This Notice Concerning the Processing of Personal Information (the "Notice") explains how JPMorgan Chase China (see Appendix 1 for specific entities, collectively referred to as "we", "us", or "our") to collect, use, disclose, transfer, externally provide or otherwise process your Personal Information online and offline in connection with our provision of products and services to clients, acceptance of products and services from vendors, or other activities. In this Notice, clients, vendors and/or other relevant Personal Information providers are collectively referred to as "you" or "your".
This Notice supplements the J.P. Morgan China Terms and Conditions on Processing Client Information (see the website https://www.jpmorganchina.com.cn/en/jpmac-terms-and-conditions-on-processing-client-information, or other URLs/statements that we inform you from time to time for details) (the "TC") and the relevant legal documents we sign with you, and all applicable notices, rules and other materials related to the collection, use, processing, storage, disclosure, and external provision of Personal Information provided by us (collectively referred to as the "Relevant Agreements”). Unless otherwise defined in this Notice, the terms defined in the TC and other Relevant Agreements shall have the same meaning when used in this Notice.
This Notice is provided in both Chinese and English. For any discrepancy between the two versions, the Chinese version shall prevail. In case where there is any inconsistency between this Notice as well as other Relevant Agreements and applicable laws and regulations, such documents shall be deemed to have been amended to the extent necessary to comply with applicable laws and regulations.
Collection and use of Personal Information
We collect Personal Information that is related to our business, required to fulfill statutory obligations, or permitted to be collected by other applicable laws and regulations. Appendix 2 of this Notice sets out the types of Personal Information we collect and the purposes of collection, etc. We will collect and use Personal Information in accordance with the purposes and methods set out in Appendix 2 of this Notice or the Relevant Agreements we sign with you or the Relevant Person. Unless otherwise restricted by applicable laws or regulations, we may collect Personal Information directly or indirectly through communications and interactions with you and related entities, any of respective representatives, Relevant Persons, and/or any other party that we reasonably believe has a legitimate right to share Personal Information with us. If you fail to provide such Personal Information, we may not be able to provide you with the relevant products or services (or any part thereof), use the relevant products or services (or any part thereof) provided by you or conduct other corresponding activities, or comply with any applicable laws, regulations or guidelines and norms of regulatory bodies (or other competent authorities).
For conducting business for you, or for accepting or using your products or services, we will reasonably collect, use, process, store, disclose, externally provide or otherwise process the Personal Information of the Relevant Person(s) for the purposes set out in Appendix 2 or in accordance with the Relevant Agreements we sign with you, subject to your confirmation that you have obtained the consent of the Relevant Person(s) or under the circumstances expressly stipulated by laws and regulations. Nevertheless, you understand that in accordance with applicable laws and regulations, we do not need to obtain your or Relevant Person’s consent to collect, use or otherwise process Personal Information in each of the following scenarios:
Export, external provision, entrusted processing, disclosure, and transfer of Personal Information
We undertake to protect the confidentiality and security of Personal Information in accordance with relevant laws, regulations and regulatory requirements.
As part of a global institution, we provide products or services, receive products and services from vendors, or conduct other activities through globally deployed resources and applications. Accordingly, for the purposes stated in this Notice or Relevant Agreements, Personal Information may be transferred to the onshore regions or offshore jurisdictions where our relevant entities or vendors etc. are located, or accessed from these regions or jurisdictions. You agree and authorize us to entrust the processing of Personal Information to our relevant entities and vendors, or provide Personal Information to our relevant entities and vendors. We will assess the legality, legitimacy and necessity of providing Personal Information in accordance with the requirements of laws and regulations, and urge our relevant entities and vendors to process the Personal Information provided by you in accordance with the laws, relevant regulatory requirements and as agreed in this Notice and the Relevant Agreements. If the Personal Information you provide to us is being offshored by us under a contract between an overseas data recipient and us by strictly following the model clauses of “PRC Standard Contract for Personal Information Outbound Transfer” issued by the Cybersecurity Administration of China, the Relevant Person may have the rights as a third-party beneficiary as explicitly specified under the contract in accordance with applicable laws and regulations, unless the Relevant Person explicitly rejects such rights within thirty days after this Notice is provided.
When required by applicable laws and regulations, we will inform you of matters related to our provision of Personal Information to our relevant entities, vendors and other third parties, including the name, contact information, processing purposes and methods of the recipients, type of Personal Information to be processed, and, if it involves data offshoring, the manner and procedure for exercising your relevant rights to the offshore recipients (for specific information of the recipients, please refer to Appendix 3 and Appendix 4 of this Notice), and obtain the separate consent of Relevant Person(s) through you.
In the case that we entrust the processing of Personal Information to relevant entities and/or vendors, we will clearly stipulate with the entrusted organization the purposes, period, processing methods, types of Personal Information to be processed, protection measures, etc., of the entrusted processing in accordance with the requirements of laws and regulations, and supervise the Personal Information processing activities of the entrusted organization and require it not to process Personal Information beyond the agreed processing purposes and methods. If the entrustment contract is invalid, void, revoked or terminated, we will request the entrusted organization to return, delete or anonymize the Personal Information in accordance with the contract.
