This Privacy Policy applies to all users globally using the Cocload Disk Service (hereinafter referred to as “This Service”), in accordance with the ISO/IEC 27018 International Cloud Data Privacy Protection Standard and the Global Common Data Compliance Code, clearly stating the rules related to the data collection, storage, use, transmission, protection, and user interests of this platform. Users registering, accessing, and continuing to use all features and services of the Cocload Disk represent full knowledge, understanding, and voluntary consent to all terms and conditions of this Privacy Policy.
Official Consultation E-mail: kyrinsi@elenipappakaisiaike.com
1. Policy General Rules and Scope of Applicability
1.1 Policy Positioning
1.1.1
This policy is the only effective privacy compliance document officially provided by Cocload. It is used to regulate the entire processing behavior of all users‘ personal data and file data on the platform. It is the core basis for defining the privacy rights and responsibilities of the platform and users.
1.1.2
This Policy conforms to global general privacy protection rules, with no regional differentiation of special terms, and is uniformly effective and enforceable for all users globally.
1.2 Applicable boundaries
1.2.1
This policy covers data processing scenarios for the Cocload disk client, web side, mobile side, and all official derivative services.
1.2.2
This policy does not apply to all data behaviors resulting from third-party websites, applications, and third-party collaborative services that users voluntarily navigate to.
2. Types and Scope of Data Collection
2.1 Users Proactively Submit Data
2.1.1
Account information, verification information, service feedback, and consultation information that users actively submit during registration and use of the service are all actively submitted data and are used only for service connection and account management.
2.1.2
All files, materials, documents, multimedia, and other private content that users voluntarily upload, store, and back up to this platform are user-proprietary original data under user control.
2.2 Automatic Data Collection by the Platform
2.2.1
The platform collects device fundamentals, device system version, application version, and network access information in compliance to suit the device and ensure service compatibility.
2.2.2
The system automatically logs service execution logs, file operation logs, feature usage trails, and error-reporting data for troubleshooting, service optimization, and risk prevention.
3. Legitimate Usage of Data
3.1 Basic Service Operations
3.1.1
Relying on user data to provide users with core disk infrastructure services such as file upload, download, storage, synchronization, sharing, and management, ensuring service stability and normal operation.
3.1.2
Continuously improve service stability and usage experience by running logs and device data to troubleshoot system failures, fix program vulnerabilities, and optimize server performance.
3.2 Security and Compliance Operations
3.2.1
Use compliance data to conduct risk identification, anomalous login intercept, and violation content screening to prevent security risks such as account theft, malicious attacks, and violation spread.
3.2.2
Anonymized, aggregated non-identifiable data, used for product functionality iteration, service optimization, and operational statistics, not associated with any user personal identification information.
4. Data Storage and Retention Specifications
4.1 Methods of Data Storage
4.1.1
Users‘ cloud-stored files and personal data are encrypted using international-standard encryption technologies for storage, preventing plaintext retention throughout the process, and strictly preventing data leakage and tampering risks.
4.1.2
The platform establishes a hierarchical permissions control system, allowing only authorized operations personnel to have limited access to data in compliant operational scenarios, strictly controlling data access permissions.
4.2 Data retention cycle
4.2.1
Users‘ self-uploaded files and account data will persist until the user actively deletes, clears the data, or signs out of the account.
4.2.2
Non-core data such as operation logs, failure records, and so on are retained only for the shortest necessary cycle, and after the cycle expires, they are automatically completely cleared without redundant retention.
5. Data Sharing and Cross-Border Transfer Rules
5.1 Third-party sharing restrictions
5.1.1
The Platform will never sell, rent, transfer, or disclose user personal privacy data and private file data, nor perform any commercial data sale.
5.1.2
The platform must not share user-identifiable sensitive data and private files with any third-party entity, enterprise or individual without the user‘s explicit written permission.
5.2 International Cross-Border Transfers
5.2.1
To ensure a unified service experience for users globally, user data may be transferred and stored cross-border in compliance with international data transfer compliance standards throughout the process.
5.2.2
All cross-border data transfers employ encrypted transfers, security checks, and full-track tracing mechanisms to ensure data transfers are secure, compliant, and controllable.
6. Data Security Protection Systems
6.1 Technical Security Protection
6.1.1
The platform employs industry-advanced encryption algorithms, firewall protection, real-time security monitoring, and other technological measures to protect users‘ storage data and personal information from all angles.
6.1.2
Establish real-time warning and intercept mechanisms against risky behaviors such as data tampering, illegal access, and bulk theft to quickly address security vulnerabilities.
6.2 Managing Security Standards
6.2.1
Establish a well-established data security management system and personnel confidentiality mechanisms, conduct regular privacy security training, and standardize data operation operations processes.
6.2.2
A data security emergency response plan is developed. If a data security incident occurs, the damage will be immediately stopped and repaired, and affected users will be notified according to regulations.
7. User Data Rights and Usage
7.1 Core User Interests
7.1.1
Users legally enjoy full data subject rights such as access, viewing, correcting, deleting, exporting, limiting processing of personal data, and self-manage personal data.
7.1.2
Users can revoke data authorization at any time, voluntarily close non-essential data collection permissions, and file complaints if there are objections to data processing behavior.
7.2 Channels of Rightful Exercise
7.2.1
Users can perform autonomous actions such as viewing, deleting, adjusting permissions, and managing files through the platform‘s built-in settings features.
7.2.2
If you need assistance with data requests, privacy consultations, or problem complaints from the platform, you can submit requests via the official email address kyrinsi@elenipappakaisiaike.com, and the platform will respond promptly and in compliance.
8. Policy Updates and Dispute Resolution
8.1 Policy Revision Mechanism
8.1.1
The platform can update and update this Privacy Policy in accordance with international privacy regulations, industry standards iterations, product and service upgrades, and timely revisions.
8.1.2
The policy update will be announced via the platform‘s official page. It will take effect immediately after the announcement, and users‘ continued use of the service is considered to accept the updated terms.
8.2 Dispute Resolution Rules
8.2.1
All disputes arising from this policy and the data processing of this service are prioritized by both parties to be resolved through friendly negotiation.
8.2.2
Discussions that have not resulted in negotiations will be dealt with in accordance with the International Common Data Protection Business Practice and Compliance Guidelines, ensuring the legitimate interests of both parties.