Scope and Consent
We collect, process and retain Personal Data from you and any devices (including mobile devices) you may use when you use our Services, register for an account with us, provide us information on a web form, update or add information to your account, participate in community discussions, chats, or dispute resolution, or when you otherwise correspond with us regarding our Services.
The Personal Data we collect includes the following:
- Personal Data you give us when you use our Services or register for an account with us;
- Identifying information such as your name, addresses, telephone numbers or email addresses when you register for an account with us;
- Buying or selling information you provide during a transaction, or other transaction-based content that you generate or that is connected to your account as a result of a transaction you are involved in;
- Other content that you generate, or that is connected to your account (such as adding items to your cart);
- Financial information (such as credit card numbers) in connection with a transaction;
- Postage, billing and other information used to purchase or post an item, as well as, where postal services are provided through one of our programmes, information required to clear customs (such as tax details or other identification numbers) and relevant postage information (such as tracking numbers and tracking updates);
- In some instances, when you use our Services, you may provide age, gender, interests and favourites;
- You may also provide us other information through a web form, by updating or adding information to your account, through your participation in community discussions, chats, dispute resolution, or when you otherwise correspond with us regarding our Services;
- Personal Data we collect automatically when you use our Services or register for an account with us;
- Your advertising preferences and your communications with us;
- Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device’s settings menu;
- Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information;
- Particulars of your social media accounts (such as gender, birthdate, profession and/or location) when and if any such accounts are connected to our Services; and
- Personal Data we collect using cookies, web beacons, and similar technologies.
Personal Data from other sources
We may supplement the information we collect with information from third parties and add it to your account information. For example, we may collect and use demographic information that is publicly available, additional contact information, credit check information and information from credit bureaus, as allowed by applicable national laws.
If you give us Personal Data about someone else (for example information of our spouse, children, parents, and/or employees), you represent and warrant that the consent of that third party has been obtained for the collection, use and disclosure of the Personal Data for the purposes as described above.
Use and Retention
We use the Personal Data we collect to: provide and improve our Services, provide you with a personalized experience on our sites (especially, by offering you services and items that you may like), contact you about your account and our Services, provide you customer service, provide you with personalized advertising and marketing, and detect, prevent, mitigate and investigate fraudulent or illegal activities. We may use and retain your Personal Data as follows:
- Provide access to and use of our Services;
- Offer you site content including items and services that you may like;
- Keep track of your cart;
- Give you access to your purchase history, and other features;
- Customize, measure and improve our Services;
- Provide service updates and other services requested by you as described when we collect the information;
- Use geo-location information to provide you with location based services (such as advertising, search results and other personalized content);
- Contact you about your account and provide you customer service;
- Contact you to troubleshoot problems with your account, to resolve a dispute or a complaint, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, or as otherwise necessary;
- For these purposes we may contact you via email, telephone, text messages and postal mail. When contacting you via telephone, to ensure efficiency, we may use autodialled or pre-recorded calls and text messages as described in our Terms of Sale. Message and data rates may apply;
- Personalize our advertising and marketing communications;
- Measure and improve our advertising based on your advertising customization preferences;
- Offer you coupons, discounts and special promotions; and
- Prevent, detect, mitigate and investigate fraudulent, potentially prohibited or illegal activities and security breaches.
We retain your Personal Data as long as it is necessary and relevant for our legal or business purposes. For example, we may retain Personal Data from accounts (whether closed or otherwise) to comply with national laws, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms of Sale and take other actions permitted or required by applicable national laws. After it is no longer necessary for us to retain your Personal Data, we may dispose of it in a secure manner according to our data retention and deletion policies.
You have a choice about how we use your Personal Data to communicate with you and to send you marketing information, and whether you want to stay signed into your account.
You can control the methods by which we may contact you about your account and your buying and selling activities within your Entity Health account.
If you do not wish to receive marketing communications from us, you can unsubscribe from the link in the email you received or change your preferences within your Entity Health account. Keep in mind, we do not sell or rent your Personal Data to third parties for their marketing purposes without your explicit consent.
When you sign in to your account on our Services, we may give you the option to stay signed in to your account for a certain period of time. If you are using a public or shared computer, we encourage you not to choose to stay signed in. You or any other user of the computer/browser you signed in on will be able to view and access most parts of your account and take certain specific actions during this signed in period without any further authorisation. The specific actions and account activities that you or any other user of this computer/browser may take include:
- Check out or add items to your cart;
- Purchase an item using your account;
- Use your rebates and exclusive codes;
- View order details;
- Leave feedback; or
- Conduct after-sale activities including cancelling orders, requesting returns or submitting claims.
You can typically end your signed in session by either signing out and/or clearing your cookies. If you have certain browser privacy settings enabled, simply closing your browser may also end your signed in session. If you are using a public or shared computer you should sign out and/or clear your cookies when you are done using our Services in order to protect your account and your Personal Data.
Cookies, Web Beacons and Similar Technologies
A Cookie is a small data file sent from a website to your browser that is stored on your device. Cookies are used for a number of purposes, including to display the most appropriate content based on your interests and activity on the Services, estimate and report the Services’ total audience size and traffic, and conduct research to improve the Services. You can configure your device’s settings to reflect your preference to accept or reject Cookies. If you reject all Cookies, you will not be able to enjoy the full range of the Services.
