Topbst 服务条款

中文 English

1. 简介

在 Topbst,我们致力于保护您的隐私并确保您的数据安全。本隐私和数据处理政策(“政策”)管辖我们通过 ERP 对用户数据的使用。使用我们的应用程序,即表示您同意本政策的条款。

2. 数据收集和使用

我们仅收集和使用对我们应用程序功能必要的用户数据。这包括:

  • 订单信息
  • 发货详情
  • 产品数据

我们仅使用这些数据向卖家提供我们的服务,不会将其用于任何其他目的。

3.数据保留

除非法律要求保留更长时间,否则我们保留个人身份信息 (PII) 的时间不会超过订单交付后的 30 天。非 PII 数据仅在提供服务所需的时间内保留。

4. 数据保护和安全

我们实施强大的安全措施来保护数据,包括:

  • 加密:我们使用 AES-128 或 RSA-2048 位密钥(或更高)来加密所有静态 PII。
  • 访问控制:我们遵循最小特权原则。只有完成数据保护培训的授权员工才能访问数据。我们每季度审查一次访问列表。
  • 网络安全:我们使用防火墙、入侵检测系统和反恶意软件工具来保护我们的网络。
  • 定期安全审核:我们每 180 天进行一次漏洞扫描,每年进行一次渗透测试。

5. 数据共享

除非为了提供服务或遵守法律义务而需要,否则我们不会与任何第三方共享数据。我们不会跨卖家汇总数据,也不会将其用于除提供应用程序功能之外的任何其他目的。

6. 分包商

如果我们使用分包商,我们要求他们遵守本政策中概述的相同数据保护标准。我们会监督所有分包商,并负责他们的合规性。

7.事件响应

我们已制定事件响应计划,以检测和处理安全事件。如果发生涉及数据的安全事件,我们将在检测到的 24 小时内通知平台(通过电子邮件 security@amazon.com)。

8. 数据删除

根据平台的要求,我们将在 30 天内永久安全地删除所有数据。我们将在平台通知后的 90 天内删除所有实时(在线或网络可访问)数据实例。我们使用行业标准的清理流程(如 NIST 800-88)进行安全删除。

9. 合规性和审计

我们遵守所有适用法律和 API 政策,包括可接受使用政策和数据保护政策。我们同意允许平台或其指定的第三方审计师审计我们与数据相关的数据处理活动。我们将全力配合任何此类审计,并提供所有必要的信息和访问权限。

10. 用户权利

使用我们应用程序的卖家有权访问、更正或删除其个人信息。要行使这些权利,请使用“联系我们”部分提供的信息与我们联系。

11. 本政策的变更

我们可能会不时更新本政策。我们将通过在我们的网站上发布新政策并更新“上次更新”日期来通知用户任何重大变更。

12.联系我们

如果您对本政策或我们的数据处理实践有任何疑问,请联系我们:

Topbst, Inc.
地址:中国山西省太原市万柏林区长兴北街长兴路1号华润大厦T4层1224室
电子邮件:developer@topbst.com
电话:+86 158 1744 3553

上次更新时间:2024 年 9 月 10 日

Topbst Privacy Notice

中文 English

1. Introduction

At Topbst, we're committed to protecting your privacy and ensuring the security of your data. This Privacy and Data Handling Policy ("Policy") governs our use of user data through the ERP By using our Application, you agree to the terms of this Policy.

2. Data Collection and Use

We only collect and use user data that is necessary for the functionality of our Application. This includes:

  • Order information
  • Shipping details
  • Product data

We use this data solely to provide our services to sellers and do not use it for any other purpose.

3. Data Retention

We retain Personally Identifiable Information (PII) for no longer than 30 days after order delivery, unless required by law to keep it longer. Non-PII data is retained only as long as necessary to provide our services.

4. Data Protection and Security

We implement robust security measures to protect data, including:

  • Encryption: We use AES-128 or RSA-2048 bit keys (or higher) to encrypt all PII at rest.
  • Access Control: We follow the principle of least privilege. Only authorized employees who have completed data protection training can access data. We review the access list quarterly.
  • Network Security: We use firewalls, intrusion detection systems, and anti-malware tools to protect our network.
  • Regular Security Audits: We conduct vulnerability scans every 180 days and penetration tests annually.

5. Data Sharing

We do not share data with any third parties except as required to provide our services or comply with legal obligations. We do not aggregate data across sellers or use it for any purpose other than providing our Application's functionality.

6. Subcontractors

If we use subcontractors, we require them to adhere to the same data protection standards as outlined in this Policy. We maintain oversight of all subcontractors and are responsible for their compliance.

7. Incident Response

We have developed an Incident Response Plan to detect and handle security incidents. In the event of a security incident involving data, we will notify platform(via email to security@amazon.com) within 24 hours of detection.

8. Data Deletion

Upon platform's request, we will permanently and securely delete all data within 30 days. We will delete all live (online or network accessible) instances of data within 90 days of platform's notice. We use industry-standard sanitization processes such as NIST 800-88 for secure deletion.

9. Compliance and Audits

We comply with all applicable laws and api policies, including the Acceptable Use Policy and the Data Protection Policy. We agree to allow platform or its designated third-party auditors to audit our data processing activities related to data. We will cooperate fully with any such audit and provide all necessary information and access.

10. User Rights

Sellers using our Application have the right to access, correct, or delete their personal information. To exercise these rights, please contact us using the information provided in the "Contact Us" section.

11. Changes to This Policy

We may update this Policy from time to time. We will notify users of any significant changes by posting the new Policy on our website and updating the "Last Updated" date.

12. Contact Us

If you have any questions about this Policy or our data handling practices, please contact us at:

Topbst, Inc.
Address: Room 1224, Floor T4, China Resources Building, No. 1 Changxing Road, Changxing North Street, Wanbailin District, Taiyuan City, Shanxi Province, China
Email: developer@topbst.com
Phone: +86 158 1744 3553

Last Updated: September 10, 2024