Privacy Policy
Effective Date: 16/ 1/ 2025
Welcome to use our SaaS software services
(the "OKKI products"). We are committed to ensuring the
security of your personal data in compliance with applicable laws and
industry best practices. To facilitate your understanding of how we collect, use, share, store, and
protect your data, we have created this Privacy Policy. It
also outlines how you can manage your data. If you have any questions, comments, or
suggestions regarding the contents of this Privacy Policy, please feel free to contact us using the
contact details provided within th
is
Policy.
This Privacy Policy will help you understand the
followings:
1.
Scope of application of this Privacy Policy
2.
How do we collect and use your data
3.
How do we share, transfer, and publicly disclose your data
4.
How do we store and protect your data
5.
What rights can you exercise to dispose of our information that you
collect
6.
How do we use Cookies
7.
How
do
we update this Privacy Policy
8.
How
can
you contact us
OKKI products include
OKKI Leads AI product
and other software services that we
may launch in the future. The specific name shall be subject to the actual situation or the information
in the Order S
he
et (if any), and the launch of the specific
product shall be subject to the actual release time. OKKI products are mainly aimed at export
enterprises
, and
our
users exclude minors under the age of
18.
this Privacy Policy applies to OKKI products. If OKKI products are used in the products and / or
services of our affiliated parties but
their products
do not have independent privacy policy,
this Privacy Policy also applies to such products and / or
services. In particular, this Privacy Policy does not apply to services provided by
third parties embedded or connected in OKKI products (hereinafter referred to as
"Third-party services"), such as Facebook communication services connected in OKKI products, email services provided by email providers, etc. The information you
provide to the third-party service provider is not applicable to this Privacy Policy, so before you choose to use the
third-party service, please fully understand the product functions and privacy protection policy, before
you decide whether to use the service.
Under this Privacy Policy, you can be a user of OKKI products, or a potential customer of the user. You are a user when you use
OKKI products as an authorized representative of the customer,
or
you are a potential customer ("
p
otential customer") of the user when your personal data related to your business
interest or profession is used in OKKI products.
We process two types of data related to our services: user data and
prospect data.
(a)
Log-on
data
. When you create an OKKI account, you need to
provide your name, company, mailbox used in your work.
(b)
Authentication information. When you log in to your OKKI account through
other third-party accounts such as wechat, we will collect your authentication information from the
third-party authentication. For example, if you log in through your wechat account, we will collect your
wechat nickname and Open ID from wechat.
(c)
Automatically collected information. When you create an OKKI account, we
automatically collect certain information about you and your device, including IP address, login
security verification, registration date, device information (including device model, computer operating
system version, language and browser type). We may also collect information about your use of
OKKI products, such as when you subscribe to or renew your
OKKI products to provide you with quality
service.
(d)
Email tracking data. Information tracked by users using email,
including the subject of the email, the sender and recipient, whether the message was read, when the
message was opened, IP address, and number of times.
(e)
Business and communication data. Business communication information with their
customers (i. e., buyers), prospects, suppliers, colleagues or other contacts when users confirm the use
of communication functions such as email in OKKI products.
(f)
Integrated with the API data. Interface data generated by API docking with
OKKI products when users connect third-party services with
OKKI products.
(g)
AI data. When users generate content using functions
related to artificial intelligence, or optimize or analyze relevant content and search results, we will
collect and process the text content input by users and the text content generated by AI.
(h)
Users stored data. Relevant personal data of potential customers
and buyers stored by users in OKKI products.
(i)
Notification information. If you open notifications, we can send you
information related to your use of OKKI products.
(j)
Cookies Data. On our website, we use Cookies and other
tracking techniques for a variety of purposes, including analysis, marketing campaigns, remembering your
preferences, etc. Such use may involve transferring information from us to you, as well as from you to
third-party websites.
(k)
Added potential customer data. We collect and process third-party personal
data (mainly related to the business interests or occupations of individual subjects) shared by users to
us, or entrusted by us and provided to other users. Such information includes email, name, industry,
current and previous positions, location, social media accounts / links.
(l)
Stockd potential customer data. We collect and process business-related information
such as business name, address, website, business basic profile, contact numbers, and corporate social
media. In some cases, this information may include personal data, such as your personal name and / or
last name, position, affiliation, email, phone number.
