Personal data refers to information that can be used to confirm the identity of individuals when being used separately or in combination with other information. Such data might be submitted to us directly by you when you are using our websites, products or services or when you are interacting with us, or might be obtained by us through recording how you are interacting with our websites, products or services, by using techniques such as cookie. The data collected by us depends on the websites you visited or the products and services you used, and might include names, addresses, emails, and telephone numbers. Our purpose of collecting such Personal data is to get in touch with you in order to provide corresponding services or send important notices.
Hymson Laser Technology Group Co.,ltd. and its subsidiaries around the globe (hereinafter referred to as " Hymson Laser ", "We" or "Our" for short) really knows the importance of personal data to customers and users. For this purpose, Hymson Laser attaches great Importance the protection of personal data of customers and users, and has taken a series of measures to ensure that relevant businesses comply with applicable personal data protection requirements (such as GDPR).
2.1 To ensure the effective implementation of personal data protection requirements, Hymson Laser has appointed a Data Protection Officer (DPO).
2.2 Hymson Laser adopts the industry-recognized personal data protection approaches and practices. In the GDPR-applicable business scenarios, Hymson Laser has introduced the Data Protection Impact Assessments (DPIA) approach to evaluate and mitigate the security risks of personal data in products and services.
2.2.1 Hymson Laser requires a full assessment of the personal data is involved in products and services, and projects involving the personal data must undergo DPIA;
2.2.2 Projects involving personal data must create data lists and data flow diagrams;
2.2.3 Projects involving personal data must identify possible risks in the data processing procedures (including collection, use, storage, sharing, deletion, etc.), and take corresponding measures (including administrative, physical and technical measures) according to the risk level;
2.2.4 After the implementation of the DPIA, the corresponding report must be output and approved by the DPO.
2.3. Hymson Laser has implemented technical measures including IDS, access control, encryption, data leakage prevention, anti-spam, terminal security protection, vulnerability scanning, etc., and has conducted the penetration testing to verify the effectiveness of these measures.
2.4. Hymson Laser has established an emergency response mechanism for personal data breaches. Once a personal data breach occurs, Hymson Laser will immediately initiate an emergency response process, strive to minimize the possible losses caused by personal data breaches and ensure that the affected persons are appropriately informed.
2.6. To ensure compliance, Hymson Laser has implemented and will continuously conduct necessary technical and process audits on personal data protection.
2.7. Hymson Laser has obtained internationally recognized certifications and will continuously accept assessment such as ISO 27001, TISAX, etc..
Personal data protection is not only a legal requirement, but also a social responsibility of Hymson Laser. We will continue to optimize our products and services to ensure security and privacy, and reduce the risk of personal data protection for customers and users.
3、Updates to This Policy
Organization： Hymson Laser Headquarters