Privacy Policy

To fully protect your rights, we have updated the Privacy Policy, which mainly includes the following paragraph:

When you select services for any one or more scenarios in the "Direct Information Collection List" , we will collect and only collect information types corresponding to that scenario, and will not collect information types outside of that scenario.

Catalogue

• Reminder terms
• summary
• How do we collect information
• How do we use cookies and similar technologies
• How do we store and protect information
• How we use information
• How do we provide information to the outside world
• How do you access and manage your own information
• Self start and associated start instructions
• Protection of Minors
• Application and update of this policy
• Keyword description in this policy

Update Date: March 17, 2025

Effective Date: March 17, 2025

User information collection party:

Kunshan Caishuo Human Resources Service Co., Ltd

CDP Group Limited

(hereinafter referred to as "us" or "CDP")

Contact address: Building 7, No. 2377 Shenkun Road, Minhang District, Shanghai

Contact information:  security@cdpgroupltd.com  /+086 021-33295800-85161

Reminder clause: Your trust is very important to us. We deeply understand the importance of user information security, and we will take security protection measures in accordance with legal and regulatory requirements to ensure the security and controllability of your user information. Without your authorization, CDP will not provide your personal information to third parties.

CDP (or "we" for short) has formulated this Privacy Policy (hereinafter referred to as the "Policy") and reminds you that before using Global WorkLife's various services, please carefully read and thoroughly understand this Privacy Policy, and only use related products and services after confirming full understanding and agreement. Once you start using Global WorkLife services, it will be deemed as acceptance and recognition of the contents of this statement and policy.

If you have any questions, opinions, or suggestions regarding the content of this policy, you can contact CDP Security Compliance Email（  security@cdpgroupltd.com  ）Or contact us by phone at +086 021-33295800/85161 for safety compliance.  We will process and provide feedback within fifteen working days of receiving your application for copying, correcting, supplementing, restricting processing, deleting personal information, revoking authorization and consent, or canceling the account. We welcome your supervision.

Summary

We will explain to you through this policy how Global WorkLife collects, stores, uses, processes, transmits, provides, discloses, and deletes (collectively referred to as "processing") your personal information, and outline your rights. The key points are as follows:

1. In order to facilitate your understanding of the types of information, processing rules, purposes, methods, and scope that we need to process when using our services, we will explain them to you one by one in conjunction with specific services.
2. When you select services for any one or more scenarios in the "Direct Information Collection List", we will collect and only collect information types corresponding to that scenario, and will not collect information types outside of that scenario.

Directly collect information checklist

3. In order to provide you with the necessary services, we will process your information in accordance with the principles of legality, legitimacy, necessity, and integrity.
4. You can access and manage your information, cancel your account, or make complaints and reports through the methods described in this policy.

You can read the corresponding chapters according to the following index to further understand the specific provisions of this policy:

1、 How do we collect information

2、 How do we use cookies and similar technologies

3、 How do we store and protect information

4、 How we use information

5、 How do we provide information to the outside world

6、 How do you access and manage your own information

7、 Self start and associated start instructions

8、 Protection of Minors

9、 Application and update of this policy

10、 Keyword description in this policy

When you use our services, we will collect, store, use, and provide your information to the public in accordance with the CDP Privacy Policy (hereinafter referred to as "this Policy").  At the same time, we will explain to you through this policy how we provide services for accessing, updating, managing, and protecting your information.  This policy is closely related to your use of our services. We recommend that you carefully read and understand all the contents of this policy, and make the choices you deem appropriate.  We strive to express in plain and concise language, and use bold font to highlight the clauses and sensitive personal information in this policy that have a significant impact on your rights and interests.

How do we collect information

In the process of using the following business functions (hereinafter referred to as "services") of Global WorkLife, we need to collect some of your information in order to provide you with services, improve our service quality, ensure the security of your account, and comply with national laws, regulations, and regulatory requirements.

