See the steps we ensure your privacy and protection with Ideanote
China's Personal Information Protection Law (PIPL) that came into effect on November 1, 2021.
We are in the process of complying with requirements under China’s PIPL.
Ideanote is processing the personal data of Chinese residents for the purpose of providing services or products, or for analyzing and assessing their behavior.
Ideanote has not yet appointed a "designated representative" in China.
Ideanote processes personal information only based on legality, explicit purpose, minimum necessary, transparency, accuracy, accountability, and data security.
Our processing has the clear and reasonable purpose to provide the Ideanote Service to Customers and End-users. We have reduced data collection to the minimum necessary, are transparent about how data is processed and ensure data security in transit and at rest.
Ideanote processes data based on explicit consent given by Customers and End-users on a contractual basis.
Ideanote ensures the right to Customers and End-users to withdraw consent and delete their personal information.
Personal information is given by Customers and End-users at free will and kept to the minimal information necessary (e.g. first name and email) to provide our Service.
Ideanote is a B2B software and does not allow the creation of user accounts for people under the age of consent.
Ideanote provides explicit privacy notices to people providing personal information during sign-up in clear and transparent way that requires active consent. It includes the Ideanote business name, the purpose of collection, the categories of processed information and the retention period as well as the procedures for withdrawal of consent.
Data subjects can request changes, rectification and deletion of their personal data in the Ideanote interface or by reaching out to hello@ideanote.io
Breach and incident response and notifications are documented in internal policies and ensured in the Ideanote ToS.
Ideanote handles information of less than 1 million Chinese citizens and does not handle important or sensitive personal information or information generated by public service providers in China. Ideanote has therefore not undergone an official Security or Impact Assessment.
Ideanote has internal management structures and operating rules for data classification and management.
Ideanote has adopted measures to ensure that processing activities of the destination country have an equivalent level of protection provided in the PIPL.
For more information please see the Ideanote Sub-Processor list and the Data Transfer Impact Assessment.
Ideanote has concluded agreements with the third parties on the purpose for processing, the time limit, the processing method, categories of personal information, protection measures, as well as the rights and duties of both sides of the personal information processing activities of the third parties.
As part of allowing Customers to be compliant with PIPL when using Ideanote a standard contract will be available on request, once the guidelines are published.
Already Ideanote is transparent in its ToS and DPA about