We will only use the personal data we collect, as well as the personal
data you share with us, for the purposes listed in this Privacy Policy. In different scenarios and for
the purposes outlined below, we will collect and use user or potential customer personal data in
different roles:
2.3.1 We are the controller of personal data when we collect and use
users’ data that have access and use OKKI products to provide basic product functionality and we collect and use
data about the data subject to create and maintain our database.
|
purpose
|
data type
|
l
egal basis
|
data source
|
|
Create and log in to the OKKI account
|
(a) Log-on data
(b) Authentication information
(c) Automatically collected information
|
Your consent
Required for the performance of the contract
|
Users provide and collect from a third party
|
|
Maintain the security and adaptation of the OKKI account
|
(a) Log-on data
(b) Authentication information
(c) Automatically collected information
|
Your consent
Required for the performance of the contract
|
Users provide, we collect from users
|
|
In the process of after-sales service, identity verification,
troubleshooting, and feedback of after-sales progress
|
(a) Log-on data
(b) Authentication information
(c) Automatically collected information
|
Your consent
|
Users provide, we collect from the users
|
|
Safety assurance and fault analysis
|
(a) Log-on data
(b) Authentication information
(c) Automatically collected information
|
Your consent
|
Users provide, we collect from the users
|
|
Analyze, develop, and improve OKKI products and
functions
|
(c) Automatically collected information
(g) AI data
(j) Cookies data
|
Your consent
|
We collect from the users
|
|
Send the information related to the use of the OKKI products
|
(a) Log-on data
(c) Automatically collected information
(i) Notification information
|
Your consent
|
Users provide, we collect from the user
|
|
Maintain the prospect contact information database
|
(l) Stockd potential customer data
|
legitimate interest
|
We collect from potential customers
|
2.3.2 When users utilize our services, the client acts as the data
controller, while we, as the data processor, handle the relevant personal data based on the controller's
instructions. By subscribing to the OKKI products, the client agrees to pay for and use the standardized data
processing services provided by the OKKI products. As the controller of the data, the client shall ensure that the processing of the relevant data has
obtained the consent of the personal data subject or has other legal basis as stipulated by the
applicable law. As the authorized representative of the client, when using OKKI products, if you have any questions or comments about the collection purpose,
scope or use method of the personal data controlled by the client, please contact your enterprise for processing.
|
purpose
|
data type
|
legal basis
|
data source
|
|
On behalf of the client, we process users' personal data to enable them
to use the functions of the OKKI product
|
(d) Email tracking data
(e) Business and communication data
(f) Automatically collected information
(g) Integrated with the API data
(h) Users stored data
|
Your consent
|
Users provide
|
2.3.3 When the user shares the third party personal data you obtain with us, the user and us, as the joint controller of
the personal data (see Appendix: Joint Controller Agreement for details), will jointly decide with the user about the purpose and means of processing the personal data.
|
purpose
|
data type
|
data source
|
|
Help users to obtain potential customers and maintain the contact
information database of potential customers
|
(k) Added potential customer data
|
Users share
|
The user shall guarantee that you have
collected the added potential customer data according to
the legal basis provided by the applicable law, and have obtained the consent or other legal basis
of the data shared with us to maintain the contact information database for the potential customers.
If you receive any complaints, claims or requests regarding the use of their data, you should
immediately notify us to delete their personal data.
3.1 We will share and transfer your personal data to
other parties only if:
(a)
We share your personal data after obtaining your express consent with
other parties.
(b)
We may share your personal data with our affiliates or other
third-party partners (collectively referred to as "
p
artners"). However, these sharing will be subject to the purpose stated in
this Privacy Policy and will be mainly used for sales and service purposes. We will
only share your personal data with our affiliates if necessary and with your authorization, and are
subject to the purposes stated in this Privacy Policy. If our partner
s
want to change the purpose of personal data, we will seek your
authorization again.
(c)
We may share relevant
data
about you with our marketing email partners. Specifically, we
may need to disclose the content of your marketing emails to vendors in order to assess and improve the
success rate of those email deliveries. However, we will only share your personal data for lawful,
legitimate, necessary, specific, and explicit purposes, and will only share the personal data that is
necessary to provide the service. Our partners are not authorized to use the shared personal data for
any other purposes.
(d)
We may share your relevant data with the complainant. When you are complained by any other third
party for infringement of intellectual property rights or other legal rights, we will carefully evaluate
and inform you and decide whether to disclose your necessary personal data to the complainant for the complaint handling.
(e)
We may share your data with outside professional consultants, law enforcement agencies
and other regulatory agencies or other organizations. We may also disclose or share your personal data,
or other circumstances required by applicable law, when following applicable law or exercising our legal
rights or protecting the vital interests of you or any other law.
3.2 We will not transfer your personal data to any business, organization or individual,
except for the following cases:
(a)
After obtaining your explicit consent, we will transfer your
personal data to other parties;
(b)
In the event of our merger, acquisition, reorganization, bankruptcy
liquidation or similar circumstances, if the transfer of personal data is involved, we will require the new enterprise and organization
holding your personal data to continue to be subject to this Privacy Policy, otherwise, we will require the enterprise and organization to ask
you for authorization again.
