recipient of the data cannot recover and re-identify the subject of the personal information, We may process such data without separately notifying You or obtaining your consent.
IV. How We store and protect your personal information
(I) Storage of personal information
1. Storage period: unless otherwise regulated by laws and regulations or agreed by both Parties, We will only store your relevant personal information for the shortest period as necessary to realize the purpose.
2. Storage location: We generally store the personal information that We collect on servers/clouds located in the People's Republic of China, and We may also use third parties to store and process your personal information. However, We will only do so if the relevant party agrees to comply with our procedures and policies or if they have adopted equivalent security measures. We will complete the appropriate procedures in accordance with relevant laws and regulations, and We will also require the recipient of the data to process the personal information in accordance with this Privacy Policy and other relevant security and confidentiality measures to protect your personal information by standards that are no less than those required by the data protection laws and regulations of the country in which You are located.
3. Termination of operation: on circumstances such as termination of operation, We will give You at least 30 days prior notice, and delete or anonymize your personal information after operation termination.
(II) Protection of personal information
1. Data security measures. To safeguard your information, We have adopted various physical, electronic and managerial security measures to protect your personal information in accordance with industry standards, and have established a data classification and grading system, data security management rules, and data security development rules to manage and regulate the storage and use of personal information. MIXUEBINGCHENG provides comprehensive data security control through information contactor confidentiality agreements, as well as monitoring and auditing mechanisms to prevent unauthorized access, public disclosure, use, modification, damage or loss of your personal information, such as the use of SSL encryption technique when exchanging data (e.g. credit card information) between your browser and the “Service” and protection technology; providing HTTPS secure browsing on the website itself; using encryption technology to ensure data confidentiality; using trusted protection mechanisms to prevent malicious data attacks; deploying access control mechanisms to ensure that only authorized personnel have access to personal information; holding security and privacy training sessions to enhance employee awareness of the importance of protecting personal information.
2. Please be aware and understand that the Internet is not an absolutely secure environment, and We strongly recommend that You set a complex password and use a secure way to log into your account to help us ensure the safety of your account. If You find that your personal information has been leaked, especially your account or password, please contact us immediately according to the contact information provided in this Privacy Policy so that We can take appropriate measures.
3. Security incident. In the unfortunate occurrence of personal information security incidents, We will immediately set up a special emergency response team, initiate the emergency protocol, to prevent the expansion of security events, and notify You in a timely manner of the following related matters in accordance with the provisions of laws and regulations: the basic situation of the security incident and the possible impact, the disposal measures We have taken or will take, self precaution and risk reduction suggestion, remedial measures to You, etc. We will promptly inform You of the event-related information by email, letter, telephone, push notification, etc. When it is difficult to inform the subject of personal information one by one, We will take a reasonable and effective way to issue an announcement. At the same time, We will also take the initiative to report the disposition of personal information security incidents in accordance with the requirements of the regulatory authorities.
V. How You manage your personal information
You enjoy following rights regarding You personal information:
(I) You have the right to access, modify and delete your personal information.
You can manage your account information by accessing and modifying your profile and account information in your account. If You are unable to manage such personal information through the links above, You may contact us at any time using the contact information provided in the “How to Contact Us” section of this Privacy Policy. We will respond to your request for access within 15 days after the date of receipt of your feedback.
(II) Change the scope of your authorized consent or withdraw your authorization
You may change the scope of your consent or withdraw your authorization by deleting the information in the applet, changing privacy settings, or turning off the device permission function in the system. Please understand that once You have done so, We will not be able to continue to provide You with the services for which You have withdrawn your consent or authorization, but it will not affect the processing of personal information that has already been carried out based on your authorization. If You are unable to complete these actions through the links above, You may contact us at any time using the contact information provided in the “How to Contact Us” section of this Privacy Policy. We will respond to your request for access within 15 days of the date We receive your feedback.
(III) Cancellation of account
You have the right to cancel your MMS account by contacting us at the contact information provided in the “How to Contact Us” section of this Privacy Policy and communicating with us about your cancellation request, and We will complete the cancellation process within 15 days of the date We receive your cancellation request. After your cancellation is successful, We will delete your personal information or anonymize your personal information as soon as possible in accordance with the laws and regulations. For security purposes, We may require You to provide appropriate proof of your identity and the legitimacy of your request, and We will respond to your request within 15 days after receipt of your feedback and your identity verification.