When using Global WorkLife, CDP requires you to authorize the following information and permissions: Device Information - Determine device ID and other information to ensure the security of account login. We also need to obtain your location information in order to provide you with mobile check-in services. If you do not agree to the relevant authorization, the above services may not function properly.

1. You need to provide us with your email address as the account login name for registration/login.
2. We will collect your device model, operating system, unique device identifier, login IP address, software version number, network access method, type and status, network quality data, operation logs, and service log information for tracking and resolving issues when you encounter APP crashes, errors, or compatibility problems during use. This type of information is the basic information that must be collected to provide you with services.
3. If your current company has purchased Global WorkLife services, CD  P will sign corresponding service agreements and confidentiality agreements with your company. To ensure your normal use of Global WorkLife services, your company's HR will provide CDP with some of your sensitive personal information, such as personnel information, salary information, organizational information, identity information, etc. All of the above information will be stipulated in the service agreement and confidentiality agreement signed between your company and CDP. In this situation, we will obtain your separate consent through confirmation of the agreement, confirmation of the text in specific scenarios, pop-up prompts, and other forms.
4. Camera permissions: Global WorkLife's leave application and OT application functions will obtain camera usage permissions through inquiry for scanning codes, taking photos, and uploading pictures to perform the following scenarios: uploading attachments for leave application.

Other third-party services in Global WorkLife are not provided by default and require explicit separate consent and authorization to provide corresponding information to the third party when the user/organization installs or subscribes on their own.  When refusing to provide, third-party services cannot be used, but Global WorkLife can be used normally.

1. According to relevant laws, regulations, and national standards, we may lawfully collect and use your personal information without your consent in the following situations:

(1) Necessary for the conclusion and performance of a contract to which an individual is a party, or formulated in accordance with the law

The labor regulations and collective contracts signed in accordance with the law are necessary for the implementation of human resource management;

(2) Necessary for fulfilling statutory duties or obligations;

(3) To respond to sudden public health emergencies or to protect the lives and health of natural persons in emergency situations

Necessary for property safety;

(4) To carry out news reporting, public opinion supervision and other behaviors for the public interest, and to handle them within a reasonable range

Human information;

(5) In accordance with the provisions of this law, handle individuals' self disclosure or other lawful public matters within a reasonable range

Personal information opened;

(6) Other circumstances stipulated by laws and administrative regulations.

Please understand that the services we provide to you are constantly updated and developed. If you choose to use other services not covered in the above instructions, and we need to collect your information based on this service, we will separately explain the purpose, method, and scope of information collection to you through page prompts, interaction processes, and other means, and obtain your consent.  We will use, store, provide and protect your information in accordance with the provisions of this policy;  If you choose not to provide the aforementioned information, you may not be able to use a certain service or part of it, but it does not affect your use of other services we provide.  In addition, third-party entities may provide services to you through the Global WorkLife app.  When you enter the service page operated by a third-party entity, please note that the relevant services are provided to you by the third-party entity.  If it involves third-party entities collecting personal information from you, we suggest that you carefully review the privacy policy of the third-party entities.

How do we use cookies and similar technologies

To provide you with an easier access experience, when using the services provided by Global WorkLife, we may identify your identity through small data files, which can help you avoid the step of repeatedly entering registration information or help determine the security status of your account.  These data files may be cookies, Fl  as  h  Co  ok  ie，  Other local storage provided by your browser or associated applications (hereinafter referred to as "cookies").  Please understand that some of our services can only be implemented through the use of cookies. If allowed by your browser or browser add-on services, you can modify your acceptance of cookies or refuse Global WorkLife's cookies.  The "Help" section in most browser toolbars will tell you how to prevent your browser from accepting new cookies, how to make your browser notify you when you receive a new cookie, or how to completely turn off cookies.  In addition, you can turn off or delete Flash cookies and similar data used by browser add ons by changing their settings or by accessing the provider's webpage.  But this action may affect your safe use of the services provided by Global WorkLife in certain situations.

