Privacy Policy

Purpose

This policy defines and communicates the information security criteria, means, methods, and measures to protect MarsHub’s information assets and those of our clients from the breach of confidentiality, integrity, and availability with respect to MarsHub’s information security management system (hereinafter referred to as ISMS) as required by ISO/IEC 27001:2017 International Standard (hereinafter referred to as ISO 27001).
As a forward-thinking organization at senior levels, MarsHub recognizes the need to ensure the confidentiality, integrity, and availability of its information assets, which ensure that the organization’s operations remain uninterrupted for the benefit of its customers as well as suppliers.
To provide the expected level of continuous operations, MarsHub has implemented an ISMS based on ISO 27001. This standard defines the requirements for an ISMS based on international best practices. MarsHub has decided to maintain certification to ISO 27001, so that independent third parties—authorized certification bodies—can always validate the effective adoption of information security best practices.

What personal data do we collect about you?

We collect the following personal data in connection with your relationship with us: your name and surname, job title, name of your organization, user name, email address, phone number, Skype contact details, MarsHub ID, billing address, VAT number, information from your LinkedIn profile, information about your participation in conferences, information about our historical interaction with you or your organization, IP address of the device and type of Internet browser you use to connect to MarsHub TMS / Strings Platform, information about the use of MarsHub TMS / Strings Platform by you or your organization and information about opportunities for further sale of our products to you or your organization. This personal data falls under the following: China’s Personal Information Protection Law (PIPL), the Cybersecurity Law, and the Data Security Law, the PIPL is designed to provide a comprehensive approach to cybersecurity and data privacy.

How do we obtain your personal data?

Your personal data can be:

  • Obtained directly from you, such as your name, surname, and contact details.
  • Created in the course of our relationship with you or your organization, such as information about our interaction with you.
  • Collected from public sources such as your LinkedIn profile.

How do we use your personal data?

Your personal data will be processed for the following purposes:

  • To enable you or your organization to use MarsHub TMS / Strings Platform and to enhance its functionality.
  • To maintain our business relationship with you or your organization.
  • Our internal reporting
  • To ensure network and information security.
  • To analyze and understand how MarsHub TMS / Strings Platform is being used and to enhance its functionality.
  • To provide you or your organization with business proposals.
  • For future marketing, including sending you marketing materials about us and our services and products by email (unless you have indicated that you do not want to
  • receive these marketing materials).

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • Processing your personal data to enable your use of the MarsHub TMS / Strings Platform is necessary so that we can perform the services set out in the contract
  • we have established with you or your organization.
  • Processing of your personal data to comply with our legal obligations, e.g., the obligation to archive accounting documents.
  • Processing of your personal data for other purposes listed in Section “How do we use your personal data?” is based on our legitimate interest in processing personal
  • data for these purposes: (i) to help us to maintain a productive business relationship with you or your organization, (ii) to improve our ability to understand your
  • business needs; (iii) to improve and enhance our services; and (iv) to ensure network and information security

How long will we keep your personal data?

If you are a user, i.e., an employee, contractor, or other person acting on behalf of your organization having a user account, we will always keep your personal data for the period for which you will be using our services. We will also keep your personal data where required by law or where we need to do so in connection with potential or actual legal action, or an investigation involving MarsHub.

We will also delete your user data within three months from the moment your user account no longer contains any jobs, projects, translation memories, term bases, or other content.

If you are acting on behalf of your organization, but you do not have a user account, your personal data will be held until you opt out or until two years have passed since your last active communication with us.

Whom do we share your personal data with?

Your personal data will be accessible to our employees, and authorized employees of our important suppliers who provide us with any essential services as described below:

Transfer your personal data to an overseas receiver

If we transfer our personal data to countries outside China’s Economic Area, and if the countries receiving your personal data may not have data protection laws with adequate level of protection for your personal data:

We, therefore, take steps (including entering into data transfer agreements based on the model clauses approved by the European Commission) to ensure that the receiver is committed to ensuring an adequate level of protection for your personal data. Find more information about data transfer agreements.

Protecting your personal data

We may share your personal data with our suppliers under a written agreement requiring the suppliers to protect and handle your personal data safely (including maintaining the confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational, and technical measures to protect your personal data according to applicable privacy and data security laws.

We will not sell your personal data.

Your rights

You are entitled to:

  • Opt out from your personal data being processed for direct marketing purposes

You have the right to withdraw at any time any consent given to us, which will not affect the lawfulness of any processing based on the consent before the withdrawal. The data subject shall have the right to withdraw his or her consent at any time.

  • Request access to processing information

You have the legal right to request at any time about whether we are processing your personal data. If we are, you have the right to be informed about the extent to which your personal data is being processed, as well as to be provided with a copy of your personal data.

  • Request to correct/or delete your personal data

You have the right to request us to rectify any inaccuracy of your personal data and/or have your incomplete personal data completed. In certain circumstances, you have the right to request us to delete your personal data without undue delay. But the right to delete data does not apply if the processing is necessary to comply with legal obligations.

  • Object to the processing of your personal data

You have the right to object at any time to the processing of your personal data for any advertising purposes.

  • Request to restrict the processing of your personal data

You have the right to request us to restrict the processing of your personal data where you have contested its accuracy or if the processing is considered as unlawful.

  • Request receipt or transmission of the personal data that you have provided to us to another organization in a machine-readable form

You have the right to transmit your personal data to another company in a safe and secure way without hindrance to usability.

  • You may be entitled to complain to your local data protection authority or to a court of law if your data protection rights are violated. You may be entitled to claim compensation for physical or mental damage incurred or suffered as a consequence of any unlawful processing of your personal data.

You are not required by law to provide your personal data to us. But without your personal data, we may not be able to provide you or your organization with our service. We will respect your objection to the processing of your personal data in accordance with our legal obligations, but to the extent of your request, we might not be able to provide you or your organization with our service based on your objection.

To exercise any of your rights, please contact us with the following details.