Privacy policy
Last Updated: Sep 26, 2024
The Privacy Policy of TBEA Xi'an Electric Technology Co., Ltd. (hereinafter referred to as "TBEA" or "us") highly values the security of users' personal information and the protection of their privacy during the utilization of our data services. With the aim of safeguarding users' rights and interests, we have devised a comprehensive privacy policy. When you visit our website or employ our services via the TBeSolar APP, we will explicitly disclose to you the methods by which we gather and utilize your personal information.
This privacy policy elaborates on the rights that users enjoy as data subjects, including the right to oppose our processing of certain data. If you would like to learn more about these rights, please refer to the "Your Rights and Choices" section below.
This privacy policy expounds on the rights that users possess as data subjects, such as the right to object to our processing of specific data. If you wish to gain a deeper understanding of these rights, please refer to the "Your Rights and Choices" section below.
This privacy policy will assist you in understanding the following aspects:
1.How do we collect and use your personal information;
2.How do we protect your personal information;
3.Your rights and choices;
4.How to transfer your personal data globally;
5. The entire TBeSolar team's commitment to your privacy;
6.retention period;
7.How do we handle children's personal information;
8.How to update this policy;
9.Contact Us.
1.1 When you register your TBeSolar account, you are required to read and agree to this privacy agreement. This privacy agreement encompasses how we collect and use your personal information when you use our website or utilize our services for small photovoltaic applications. During the registration process, the information that we need to collect includes: username, country (region), phone number, email address, company name, and the code of the superior distributor/installer. All of these pieces of information are essential for creating an account and delivering services to you.
1.2 When you log in to TBeSolar, we will gather certain necessary information, like the IP address of the login device or router, the requested time zone, as well as the date and time. This is done to ensure the security of your account and the smooth operation of the system. Such information will be utilized to verify your identity and offer services.
1.3 When you use the TBeSolar application, we will collect the virtual ID of your device. The device virtual ID is a unique identification pseudonym ID that is automatically generated by an algorithm when you install the application. This ID will not be linked to your phone number or the hardware information of your mobile device. Such information will be used to push important messages to you within the application, including those regarding power station offline status, exceptions, and the completion of parameter settings.
1.4 When you connect the inverter and electricity meter to the small photovoltaic system, we will gather the operational data of the relevant equipment, including the power generation of the inverter, the real-time power of the inverter, and the charging level of the energy storage inverter battery. This information will be used to help you monitor and analyze the operational status of your device.
1.5 When you connect the inverter and electricity meter to the small photovoltaic system, we will gather the operational data of the relevant equipment, including the power generation of the inverter, the real-time power of the inverter, and the charging level of the energy storage inverter battery. This information will be utilized to help you monitor and analyze the operational status of your device.
1.6 When you share the power station, we will require you to provide the email address of the person you are sharing with. However, this is premised on your having the right to do so in accordance with applicable laws. If you are prohibited from sharing personal information with third parties, please refrain from inputting personal information for sharing purposes.
1.7 When you create a website to add devices or access nearby login devices, we may ask you to enable permissions for Bluetooth, WLAN, and the camera, and also collect SSID information. We are seeking this permission to help you add the device to the power station or carry out device near-end debugging. The collected data will not be used for any other purposes. If you don't require such a service, you can disable this permission in the "Settings" section of your device.
1.8 When you use the copy and paste function while using TBeSolar, we may request to invoke the clipboard copy/paste function and collect the text information from your clipboard. The information on the clipboard will only be processed on your device, and we will not store your clipboard information for other purposes.
1.9 When you use the map function, we may gather a list of the map-related software installed on your phone, such as the installation lists of Amap, Tencent Maps, Apple Maps, and Baidu Maps. This information will assist you in choosing the appropriate navigation software, and we will not collect your personal information.
1.10 When you use the image upload function, we may require permission to access and use your camera as well as your photo album. We request this kind of permission to help you upload images, and the data obtained through this access will not be used for any other purposes. If you don't need such a service, you can revoke this permission in the "Settings" section of your device.
