Protection of user privacy is not only a requirement of laws and regulations, but also an embodiment of Fosun’s deep-seated values. Fosun profoundly acknowledges the significance of personal data to each and every user, and will take the appropriate measures, as required by applicable laws and regulations, to ensure, to the extent possible, the security of users’ personal information.

Fosun collects user data with the primary purpose of improving user experience and refining product quality. We will maintain an open attitude in processing users’ personal information and establishing end-to-end privacy protection for all Fosun segments and entities by explicitly requesting and seeking users’ express consent at all times. Users will have the autonomy to decide whether or not to provide their personal data to Fosun.

This User Privacy Policy (“Policy” hereafter) describes Fosun’s management structure regarding user privacy protection and the methods that will be put into practice to collect, use and manage user information. Fosun is devoted to serving one billion families around the world, all product and service lines under Fosun shall fall back on this Policy to shape and detail out their own user privacy programs.

1. User Privacy Protection Management Structure

(1) Fosun attaches great importance to user privacy protection. In order to ensure that all user privacy protection requirements are met, we have worked across functions to establish the Cyber Security and User Privacy Supervision Department as the oversight body for Fosun’s cyber security and user privacy protection.

(2) All members of the Fosun ecosystem will be subjected to Fosun Group’s monitoring and shall draw on this Policy to define and implement their own user privacy protection initiatives.

2. How Does Fosun Collect and Use Your Personal Information?

Personal information refers to information recorded in electronic (or any other) form that can individually, or combined with other pieces of information, lead to the identification of a person; or information that is reflective of an individual’s personal activities.

When you use Fosun’s products and/or services, we need/may need to collect and use your personal information for purposes including the following:

We will collect and use your personal information in the two ways stated below, if we use your information outside of the following purposes, we shall reiterate our needs and seek your express consent again.

(1) To provide you with the basic functionalities of Fosun’s products and/or services. If you refuse to provide the necessary information, you will not be able to use our products and/or services normally.

(2) To provide you with additional features of Fosun’s products and/or services. If you refuse to provide the necessary information, you will not be able to use the additional features normally. The normal usage of the basic functionalities of our products and/or services should however not be affected.

3. How Does Fosun Share, Transfer and Disclose Your Personal Information?

(1) Sharing

We will not share your personal information with other companies, organizations and individuals, except in the following situations:

1. When express consent to share has been obtained: we will share your personal information with other parties after obtaining your express consent.

2. When it is required by law: we will share your personal information when required by law or at the request of relevant government authorities.

3. Sharing among Fosun controlled entities: To allow us to provide you with enhanced quality products and/or services, to detect abnormal usage of your personal information and to protect members of the Fosun ecosystem against security breaches and personal property infringements, your personal information may be shared among entities controlled by Fosun. We will only share the information necessary to achieve the stated purposes, and the use of such information will remain bound by this Policy. If we have to share personal information of sensitive nature or if the entity with whom the information was shared alters the way your information is used, we will seek your express consent again.

4. Sharing with authorized partners: Some of our services will be provided by our authorized partners. In order to provide superior customer service and user experience, we may share some of your personal information with our authorized partners. We will only share your personal information for lawful, legitimate, necessary, defined and explicit purposes. Authorized partners will only have access to the information that they need to perform their duties and may not use this information for any other purpose. We require companies, organizations and individuals with whom we share personal information to process personal information in accordance with this Policy and to comply with other confidentiality and security measures that may surpass what is required in this Policy.

(2) Transfer

We will not transfer your personal information to other companies, organizations and individuals, except in the following situations:

1. When express consent to transfer has been obtained: we will transfer your personal information with other parties after obtaining your express consent.

2. In the case of a merger, acquisition or liquidation, when transfer of personal information is necessary, we will continue to require the new company or organization that holds your personal information to remain compliant to this Policy, or we will ask the company or organization to request your express consent again.

(3) Disclosure

We will only publicly disclose your personal information in the following situations:

1. We may publicly disclose your personal information when your express consent has been obtained or when you voluntarily choose to do so.

2. Disclosure required by law: We may publicly disclose your personal information in the event of a legal, administrative or judicial proceeding and/or litigation; or at the request of a relevant government authority.

4. How Will Fosun Protect Your Personal Information?

(1) We have taken reasonable and feasible security measures that meet industry standards to protect your personal information from unauthorized access, disclosure, use, modification, damage or loss. For example, we provide secure https browsing to our websites, we use encryption (e.g. SSL) to ensure the confidentiality of your data, we use trusted protection mechanisms to protect data from malicious attacks, and we deploy access controls to ensure that only authorized personnel have access to users’ personal information. We also conduct security and privacy training courses to enhance employee awareness of the importance of protecting personal information.

(2) In the event of a personal information security breach, we will, as required by laws and regulations, promptly inform you of the circumstances and possible impact of the security breach, the measures we have taken or will take, the recommendations you may adopt to prevent and mitigate the risks, and the remedial measures you may have recourse to. We will promptly communicate to you details of the incident by mail, letter, telephone, push notification, etc. In the case it becomes difficult to inform the individuals affected by the security breach one by one, we will resort to making a public announcement in the most effective and reasonable manner. We will also act in accordance with the requirements of relevant government authorities, and take initiative in reporting the remedial actions taken to address the personal information security breach.

5. Protection of Minors

We place great importance in protecting the personal information of minors. If you are a minor, we recommend that you ask a parent or legal guardian to read this Policy carefully. We also recommend that you obtain the permission of a parent or legal guardian to use our products and/or services and to give out personal information. We will protect the personal information of minors in accordance with relevant laws and regulations.

6. Scope of Policy

Information Storage: The personal data collected and generated by Fosun through its operations in the People’s Republic of China (“China”) is stored in China. We will ensure that your personal information is sufficiently protected under this Policy.

Law Application: Fosun also complies with applicable privacy laws around the world, including the GDPR. Fosun will ensure that business conducted worldwide complies with and applies local legal and regulatory requirements.

7. Policy Updates

We may make adjustments or changes to this Policy in due course. Any updates to this Policy will be posted on Fosun’s official website. The updated content will take effect seven days after the announcement, unless otherwise required by laws, regulations and regulatory requirements.

8. Contact Us

Your opinion matters to us.

If you have any questions, comments or suggestions regarding this Policy, or if you have become aware of a personal information breach, please contact us through Fosun’s official customer communication channels:

Customer complaint website: https://contact.fosun.com/complaint

Customer complaint email: [email protected]