(IV) Exercise of other legal rights of personal information subjects
If You wish to exercise other statutory rights as a subject of personal information under the laws of your country (for example, to request that We transfer your personal information to a third party designated by You if the statutory conditions are met), You may contact us at any time through the contact information provided in the “How to Contact Us” section of this Privacy Policy. We will respond to your request for access within 15 days after the date We receive your feedback.
We will respond to all requests for the exercise of data subject rights in accordance with the requirements of applicable data protection laws and in a timely manner. To the extent permitted by law or regulation, We may not be able to respond to your request to exercise your rights in the following circumstances.
Where your request is against our obligation to comply with the law or regulation;
Where the requested information is directly related to national security or national defence security;
Where the requested information is directly related to public safety, public health, or significant public interest;
Where the requested information is directly related to criminal investigations, prosecutions, trials and enforcement of judgments, etc.;
Where We have sufficient evidence of your subjective malice or abuse of rights;
Where it is in the interest of safeguarding your or other individuals' significant legitimate rights and interests, such as life and property, whereas it is difficult to obtain your own authorized consent;
Where responding to your request to exercise your rights will result in serious damage to your or other individuals’ or organizations'' legitimate interests;
Where the requested information involves trade secrets.
VI. Protection of personal information of minors
Please note that normally We do not voluntarily collect or process personal information from minors. Where We collect personal information from minors with the consent of their parents or guardians, We will only use or publicly disclose such information to the extent permitted by law, within the scope of the consent of the parents or guardians, or as necessary to protect the minor.
If You are a parent or guardian of a minor, You may contact us through the “How to Contact Us”information should You have questions about our handling of a minor’s personal information.
VII. Notice and modification
In order to provide You with better service, our business may change from time to time and this Privacy Policy may be adjusted accordingly. We will not reduce your rights under this Privacy Policy without your express consent. We may remind You to updates by sending out updated versions of the app or by other means. Please visit us regularly to keep up with our latest Privacy Policy. If You continue to use our Services, You agree to accept and be bound by the revised Privacy Policy as described above.
You can find out the date of update hereof by going to the “Last Updated on” section at the beginning of this Privacy Policy.
VIII. How to contact us
If You have any questions or concerns about how We use your personal information or this Privacy Policy, especially if You think our personal information processing has violated your legitimate rights and interests, You may contact us in the following ways, and We will respond to your request within 15 days from the date We receive your feedback.
You may contact us by postal express mail to 16/F, Block A, Hanhai Beijin, Intersection of Wenhua Road and North Third Ring Road, Jinshui District, Zhengzhou City, Henan Province, People’s Republic of China, 450003.
IX. Appendix
1. Personal information: refers to all kinds of information recorded electronically or otherwise that can identify a specific natural person or reflect the activities of a specific natural person, either alone or in combination with other information. The personal information that may be covered in this Privacy Policy includes, but is not limited to: basic personal information (including name, telephone number, gender, address, birthday, etc.); personal identification information (including ID card, military officer's license, passport, driver's license, etc.); network identification information (including system account number, IP address, email address and passcode, password, password protection answer related to the foregoing); personal property information (including bank accounts, transaction and consumption records, credit records and virtual property information, etc.); contact information (including address book information, friends list, etc.); personal Internet records (including website browsing records, click records, etc.); personal device information (including unique device identification code and other information describing the basic situation of commonly used personal devices); personal location information (including tracks, accurate positioning information, etc.) .
Please note that, information that cannot be used independently or in combination with other information to trace to your identity or connect to You directly is not personal information. If We are to use information that cannot establish connection to any specific person in combination with other information to identify natural person, or in combination with personal information, such information will be treated as personal information during the combination usage.
2. Personal sensitive information: refers to personal information that may endanger personal and property safety if leaked, illegally provided or misused, and is highly likely to lead to damage to personal reputation, physical and mental health or discriminatory treatment, etc. The personal sensitive information that may be involved in this Privacy Policy includes: personal identification information (including ID card, military officer’s license, passport, driver's license, student ID card, etc.); personal property information (bank account, transaction and consumption records, credit records and virtual property information, etc.); other information (whereabouts, address book information, precise positioning information, etc.); information of children under 14 years old.