1.11 When you use stored services like log downloads, device upgrades, and feedback, we may utilize the permission to delete and create files within the SD card in order to implement the functions of file download and storage.
1.12 Invocation of Device Permissions: During the process of providing services, to ensure that you can use the product functions properly, we will request the following system device permissions for your device from the system. Prior to making the request, we will seek your consent, and you will have the option to "allow" or "prohibit" the permission requests. Once you have granted the authorization, we will activate the relevant permissions. You can revoke the authorization in the system at any time. However, revoking the authorization might lead to your inability to use the relevant business functions.
1.13 We will adopt reasonable technical and management measures to safeguard the security and integrity of all the personal information we collect. A series of security measures will be taken to protect your personal information, including but not limited to encryption technology and access control, etc., so as to ensure that your information will not be accessed or misused by unauthorized third parties.
A.Cookie
To ensure the normal operation of the website, we will store small data files known as cookies on your computer or mobile device. Cookies usually contain identifiers, site names, as well as some numbers and characters. With the assistance of cookies, the website can store data like your preferences or the items in your shopping cart. We will not utilize cookies for any purposes other than those specified in this policy. You can manage or delete cookies based on your own preferences. You are able to clear all the cookies saved on your computer, and most web browsers have the function of blocking cookies. However, if you do this, you will need to manually change user settings each time you visit our website. For detailed information on how to change browser settings, please visit the following links for Internet Explorer, Google Chrome, Mozilla Firefox, Safari, and Opera respectively.
To ensure the integrity and security of the personal information you provide, we have adopted the following security measures that conform to industry standards:
1.Regular comprehensive inspection of systems and applications: We carry out regular comprehensive inspections on systems and applications to guarantee their security and stability. Once any vulnerabilities are detected, we will immediately conduct system repairs to prevent hackers from taking advantage of them and resulting in data leakage.
2.Close monitoring of core data: We will put in place close monitoring measures for your personal core data. We will conduct regular checks on the sensitive operation behaviors of the system and carry out regular inspections and audits of sensitive operations. In this way, we can detect any data risk operations promptly and handle them in a timely manner to guarantee the security of your data.
3.Using encryption technology to ensure data confidentiality: We utilize advanced encryption technology to safeguard the confidentiality of your data. By means of encryption technology, we can make sure that your data will not be accessed or stolen by unauthorized individuals during the processes of transmission and storage.
4.Using Protection Mechanisms to Prevent Malicious Attacks on Data: We adopt a series of protection mechanisms to safeguard your data from being maliciously attacked. This involves using security devices like firewalls and intrusion detection systems to protect our systems and data.
5.Deploying Access Control Mechanisms: We have put in place strict access control mechanisms to guarantee that only authorized personnel can access your personal data. This encompasses using mechanisms like authentication, authorization, and role management to ensure that only those with proper authorization can access your data.
We have successfully acquired the following two significant information security certificates:
1.Information Security Management System Standard (ISO27001): This international certification is designed to safeguard the information resources of enterprises and ensure the healthy, orderly, and sustainable development of the informatization process. Through ISO27001 certification, we have demonstrated our professionalism and strictness in information security management and protection.
2.Personal Privacy Information Management System (ISO27701): This is an internationally recognized standard for privacy management systems. ISO27701 incorporates the principles, concepts, and methods of privacy protection into the information security protection system, assisting enterprises in strengthening their capabilities in privacy protection and information security. We have obtained ISO27701 certification, which further attests to our professionalism and leading position in safeguarding personal privacy information.
TBEA is aware of the significance of data security, so we have adopted appropriate technical and organizational measures to safeguard the personal information you provide. The following are some of the key measures we have taken:
1.HTTPS protocol: We utilize the HTTPS protocol to safeguard your personal data while it is being transmitted. The HTTPS is an encryption protocol that guarantees that your data won't be stolen or altered during the transmission process.
2.Limited Access Computer System: When we store your personal data, we employ a computer system with limited access permissions. This implies that only authorized personnel are able to access your data, and any unauthorized access will be blocked.
