Start Dropshipping| Member Benefits| Contact Us

goten global PRIVACY STATEMENT

 

  1. Introduction

This is the Privacy Statement of Goten processes personal data of suppliers, business partners and clients. Personal data pertains to data of an identified or identifiable natural person. Goten shall hereafter also be referred to as the Company, we or us.

In this Privacy Statement we describe who we are, how and for which purposes and on what legal basis we process your personal data, how you can exercise your privacy rights and all other information that may be relevant to you.

We did our best to provide you with all information in a clear and readable format. However, if you have any questions about our use of your personal data after reading this Privacy Statement, you can of course always contact us through the contact details provided at the end of this Privacy Statement.  

This Privacy Statement may be changed over time. This Privacy Statement applies since 9/2/2021.

  1. When does this privacy statement apply?

This Privacy Statement is applicable to the processing by the Company of all personal data of its suppliers and business partners and clients in worldwide.

  1. What personal data do we collect?

When we provide our services, we have a need to process personal data. We typically process the following personal data when you use our services or website:

  • Contact details

This will include your name, address, e-mail address and phone number. For enterprise users, we may also collect your agent’s name, e-mail and phone number.

  • Financial and account information

This will include your bank account number, payment and invoice status.

  • Identification information

This will include your government-issued national ID number, and scan copy of your ID card. We use this to ensure that we can identify you, but we strive to be as little privacy invasive as possible.

  • Other services and preferences

When you order other services from us, give us a compliment, file a complaint or set your preferences, in such instances we also need process the personal data. This is typically the personal data that you supply to us in the process.

  • Automatically generated information

Some personal data just gets generated automatically, such as IP address, or MAC address, and browser type.

Our services are intended for business users, the company name and social credit number we collected are not considered as personal data.

  1. For which purposes and on what grounds do we process your personal data?
    • To facilitate account creation

If you register as our users, we process your personal data in order to help you complete your registration.

For this purpose, we process your personal details such as your name, your contact information, and your credentials for the account creation.

  • For the conclusion and execution of agreements

When you work together with us as our client, we process your personal data in order to further execute our agreement, send invoices and make payments per our agreement.

For this purpose, we process your contact details such as your address, personal details such as your name and payment information on the basis of the performance of our agreement with you.

  • For business process execution and internal management

We process your personal data in the performance and organization of our business. This includes general management and management of our assets. The Company also processes your personal data for its internal management. We implement business controls and manage and use client directories. Also, we process your personal data for finance and accounting, archiving and insurance purposes, legal and business consulting and in the context of dispute resolution.

For this purpose, we process your contact details such as your address and email address, personal details such as your name, payment information, payment history, correspondence with us and data generated during the performance of the agreement between you and the Company.

  • For organizational analysis and development and management reporting

At the Company, we may process your personal data in the preparation and performance of management reporting and analysis.

For this purpose, we process your contact details such as address and email address, personal details such as your name, payment history, correspondence with us and the information you provide when responding to our surveys.

  • When you interact with the Company (online or offline)

If you get in touch with us, we will use your personal data in order to reply to and answer your question. For this purpose, we process your name, contact details, your correspondence with us your question and all other personal data which are necessary to answer your question.
If you have contacted us, then your data will not be retained longer than necessary for the purposes described above.

  • For product and relationship management and marketing of commercial activities

We process personal data for and in the development and improvement of our products services, account management, client services and the performance of targeted marketing activities towards our suppliers, business partners and clients.

  • To comply with the law

In some cases, we process your personal data to comply with laws and regulations.  This could, for example, be the case where tax or business conduct related obligations apply or when required for safety or security purpose. In order to comply with relevant laws and regulations, we may need to disclose your personal data to government institutions or supervisory authorities.

For this, we process your contact details such as your address, personal details such as your name, payment information, residence, payment history and tax details on the basis of the need to comply with a legal obligation that the Company is subject to.

  1. how we disclose your personal data?
    • Disclose your personal data within the Company

As a global organization, data we collect may be transferred internationally throughout our worldwide organization. Your personal data may be exchanged with other group companies of Goten. We exchange your data for administrative purposes and so that we can have a complete overview of your contacts and contracts within the Company group.  We may also exchange your data in order to better offer you a complete package of services and products.

Our employees are authorised to access personal data only to the extent necessary to serve the applicable purpose and to perform their jobs.