In addition, we may, in accordance with laws and regulations or agreements, transfer relevant Personal Information in connection with any reorganization (including the establishment of new, locally incorporated entities in China and the transfer of existing businesses in China to such new locally incorporated entities), merger, sale, liquidation, joint venture, assignment, transfer or other disposition of all or part of our business, assets or stocks (including in connection with any bankruptcy or similar proceedings). In such cases, we will inform you of the name and contact information of the recipient and request the recipient to continue to abide by and perform this Notice and/or the Relevant Agreements, and to obtain your consent again if the recipient changes the original purposes or methods of processing.
We will not publicly disclose Personal Information of the Relevant Person unless you confirm that you have obtained the separate consent from the Relevant Person or we are required to do so by laws or regulations, or administrative, judicial or regulatory authorities, etc.
Storage period of Personal Information
We will retain Personal Information only within the period required by laws and regulations and necessary to achieve the purposes stated in this Notice or the Relevant Agreements. We will delete or anonymize the Personal Information retained beyond such period. If the deletion or anonymization of Personal Information is technically difficult to achieve, we will not perform any further processing other than storing and taking the necessary safety protection measures.
Rights related to Personal Information
1. You or the Relevant Person(s) have the right to enquire with us whether we hold Personal Information of the Relevant Persons and to access and copy the Personal Information you provide to us through the contact information published in this Notice.
2. You or the Relevant Person(s) have the right and obligation to promptly update the Personal Information you provide to us to ensure that all information is accurate and up-to-date. You have the right to request us to facilitate the updating of Personal Information for the Relevant Person through the contact information published in this Notice and to correct any inaccurate information of the Relevant Person.
3. You or the Relevant Person(s) have the right to request us to delete or otherwise properly process Personal Information that exceeds the retention period in accordance with applicable laws and regulations, this Notice and other Relevant Agreements between you and us through the contact information published in this Notice.
4. If you or the Relevant Person(s) have any comments, questions or concerns about the contents of this Notice, the TC or other Relevant Agreements, or if you would like to request to query, correct, or delete Personal Information, withdraw your consent, dispose Personal Information upon expiration of the retention period, request a copy of this Notice, or have any questions about our Personal Information processing and privacy protection activities, please contact us through the contact information published in this Notice.
5. Notwithstanding the foregoing, we may not be able to accommodate certain requests from you or Relevant Persons to the extent permitted by applicable laws, regulations or regulatory authorities or to comply with applicable laws, regulations or regulatory authorities.
6. This Notice shall not limit the rights of the Relevant Persons as the personal information subject under Chinese laws.
Updates to this Notice
We may change this Notice and its corresponding appendices from time to time in accordance with applicable laws and regulations, changes in regulatory policies and for service operation needs, or if there are changes in the purpose of processing Personal Information, the manner of processing and the types of Personal Information to be processed. We will follow the time limit for announcement and update method (if any) required by laws and regulations, and inform you of the update of the above contents in a timely manner by providing an updated version on this Notice page or by sending you a notice. You should pay attention to the changes in the relevant contents of this page, related announcements, alert messages and Relevant Agreements or rules from time to time. If you have any questions about the content of such updates, please contact us. If you continue to use our products or services, or continue to provide products and services to us, you are deemed to agree to accept such updates.
Contact us
If you have any questions about this Notice, or you would like to exercise your rights conferred by applicable laws and regulations, or you have any other suggestions and comments, please contact the JPMorgan China Chief Data Office:
JPMorgan China Chief Data Office
Address: 44th Floor, Shanghai Tower,
No. 501, Yincheng Middle Road,
Pudong New Area, Shanghai, China
Post code: 200120
Email address: China.jpmac.privacy.office@jpmchase.com
After accepting your question, we will promptly and properly handle it in accordance with the requirements of laws and regulations.
Appendix 1 JPMorgan Chase China Entity
Name |
Address and Contact Information |
J.P. Morgan Asia Consulting (Beijing) Limited |
Unit F2001A, F2002-F2006, F2008, F2009 and F2022-F2028, Beijing Winland International Finance Center, No. 7, Jinrong Street, Xicheng District, Beijing, 100033, China |
Appendix 2 Personal Information Collection and Use List
Please note: J.P. Morgan Asia Consulting (Beijing) Limited only conducts corporate business, and all our clients are institutional clients (including companies, enterprises, institutions and other entities).