3.Physical protection measures: We will install the system that stores your personal data in physically protected facilities to prevent unauthorized access and data leakage. These facilities are equipped with advanced security measures to ensure the security of your data.
In the event of an unfortunate personal information security incident, we will promptly adopt the following response measures in line with legal and regulatory requirements:
1.Timely notification: We will notify you of the basic situation and possible impacts of the security incident in a timely manner, enabling you to understand the situation and take corresponding measures.
2.Disposal measures: We will promptly take appropriate disposal measures to prevent the further escalation or deterioration of security incidents and ensure that your personal information is protected to the greatest extent possible.
3.Prevention suggestions: We will offer you independent prevention and risk reduction suggestions to assist you in reducing the risk of personal information leakage.
4.Remedial measures: We will adopt remedial measures to alleviate the impact of security incidents on you and ensure that your personal information is promptly restored and protected.
5.Notification method: We will promptly notify you of the relevant circumstances of the event via email, letter, push notifications and other means. If it is difficult to inform individual information subjects one by one, we will adopt reasonable and effective measures to issue announcements to ensure that you can understand the situation in a timely manner.
6.Reporting to regulatory authorities: We will take the initiative to report the handling of personal information security incidents in line with regulatory requirements, enabling regulatory authorities to understand the situation promptly and take corresponding measures.
In accordance with relevant laws, regulations, and standards in China, as well as common practices in other countries and regions, we ensure that you can exercise the following rights regarding your personal information.
After creating a power station via a registered account with TBeSolar, you can access your personal information through the "My Account Information" page. Meanwhile, you can also get in touch with us at any time, and we will explain and verify various data information for you. Such information includes but is not limited to the basic information you provided when registering an account to create a power station, like username, nickname, phone number, email address, as well as organizational information, superior organizational information, and any other information shown on our platform.
When you notice any possible omissions or errors in your personal information, you can contact us at any time to request data changes and supplements. Upon confirmation, if we detect any information omissions or errors, we will promptly make the necessary changes or supplements.
In the following circumstances, you can ask us to delete your personal information.
1.If our handling of personal information violates laws and regulations;
2.If we collect and use your personal information without your consent;
3.If our handling of personal information violates our agreement with you;
4.If we no longer provide you with products or services.
If we decide to comply with your deletion request, we will also inform the entities that have obtained your personal information from us and require them to delete it in a timely manner, unless otherwise stipulated by laws and regulations or with your independent authorization.
During the process of providing services, we need you to grant us several device permissions, like those for notifications, albums, cameras, Bluetooth and other access permissions. You can disable some or all of these permissions at any time in the device settings, thus declining our collection of your corresponding personal information. The ways of displaying and closing permissions differ among various devices and systems. For specific details, please refer to the instructions and guidelines provided by the device and system developers.
You can get in touch with us at any time to cancel your previously registered account. After your account is cancelled, we will cease providing you with products and services and delete your personal information, unless otherwise stipulated by laws and regulations.
You can apply to cancel your account through the following methods:
1. Log in to the TBeSolar mobile app and choose "My-Cancel" to cancel your account. We will cancel your account within 3 working days. After you voluntarily cancel your account, we will cease providing you with goods or services and delete your personal information or anonymize it in accordance with applicable laws.
You also have the right to choose to restrict us from processing your personal information:
1.When you have any objections to the accuracy of your personal data information shown on TBeSolar, you can ask us to verify the accuracy of your personal information within a specific period of time..
2. When you think that our data processing is illegal, you may object to our data processing and request restrictions on the use of that personal data information. However, please provide us with the reasons for opposing the processing so that we can assess whether our legal basis for continuing to process these data is adequate.
In principle, personal information collected and generated within the territory of the People's Republic of China will be stored within the territory. However, as a multinational corporation, we may need to process your personal information in the country/region where you use the product or service, in other countries/regions where Tebian or its affiliates, subsidiaries, service providers, or business partners have establishments, or this information may be accessed from these countries/regions.
Please be aware that the data protection laws of these countries/regions may vary from those of your country/region. In such circumstances, we will adopt corresponding measures to ensure that the data we collect is processed in line with the requirements of this policy and applicable laws.
