Effective date: June 30, 2019
One Labs ("us", "we", or "our") operates the http://www.1ion.cn and http://www.oneqr.co websites and the OnePi mobile application (the "Service"). One Labs Holdings Limited (“We”) is both the application operator and developer of the OnePi Platform (“Software”).
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.
One Labs Holdings Limited built the OnePi App as a free app. This Service is provided by One Labs Holdings Limited at no cost and is intended for use as is. It is to be noted that the web portal business client app will have some features open for use freely may eventually incur transaction charges or have certain features locked for subscription after Beta Testing phase.
This page is used to inform users and visitors regarding our policies with the collection, use, and disclosure of Personal Information if anyone decided to use our Service.
If you choose to use our Service, then you agree to the collection and use of information in relation to this policy. The Personal Information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy. The Personal Information we collect includes but does not limit to
The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, which is accessible at OnePi unless otherwise defined in this Privacy Policy.
For a better experience, while using our Service, we may require you to provide us with certain personally identifiable information. The information that we request will be retained by us and used as described in this privacy policy. The App does use third party services that may collect information used to identify you. Link to privacy policy of third party service providers used by the App
We want to inform you that whenever you use our Service, in a case of an error in the App we collect data and information (through third party products or our own codes) on your phone called Log Data. This Log Data may include but not limit to information such as your device Internet Protocol (“IP”) address, device name, operating system version, the configuration of the App when utilizing our Service, the time and date of your use of the Service, and other statistics. We also collect the information to that tell us generally about the activities in the app, the transactions that occur between the two parties, which may include general geographic regions, the amount of service request from app, social media token, cookies, the type of web browser and click-stream data and so forth. We also use the logs to detect suspicious activities such as robo clicks or robo posting.
We use analytical tools, including third party analytical tools, which allow us to, among other things, identify potential performance or security issues with our products, improve their stability and function, understand how you use our products, and services, so that we can optimize and improve your user experience, as well as evaluate and improve our campaigns. While we generally prefer using our own analytical tools, we sometimes need to partner with other parties, which have developed and provide us with their own tools and expertise.
Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device's internal memory. This Service does not use these “cookies” explicitly. However, the App may use third party code and libraries that use “cookies” to collect information and improve their services. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of this Service.
OnePi is a platform that matches content creators with business sponsors and users must be aware that the whole purpose for sponsorship by businesses is to purchase client social media information. A transaction occurs only when user agrees to accept the incentive provided by sponsor. It must be noted that by using the App, users agree to sell personal social media information to business sponsor and hence all content and public personal information in social media will be disclosed to business sponsor. Users should be aware that this transaction between user and business sponsor is posted in the public blockchain and the following financial transaction can be audited transparently for everyone to see. It must also be noted that there are other circumstances where we are required to disclose your personal data to other unrelated third parties in limited circumstances:
If you choose TikTok or WeChat to sign-in to the consumer mobile app, it enables you to directly post photos or videos from the app to the social media platform. Any content posted to the social media is stored in the social media platform as well and hence you will be subject to the terms and conditions, end user license agreement (EULA), and privacy policy of the social media platform service provider.
We are a global business that provides its products and services all around the world. In order to reach all of our users and provide all of them with our software, we operate on an infrastructure that spans the globe. The servers that are part of this infrastructure may therefore be located in a country different than the one where you live. In some instances, these may be countries outside of the European Economic Area (“EEA”), where the level of protection provided by the laws of these countries may be different than the high standard enshrined in the GDPR. Regardless, we provides the same GDPR-level of protection to all personal data it processes. At the same time, when we transfer personal data outside of the EEA, we always make sure to put in place appropriate and suitable safeguards, such as standardized contracts approved by the European Commission, which legally bind the receiving party to adhere to a high level of protection, and to ensure that your data remains safe and secure at all times and that your rights are protected. Situations where we transfer personal data outside of the EEA include provision of our products and services, processing of transactions and your payment details, and the provision of support services.
Our data collection and management practices do not vary by location. We follow the same “data minimisation” procedure with respect to all personal data in our possession, regardless of the jurisdiction from which it was collected, and regardless of whether the data is transferred from one member of the One Labs Entity Group to another. We reserve the right to store and use the information collected by our applications and to share such information among the One Labs Group to improve our current and future products and services, to help us develop new products and services, and to better understand the behaviour of our users. Any reference in this policy to “One Labs Holdings” means One Labs, its, direct and indirect, parent companies and any company that is, directly or indirectly, controlled by or under common control with One Labs or its parent companies.
