Purpose

CIG SHANGHAI Co., LTD., located at 5^th Floor, Building 8, 2388 Chenhang Road, Minhang District, Shanghai, 201114, China, its affiliates and subsidiaries (collectively, “CIG”, “we”, “us”, or “our”), are committed to protecting the privacy of visitors to our websites and users of our products and services.

This Privacy and Cookies Notice ("Notice") will explain how we collect, use, share, and otherwise process individually identifiable data (“Personal Data”) about visitors and users of our Services (defined below), contact persons of our customers, prospects, distributors, sales representatives, vendors, investors, suppliers, and individual end-users of CIG products or services.

Scope

This Notice applies to Personal Data that we may collect through our public websites, mobile applications, or through any CIG products or services that link to this Notice (collectively, the “Services”), as well as offline through contact forms or other communications with CIG personnel.

If you purchased or received CIG equipment, such as a router or other wireless access device from your broadband network provider, this Notice applies to Personal Data we may collect through our software applications and services, such as the Optim Cloud service, if you choose to use those Services with our equipment. The categories of Personal Data we may collect, the purposes for which we use Personal Data, and with whom we share Personal Data when you choose to use specific CIG Services are discussed below.

Personal Data about our employees, contractors, and other CIG temporary workers are addressed through internal company policies and procedures, and are outside the scope of this Notice.

The Services may contain links and references to other websites administered by unaffiliated third parties. This Privacy Statement does not apply to such third-party websites. When you click a link to visit a third-party website, you will be subject to that website's privacy practices. We encourage you to familiarize yourself with the privacy and security practices of the linked third-party websites before providing any Personal Data on that website.

Topics addressed:

1. Collection of Personal Data

2. Use of Personal Data

3. Sharing of Personal Data

4. Marketing

5. Cookies

6. Data Subject Rights

7. Data Security

8. Data Retention

9. Cross-Border Data Transfers

10. Children’s Data

11. Notice to California Consumers

12. Links to Third-Party Websites

13. Other Issues

14. Changes to Our Privacy Policy

15. Contact Us

1.    Collection of Personal Data

When you use, or interact with us in relation to our Services, we may collect Personal Data about you through various means such as: if you contact us through our webpage; if you voluntarily complete a customer survey or provide feedback via email; register as a user for a CIG Service; or through the use of cookies and other tracking technologies while you are interacting with our websites.

We may collect the following categories of Personal Data:

·         Basic Data: Name, email address, phone number, company, job title

We may also automatically collect the following data when you use certain Services:

·         Device Data: IP address, browser type, device information, and interaction data. Note, however, that we do not consider Device Data to be Personal Data except where we link it to you as an individual or where applicable law requires. Cookies and Tracking Technologies: We may use cookies, web beacons, and similar technologies to track user activities and improve our websites. See section 10 below for more information regarding our use of these technologies.

2.    Use of Personal Data

We use the above categories of Personal Data for the following purposes:

3.    Sharing of Personal Data

We may share Personal Data with the following categories of recipients:

·         Affiliates: within the CIG group of companies, as necessary for the purposes described above.

·         Business Partners: with certain trusted business partners for CIG products and services, where we have customer consent to do so. Our Business Partners include broadband network providers who provide access to CIG equipment and our related Services, such as Optim Cloud, in connection with the products and services they provide to customers.

·         Service Providers: To help us operate our website (e.g., hosting, analytics, payment processors).

·         Auditors and advisors: with auditors for the performance of audit functions and advisors for the provision of legal and other advice.

·         Business reorganization: with any corporate purchaser or prospect to the extent permitted by law as part of any merger, acquisition, sale of company assets, or transition of service to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal Data would be transferred as an asset of CIG.

·         Mandatory disclosures and legal rights: in order to comply with any subpoena, court order or other legal process, or other governmental request. We also share Personal Data or protect our legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims.

4.    Cookies

We may use cookies, web beacons, and similar tracking technologies (collectively, “cookies”) on our websites when you use the Services.

What Are Cookies?

Cookies are small amounts of data that are stored on your browser, device, communication, or the page you are viewing. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognized when you return to a website. If you are in the EU, we obtain your consent for non-essential cookies in compliance with GDPR.

How do we use cookies?

CIG uses cookies in a range of ways to improve your experience on our websites, including:

·         To provide the Services;

·         To gather information about your usage patterns when you navigate our websites or other Services in order to enhance your personalized experience;

·         To improve our websites, products, and Services; and

·         To keep you signed in to websites and Services for registered users.

What types of cookies do we use?

There are a number of different types of cookies, however, our website uses:

• Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

• Functional Cookies: We may use these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
•  Targeting Cookies: We may use these cookies to collect information about your visit to our websites, the content you viewed, the links you followed and information about your browser, device, and your IP address. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

How to manage your cookies

You can set your browser not to accept cookies, or remove cookies from your browser. However, in a few cases, some of our website features or certain Services may not function as a result.

5.    Data Subject Rights

Where required by applicable law (such as the GDPR, CCPA, or PIPL), you may have the right to obtain confirmation that we maintain certain Personal Data relating to you and the corresponding processing activities, to verify its content, origin, and accuracy, as well as the right to access, review, port, delete, anonymize, or block or withdraw consent to the processing of certain Personal Data (without affecting the lawfulness of processing based on consent before its withdrawal). You also have the right to object to our use of your Personal Data for direct marketing and in certain other situations at any time. In particular, you have the right to object to our use of Personal Data for direct marketing and in certain other situations at any time. Contact us below for more details. Please note that we need to retain certain Personal Data as required or permitted by applicable law.