Especially when the personal data of data subjects located in the European Union (EU) is transferred to countries or regions with equivalent data protection levels that are not recognized by the EU, we will abide by the corresponding legal mechanisms. For instance, we may sign standard contract terms approved by the European Commission or seek your consent for the cross-border transfer of personal data. Additionally, prior to cross-border data transfer, we will also consider implementing security measures such as data anonymization to ensure that your personal information is fully safeguarded.
To ensure the security of your personal data, we place great emphasis on privacy and security issues. We have communicated privacy and security guidelines to the entire TBeSolar team and rigorously enforced privacy protection measures within the team.
Firstly, we have set up a comprehensive privacy protection system, specifying the norms and requirements regarding the collection, use, storage, transmission, processing and other aspects of personal information. We demand that team members strictly abide by these regulations to ensure the compliant utilization of personal information.
Secondly, we have enhanced the training on privacy protection awareness for team members. We regularly organize privacy protection training activities to raise the awareness of the importance of privacy protection among team members, allowing them to have a better understanding and implement privacy protection measures more effectively.
In addition, we have adopted various technological measures to safeguard your personal information. For instance, we utilize encryption technology to encrypt the storage and transmission of your personal information, guaranteeing that your information won't be stolen or tampered with during transmission. We also conduct security checks and vulnerability scans on the system on a regular basis to promptly detect and rectify potential security risks.
Finally, we have established a comprehensive emergency response mechanism. In the event of a personal information security incident, we will immediately activate the emergency response mechanism, take necessary measures to prevent the incident from escalating, and promptly report the incident situation and processing progress to you.
TBEA will keep the data related to your access to the TBeSolar APP and your account data until you delete your account data or request the deletion of your personal data, unless we have legitimate grounds to further retain your data. During any relationship you establish with us, Tebian will retain your information for as long as necessary and, to the extent permitted, retain your information for the purpose stated in the notice after the relationship terminates. We will delete your IP address once the session is over.
Please note that in line with applicable laws and regulations, we might need to retain certain specific information to satisfy legal and business requirements. For example, for the sake of tax and bookkeeping, relevant data may be retained for 6 to 10 years. In other circumstances, a special agent may keep data for an appropriate period of time after the end of any relationship with you with the aim of responding to legal proceedings or managing their business (for instance, the standard statute of limitations is three years, beginning from the end of the year during which the relevant data is processed).
We understand and attach great importance to the significance of protecting children's personal information. Our products, websites and services are mainly targeted at adults, so we require that children should not create their own personal information subject accounts without the consent of their parents or guardians.
With the consent of parents, we may collect personal information about children. In such cases, we will only use or publicly disclose this information when it is permitted by law, with the explicit consent of parents or guardians, or when it is necessary to protect the child.
If we discover that we have collected personal information about a child without obtaining verifiable parental consent beforehand, we will make every effort to delete the relevant data as quickly as possible to safeguard the child's rights and privacy.
We may update the terms of this privacy policy in a timely manner. Such updates form a part of the privacy policy and have the same legal effect as the original privacy policy. Without your explicit consent, we will not reduce the rights you are entitled to under this policy. When this privacy policy is updated, we will notify you through announcement messages or other appropriate means to ensure that you are aware of the latest version of this privacy policy. In the above circumstances, if you continue to use our services, it implies that you agree to accept and be bound by the revised policy.
We highly recommend that you review this privacy policy on a regular basis to be aware of any changes that might impact your personal information. If you do not agree with the revised policy, you should promptly stop using our services and get in touch with us to find out how to delete your personal information. If you continue to use our services, it will be regarded as your agreement to all the contents of this policy.
If you have any questions or suggestions regarding the content of the privacy policy, you can contact us by logging into the "My Feedback" section on the website.
You can also inform us of your issue through the following channels:
Address: No. 70, Shanglinyuan Fourth Road, Chang'an District, Xi'an City, Shaanxi Province, China
Email: yangping@tbea.com
Customer service hotline: 4006698866