MAZi Platform Team Services Privacy Notice
Last Updated: 4 July, 2024
Thanks for using MAZi Platform Team Services.
MAZi Security Company and its affiliates (“MAZi”, “we”, “our”, “us”) provide MAZi Platform Team Services (“HCT Services”) through MAZi Platform for Super User and Normal User (hereinafter referred to as “you” or “your”, respectively and collectively). This Privacy Notice explains how MAZi handles the collection, storage, and disclosure of information, including Personal Information, regarding your use of HCT Services, and it shall form an integral part of the MAZi Platform Privacy Policy, unless otherwise expressly set forth herein, the terms and conditions of the Privacy Policy shall apply to this Privacy Notice.
The Types of Personal Information We Process and How We Process It During Your Use of HCT Services:
- When you use cloud-based video management system (“Cloud CMS-MAZi”) to preview and playback the video, we will not store any image/video information but will only transmit video stream. If you record the video manually during playback and store the played video stream locally, i.e. your SD cards, hard disk of your mobile phone , in which case MAZi will not store or process any video or recording information. However, when you chose to record the video through Archive Management function, the video will be stored on cloud with restricted access under strict control mechanisms to prevent any unauthorized access. You can delete any stored video anytime manually.
- When you use Event and Alarm function under Cloud CMS-MAZi, the devices may capture pictures during video playback automatically to confirm the situation and send you alerts when something occurs, the captured image will be stored in cloud with restricted access under strict control mechanisms to prevent any unauthorized access. The event alarm information will be stored for 6 months by default, and will be automatically deleted after 6 months’ expiry, the captured image will be deleted along with the deletion of the event alarm information.
- When you use cloud vehicle monitoring (“Vehicle”) function, we will collect vehicle information (such as driver name, phone number, license number, vehicle picture, etc.) The provided information will be used to identify specific vehicle and will be stored from first configuration until your manual deletion. In case of modification abovementioned vehicle information, the original information will not be stored by us.
We will also collect the vehicle location information, such as GPS location, running speed of vehicle to monitor the real-time and historical operation of the vehicle and to track the trajectory of the vehicle in case required, such vehicle information will be stored for one year by default and will be deleted after one year’s expiry automatically.
For information processed under this Vehicle services, you acknowledge that you are the data controller of inputted vehicle information and MAZi will collect, process and store such information on behalf of you, therefore, you are obligated to collect and process such data in accordance with applicable laws and regulations, including but not limited to obtaining explicit consent of data subject.
- When you are a Super User, you can engage us to provide management services for your Organization/Enterprise/Team, such as MAZi cloud-based Access Control, Attendance and Video Intercom services, therefore we will collect and process information generated during the use of these services, including information provided by Normal User voluntarily or on request by you. Super User is the controller of the information including those provided by the Normal User and collected from third parties, and MAZi will process such information as a processor on behalf of the Super User.
We kindly remind that Super User, as the controller, shall ensure that, any collection, processing and sharing of information pertaining to Normal User or any third parties (for example temporary visitors of Super User) shall be in accordance with applicable personal data protection laws and regulations, and where sensitive personal information processing is involved, i.e. facial image and finger prints, it is Super User’s obligation to obtain an explicit and separate consent from relevant data subjects to process the information.
The information we collect and process on behalf of Super User will include the following:
- When any Organization/Enterprise/Team is set up by Super User for use of any HCT Services, we will collect general information of such Organization/Enterprise/Team, including member names, the number of the members and their identification/classification recorded by Super User. Super User can access, update or delete any Account information of Normal Users under its managed Organization/Enterprise/Team via account profile by selecting “Person” button.
- When using MAZi cloud based Access Control, Attendance and Video Intercom services, in order to more effectively verify user identity or make the service available, Super User may require Normal User to provide, in which case, additional consent may be requested by Super User separately, or Normal User can provide voluntarily, the following information: facial information, finger prints, gender information, telephone number and access/employee card number. MAZi will process such information for comparison purposes on behalf of Super User. Normal User can request Super User to delete such information, but Super User may has discretion based on management demands. However, Normal User can also access, update or delete his/her name, gender, facial image, and phone number via account profile by selecting “Personal Information” button, and the Super User can set the retention period for automatically deleting any facial images at its sole discretion.
- When using Attendance service, we will collect raw punch-in and punch-out data of Normal User generated by access control devices, such as time, device serial number and personal identifications (i.e. pictures captured). We will also collect information related to Normal User attendance status generated based on attendance rules set by Super User, including their required work time, actual work duration, absent duration, late duration, early leave duration, overtime duration, break duration and leave duration. The aforementioned information would be collected for Super User’s attendance management. Super User can correct, search and export any attendance report. The attendance information will be stored for a period of five years bydefault. Nonetheless, within the range set by MAZi, Super User can choose to set the shorter retention periods for automatically deleting any records and capture images at its sole discretion.
- When Normal User or any third party makes access, punch-in, punch-out or use video intercom function, their images will be automatically captured for comparison purpose. And all passage and call record information (i.e. the time and identification of persons who pass through the access control) will be also collected. The aforementioned information generated during use of the HCT Services will be stored in cloud with restricted access under strict control mechanisms to prevent any unauthorized access. These information, in case generated by Normal User, will be stored for 5 years by default, while in case generated by temporary visitors to Super User, will be stored for 6 months by default. However, any captured images will be deleted along with the deletion of the event alarm information in case Event and Alarm function is activated under the HCT Services. Nonetheless, within the range set by MAZi, Super User can choose to set the shorter retention periods for automatically deleting any records and capture images at its sole discretion.
- When GPS location permission is enabled upon notice and affirmative permission by Normal User during his/her use of Attendance service, the precise geolocation would be collected to record attendance. However, these functions are turned off by default.