  • Disclose your personal data by third parties

The following third parties have access to your personal data, where relevant, for the provisioning of their products or services to us:

  • Logistics and distribution service provider: we may share your order information with the logistics and distribution service provider to arrange delivery; we need to share the order information and receipt information in your order with the supplier to instruct them to deliver goods or provide services.
  • In order to assess and monitor the security of your account and transaction risks, including but not limited to detecting and preventing payment fraud, money laundering and other security incidents, we will cooperate with Forter and Cybersource, and share your personal data and transaction order information, and comprehensively judge your payment behaviour and transaction risks.
  • Cloud services provider: We may store data on servers operated by a cloud service provider to us. Regardless of where you use our online services or provide data to us, the data may be transferred to and maintained on servers located outside the country in which the data was collected.
  • Law enforcement, regulators and other parties for legal reasons: We may also disclose your personal data to third parties as required by law, or if we reasonably believe that such action is necessary (a) to comply with a subpoena or other legal proceedings, legal actions or government agency requests; (b) when we believe in good faith that a disclosure is necessary to comply with the law and the reasonable requests of law enforcement; (c) to protect and exercise our legal claims, rights and property; (d) to protect your rights, property or personal safety or that of others; and (e) to investigate fraud.

When third parties are given access to your personal data, we will take the required contractual, technical and organizational measures to ensure that your personal data are only processed to the extent that such processing is necessary.

In other cases, your personal data will not be supplied to third parties, except where required or allowed by law.

  • The use of your personal data by third parties (data processors)

We have the need to instruct certain third parties to process your personal data on our behalf. The Company will enter into agreements with these parties, so called processors, for the processing of personal data.  In this agreement we include obligations to ensure that your personal data are processed by the processor solely to provide services to us. These include:

 

  • Confidentiality

 

  • The use of (sub-)processors

 

  • Technical and organizational security obligations

 

  • Notifications regarding personal data breaches

 

  • Data Protection Impact Assessments and prior notification

 

  • Transfer of Personal Data outside the EU/EEA

 

  • Right to audit

 

  • Inspections or audits by public authorities

 

  • Cooperation enquiries & data subject rights

 

  • Government agencies requests

You may contact our DPO at DPO@ztn.com if you want to know more information regarding to our transfers.

  1. How are your personal data secured?

The Company has taken adequate safeguards to ensure the confidentiality and security of your personal data. We have implemented appropriate technical, physical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorised disclosure or access as well as all other forms of unlawful processing (including, but not limited to, unnecessary collection) or further processing.

Please contact us according to section 10 if you suspect you are experiencing a data privacy security incident.

  1. How long are your personal data retained?

Your personal data will be removed or made anonymous when your personal data are no longer necessary for the purposes for which these personal data are processed.

  1. Access to your personal data

You may review, correct and update personal data you provide to us by contacting our Data Protection Officer at DPO@ztn.com 

 

  1. Data protection for children

We do not provide services directly to children or knowingly collect or use any personal data from children without prior, verifiable parental consent. Children means any individuals who is under the age of 16(or the minimum legal age at which personal data is consented to be collected and processed where applicable law differs). We do not knowingly allow children to use our services, communicate with us, or use any of our website service.

If you become aware that a child has provided us with personal data, please contact us as indicated in Section “How can you contact us”. We will take all reasonable measures to delete the information as soon as possible and to not use such information for any purpose, except where necessary to protect the safety of the child or others as required by law.

  1. How can you contact us?

If you have any questions about the way we process your personal data, please read this Privacy Statement first. For additional questions please contact our Data Protection Officer at DPO@ztn.com    

  1. policy change

If we make changes to this Privacy Statement, then we will take appropriate steps to bring those changes to your attention.

 

  1. Appendix

         If you are a data subject in the European Union, Goten's processing of your personal data also applies: ADDITIONAL STATEMENT FOR EU RESIDENTS

If you are an data subject in the California, Goten's processing of your personal data also applies: ADDITIONAL STATEMENT FOR CALIFORNIA RESIDENTS

 

additional statement for eu residents

  1. Who is responsible for your personal data?

The Company acts as a controller in the sense of the General Data Protection Regulation (GDPR) is ETENG TECHNOLOGY LIMITED.

  1. legal basis for processing your personal data

The lawful basis for us processing of your personal data will depend on the purposes of the processing. Please find more details as below:

Purposes

Legal basis

When you work together with us as our client, we process your personal data in order to further execute our agreement, send invoices and make payments per our agreement.

For this purpose, we process your contact details such as your address, personal details such as your name and payment information on the basis of the performance of our agreement with you.

We process your personal data in the performance and organization of our business. This includes general management and management of our assets. The Company also processes your personal data for its internal management. We implement business controls and manage and use client directories. Also, we process your personal data for finance and accounting, archiving and insurance purposes, legal and business consulting and in the context of dispute resolution.

For this purpose, we process your contact details such as your address and email address, personal details such as your name, payment information, payment history, correspondence with us and data generated during the performance of the agreement between you and the Company.

For this purpose, our processing is necessary for the performance of our agreement with you or for the purposes of the legitimate interests of the Company.

At the Company, we may process your personal data in the preparation and performance of management reporting and analysis.
For this purpose, we process your contact details such as address and email address, personal details such as your name, payment history, correspondence with us and the information you provide when responding to our surveys.

For this purpose, our processing is necessary for the purposes of the legitimate interests of the Company.