If you would like to exercise any of these rights, please contact us using our contact information listed under the Contact Us section below.

6.    Data Security

CIG takes reasonable steps to protect your Personal Data using industry-standard security measures. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee the absolute security of your data.

7.    Data Retention

CIG retains Personal Data for as long as necessary to fulfill the purposes outlined in this Notice, unless a longer retention period is required by law. Once the data is no longer needed, CIG will securely delete or anonymize it.

8.    Children’s Data

The Services are not intended for use by children under 13 years of age. If we learn that we have collected Personal Data through our websites or through any other part of the Service from a child under 13 without the consent of the child’s parent or guardian as required by law, we will delete it. We encourage parents or guardians with concerns to contact us.

9.    Notice to California Residents

If you reside in the United States in the state of California, we are required by California law to provide you with additional information about how we use and disclose your information, and you may have additional rights with regard to how we use your information. We have included this California-specific information below.

CA Personal Information. Consistent with the "Collection of Personal Data" section above, we may collect certain categories and specific pieces of information about individuals that are considered "Personal Information" in California ("CA Personal Information"). Specifically, we may collect the following types of CA Personal Information:

• Identifiers: name, telephone number, email address, username and password for our websites, IP address;
• Commercial information: products or services purchased, obtained or considered, other purchasing or consuming histories or tendencies, payment information, transaction history;
• Internet or other electronic network activity information: computer and connection information, statistics on page views, traffic to and from the websites, ad data and other standard weblog information.

Sources. We may collect certain categories of CA Personal Information from you and other third parties as described in the "Collection of Personal Data" section above. The categories of third parties from whom we collect CA Personal Information may include the following:

• Third-party partners (e.g., distributors, certified installers);
•  Advertising networks; and

Purposes. We may collect the CA Personal Information for the business and commercial purposes described in the "Use of Personal Data" section above. We may also share and/or disclose your CA Personal Information as follows:

·         Sharing your CA Personal Information for business purposes: As described above in the "Sharing of Personal Data" section, we may share the following categories of your CA Personal Information with third party partners, public or government authorities and future business partners for our business purposes:

§  Identifiers,

§  Commercial Information,

§  Internet or other electronic network activity information

As described above, examples of business purposes may include product and service fulfillment, internal operations, prevention of fraud and other harm, and legal compliance.

·         Sharing your CA Personal Information for other purposes: We may share the following categories of your CA Personal Information with third party partners in a manner that constitutes a "sale" under California law:

§  Identifiers,

§  Commercial Information,

§  Internet or other electronic network activity information

This information may be shared for the following purposes: marketing, analytics, product or service performance measurements.

We do not knowingly share the CA Personal Information of individuals under 16 years of age, in a manner that constitutes a "sale" under California law.

California Consumer Rights. Subject to certain exceptions, as a California resident, you have the right to: (i) request access to your CA Personal Information; (ii) request deletion of your CA Personal Information; (iii) request information about the CA Personal Information about you that we have disclosed and/or "sold" (as such term is defined under California law) to third parties within the past 12 months; and (iv) opt-out of the "sale" of your CA Personal Information, as detailed above.

• Do Not Sell My Information. To opt-out of the "sale" of your CA Personal Information as described in this section, click here.
• Exercising other California consumer rights. Should you wish to request the exercise of your other rights as detailed above with regard to your CA Personal Information, we will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of products, based solely upon this request. You also have the option of designating an authorized agent to exercise your rights on your behalf. For authorized agents submitting requests on behalf of California residents, please contact us as described below, with any evidence you have that you have been authorized by a California consumer to submit a request on their behalf.

10.  Links to Third-Party Websites

Certain parts of the Services contain links and references to other websites administered by unaffiliated third parties. This Notice does not apply to such third-party websites. When you click a link to visit a third-party website, you will be subject to that website’s privacy practices. We encourage you to familiarize yourself with the privacy and security practices of the linked third- party websites before providing any Personal Data on that website.

11.  Other Issues

What is the legal basis of processing?

Some jurisdictions require an explanation of the legal basis for the collection and processing of Personal Data. We have several different legal grounds on which we collect and process Personal Data, including, without limitation: (a) as necessary to perform a transaction (such as in order to provide the products and services you requested); (b) as necessary to comply with a legal obligation (such as when we use Personal Data for record keeping to substantiate tax liability);

(c) consent (where you have provided consent as appropriate under applicable law, such as for direct marketing or certain cookies); and (d) necessary for legitimate interests (such as when we act to maintain our business generally, including maintaining the safety and security of the Site). With respect to legitimate interests, given that we are primarily a B2B company, we typically collect and process limited Personal Data about customer contacts and other individuals acting in their business capacities, as part of our overall effort to reduce the privacy impact on individuals.

What are the consequences of not providing Personal Data?

You are not required to provide all Personal Data identified in this Privacy Statement to use our Services or to interact with us offline, but certain functionality will not be available if you do not provide certain Personal Data. If you do not provide certain Personal Data, we may not be able to respond to your request, perform a transaction with you, or provide you with marketing that we believe you would find valuable.