We store information that we collect on our servers or on the servers of our third party data centers through cloud services who are our suppliers. Access to the data is limited to authorised personnel only, and company networks are password protected, and subject to additional policies and procedures for security. We or our contractors, subsidiaries, affiliates, representatives, agents, or resellers who are working on our behalf undertake regular maintenance of your personal data. All third parties must agree to observe the privacy of our users, and to protect the confidentiality of their personal information. This means your personal data cannot be shared with others, and there must be no direct marketing by the third parties.
We retain data for limited periods when it needs to be kept for legitimate business or legal purposes. We collect data when you you use our services. What we collect, why we collect it, and how you can manage your information are described in our Privacy Policy. For each type of data, we set retention timeframes based on the reason for its collection and processing. Some data you can delete whenever you like, some data is deleted automatically upon expiration date of agreed transaction contract with business sponsor and some data is deleted automatically as soon as we do not need it for our legitimate business or legal purposes. We do not delete data that we need for our legitimate or legal purposes, even upon request, until the purposes expire. We also take steps to anonymize certain data within set time periods. We may also amend the personal data we keep in such a way that you cannot be identified, for example, by hashing. We may retain a “key” to the hashing, but we will securely store it separately from the hashed data. When the data is deleted, we remove it from our servers or retain it only in anonymized form. The following describes why we hold onto different types of data for different periods of time.
We have business and legal requirements that require we retain certain personal data, for specific purposes, for an extended period of time. For example, when our authorized partner processes a payment for you, or when you make a payment, your data will be retained for as long as required for tax or accounting purposes. Reasons we might retain some data for longer periods of time include:
The personal data provided by you to OnePi (“OnePi”) during registration to use the application and platform will be used by for the following purposes:
During Use of the App
Upon your registration and activation of your OnePi Account, your personal data provided during the usage will be used as your official activities engagement records. In case you deleted your account, the personal data provided during usage will be disposed of according to regulation reflected in the prevailing policy of OnePi.
During Transaction via the App
In case of processing transactions through OnePi and its partner institution(s) such as SMEs and Brands in the ecosystem, some of your personal data will be transferred to the partner institution(s) for the above purposes.
You are required to provide your personal data, other than those items indicated as optional. In the absence of your personal data both input from registration form or acquired from public information listed in your social media profile shared by you during signing in on OnePi, we may not be able to execute or process transactions for activities or provide you with payment for the requested activities or services from SMEs and Brands. We collect information through the camera in order to create a seamless user experience. Without it we will not be able to publish content, track followers, publish your profile to the marketplace and pay you commission for sales on the SMEs and Brands transaction online and offline via the OnePi Platform. We collect information on software installation list to ensure we can notify you on latest updates of the app.
You acknowledge that the data will be collected upon signing in OnePi with your social media username, camera information, software installation list in which we will collect your publicly disclosed information as to provide a smooth integrated user experience for you to easily post content into the social media platform while be notified of updates. If you decide to be listed in the Micro Influencer marketplace, you will need to provide further personal information for your influencer profile so SMEs or Brands in our ecosystem can search and select your profile for an influencer content job. Your contact information is vital so we can notify you of paid jobs from SMEs or Brands in our ecosystem directly.
If any provisions of this Policy contradict the provisions of this section, the provisions of this section shall prevail.
We collect and process personal data in China with strict compliance with the applicable laws of the People’s Republic of China covering all Cybersecurity and Personal Data laws. We collect and process personal data (including sharing it with third parties) only upon the consent of the respective individuals, unless otherwise is provided for by the laws of the People’s Republic of China. You will be asked to grant your consent by ticking the respective box / or clicking “I accept” button or through similar mechanism prior to having access to the site, and/or when submitting or sharing the personal data we may request. We collect and use your personal data only in the context of the purposes indicated in the consent to processing of personal data. We (directly or through third party contractors specifically authorized by us) collect, record, systematize, accumulate, store, actualize (update and amend), extract personal data of the People’s Republic of China citizens with the use of databases located on the territory of the People’s Republic of China, except as otherwise permitted by PRC data protection legislation. We may process personal data of PRC citizens using databases located outside of the PRC subject to compliance with PRC data protection legislation. We undertake all the actions necessary to ensure security of your personal data. You are legally entitled to receive information related to processing your personal data. To exercise this right, you have to submit a request by e-mail at: team@onelabs.io with the headline “PRIVACY REQUEST” in the message line. You have the right to revoke the consent at any time by sending us an e-mail at: team@onelabs.io with the headline “PRIVACY REQUEST” in the message line. Once we receive the revocation notice from you we will stop processing and destroy your personal data, except as necessary to provision the contract or service to you. However, please note once you have revoked your consent, we may not be able to provide to you the products and services you request, and may not be able to ensure proper work of our products. We do not transfer your personal data to the countries that under PRC law are not deemed to provide adequate protection to the individuals’ rights in the area of data privacy. We do not offer, sell or otherwise make available our products or services that have access to, collect and process (or allow us to do the same) personal data of third parties in the PRC without the consent of such third parties.