Web Beacons are tiny graphic image files embedded in a web page or email that provide a presence on the web page or email and send back to its home server information from the user’s browser.
We or our third party tracking utility company also use Web Beacons to collect information about your use of the Entity Health site, and your use of emails, special promotions or newsletters we send to you. Our Web Beacons are not used to track your activity outside of the Entity Health site.
We automatically track and collect the following categories of information, amongst others, when you visit and/or access the Entity Health site: (1) Internet Protocol (“IP”) address; (2) domain servers; (3) types of computers; (4) types of web browsers used; (5) referring source which may have sent you to the Entity Health site; and (6) other information associated with the interaction of your browser and the Entity Health site (collectively “Traffic Data”).
We may link non-personal information from traffic data to Personal Data, and when you register an account with us, and also in connection with our marketing, promotion, or similar initiatives, if any.
We take steps to ensure that the Personal Data we collect is accurate and up to date, and that you have the ability to access and make corrections to it.
You can see, review and change your Personal Data by signing in to your account. Please update your Personal Data immediately if it changes or is inaccurate.
Once you make a public posting, you may not be able to change or remove it. Upon your request, we will close your account and remove your Personal Data from view as soon as reasonably possible, based on your account activity and in accordance with applicable national laws.
We may disclose your Personal Data to other group members of the Entity Health or to third parties. This disclosure may be required for us to provide you access to our Services, to comply with our legal obligations, to enforce our Terms of Sale, to facilitate our marketing and advertising activities, or to prevent, detect, mitigate and investigate fraudulent or illegal activities related to our Services. We minimize the amount of Personal Data we disclose to what is directly relevant and necessary to accomplish the specified purpose. As stated above, we do not disclose your Personal Data to third parties for their marketing and advertising purposes without your explicit consent.
We may disclose your Personal Data to the following parties and for the following purposes:
- Entity Health group members, who may use it to:
• provide joint content and services (such as registration, transactions and customer support);
• help detect and prevent potentially fraudulent and illegal acts, violations of our Terms of Sale and data security breaches;
• provide you personalized advertising; and
• guide decisions about their products, sites, applications, services, tools and marketing communications. Group members of our Entity Health will use your Personal Data to send you marketing communications only if you have consented to receive such communications from them.
- Service Providers and financial institution partners;
- Third party service providers who help us to provide our Services, payment processing services, assist us in providing customized advertising, to assist us with the prevention, detection, mitigation and investigation of potentially illegal acts, violations of our Terms of Sale, fraud and/or security breaches, bill collection, affiliate and rewards programs, co-branded credit cards and other business operations;
- Third party financial institution partners who may offer financial products to you, for them to provide joint content and services (such as, registration, transactions and customer support). These third party financial institution partners will use your Personal Data to send you marketing communications only if you have requested their services;
- Law enforcement or governmental agencies, or authorized third parties, in response to a verified request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, User details and history, IP address, fraud complaints, bidding and listing history;
- Credit agencies or bureaus as authorised by applicable national laws (e.g. information on late or missed payments or other defaults on your account that may be reflected in your credit report or file);
- Third parties involved in a legal proceeding, if they provide us with a subpoena, court order or substantially similar legal procedure, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity; and
- Other Entity Health users as authorised by you or your use of our Services.
When transacting with another user, the other user may request and we may provide him/her with information about you necessary to complete the transaction, such as your name, account details, email address, contact details, shipping and billing address, or other information from you needed to promote the reliability and security of the transaction. If a transaction is held, fails or is later invalidated, we may also provide the other user with details of the unsuccessful transaction. The other user receiving your information is not allowed to use this information for purposes unrelated to the transaction, such as to contact you for marketing purposes, unless you have expressly consented to it. Contacting users with unwanted or threatening messages is a violation of our Terms of Sale.
We protect your information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centres and information access authorisation controls. If you believe your account has been abused, please contact us following the instructions in the Contact Us section below.
How you should use the Information you Receive on Entity
When you are in a transaction with another user, we enable you to obtain or we may provide you with the Personal Data of the other user (such as his/her name, account details, email address, contact details, shipping and billing address) to complete the transaction. We encourage you to inform the other user about your privacy practices and respect his/her privacy. In all cases, you must give the other user a chance to remove himself/herself from your database and give him/her a chance to review what information you have collected about them.
You may use the Personal Data that you have access to only for Entity Health transaction-related purposes, or for other services offered through Entity Health (such as escrow, shipping, fraud complaints, and member-to-member communications), and for purposes expressly consented by the user to whom the information relates. Using Personal Data of other users that you have access to for any other purpose constitutes a violation of our Terms of Sale.
Unwanted or Threatening Emails
We do not tolerate abuse of our Services. You do not have permission to add other users to your mailing list (email or postal), call or send him/her text messages for commercial purposes, even if this user has corresponded you, unless the user has given his/her explicit consent. Sending unwanted or threatening email and text messages is against our Terms of Sale. To report any such unwanted (e.g. spam or spoof emails) or threatening emails please forward the email to email@example.com.
Third Party Privacy Practices
The Data Protection Officer
Level 54, Hopewell Centre,
183 Queen’s Road East, Hong Kong