3.3 We will publicly disclose your personal data only in the following circumstances:
(a)
After obtaining your explicit consent, we will publicly disclose your
personal data;
(b)
In the case of laws, regulations, judicial, legal procedures, and law
enforcement requirements, we may publicly disclose your personal data according to the scope and manner of personal data that must be provided.
4.1.1 We will properly store your data in our server located in Singapore. We will take reasonable and feasible measures to
store your personal data and try to avoid collecting irrelevant
personal data. We will only retain your personal data for the period required to meet the cost policy
objectives, and as required by applicable laws and regulations. After your personal data exceeds the retention period, we will delete
your personal data, or anonymize it according to the requirements of
the applicable law. If it is technically difficult to delete personal data, we will stop processing in addition to storing and
taking the necessary security protection measures, unless we have a clear agreement with you or laws
have mandatory retention requirements.
4.1.2 We determine the storage period of personal data based on the
following criteria, taking the longer period as the standard::
(a)
To fulfill the service purposes related to you, maintain corresponding
service and business records, and address any potential inquiries or complaints you may
have;
(b)
To ensure the security and quality of the services we provide to
you;
(c)
Whether you have consented to a longer retention period
(d)
Whether there are any other specific provisions or agreements
regarding the retention period.
4.1.3 If we stop operating our products and / or services, we will
notify you at least 30 days in advance by email, system site notice, on our official website or online
or offline media announcements, and delete or anonymize your personal data after we stop operating our products and / or
services.
OKKI products are sold to multiple countries and regions
around the world, so the data from potential customers will inevitably be transmitted to multiple
countries / regions across borders. Data protection laws in these countries may vary differently from
the laws of your country. We ensure that any cross-border transfer of such data is made only for
legitimate purposes and with a legal basis or applicable legal text.
We implement appropriate technical and organizational
measures to ensure that potential customer personal data will be reasonably protected under this Privacy Policy. At the same time, we will advise personal data
recipients to reasonably protect the personal data of potential customers. If the EU General Data
Protection Regulation (GDPR) is applicable, we will also conclude Standard Contractual Clauses with
potential customer personal data recipients to ensure that they fulfill their obligations under the
GDPR.
To ensure the security of our information, we have
protected your personal data with industry standards and reasonably feasible security protection
techniques to prevent unauthorized access, public disclosure, use, modification, damage or loss of your
personal data. For example, we will use encryption technology to encrypt and save the personal data and
isolate through isolation technology; we will use trusted protection mechanism to prevent malicious
attacks; we will deploy access control mechanism to ensure that only authorized personnel can access
personal data (strict data access restrictions / multiple identity authentication technology, etc.); we
will use automatic code security inspection and data access log analysis technology for personal data
security audit; we will hold security and privacy protection training courses to strengthen the
awareness of the importance of personal data security protection.
We also adopt strict management of employees or
outsourcing personnel (if any) who may have access to your data, including but not limited to taking different
authority controls according to different positions and signing confidentiality agreements with them to
monitor their operations. We will provide corresponding security measures according to the existing
technology to protect your data, provide reasonable security guarantee, and try to
keep your data from being leaked, damaged or lost. We will
hold security and privacy protection training courses to enhance employees awareness of the importance
of personal data protection.
We will use reasonable business efforts to ensure or
guarantee the security of any information you send to us. If our physical, technical, or management
protection facilities are damaged, resulting in unauthorized access, public disclosure, tampering, or
destruction, resulting in your legitimate rights and interests, we will bear the corresponding legal
responsibility.
In the event of an unfortunate information security
incident, we will inform you in accordance with the requirements of laws and regulations: the basic
situation and possible impact of the security incident, the measures we have taken or will take, the
suggestions you can independently prevent and reduce risks, and the remedial measures for you, etc. At
the same time, we will timely inform you of the relevant information of the event by email, push
notification, etc. When it is difficult to inform the personal data subject one by one, we will take a
reasonable and effective way to issue the announcement.
Users can log in to your OKKI account, click the profile picture in
the upper right corner and select "Personal Settings" to check the personal data provided in your OKKI product, or update the personal data that your company allows you to adjust here.
If the user is the administrator of the enterprise, he or she has the right to query, correct or supplement the enterprise
information. By clicking the avatar in the upper right corner and selecting "Enterprise Center", you can
query and correct the enterprise information, including enterprise organization structure information,
opening permission information, AI automation configuration information and other functional
Settings.