If you use services provided by third parties other than Global WorkLife through our website or app, in order to ensure the security of your account and provide you with a more secure access experience, we may use dedicated network protocols and proxy technology (hereinafter referred to as "Proxy Technology").  Using proxy technology can help you identify known high-risk sites, reduce risks such as phishing and account leaks, and better protect the common rights and interests of you and third parties, preventing criminals from tampering with normal service content between you and the third parties you wish to access, including advertising injection and illegal content tampering caused by insecure routers, illegal base stations, etc.  During this process, we may also obtain and save the IP address, hardware ID, and page location of your device.

How do we store and protect information

1. The personal information we collect and generate within the territory of the People's Republic of China will be stored within the territory of the People's Republic of China.  We will only store your personal information within the minimum scope and period stated in this policy, as well as within the time limit specified by laws, regulations, and regulatory requirements.
2. In order to ensure the security of your information, we will take various reasonable and necessary measures to protect your information after collecting it.  For example, in the technology development environment, we only use information that has been de identified for statistical analysis;  When providing research reports to external parties, we will de identify the information contained in the report.  We will store the de identified information separately from the information that can be used to recover and identify individuals, ensuring that individuals are not re identified in the subsequent processing of de identified information.
3. We promise to achieve industry-leading security levels in information security protection.  To ensure your information security, we are committed to using various security technologies and supporting management systems to minimize the risks of your information being leaked, damaged, misused, accessed, disclosed, and altered without authorization.  For example, encrypted transmission through network security layer software (SSL), encrypted storage of information, and strict restrictions on access to data centers.  When transmitting and storing personal sensitive information (including personal biometric information), we will adopt security measures such as encryption, permission control, and de identification.
4. We have established a personal information protection responsibility department to conduct personal information security impact assessments on the collection, use, sharing, and entrusted processing of personal information.  At the same time, we have established relevant internal management systems and operating procedures, and adopted the principle of minimum sufficient authorization for staff who may come into contact with your information;  Systematically monitor the behavior of staff in handling your information, continuously train staff on relevant laws and regulations, privacy and security guidelines, and enhance security awareness, and regularly organize staff to participate in security education and training.  In addition, we hire an external independent third party every year to evaluate our information security management system.  We have passed the ISO/IEC 27001 Information Security Management System certification and the Level 3 Information Security Protection assessment.
5. We have developed an emergency plan for personal information security incidents and regularly organize internal personnel to receive emergency response training and drills, so that they can master their job responsibilities, emergency response strategies, and procedures.  After the unfortunate occurrence of a personal information security incident, we will promptly inform you of the basic situation and possible impact of the security incident, the disposal measures we have taken or will take, suggestions for you to independently prevent and reduce risks, and remedial measures for you in accordance with the requirements of laws and regulations.  We will promptly inform you of the relevant situation of the event through APP push notifications, email/short messages, etc. When it is difficult to inform individual information subjects one by one, we will adopt reasonable and effective methods to publish announcements.  At the same time, we will proactively report the handling of personal information security incidents in accordance with regulatory requirements.  If your legitimate rights and interests are damaged, we will bear corresponding legal responsibilities.

Please make sure to properly keep your Global WorkLife login name and other identity elements.  When you use Global WorkLife services, we will identify your identity through your login name and other identity elements.  Once you disclose the aforementioned information, you may suffer losses and may have adverse effects on you.  If you find that the Global WorkLife login name and/or other identity elements may or have been leaked, please contact us immediately so that we can take appropriate measures in a timely manner to avoid or reduce related losses.

After you terminate your use of Global WorkLife services, we will cease to collect and use your personal information, and will proactively delete your personal information, except as otherwise provided by laws, regulations, or regulatory authorities.  If we cease operations, we will promptly cease the collection of your personal information, notify you of the cessation of operations in the form of individual delivery or announcement, and delete or anonymize the personal information we hold about you.