Updates to our Privacy Policy will occur from time to time and we will publish these changes on our website. We suggest that you check our Privacy Policy every so often to keep yourself informed. Where the changes are major, we will notify you by email or in-app notification.
We may employ third-party companies and individuals due to the following reasons:
We want to inform users of this Service that these third parties have access to your Personal Information. The reason is to perform the tasks assigned to them on our behalf. However, they are obligated not to disclose or use the information for any other purpose.
The personal data we collect may come directly from you or your social media platform upon logging in on our app. It is also obtained from clicks or scanning of QR code of photos and videos shared through our app. We can also collect them upon you entering our mini program in social media platform. We want you to understand the types of personal data we process and if we do not obtain your personal data directly from you, the source we used, and the specific data collected. We collect personal data for these reasons: to process transaction between you and the business sponsor who purchase your personal information with your consent; to provision the service and transaction between you and the business sponsor; and for the legitimate interests of us. We use no more than the minimum amount of personal data needed for the processing. We also use personal data only when the processing is necessary for our or our third party’s legitimate interests. One Labs is a global business and we have operations and personnel around the world who process personal data. We have standard contractual clauses in place among its affiliates which govern the transfer and use of personal data.
Consumer Users are not charged by OnePi however transaction between consented business sponsors and consumer user are stored in public blockchain that can be validated transparently. For Business Clients, you will be billed per transaction agreed with consumer app users. Optional charges for subscription service in regards to reporting and Image Recognition AI services will also be charged if business client opt for this subscription. The billing is handled by a third-party service provider. The service provider is acting as our agent; thus, you will be making your purchase from the service provider directly, and not from us. If you purchase a "premium" or paid product or service, we, through our third-party service providers, will collect your name, email address, credit card number, and in certain circumstances, your billing address and your phone number (collectively “Billing Data”). Your Billing Data will be retained for as long as is necessary to complete payment, including any renewal periods. Your Billing Data is collected by our third-party service providers only where necessary for the purposes of processing or refunding your payments, or so that they can communicate with you. Your Billing Data may also be retained for legal reasons, for example, taxation. The third-party service provider may transmit your Billing Data (excluding credit card number) to us. We use the Billing Data to create a record of its software installations or service requests. We may process and store the Billing Data we receive, to verify your registration or license status, to contact you about the status of your account, or for renewal of your subscription, if applicable. We process the Billing Data as necessary for the provision of the contract and service. In all cases where your credit card number is processed by a third-party service provider, we have determined that the service provider follows data privacy and security procedures that we deem adequate. Some of these third-party service providers are subject to the enhanced data privacy rules of the People’s Republic of China. In all cases such third-party service providers have executed agreements with us promising not to use your personal data for their own marketing purposes, and not to share this information with other parties for their unrestricted use.
We store your Billing Data separately from your Service Data (defined below). We may change service providers as we carry out our business. In that case, your Billing Data will be transferred from one service provider to another. When this happens, you will be informed of such transfer. Paid Products and Services for your mobile device When you purchase "premium" or pay for products or services for your mobile device, the billing is handled by a third-party app store, such as Huawei App Gallery, Tencent App Store, Google Play and Apple iTunes. You will be making your purchase from the third party app store directly, and not from us. Your Billing Data is collected by the third party app store and your Billing Data is not shared with us.
When you purchase "premium" or pay for products or services for your business, the billing is handled by our reseller or distributor. You will be making your purchase from the reseller or distributor directly, and not from us. Your Billing Data is collected by the reseller or distributor. Your Billing Data, excluding your credit card number, may be shared with us. We use the Billing Data to create a record of the software installations. We may process and store the Billing Data we receive, to verify your registration or license status. But, generally, we will not contact you. Your reseller or distributor will contact you about the status of your account, or for renewal of your subscription. We process the Billing Data as necessary for the provision of the contract and service. The handling of your Billing Data (excluding your credit card number) shared with us by the service provider, reseller, or distributor will be governed by this Privacy Policy and the End User License Agreement applicable to the product or service from us. Your Billing Data inclusive of your credit card number collected by the service provider, reseller, distributor, or third party app store to process your payment and renewal will be governed by any privacy policy or terms of service published by the applicable third-party service provider, reseller, distributor, or the third party app store. In some instances, we change resellers or distributors as we carry out our business. In that case, your Billing Data will be transferred from one reseller or distributor to another. When this happens, you will be informed of such transfer.