Business Scenario |
Collection Purpose |
Collection Method |
Types and Fields of Information Collected |
When you apply for and conduct business with us as a client or applicant, including but not limited to business management, technical services, etc.
|
For clients or applicants to apply for and conduct our business; and to maintain proper and secure operation of our business and services, and to prevent and control related risks |
Inputted directly into our systems or provided to us through mail, email, other means of communications by clients or applicants (or third parties with their consent) |
(1) Personal basic information: including name, address, personal phone number, gender, nationality, photos, etc. (2) Personal identity information: including identity document information, such as document type, number, validity period, issuing country or region, and a copy or photocopy of the identity document, etc. (3) Personal education and work information: including position, name of the employer, email address, etc. (4) Personal communication information: including the communication records and contents with us (5) Other personal information: other personal information obtained in the process of establishing and maintaining business relationships in order to fulfill contractual, legal and regulatory compliance obligations, etc. |
When you or the Relevant Person(s) are a related person of clients or applicants of us (for the purpose of this Notice, a related person refers to any person who has a relationship with our clients or applicants, including but not limited to any director or supervisor of the company
|
To provide services to our customers to or conduct business with relevant clients; and to maintain proper and secure operation of securities business and services, and to prevent and control related risks |
Inputted directly into our systems or provided to us through mail, email or other means of communications by applicants or clients (or third parties with their consent) |
(1) Personal basic information: including name, address, personal phone number, gender, nationality, photos, etc. (2) Personal identity information: including identity document information, such as document type, number, validity period, issuing country or region, and a copy or photocopy of the identity document, etc. (3) Personal education and work information: including position, name of the employer, email address, etc. (4) Personal communication information: including the communication records and contents with us (5) Other personal information: other personal information obtained in the process of establishing and maintaining business relationships in order to fulfill contractual, legal and regulatory compliance obligations, etc. |
When you are our vendor or proposed vendor |
To use or accept products and services provided by suppliers (or proposed suppliers); and to maintain the normal and safe operation of our business and services and to prevent and control risks |
Inputted directly into our system or provided to us by a supplier or proposed supplier (or a third party with their consent) or by email or other communication
|
(1) Personal basic information: including name, address, personal phone number, gender, nationality, photos, etc. (2) Personal identity information: including identity document information, such as document type, number, validity period, issuing country or region, and a copy or photocopy of the identity document, etc. (3) Personal education and work information: including position, name of the employer, email address, etc. (4) Personal communication information: including the communication records and contents with us (5) Other personal information: other personal information obtained in the process of establishing and maintaining business relationships in order to fulfill contractual, legal and regulatory compliance obligations, etc. |
Appendix 3 Domestic Personal Information Sharing List
Name of the Domestic Recipient |
Contact Information |
Purposes of Sharing |
Methods of Sharing |
Types of Personal Information |
Shanghai Tongguan Enterprise Management Co., Ltd. |
Mr. Jin jinxuede@tg-lgl.com |
Mail delivery service |
Labels with recipients information |
Name, telephone number and address information |
Shanghai Quanxinda Express Co., Ltd. |
Mr. Wu |
Mail delivery service |
Posting form |
Name, telephone number and address information |
Beijing Tian Hong Cheng Investment Consulting Co., Ltd. |
Mr. Cheng |
International express import and export customs clearance |
Name, telephone number, company name and address information |
|
S.F.Express Group (Shanghai) Company Limited |
Mr. Fu |
Mail delivery service |
Posting form |
Name, contact number, company name and address information |
China Postal Express & Logistics Company |
EMS Customer service number 11183 |
Mail delivery service |
Posting form |
Name, telephone number, company name and address information |
DHL – Sinotrans International Air Courier Limited |
Mrs. Gu |
Mail delivery service |
Posting form |
Name, telephone number, company name and address information |
Beijing Foreign Enterprise Human Resources Service Company Limited |
Ms. Zheng |
Mail delivery service |
Labels with recipients information |
Name, telephone number, company name and address information |
Appendix 4 List of Cross-border Transfers of Personal Information
Name of the Offshore Recipient |
Contact Information |
Purposes of Processing |
Methods of Processing |
Types of Personal Information |
Methods and Procedures for Exercising rights |
JPMorgan Chase & Co. (and its branches and affiliates) |
US: +1 212 270 6000
UK: +1 212 270 6000
HK: +852 2800 1000
SGP: +65 6882 2888 |
To provide products/services to or conduct business with clients/applicants
To use or accept the products and services provided by the vendors (or proposed vendors)
To maintain proper and secure operation of business and services, to prevent and control related risks
|
Transfer via server |
(1) Personal basic information: including name, address, personal phone number, gender, nationality, photos, etc. (2) Personal identity information: including identity document information, such as document type, number, validity period, issuing country or region, and a copy or photocopy of the identity document, etc. (3) Personal education and work information: including position, name of the employer, email address, etc. (4) Personal communication information: including the communication records and contents with us (5) Other personal information: other personal information obtained in the process of establishing and maintaining business relationships in order to fulfill contractual, legal and regulatory compliance obligations, etc.
|
You may contact JPMorgan Chase & Co. directly through the contact information listed to exercise your rights, or you can contact JPMorgan Chase China to assist you in exercising your rights through the contact information specified in the "J.P. Morgan China Terms and Conditions on Processing Client Information" or in this Notice. |