If you get in touch with us we will use your personal data in order to reply to and answer your question. For this purpose, we process your name, contact details, your correspondence with us your question and all other personal data which are necessary to answer your question.

For this purpose, our  processing is necessary for the performance of our agreement with you or for the purposes of the legitimate interests of the Company.

We process personal data for and in the development and improvement of our products services, account management, client services and the performance of targeted marketing activities towards our suppliers, business partners and clients.

For this purpose, our processing is necessary for the purposes of the legitimate interests of the Company.   

In some cases, we process your personal data to comply with laws and regulations.  This could, for example, be the case where tax or business conduct related obligations apply or when required for safety or security purpose. In order to comply with relevant laws and regulations, we may need to disclose your personal data to government institutions or supervisory authorities.

For this purpose, we process your contact details such as your address, personal details such as your name, payment information, residence, payment history and tax details on the basis of the need to comply with a legal obligation that the Company is subject to.

  1. additional information about disclose to third parties

If your personal data are transferred to a recipient in a country that does not provide an adequate level of protection for personal data, we will take measures to ensure that your personal data are adequately protected, such as entering into EU Standard Contractual Clauses with these recipients. You may contact our DPO at DPO@ztn.com if you want to know more information regarding to our transfers.

  1. How can you exercise your privacy rights?

Under the GDPR you have the right to request access of an overview of your personal data, and under certain conditions, rectification and/or erasure of personal data. In addition, you may also have the right of restriction of processing concerning your personal data, the right to object to processing, as well as the right to data portability.

To invoke your right of access, rectification, and/or erasure of personal data, your right of restriction of processing, and/or your right to object to processing as well as to invoke your right to data portability, please contact us by using the contact details at the bottom of this Privacy Statement. Please keep in mind that we may ask for additional information to verify your identity.

If you have given your consent to a certain purpose, you can withdraw your consent at any time. Please keep in mind that withdrawal does not have retroactive effect.

 

  1. How can you contact us or lodge a complaint?

If you have any questions about the way we process your personal data, please read this Privacy Statement first. For additional questions please contact our DPO at DPO@ztn.com  Please note that we take your satisfaction very seriously. Should you have a complaint, please also direct it to the same email address and we will respond to you as soon as we can.

 

You can of course also lodge a complaint with the data protection authority of the country in which you live. Please find a list of data protection authorities in EU via this LINK.  

 

 

Additional Statement for California Consumers

 

If you are a California resident, you can make certain requests regarding your personal information. We will fulfill each of these requests per the requirements of California law.

 

  • You can request access to a copy of the personal information we have about you, including a list of categories of your personal information that we have sold and a list of categories of your personal information that we have shared with another company for a business purpose.
  • You can request that we delete your personal information.
  • You can request that we stop selling your personal information.

 

More information on each of these requests is below.

 

  1. Request my Personal Information:

If you make this request, which we also refer to as a Request to Access Information, we will return to you (to the extent required by law):

 

  • The categories of personal information we have collected about you.
  • The categories of sources from which we collect your personal information.
  • The business or commercial purpose for collecting or selling your personal information.
  • The categories of third parties with whom we share personal information.
  • The specific pieces of personal information we have collected about you.
  • A list of categories of personal information that we have sold, along with the category of any other company we sold it to. Any of the categories of personal information that we collect could be included in a sale to other companies, including those within our corporate family. If we have not sold your personal information, we will inform you of that fact.
  • A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with.

 

You can ask us to provide you with this information up to two times in a rolling twelve-month period. When you make this request, the information provided may be limited to personal information we collected about you in the previous 12 months.

 

  1. Delete My Personal Information:

You have the right to ask that we delete your personal information. Once we receive a request, we will delete the personal information (to the extent required by law) we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information. Choosing to delete your personal information may impact your ability to use our websites and online features, including closure of your online account.

 

  1. Stop Selling My Personal Information:

In the twelve months prior to the effective date of this Statement, we has not sold any personal information of consumers, as those terms are defined under the California Consumer Privacy Act.

  1. No Discrimination:

We will not discriminate against you for exercising your rights. This generally means we will not deny you using our services, provide a different level or quality of our services. Please know, if you ask us to delete your information, it may impact your experience with us, and you may not be able to participate in certain services which require usage of your personal information to function.

 

  1. Excercise your rights:

To exercise the California privacy rights described above, please contact our Data Privacy Office at DPO@ztn.com  

  1. Verifying Your Identity for Requests to Access or Delete Personal Information

We take the privacy of your personal information seriously and want to ensure that we provide only you or your authorized agent with your personal information. The CCPA also requires that we verify the identity of each person who makes a request to know what personal information we have about you or to delete the personal information we have about you.

 

What Personal Information Do I Provide to Verify My Identity?

To verify your identity, we ask you to provide your:

 

Company name*

Contact Person/Agent First name* and Last name*

Email address

Phone number

Address*

Government-issued ID number

*required field