How we use information

1. In order to comply with national laws, regulations, and regulatory requirements, as well as to provide you with services and improve service quality, or to ensure the security of your account, we will use your information in the following situations:

(1) To achieve the purpose stated in "How We Collect Information" in this policy;

(2) In order to ensure the stability and security of our services, we will use your information for identity verification, security prevention, fraud monitoring, prevention or prohibition of illegal activities, risk reduction, archiving, and backup purposes;

(3) Report to relevant departments in accordance with laws, regulations or regulatory requirements;

(4) We invite you to participate in customer research related to our services.

2. When we intend to use the information for purposes not specified in this policy, we will obtain your consent again in accordance with the requirements of laws, regulations, and national standards through confirmation agreements, specific scenario confirmation actions, and other forms.

How do we provide information to the outside world

1、 Sharing

We will not share your user information with other organizations or individuals, except in the following circumstances:

(1) Sharing with explicit separate consent: After obtaining your explicit separate consent, we will share your user information with other parties;

(2) Sharing under legal circumstances: We may share your user information with external parties in accordance with laws and regulations, litigation, arbitration needs, or requests made by administrative and judicial authorities in accordance with the law, as well as other situations stipulated by laws and regulations;

(3) In order to facilitate transactions or assist in resolving disputes, in some cases only sharing your user information can facilitate transactions or resolve disputes or controversies between you and others;

(4) Sharing with authorized partners: We may entrust trusted partners to provide services, so we may share some of your user information with partners to provide better customer service and optimize user experience. We will inform you of the name or name, contact information, processing purpose, processing method, and type of personal information of our partners, and will obtain your separate consent through confirmation agreements, text confirmation in specific scenarios, pop-up prompts, and other forms. We will share your user information for legal, legitimate, necessary, specific, and clear purposes, and only share user information necessary for providing services.  Our partners have no right to use shared user information for any other purpose.  If you refuse our partners to share the above information, you may not be able to use the relevant features, but it does not affect your use of other features and services of Global WorkLife.

2、 Transfer or assignment

We will not transfer or assign your personal information to any company, organization, or individual, except in the following circumstances:

(1) Obtaining your explicit consent in advance; Or according to your request and meeting the conditions stipulated by the national cyberspace administration department;

(2) According to laws and regulations or mandatory administrative or judicial requirements;

(3) If we need to transfer or assign your personal information due to merger, division, dissolution, bankruptcy, or other reasons, we will inform you of the relevant situation, including the recipient's name or contact information. And we will require new companies and organizations that hold your personal information to continue to be bound by this policy.  If a new company or organization that holds your personal information changes the original purpose and method of processing your personal information, we will require the company or organization to obtain your explicit consent again.

3、 Public disclosure

We will only publicly disclose your user information in the following situations:

(1) We may publicly disclose your user information with your explicit separate consent or based on your voluntary choice;

(2) To protect the personal and property safety of CDP and its affiliated company users or the public from infringement, we may disclose user information about you in accordance with applicable laws or CDP related agreements and rules.

According to relevant laws, regulations, and national standards, we may lawfully share, transfer, or publicly disclose your personal information without your consent in the following situations:

(1) Necessary for the conclusion and performance of a contract to which an individual is a party, or formulated in accordance with the law

The labor regulations and collective contracts signed in accordance with the law are necessary for the implementation of human resource management;

(2) Necessary for fulfilling statutory duties or obligations;

(3) To respond to sudden public health emergencies or to protect the lives and health of natural persons in emergency situations

Necessary for property safety;

(4) To carry out news reporting, public opinion supervision and other behaviors for the public interest, and to handle them within a reasonable range

Human information;

(5) In accordance with the provisions of this law, handle individuals' self disclosure or other lawful public matters within a reasonable range

Personal information opened;

(6) Other circumstances stipulated by laws and administrative regulations.

How do you access, view, and manage your information

During your use of Global WorkLife services, in order for you to access, view, and manage your information more conveniently, and to protect your right to cancel your account, we have provided you with corresponding operation settings in the client. You can refer to the following instructions for operation.