We directly or through our third party technical support service provider(s) collect your name, email address, phone number(s), home or work address, or other information by which we may identify you while providing technical support. We need this data for verification and to communicate with you about your support request. In cases where you request individual support or assistance we may ask you to provide information about your device or computer, your means of accessing the Internet, or information about your internet service provider. To provide the technical support we also collect data that may include your email address, IP Address, information about your hardware and software, the URLs of sites you have visited, files stored on your computer (including potentially dangerous or infected files), email messages (whether stored on your computer or elsewhere), information regarding senders and receivers of email messages, and the like. If you request support, we may offer you the option of accepting a remote session in which we take control of your device or computer in order to help you resolve the issue. Information collected while providing the support will not be used for secondary purposes, other than, we may use your email address to send you information about our other products or services. If you contact us for support, we may suggest that you upgrade or update products or services. Information and data connected to provision of support will be retained by us to have a history of support requests and for support research purposes.
We collect your IP Address to provision your product or service. We also use the IP Address with mobile products to serve ads. We strive to replace your IP Address within sixty days of collecting it with your city and country or we hash your IP Address.
We or Business Sponsors you transacted in our platform sometimes need to communicate with you using a technique known as "in-product messaging." In-product messaging may be used in the following scenarios:
Billing Data is however not used for in-product messaging.
Service Data is collected from your use of our websites, products, and services. Service Data is used primarily to provision the products or services. Service Data is also used for the compatible and legitimate uses of research, to compile statistics, analytics, aggregated reporting, product development, In-product messaging, and direct marketing. Before Service Data is used for secondary purposes, pseudonymize or anonymize the Service Data. For all Service Data, we practice “data minimization”, which means we limit our collection and retention of your data to only what is necessary, adequate and relevant to achieve our processing purpose. Below we list our products and the Service Data that each collects. There may be other products (current or future) that require us to collect certain types of personal data to enable full product functionality. We will always inform you prior to collecting any such information, usually in the terms of service or end user license agreement (EULA) or the privacy notice applicable to the product or service. Personal data collected as part of Service Data is necessary to the provision of the product functionality. When personal data is no longer needed we limit or stop using it in line with the minimization principle. The primary processing of Service Data will be to perform the contract to provision the product or service to you. The secondary processing of Service Data will be as compatible for our legitimate interests to provide you the benefits of research, analytics, cross-product development, and cross-product in-product messaging. If we need to process your Service Data for a purpose that requires consent, we will notify you separately of this and the general rules of providing and withdrawing consent shall apply.
We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security. Below list the administrative, technical and physical safeguards for the protection of your personal data:
Access to the personal data of our users is limited to authorized personnel who have a legitimate need to know based on their job descriptions, for example, employees who provide technical support to end users, or who service user accounts. In the case of third-party contractors who process personal information on our behalf, similar requirements are imposed. These third parties are contractually bound by confidentiality clauses, even when they leave. Where an individual employee no longer requires access, that individual's credentials are revoked.
We store your personal information in our database using the protections described above. In addition, we utilize up-to-date firewall protection for an additional layer of security. We use high-quality antivirus and anti-malware software, and regularly update our virus definitions. Third parties who we hire to provide services and who have access to our users' data are required to implement privacy and security practices that we deem adequate.
Access to user information in our database is limited to our physical premises of our cloud provider. Physical removal of personal data from our cloud provider is forbidden. Third-party cloud provider and their employees or contractors are obliged to provide reasonable physical safeguards based in our contract service agreement.
We strive to collect no more personal data from you than is required by the purpose for which we collect it. This, in turn, helps reduce the total risk of harm should data loss or a breach in security occur: the less data we collect, the smaller the overall risk.
In the unlikely event of a breach in the security of personal data, we will notify all users who are actually or potentially affected. We may tailor the method of notice depending on the circumstances. Where the only contact information that we have for you is an email address, then the notification will necessarily be by email. We may also elect to give you notice via our in-product messaging system. Where we believe there are affected users for which we have no contact information on file, we may give notice via publication on our company website. We reserve the right to delay notification if we are asked to do so by law enforcement or other authorities, or if we believe that giving notice immediately will increase the risk of harm to our user body overall.
To understand the purpose, method and scope of sensitive information obtained by the application you may click here for the Personal Information Collection Statement for details.
This Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
These Services do not address anyone under the age of 13 the minimum legal age in your country to use our Services). We do not knowingly collect personally identifiable information from children under the minimum legal age13. In the case we discover that a child under 13 the minimum legal age in your country has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.
We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.
Developer: One Labs Holdings Limited
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us.