According to the needs of OKKI main account / enterprise management,
we will set corresponding restrictions on your personal data (such as the time, scope, content, etc.). If you have any
questions or comments about this operation restriction, please contact your enterprise or OKKI main
account administrator for handling. We understand that the company has obtained your express consent for
the above restrictions.
When your company requests to cancel the OKKI main account, we will
cancel the OKKI account you use and delete all data in your OKKI account, unless otherwise stipulated by
laws and regulations.
If the service term of OKKI products and services ordered by the enterprise expires and it is not
reordered after 6 months, we have the right to cancel the OKKI account of the enterprise and delete all
data under the account as soon as possible, unless otherwise stipulated by laws and
regulations.
If the user needs to cancel the OKKI account you use, please contact
your enterprise or OKKI main account administrator for processing.
In order to give you a more easy access
experience, when you use OKKI products, we may collect and store the relevant data
of your products and / or services through technical means. When you use or reuse OKKI products, we can identify your login status in our
system, so that the next time you log in on this computer or mobile device, you can repeat the steps of
entering account information, or help determine the security of your account. Cookies
u
sually contains identifiers (IDs) and login
accounts, which Cookies do not track personal data. The Cookies from the OKKI product and / or service
website or client side can only be read by our product and / or service website or client
side.
Please understand that some of our product
functions or services can only be achieved by using Cookies. If your browser or browser add-on services
allow, you can modify the acceptance of Cookies or reject our Cookies, but reject these Cookies in some
cases you may not be able to use some of the product features that depend on Cookies.
This Privacy Policy will be updated based on the development of OKKI products we provide to you and changes in actual circumstances. We will
publish an updated version of this Privacy Policy on the official website.
If you have any comments, questions, suggestions, complaints, or
concerns regarding this Privacy Policy or the handling of your information, please contact us via our
online customer service or send an email to Dataprivacy@okki.ai. In general, we will respond to you within the time frame required by
applicable laws, after verifying your identity.
Note: Unless otherwise specified, the terms used in this Privacy Policy
have the same definitions as those in the "Terms of Service".
Appendix
Joint Controller Agreement
This Joint Controller Agreement (th
is
"Agreement") defines the terms of the
relationship between us and the users regarding the processing of added potential customer data (as defined in section 2.2.2(k)), and supplements the relevant provisions of the
Privacy Policy.
1.
General provisions
1.1.
In processing added potential customer data, both
parties shall respect the obligations set forth in this Agreement as well as the applicable laws and
regulations.
1.2.
We and the users are the joint controllers of the
following added potential customer data, including: email address, first name, last name, industry, current and
previous positions, location, social media account / links.
1.3.
The parties jointly determine that the purpose of
processing the added potential customer data is as follows:
1.3.1.
For users, processing (storing, using, marketing) the
added potential customer data within the product is necessary to enable the
use of the OKKI Products;
1.3.2.
In addition to the country/region you are located in,
we also provide OKKI Products to other countries/regions and maintain the operation of the
se
products,
which
may result in the transmission of added potential customer data shared by users to third
countries/regions.
2.
Rights and obligations
2.1.
User
’s r
ights and obligations:
2.1.1.
Users can legally access added potential customer data and have the right to share their personal
data with us. The user confirms that before sharing the added potential customer data, the added potential customer has been informed the data category, the processing
purpose, the shared object and how we will process the personal data of the added potential customers, and obtains the consent of
the added potential customers or has other legal basis
for the above processing.
2.1.2.
Users confirm that the added potential customer data will be shared with us without infringing
on the rights of added potential customer and the rights and interests of any third
parties, and is complying with the requirements of all applicable laws and regulations.
2.1.3.
Users shall promptly inform us of any complaints,
claims or requests from added potential customers, and shall notify our
regulatory authorities of any complaints, claims or requests related to the added potential customer data.
2.2.
Our rights and obligations
2.2.1.
We process the data shared by users to our new
prospects only based on product and service purposes.
2.2.2.
Due to the characteristics of OKKI products, we cannot communicate with added potential customers one by one, and we rely on the obligation of
users to obtain the data of added potential customers.
2.3.
We will take appropriate technical and technical
safeguards to ensure the security of the added potential customer data during processing and during the
transmission of the data to the user.
3.
Applicable laws and jurisdiction
3.1.
All disputes relating to this Agreement, its
execution and interpretation or any added potential customer data under this Agreement will be governed by
the laws of Singapore.
3.2.
Any dispute between the two parties shall be settled
through friendly negotiation. If the two parties cannot reach an agreement, either party may sue to the court with jurisdiction in Singapore for
settlement.