1. You can log in to your Global WorkLife account through the official Global WorkLife website, or in the Global WorkLife app under "Me ->Settings" and "Home ->My Profile":

(1) Check your identity information and account information;

(2) If you find that your information is incorrect, you can provide the correct information through the HR of your company, or you can contact security@cdpgroupltd.com  /021-33295800-85161 requests correction.  We will handle and provide feedback within fifteen working days, and welcome your supervision.

To ensure safety, you may need to prove your identity in other ways.  We may first require you to verify your identity before processing your request.

2. In the following situations, we will proactively delete your personal information, but if we do not delete it, you can request to delete user information from us:

(1) If our handling of user information violates laws and regulations; If we collect and use your user information without your explicit consent;

(2) If our handling of personal information violates our agreement with you;

(3) The purpose of personal information processing has been achieved, cannot be achieved, or is no longer necessary to achieve the processing purpose;

(4) We cease to provide products or services, or the retention period has expired;

(5) You withdrew your consent;

(6) Other circumstances stipulated by laws and administrative regulations.

However, if the retention period stipulated by laws and administrative regulations has not expired, or if it is technically difficult to delete your personal information, we should stop processing other than storage and taking necessary security protection measures.

To ensure safety, you may need to prove your identity in other ways.  We may first require you to verify your identity before processing your request.

1. Some of the services may require some basic user information to be completed (see "How We Collect Information" in this Privacy Policy).  In addition, you can contact CDP customer service to give or withdraw your authorization consent.  After you withdraw your consent, we will delete your user information.  But your decision to withdraw your consent will not affect the personal information processing activities that have already been carried out based on your consent.
2. If you log in to Global WorkLife as an employee, you can contact CDP customer service or contact  security@cdpgroupltd.com  /+86 021-33295800-85161, submit an account cancellation application. We will process and provide feedback within fifteen working days. We welcome your supervision. 
3. When you meet the agreed account cancellation conditions and cancel a Global WorkLife account, all information in your account will be immediately cleared, and we will no longer collect, use, or provide personal information related to the account to the public. However, the information you provide or generate during the use of Global WorkLife services must still be stored for the time required by laws, regulations, or regulatory requirements (public security organs, communication management bureaus), and we will cooperate with authorized authorities to inquire within the storage time in accordance with the law.

You can withdraw the authorization related to personal privacy in the following ways:

In the IOS operating system, you can find Global WorkLife in the system settings application list, and after entering, you can access the permissions granted to Global WorkLife by the mobile system, AP Close the I parameter setting.

In the Android operating system, you can close the relevant permissions granted to Global WorkLife by the mobile system after finding Global WorkLife in the system settings application permission management.

If the above instructions cannot assist you, please submit your request through:security@cdpgroupltd.com/+86 021-33295800-85161. We will assist you in the withdrawal and closure process, and we will process and provide feedback within fifteen working days. We welcome your supervision.

If you find that our collection and use of your personal information violates laws and regulations or violates

Regarding your agreement, you can contact security@cdpgroupltd.com /+86 021-33295800-85161，

Request to delete the corresponding information.  We will handle and provide feedback within fifteen working days, and welcome your supervision.

Despite the above agreement, according to relevant laws, regulations, and national standards, we may not be able to respond to your request in the following situations:

(1) Directly related to national security and defense security;

(2) Directly related to public safety, public health, and major public interests;

(3) Directly related to criminal investigation, prosecution, trial, and execution of judgments;

(4) There is sufficient evidence to suggest that you have subjective malice or abuse of power;

(5) Responding to your request will result in serious harm to the legitimate rights and interests of other individuals or organizations;

(6) Involving trade secrets;

(7) Implementing news reporting, public opinion supervision and other behaviors for the public interest;

(8) Necessary for fulfilling statutory duties or obligations;

(9) Other circumstances stipulated by laws and administrative regulations.

We have established a Privacy Protection Office and have dedicated personnel responsible for personal information protection. If you have any questions about this policy or have any complaints or opinions about the processing of your personal information, please contact us through the following channels: 
security@cdpgroupltd.com
/We will reply to you within fifteen working days at +86 021-33295800-85161.

To ensure your information security, we need to first verify your identity and credentials.  We have established a customer complaint management mechanism, including a tracking process.  Generally speaking, we will complete the processing within three working days after the verification is passed. In special circumstances, we will provide a response within no more than fifteen days or within the time limit specified by laws and regulations.  If you are not satisfied with our response, you can also file a complaint with the consumer rights protection department or bring a lawsuit to a court with jurisdiction.

Self start and associated start instructions

To ensure that this application can receive push messages from the client normally when it is closed or running in the background, improve the delivery rate of messages, and provide timely message reminders, we will default to enabling the association startup (self startup) function for you to maintain the activity of the application.  There will be a certain frequency of broadcasting through the system to wake up the self starting or associated starting behavior of this application, which is necessary for implementing functions and services.

When you open a file downloaded from within this app, it will be associated with launching a third-party app.  When you open the content and send a message, with your explicit consent, you will be redirected to open the relevant content.  Without your consent, there will be no self startup or associated startup.  If you do not want to enable this feature, we recommend that you manually disable it. The general path to disable it is: Settings - Applications - Application Launch Management - Select the "Global WorkLife" application - Disable the associated launch feature.

Protection of Minors

We value the information protection of minors. If you are a minor, we suggest that you ask your parents or guardians to carefully read this privacy policy and use our services or provide information to us with their consent.  For the collection of personal information of minors through the use of our products or services with the consent of parents or guardians, we will only use, share, transfer, or disclose this information as permitted by laws and regulations, with the explicit consent of parents or guardians, or as necessary to protect minors.  We will protect the personal information of minors in accordance with relevant national laws and regulations and the provisions of this Privacy Policy.

For handling personal information of minors under the age of fourteen, we will comply with the specific provisions of national laws and regulations, and also formulate specialized personal information processing rules.

Application and update of this policy

All services of Global WorkLife are subject to this policy, unless there are separate privacy policies or special provisions in the corresponding user service agreements for the relevant services.

We will update this policy in a timely manner when there are significant changes in the following situations:

(1) Our basic situation has changed, such as mergers, divisions, dissolution, being declared bankrupt, or changes in ownership caused by mergers, acquisitions, or reorganizations;

(2) Changes in the scope, purpose, rules, methods, or types of personal information collected, stored, and used;

(3) Changes in the scope, purpose, method, and types of personal information provided to external parties;

(4) The way you access and manage personal information has changed;

(5) Changes in data security capabilities and information security risks;

(6) The channels and mechanisms for user inquiries and complaints, as well as changes in external dispute resolution agencies and contact information;

(7) Other changes that may have a significant impact on your personal information rights.

Due to the large number of Global WorkLife users, if this policy is updated, we will notify you through app push notifications, pop-up prompts, sending emails/short messages, or publishing announcements on the CDP official website.  In order for you to receive notifications in a timely manner, we suggest that you notify us promptly when your contact information is updated.  If you continue to use Global WorkLife services after this policy update takes effect, it means that you have fully read, understood, and accepted the updated policy and are willing to be bound by it.

You can view this policy on the homepage of the official Global WorkLife website, or on the Global WorkLife app through "Me –User agreement/Privacy Policy".  We encourage you to review our privacy policy every time you use Global WorkLife.

Keyword description in this policy

1. The "identity elements" in this policy refer to the information elements used by Global WorkLife to identify your identity, including your Global WorkLife login name, password, email verification code, and email address.
2. The term 'sensitive personal information' in this policy refers to personal information that, once leaked or illegally used, can easily lead to the infringement of a natural person's personal dignity or endanger their personal and property safety, including biometric, religious beliefs, specific identities, medical and health, financial accounts, whereabouts and other information, as well as personal information of minors under the age of fourteen.  For the purpose of this privacy policy, sensitive personal information also includes personal phone numbers, personal ID information, information about the employer, salary information, and other personal information.